AUTHENTICATE SESSION Command

Complete the mutual authentication process started with CREATE SESSION Command.

Description

Finish the Session negotiation and authenticate the Session to the device. After this command completes successfully the Session is authenticated and can be used.

Shell Example

Create a new Session with Authentication Key 1 using the password password, this performs both the creation and authentication steps:

yubihsm> session open 1 password
Created session 0

Protocol Details

Command

Tc = 0x04
Lc = 17
Vc = S || B || M

Parameters:

S := Session ID (1 byte)

B := Host Cryptogram (8 bytes)

M := CMAC(S-MAC, 016 || T || Lc + 8 || S || B) (8 bytes)

This is the first authenticated message in the chain. The device verifies M and B, both using S-MAC.

Response

Tr = 0x84
Lr = 0
Vr = Ø