DECRYPT OTP Command

Decrypt a Yubico OTP.

Description

Decrypt a Yubico OTP and return counters and timer information.

Shell Example

Decrypt a (hex encoded) Yubico OTP using key ID 0x027c:

yubihsm> otp decrypt 0 0x027c 2f5d71a4915dec304aa13ccf97bb0dbb aead
   OTP decoded, useCtr:1, sessionCtr:1, tstph:1, tstpl:1

Protocol Details

Command

Tc = 0x60
Lc = 2 + 36 + 16
Vc = K || A || O

Parameters:

I := Object ID of the OTP AEAD Key (2 bytes)

A := Nonce concatenated with AEAD (36 bytes)

O := OTP (16 bytes)

Response

Tr = 0xe0
Lr = 6
Vr = S || U || Th || Tl

Parameters:

S := Session counter (2 bytes)

U := Usage counter (1 byte)

Th := Timestamp high (1 byte)

Tl := Timestamp low (2 bytes)