IMPORT WRAPPED Command

Import an wrapped/encrypted object into the device.

Description

Import a wrapped/encrypted Object that was previously exported by an YubiHSM 2 device. The imported object will retain its metadata (Object ID, Domains, Capabilities …etc), however, the object’s origin will be marked as imported instead of generated.

Shell Example

Import the Object stored in key.enc and unwrap it using Wrap Key 0xcf94

yubihsm> put wrapped 0 0xcf94 key.enc
Object imported as 0x997e of type asymmetric

Protocol Details

Command

Tc = 0x4b
Lc = 2 + 13 + LO
Vc = I || N || O

Parameters:

I := Object ID of the Wrap Key (2 bytes)

N := Nonce associated with this wrapped Object (13 bytes)

O := Wrapped Object (Length dependant on Object)

Response

Tc = 0xcb
Lc = 3
Vc = T || I

Parameters:

T := Type of imported Object (1 byte)

I := Object ID of imported Object (2 bytes)