PUT OTP AEAD KEY Command

Import an OTP AEAD Key.

Description

Import an OTP AEAD Key used for Yubico OTP Decryption.

Shell Example

Import OTP AEAD Key with Nonce ID 0x01020304 and key value 000102030405060708090a0b0c0d0e0f (AES-128):

yubihsm> put otpaeadkey 0 0 otpaeadkey 1 decrypt-otp 0x01020304 000102030405060708090a0b0c0d0e0f
Stored OTP AEAD key 0xe34f

Protocol Details

Command

Tc = 0x65

Lc = 2 + 40 + 2 + 8 + 1 + 4 + LK

Vc = I || L || D || C || A || N || K

Parameters:

I := Object ID (2 bytes)

L := Label (40 bytes)

D := Domains (2 bytes)

C := Capabilities (8 bytes)

A := Algorithm (1 byte)

N := Nonce ID (4 bytes)

K := Key (16, 24 or 32 bytes depending on algorithm)

Response

Tr = 0xe5

Lr = 2

Vr = I

Parameters:

I := ID of created OTP AEAD Key (2 bytes)