Available with firmware version 2.3.1 or later.
Get device public key.
Fetch the device public key to use with asymmetric authentication to the device. This is end as a bare command and not over an encrypted session.
Get device public key:
yubihsm> get devicepubkey -----BEGIN PUBLIC KEY----- MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfSE6zN59ONnsOf9C8VGNym+oBgnW O5mjJZJ5Z9kkbpMIhLwkjsqKOhgKI+Slfv3oXmrcwVzUstLAkQe1HdC/uA== -----END PUBLIC KEY-----
Tc = 0x0a |
Lc = 0 |
Vc = Ø |
Tr = 0x8a |
Lr = 1 + 64 |
Vr = A || K |
A := Algorithm (1 byte)
K := Uncompressed EC-P256 public key (64 bytes)
The algorithm will currently always be ec-p256-yubico-authentication
.
The uncompressed EC key marker is omitted (hence the 64 bytes), similarly to how other EC keys are handled.