1. Home
  2. Archive Old Dev Docs
  3. YubiHSM2
  4. Commands
  5. Get Device Pubkey

    GET DEVICE PUBLIC KEY

    Available with firmware version 2.3.1 or later.

    Get device public key.

    Description

    Fetch the device public key to use with asymmetric authentication to the device. This is end as a bare command and not over an encrypted session.

    Shell Example

    Get device public key:

    yubihsm> get devicepubkey
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEfSE6zN59ONnsOf9C8VGNym+oBgnW
O5mjJZJ5Z9kkbpMIhLwkjsqKOhgKI+Slfv3oXmrcwVzUstLAkQe1HdC/uA==
-----END PUBLIC KEY-----

    Protocol Details

    Command

    Tc = 0x0a

    Lc = 0

    Vc = Ø

    Response

    Tr = 0x8a

    Lr = 1 + 64

    Vr = A || K

    A := Algorithm (1 byte)

    K := Uncompressed EC-P256 public key (64 bytes)

    The algorithm will currently always be ec-p256-yubico-authentication.

    The uncompressed EC key marker is omitted (hence the 64 bytes), similarly to how other EC keys are handled.