Import a Wrap Key
Import a key for wrapping into the device.
Import an AES-128 Wrap Key able to export and import, with some Delegated Capabilities set:
yubihsm> put wrapkey 0 0 wrapkey 1 export-wrapped,import-wrapped exportable-under-wrap,sign-pkcs,sign-pss 000102030405060708090a0b0c0d0e0f Stored Wrap key 0xaff7
Tc = 0x4c |
Lc = 2 + 40 + 2 + 8 + 1 + 8 + LW |
Vc = I || L || D || C || A || DC || W |
I := Object ID (2 bytes)
L := Label (40 bytes)
D := Domains (2 bytes)
C := Capabilities (8 bytes)
A := Algorithms (1 byte)
DC := Delegated Capabilities (8 bytes)
W := Wrap Key (16, 24 or 32 bytes)
For AES128_CCM_WRAP: 16 bytes
For AES192_CCM_WRAP: 24 bytes
For AES256_CCM_WRAP: 32 bytes
Tc = 0xcc |
Lc = 2 |
Vc = I |
I := ID of created Wrap Key (2 bytes)