PUT OPAQUE

Store an Opaque Object.

Description

Stores Opaque data (like an X.509 certificate) in the device. The size of the object is currently limited to what will fit into one message to the YubiHSM 2 (2028 bytes, including the headers).

Shell Example

Store the certificate in file cert.der in the device:

yubihsm> put opaque 0 0 certificate 1 none x509-cert cert.der
Stored Opaque object 0xe255

Protocol Details

Command

Tc = 0x42

Lc = 2 + 40 + 2 + 8 + 1 + LO

Vc = I || L || D || C || A || O

I := Object ID (2 bytes)

L := Label (40 bytes)

D := Domains (2 bytes)

C := Capabilities (8 bytes)

A := Algorithm (1 byte)

O := Opaque data

Response

Tr = 0xc2

Lr = 2

Vr = I

I := Object ID of created Opaque Object (2 bytes)