ALGORITHMS

Name Value yubihsm-shell name EC Curve Usage

RSA PKCS1 SHA1

1

rsa-pkcs1-sha1

RSA sign with PKCS1.5

RSA PKCS1 SHA256

2

rsa-pkcs1-sha256

RSA sign with PKCS1.5

RSA PKCS1 SHA384

3

rsa-pkcs1-sha384

RSA sign with PKCS1.5

RSA PKCS1 SHA512

4

rsa-pkcs1-sha512

RSA sign with PKCS1.5

RSA PSS SHA1

5

rsa-pss-sha1

RSA sign with PSS

RSA PSS SHA256

6

rsa-pss-sha256

RSA sign with PSS

RSA PSS SHA384

7

rsa-pss-sha384

RSA sign with PSS

RSA PSS SHA512

8

rsa-pss-sha512

RSA sign with PSS

RSA 2048

9

rsa2048

Generate RSA key

RSA 3072

10

rsa3072

Generate RSA key

RSA 4096

11

rsa4096

Generate RSA key

EC P256

12

ecp256

secp256r1

Generate EC key

EC P384

13

ecp384

secp384r1

Generate EC key

EC P521

14

ecp521

secp521r1

Generate EC key

EC K256

15

eck256

secp256k1

Generate EC key

EC BP256

16

ecbp256

brainpool256r1

Generate EC key

EC BP384

17

ecbp384

brainpool384r1

Generate EC key

EC BP512

18

ecbp512

brainpool512r1

Generate EC key

HMAC SHA1

19

hmac-sha1

Generate HMAC key

HMAC SHA256

20

hmac-sha256

Generate HMAC key

HMAC SHA384

21

hmac-sha384

Generate HMAC key

HMAC SHA512

22

hmac-sha512

Generate HMAC key

ECDSA SHA1

23

ecdsa-sha1

ECDSA sign

EC ECDH

24

ecdh

RSA OAEP SHA1

25

rsa-oaep-sha1

RSA decrypt with OAEP

RSA OAEP SHA256

26

rsa-oaep-sha256

RSA decrypt with OAEP

RSA OAEP SHA384

27

rsa-oaep-sha384

RSA decrypt with OAEP

RSA OAEP SHA512

28

rsa-oaep-sha512

RSA decrypt with OAEP

AES128 CCM WRAP

29

aes128-ccm-wrap

Generate Wrap key

Opaque Data

30

opaque-data

Store raw data as an opaque object

Opaque X509 Certificate

31

opaque-x509-certificate

Store X509Certificate as an opaque object

MGF1 SHA1

32

mgf1-sha1

RSA sign with PSS and RSA decrypt with OAEP

MGF1 SHA256

33

mgf1-sha256

RSA sign with PSS and RSA decrypt with OAEP

MGF1 SHA384

34

mgf1-sha384

RSA sign with PSS and RSA decrypt with OAEP

MGF1 SHA512

35

mgf1-sha512

RSA sign with PSS and RSA decrypt with OAEP

SSH Template

36

template-ssh

Store an SSH template (a binary object used to restrict how and when an SSH CA private key should be used)

Yubico OTP AES128

37

aes128-yubico-otp

Generate OTP AEAD key

Yubico AES Authentication

38

aes128-yubico-authentication

Store authentication key

Yubico OTP AES192

39

aes192-yubico-otp

Generate OTP AEAD key

Yubico OTP AES256

40

aes256-yubico-otp

Generate OTP AEAD key

AES192 CCM WRAP

41

aes192-ccm-wrap

Generate and store wrap key

AES256 CCM WRAP

42

aes256-ccm-wrap

Generate and store wrap key

ECDSA SHA256

43

ecdsa-sha256

ECDSA sign

ECDSA SHA384

44

ecdsa-sha384

ECDSA sign

ECDSA SHA512

45

ecdsa-sha512

ECDSA sign

ED25519

46

ed25519

Generate ED key

EC P224

47

ecp224

secp224r1

Generate EC key