Module yubihsm::commands [−][src]
Commands supported by the HSM
Functions defined in the yubihsm::commands
module are reimported
and available from the toplevel yubihsm
module as well.
For more information, see: https://developers.yubico.com/YubiHSM2/Commands/
Modules
attest_asymmetric |
Obtain an X.509 attestation certificate for a key within the |
blink |
Blink the LED on the |
delete_object |
Delete an object of the given ID and type |
device_info |
Get information about the |
echo |
Have the card echo an input message |
export_wrapped |
Export an encrypted object from the |
generate_asymmetric_key |
Generate a new asymmetric key within the |
generate_hmac_key |
Generate a new HMAC key within the |
generate_key |
Generate keys within the |
generate_wrap_key |
Generate a wrapping (i.e. encryption) key within the |
get_logs |
Get audit logs from the |
get_object_info |
Get information about an object |
get_opaque |
Get the public key for an asymmetric key stored on the device |
get_option |
Get auditing options which have been configured on the device. |
get_pseudo_random |
Get Pseudo Random Bytes |
get_pubkey |
Get the public key for an asymmetric key stored on the device |
hmac |
Compute HMAC tag for the given input data |
import_wrapped |
Import an encrypted object from the |
list_objects |
List objects visible from the current session |
put_asymmetric_key |
Put an existing asymmetric key into the |
put_auth_key |
Put an existing auth key into the |
put_hmac_key |
Put an existing HMAC key into the |
put_opaque |
Put an opaque object into the |
put_option |
Put auditing options which have been configured on the device. |
put_otp_aead_key |
Put an existing OTP AEAD key into the |
put_wrap_key |
Put an existing wrap key into the |
reset |
Reset the device: clear all stored objects, restore the default auth key, and reboot |
set_log_index |
Set the index of the last consumed entry in the |
sign_ecdsa |
Compute an ECDSA signature with the given key ID. |
sign_eddsa |
Compute an Ed25519 signature with the given key ID |
sign_rsa_pkcs1v15 |
Compute an RSASSA-PKCS#1v1.5 signature of the SHA-256 hash of the given data |
sign_rsa_pss |
Compute an RSASSA-PSS signature of the SHA-256 hash of the given data |
storage_status |
Get storage status (i.e. currently free storage) from the |
unwrap_data |
Decrypt data which was encrypted (using AES-CCM) under a wrap key |
verify_hmac |
Verify HMAC tag for the given input data |
wrap_data |
Encrypt data (with AES-CCM) using the given wrap key |
Enums
CommandType |
Command IDs for |