Generate an OTP AEAD Key.
Generate an OTP AEAD Key for Yubico OTP decryption.
Generate a new AES-256 OTP AEAD Key that can decrypt Yubico OTPs and create new AEADs:
yubihsm> generate otpaeadkey 0 0 otpaeadkey 1 decrypt-otp,create-otp-aead aes256-yubico-otp 0x01020304 Generated OTP AEAD key 0x027c
Tc = 0x66 |
Lc = 2 + 40 + 2 + 8 + 1 + 4 |
Vc = I || L || D || C || A || N |
I := Object ID of the OTP AEAD Key (2 bytes)
L := Label (40 bytes)
D := Domains (2 bytes)
C := Capabilities (8 bytes)
A := Algorithm (1 byte)
N := Nonce ID (4 bytes)