I am trying to import a openssl generated ed25519 key into Yubi HSM 2 I am following the steps described here: https://developers.yubico.com/yubihsm-shell/yubihsm-wrap.html
echo -en '\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xaa\xbb\xcc\xdd\xee\xff' >wrap.key
yubihsm-shell -p password -a put-wrap-key -i 20 -c all --delegated all --informat bin --in wrap.key
openssl genpkey -algorithm Ed25519 -out ed25519key.pem
yubihsm-wrap -a ed25519 -c sign-eddsa -d 1,2,5 --id 30 --label ED25519_Key --in ed25519key.pem --wrapkey wrap.key --out private.yhw
yubihsm-shell -p password -a put-wrapped --wrap-id 20 --in private.yhw
Finally my error is Malformed command / invalid data
There seem to be no indication that wrapping ed25519 key are not supported by Yubi HSM 2.
Is there something wrong in my process or it is simply not supported?
Import and export using NIST-approved AES-CCM Wrap with 128, 196, and 256 bit keys, see their product brochure here. So looking at that it doesn't support importinged25519– SummitAES-CCM Wrap with 128, 196, and 256 bit keysrefers to the method used to wrap object not the actual object being imported. For instance, I have been able to import p256 and secp256k1 private key with no problem using an AES key of 256 bits – Mainsailed25519is NIST certified though, crypto.stackexchange.com/questions/51012/… – Summit