yubihsm.rs
Pure Rust client for YubiHSM 2 devices from Yubico.
About
This is a pure-Rust client library for YubiHSM 2 devices which implements most the functionality of the libyubihsm C library from Yubico's YubiHSM SDK. It provides two backends for communicating with YubiHSMs:
- yubihsm::HttpConnector: communicate with YubiHSM via the
yubihsm-connectorprocess from the Yubico SDK. - yubihsm::UsbConnector: communicate directly with the YubiHSM over USB using the libusb crate.
The yubihsm::Client type provides access to HSM commands.
Note that this is NOT an official Yubico project and is in no way supported or endorsed by Yubico (although whoever runs their Twitter account thinks it's awesome).
Prerequisites
This crate builds on Rust 1.31+.
On x86(-64) targets, add the following RUSTFLAGS to enable AES-NI to better
secure communication with the YubiHSM:
RUSTFLAGS=-Ctarget-feature=+aes,+ssse3`
You can configure your ~/.cargo/config to always pass these flags:
[]
= ["-Ctarget-feature=+aes,+ssse3"]
Supported Commands
NOTE: If there's a command on this list you'd like to use which isn't presently supported, please open an issue requesting support.
| Command | Impl'd | MockHSM | Description |
|---|---|---|---|
| Authenticate Session | ✅ | ✅ | Authenticate to HSM with password or encryption key |
| Blink Device | ✅ | ✅ | Blink the HSM's LEDs (to identify it) |
| Close Session | ✅ | ✅ | Terminate an encrypted session with the HSM |
| Create OTP AEAD | ⛔ | ⛔ | Create a Yubico OTP AEAD |
| Create Session | ✅ | ✅ | Initiate a new encrypted session with the HSM |
| Derive ECDH | ⛔ | ⛔ | Compute Elliptic Curve Diffie-Hellman using HSM-backed key |
| Decrypt OAEP | ⛔ | ⛔ | Decrypt data encrypted with RSA-OAEP |
| Decrypt OTP | ⛔ | ⛔ | Decrypt a Yubico OTP, obtaining counters and timer info |
| Decrypt PKCS1 | ⛔ | ⛔ | Decrypt data encrypted with RSA-PKCS#1v1.5 |
| Device Info | ✅ | ✅ | Get information about the HSM |
| Delete Object | ✅ | ✅ | Delete an object of the given ID and type |
| Echo | ✅ | ✅ | Echo a message sent to the HSM |
| Export Wrapped | ✅ | ✅ | Export an object from the HSM in encrypted form |
| Generate Asymmetric Key | ✅ | ✅ | Randomly generate new asymmetric key in the HSM |
| Generate HMAC Key | ✅ | ✅ | Randomly generate HMAC key in the HSM |
| Generate OTP AEAD Key | ⛔ | ⛔ | Randomly generate AES key for Yubico OTP authentication |
| Generate Wrap Key | ✅ | ✅ | Randomly generate AES key for exporting/importing objects |
| Get Log Entries | ✅ | ✅ | Obtain the audit log for the HSM |
| Get Object Info | ✅ | ✅ | Get information about an object |
| Get Opaque | ✅ | ✅ | Get an opaque bytestring from the HSM |
| Get Option | ✅ | ✅ | Get HSM auditing settings |
| Get Pseudo Random | ✅ | ✅ | Get random data generated by the HSM's internal PRNG |
| Get Public key | ✅ | ✅ | Get public key for an HSM-backed asymmetric private key |
| Get Storage Info | ✅ | ✅ | Fetch information about currently free storage |
| Import Wrapped | ✅ | ✅ | Import an encrypted key into the HSM |
| List Objects | ✅ | ✅ | List objects visible from the current session |
| Put Asymmetric | ✅ | ✅ | Put an existing asymmetric key into the HSM |
| Put Authentication Key | ✅ | ✅ | Put YubiHSM authentication key into the HSM |
| Put HMAC Key | ✅ | ✅ | Put an HMAC key into the HSM |
| Put Opaque | ✅ | ✅ | Put an opaque bytestring into the HSM |
| Put OTP AEAD Key | ✅ | ⛔ | Put a Yubico OTP key into the HSM |
| Put Wrap Key | ✅ | ✅ | Put an AES keywrapping key into the HSM |
| Randomize OTP AEAD | ⛔ | ⛔ | Randomly generate a Yubico OTP AEAD |
| Reset Device | ✅ | ✅ | Reset the HSM back to factory default settings |
| Rewrap OTP AEAD | ⛔ | ⛔ | Re-wrap a Yubico OTP AEAD from one key to another |
| Session Message | ✅ | ✅ | Send an encrypted message to the HSM |
| Set Log Index | ✅ | ✅ | Mark log messages in the HSM as consumed |
| Set Option | ✅ | ✅ | Change HSM auditing settings |
| Sign Attestation Certificate | ✅ | ⛔ | Create X.509 certificate for asymmetric key |
| Sign Data ECDSA | ✅ | ✅ | Compute an ECDSA signature using HSM-backed key |
| Sign Data EdDSA | ✅ | ✅ | Compute an Ed25519 signature using HSM-backed key |
| Sign HMAC | ✅ | ✅ | Perform an HMAC operation using an HSM-backed key |
| Sign Data PKCS1 | ⚠️ | ⛔ | Compute an RSASSA-PKCS#1v1.5 signature using HSM-backed key |
| Sign Data PSS | ⚠️ | ⛔ | Compute an RSASSA-PSS signature using HSM-backed key |
| Unwrap Data | ✅ | ⛔ | Decrypt data encrypted using a wrap key |
| Verify HMAC | ✅ | ✅ | Verify that an HMAC tag for given data is valid |
| Wrap Data | ✅ | ⛔ | Encrypt data using a wrap key |
| Status | |
|---|---|
| ✅ | Supported |
| ⚠️ | Partial/Untested Support |
| ⛔ | Unsupported |
Testing
This crate allows you to run the integration test suite in three different ways:
- Live testing against a real YubiHSM2 device:
- via HTTP
- via USB
- simulated testing using MockHSM which implements some YubiHSM2 functionality
cargo test: test YubiHSM2 live over HTTP via yubihsm-connector
This mode assumes you have a YubiHSM2 hardware device, have downloaded the YubiHSM2 SDK for your platform, and are running a yubihsm-connector process listening on localhost on the default port of 12345.
The YubiHSM2 device should be in the default factory state. To reset it to this state, either use the yubihsm-shell reset command or press on the YubiHSM2 for 10 seconds immediately after inserting it.
You can confirm the tests are running live against the YubiHSM2 by the LED blinking rapidly for 1 second.
NOTE THAT THESE TESTS ARE DESTRUCTIVE: DO NOT RUN THEM AGAINST A YUBIHSM2 WHICH CONTAINS KEYS YOU CARE ABOUT
cargo test --features=usb: test YubiHSM2 live via USB
Adding the usb cargo feature builds UsbConnector in addition to
HttpConnector, and also runs the test suite live via USB rather than using
the yubihsm-connector process.
ALSO NOTE THAT THESE TESTS ARE DESTRUCTIVE: DO NOT RUN THEM AGAINST A YUBIHSM2 WHICH CONTAINS KEYS YOU CARE ABOUT
cargo test --features=mockhsm: simulated tests against a mock HSM
This mode is useful for when you don't have access to physical YubiHSM2 hardware, such as CI environments.
License
yubihsm.rs is distributed under the terms of both the MIT license and the Apache License (Version 2.0).
See LICENSE-APACHE and LICENSE-MIT for details.