Crate yubihsm [−] [src]
yubihsm.rs: client for YubiHSM2
hardware security modules
Build Notes
This crate depends on the aesni
crate, which uses the "stdsimd"
API to invoke hardware AES instructions via core::arch
.
To access these features, you will need both a relatively recent Rust nightly and to pass the following as RUSTFLAGS:
RUSTFLAGS=-Ctarget-feature=+aes
You can configure your ~/.cargo/config
to always pass these flags:
[build]
rustflags = ["-Ctarget-feature=+aes"]
Getting Started
The main type you'll want to check out is Session
. Here is an example of
how to connect to yubihsm-connector and perform an Ed25519 signature:
use yubihsm::Session; // Default host, port, auth key ID, and password for yubihsm-connector let mut session = Session::create_from_password( "http://127.0.0.1:12345", 1, "password", true ).unwrap(); // Note: You'll need to create this key first. Run the following from yubihsm-shell: // `generate asymmetric 0 100 ed25519_test_key 1 asymmetric_sign_eddsa ed25519` let response = session.sign_data_eddsa(100, "Hello, world!").unwrap(); println!("Ed25519 signature: {:?}", response.signature);
Re-exports
pub use algorithm::Algorithm; |
pub use capabilities::Capabilities; |
pub use connector::Connector; |
pub use domains::Domains; |
pub use object::Id as ObjectId; |
pub use object::Label as ObjectLabel; |
pub use object::Origin as ObjectOrigin; |
pub use object::Type as ObjectType; |
pub use object::SequenceId; |
pub use session::Session; |
Modules
algorithm |
Cryptographic algorithms supported by the |
capabilities |
Object attributes specifying which operations are allowed to be performed |
connector |
Client for yubihsm-connector |
domains |
Logical partitions within the |
mockhsm |
Software simulation of the |
object |
Objects stored in the |
responses |
Responses to commands sent from the HSM, intended as part of the public API of this crate. |
session |
|
Structs
ReqwestConnector |
reqwest-based yubihsm-connector client |
SessionId |
Session/Channel IDs |
StaticKeys |
Static Secure Channel keys from which session keys are derived |
Enums
SessionError |
Session-related errors |