Skip to content
/ yubihsm-manager Public

Command line tool that makes communication with the YubiHSM easier.

License

Apache-2.0 license
3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Yubico/yubihsm-manager

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

93 Commits
.github/workflows
.github/workflows
 
 
resources
resources
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.adoc
README.adoc
 
 
build.rs
build.rs
 
 

Repository files navigation

YubiHSM Manager

Command line tool for YubiHSM 2. This is a work in progress and is currently not supported and not part of the official YubiHSM SDK

YubiHSM Manger is mainly used to manage asymmetric and symmetric keys, authentication keys and wrap keys as well as setting up the YubiHSM2 for specific usecases.

Use this tool instead of yubihsm-setup. Use Space key to select and deselect options in multi-choice questions. Use ESC key to cancel current operation.

Build

To build the tool a normal Rust toolchain is required, stable Rust will suffice.

The tools uses the yubihsmrs crate as obtained from https://github.com/Yubico/yubihsmrs/tree/yubihsm-manager (note the yubihsm-manager branch), which in turn requires libyubihsm to be available.

Set the environment variable YUBIHSM_LIB_DIR to point to the directory containing the libyubihsm library then run:

$ cargo build

Run

Set the environment variable LD_LIBRARY_PATH to point to the directory containing the libyubihsm library then run:

$ cargo run

Or

$ ./target/debug/yubihsm-manager

Note that on Windows, the libyubihsm.dll need to be in PATH

Run tests

To run automated test that do not require a YubiHSM device to be connected, run:

$ cargo test

To run tests that require a YubiHSM device to be connected, and run:

$ cargo test --features device-tests -- --test-threads=1

Note that the test-threads needs to be set to 1 because only one operation can be run in the YubiHSM at a time.

To run individual tests, run:

$ cargo test <TEST_NAME>

or for tests that require a YubiHSM device to be connected, run:

$ cargo test --features device-tests -- --test-threads=1 <TEST_NAME>

where TEST_NAME is the path to the test. For example common::validators or hsm_operations::tests::wrap_tests

License

 Copyright 2025 Yubico AB

 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at

 http://www.apache.org/licenses/LICENSE-2.0

 Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.

About

Command line tool that makes communication with the YubiHSM easier.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

3 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

3 tags

Packages

 
 
 

Contributors

Languages