libyubihsm
libyubihsm Documentation

Introduction

Libyubihsm is a library for communicating with a YubiHSM device.

Usage

To use the library include <yubihsm.h> and pass the -lyubihsm flag to the linker. Debug output is controlled with the function yh_set_verbosity().

First step of using a YubiHSM is to init the library with yh_init(), init a connector with yh_init_connector() and then connect it with yh_connect_best(). After this a session must be established with yh_create_session_derived() and yh_authenticate_session(). When a session is established commands can be exchanged over it, the functions in the namespace yh_util are high-level convenience functions that do a specific task with the device.

API Reference

yubihsm.h All public functions and definitions

Code example

Here is a small example of establishing a session with a YubiHSM and fetching some random before shutting down the session.

int main(void) {
yh_connector *connector = NULL;
yh_session *session = NULL;
uint8_t context[YH_CONTEXT_LEN] = {0};
uint8_t data[128] = {0};
size_t data_len = sizeof(data);
assert(yh_init() == YHR_SUCCESS);
assert(yh_init_connector("http://localhost:12345", &connector) ==
assert(yh_connect_best(&connector, 1, NULL) == YHR_SUCCESS);
strlen(YH_DEFAULT_PASSWORD), false, context, sizeof(context), &session) ==
assert(yh_authenticate_session(session, context, sizeof(context)) ==
assert(yh_util_get_random(session, sizeof(data), data, &data_len) ==
assert(data_len == sizeof(data));
assert(yh_util_close_session(session) == YHR_SUCCESS);
assert(yh_destroy_session(&session) == YHR_SUCCESS);
assert(yh_disconnect(connector) == YHR_SUCCESS);
}