An experimental pure Rust reimplementation of [libyubihsm] providing an interface to [YubiHSM2] devices from [Yubico].
This library attempts to reimplement some of the functionality of libyubihsm, a closed-source C library which acts as a libcurl-based HTTP(S) client and sends commands to the [yubihsm-connector] process, which implements an HTTP(S) server which sends the commands to the YubiHSM2 hardware device over USB. However, libyubihsm can be difficult to work with because it is shipped as a platform-specific dynamic library which needs its own special versions of libcurl and OpenSSL.
yubihsm-client is a pure-Rust reimplementation of a similar HTTP(S) client library for yubihsm-connector based on black box reverse engineering of the HTTP requests and responses. This process involves a lot of guesswork and therefore what is implemented in this library may not be an accurate reflection of how the protocol actually works. Only a small amount of the functionality provided by libyubihsm is exposed.
yubihsm-client is implemented using the [reqwest] Rust HTTP client library.
Tests for yubihsm-client assume you have a YubiHSM2 hardware device, have downloaded the [YubiHSM2 SDK] for your platform, and are running a yubihsm-connector process listening on localhost on the default port of 12345. The YubiHSM2 device should be in the default factory state. To reset it to this state, either use the [yubihsm-shell reset] command or press on the YubiHSM2 for 10 seconds immediately after inserting it.
yubihsm-client is distributed under the terms of both the MIT license and the Apache License (Version 2.0).
See LICENSE-APACHE and LICENSE-MIT for details.