This is the Python package to talk to a YubiHSM.

The YubiHSM is Yubico's take on the Hardware Security Module (HSM),
designed for protecting secrets on authentication servers, including
cryptographic keys and passwords, at unmatched simplicity and low
cost.

See the files in utils/, examples/ yhsm-val/, and yubikey-ksm/ to get
an idea of how to use this code.

Copyright (c) 2011 Yubico AB
See the file COPYING for licence statement.




# IMPORT / EXPORT AEADs, to/from a database using yhsm-db-import and yhsm-db-export

==============================
	INSTALLATION
==============================

#On debian/Ubuntu install:
~$ sudo apt-get install python
~$ sudo pip install SQLAlchemy (or any other method illustrated at: http://docs.sqlalchemy.org/en/rel_0_8/intro.html#installation)



#On other systems
install python 2.7 or above from www.python.org
isntall SQLAlchemy from http://docs.sqlalchemy.org/en/rel_0_8/intro.html#installation


#A database schema is provided to configure the database table for the import/export tools. Create your favourite database and use te schema db_schema provided.

~$ cat doc/db_schema
CREATE TABLE aead_table (
  public_id varchar(16) NOT NULL,
  keyhandle INT NOT NULL,
  aead BLOB NOT NULL,
  PRIMARY KEY (public_id, keyhandle)
); 


======================
	USAGE
======================


IMPORT: yhsm-db-import aeads_source_folder database_url
EXPORT: yhsm-db-export aeads_destination_folder database_url

# SECURITY WARNING: It is not safe to execute the command with the database url containing username and password. # 


#IMPORT
~$ python yhsm-db-import /root/aeads/ mysql://localhost/database_name

OR

~$ python yhsm-db-import /root/aeads/ mysql://root:password@localhost:3306/database_name


#EXPORT
~$ python yhsm-db-export /root/aeads/ mysql://localhost/database_name

OR

~$ python yhsm-db-export /root/aeads/ mysql://root:password@localhost:3306/database_name




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~ Comments, feedback and patches welcome!       ~
~                                               ~
~ Tommaso De Orchi <tom@yubico.com> 2013-07-12  ~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~