Source: python-pyhsm Maintainer: Debian Authentication Maintainers Uploaders: Simon Josefsson , Klas Lindfors , Dain Nilsson Section: python Priority: optional Build-Depends: python-setuptools (>= 0.6b3), debhelper (>= 11), python Standards-Version: 4.2.1 Homepage: https://developers.yubico.com/python-pyhsm/ Vcs-Browser: https://salsa.debian.org/auth-team/python-pyhsm Vcs-Git: https://salsa.debian.org/auth-team/python-pyhsm.git Package: python-pyhsm Architecture: all Depends: ${python:Depends}, ${misc:Depends}, python-crypto, python-serial Suggests: python-argparse, yhsm-daemon Recommends: yhsm-tools XB-Python-Version: ${python:Versions} Provides: ${python:Provides} Description: Python code for talking to a Yubico YubiHSM hardware YubiHSM is an easy to use and affordable crypto appliance that you connect to the USB port of a server. You can then store cryptographic keys on the YubiHSM and use them from the server without any possibility for an attacker to extract the crypto keys from the YubiHSM. . Supported operations include YubiKey OTP validation, AES ECB encrypt/decrypt/decrypt-compare, HMAC-SHA1 hashing (enabling OATH code validation), and Random number entropy generation. . This package contains the core Python code for interacting with the YubiHSM. Package: yhsm-tools Section: utils Architecture: all Depends: ${python:Depends}, ${misc:Depends}, python-argparse, python-setuptools, python-pyhsm (= ${binary:Version}) XB-Python-Version: ${python:Versions} Provides: ${python:Provides} Description: Common files for YubiHSM applications YubiHSM is an easy to use and affordable crypto appliance that you connect to the USB port of a server. You can then store cryptographic keys on the YubiHSM and use them from the server without any possibility for an attacker to extract the crypto keys from the YubiHSM. . Supported operations include YubiKey OTP validation, AES ECB encrypt/decrypt/decrypt-compare, HMAC-SHA1 hashing (enabling OATH code validation), and Random number entropy generation. . This package includes the following utilities that talk with the YubiHSM: . * yhsm-keystore-unlock - Keystore unlock * yhsm-linux-add-entropy - Entropy seeder * yhsm-decrypt-aead - Decrypt AEADs * yhsm-generate-keys - Generate new AEADs Package: yhsm-validation-server Section: net Architecture: all Depends: ${python:Depends}, ${misc:Depends}, adduser, lsb-base, python-pyhsm (= ${binary:Version}), python-argparse, python-setuptools, yhsm-tools XB-Python-Version: ${python:Versions} Provides: ${python:Provides} Description: Validation server using YubiHSM This package validates YubiKey OTP's, OATH codes or password hashes using YubiHSM. . The interface is a REST API with a simple web server listening on localhost only (per default). It can function as a drop-in replacement for the traditional PHP based Yubico validation server, except that it does not provide the advanced replication features of that server. Package: yhsm-yubikey-ksm Section: net Architecture: all Depends: ${python:Depends}, ${misc:Depends}, adduser, lsb-base, python-pyhsm (= ${binary:Version}), python-argparse, yhsm-tools, python-setuptools, python-daemon, python-sqlalchemy, XB-Python-Version: ${python:Versions} Provides: ${python:Provides} Description: Yubikey Key Storage Module using YubiHSM Decryption backend for a Yubico validation service. Uses the YubiHSM to decrypt YubiKey OTPs and answer 'OK' or 'ERR'. . This package provides the decryption backend for a Yubico validation service. It uses the YubiHSM to decrypt YubiKey OTPs and answer 'OK' or 'ERR'. The package also contains the yhsm-db-import and yhsm-db-export tools for database management. Package: yhsm-daemon Section: net Architecture: all Depends: ${python:Depends}, ${misc:Depends}, adduser, lsb-base, python-pyhsm (= ${binary:Version}), python-argparse, python-setuptools, python-daemon XB-Python-Version: ${python:Versions} Provides: ${python:Provides} Description: YubiHSM server daemon Provides a TCP based server allowing multiple processes to use a single YubiHSM in parallel. . To utilize the YubiHSM via the server instead of using it directly, pass yhsm://localhost:5348 as the device to python-pyhsm.