Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Download links point to outdated SDK version. #413

Open
AJH16 opened this issue Aug 19, 2024 · 3 comments
Open

Download links point to outdated SDK version. #413

AJH16 opened this issue Aug 19, 2024 · 3 comments

Comments

@AJH16
Copy link

AJH16 commented Aug 19, 2024

The latest yubikeys and YubiHSM Auth make mention of SCP11 based asymmetric authentication capabilities however, after having programmed an asymmetric key into a yubikey 5.7 with hsmauth, registering the public key to the HSM as an authentication key and then trying to use it with ykopen in the latest released HSM shell, it fails.

In my digging, it appears that the necessary code is not in the latest SDK release from the website as key commands, such as ykhsmauth_get_challenge_ex seem to be missing from the latest available release.

Is SCP11 support available yet and if so, where can I get an up to date copy of the library or do I need to build my own copy. 2.4.2 seems to be the latest shell publicly available despite 2.6 currently being packaged and 2.5 having previously been packaged. Am I missing some other publishing point or is there some other issue I'm missing?
@AJH16
Copy link
Author

AJH16 commented Aug 19, 2024

@aveenismail if you have any insights, it would be appreciated. Even if just able to indicate if I'm going in generally the right direction. I've tried going through support as well, but they seem to be unsure who to ask or who to bubble it to so they keep putting things on hold.

@AJH16
Copy link
Author

AJH16 commented Aug 19, 2024

Ok, I was able to get a local build done using Windows Subsystem Linux and then running the powershell script. The 2.6.0 version I was able to build was able to authenticate to the HSM with the asymmetric key correctly. Still having some issues with my C# wrapper library code getting it to function correctly, but now that I have a working version of yubihsm-shell to look at I don't think it should be too hard to get the rest of the way.

@AJH16
Copy link
Author

AJH16 commented Aug 20, 2024
edited
Loading

Works fine with build of latest code. The version listed for download on the main site is just out of date. https://developers.yubico.com/YubiHSM2/Releases/ This page has the out of date download links and is referenced from the main YubiHSM SDK download page here: https://www.yubico.com/support/download/yubihsm-2-libraries-and-tools/

For anyone else that stumbles across the same issue, you can find the latest releases of the yubihsm-shell (and libyubihsm) here https://developers.yubico.com/yubihsm-shell/Releases/.

@AJH16 AJH16 changed the title SCP11 Asymmetric HSM Authentication Download links point to outdated SDK version. Aug 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@AJH16