def sign(self, bytes, keynum=-1):
if keynum == -1:
keynum = self.keynum
key = AsymmetricKey(self.session, keynum)
sig = key.sign_eddsa(bytes)
encoded_sig = base64.standard_b64encode(sig).decode()
return encoded_sig
import sys
import base64
import getpass
from yubihsm import YubiHsm
from yubihsm.objects import AsymmetricKey
if len(sys.argv) != 3:
print("Usage: python sign.py <datafile> <key_number>")
exit()
infile = open(sys.argv[1], "r")
keynum = int(sys.argv[2])
authkeyID = 101
password = getpass.getpass()
encoded_data = infile.read()
encoded_bytes = base64.standard_b64decode(encoded_data)
hsm = YubiHsm.connect("http://localhost:12345/connector/api")
session = hsm.create_session_derived(authkeyID, password)
key = AsymmetricKey(session, keynum)
sig = key.sign_eddsa(encoded_bytes)
encoded_sig = base64.standard_b64encode(sig).decode()
print(encoded_sig)
session.close()
hsm.close()