Feature Request - wrapkey id argument for dump command

Question

Feature Request - wrapkey id argument for dump command

fenichelar opened this issue 3 years ago · 3 comments

The dump command allows the authkey id and password to be specified as command line arguments but it does not allow the wrapkey id to be specified as an argument. This make it difficult to use the dump command in a script because it requires interaction.

I don't have any experience with Rust but I will make an attempt and submit a PR if there is interest.

Answer 1 · 2021-08-18T08:48:54.000Z

The functionality offered by yubihsm-setup was not really intended to be used often enough that it needed to be part of a script. If you can explain more about your use case maybe we can come up with an alternative solution?

Answer 2 · 2021-08-23T16:09:03.000Z

Hello @aveenismail

The dump command allows the auth key id and password to be passed as arguments, it just doesn't allow the wrap key id to be passed as an argument. I'm not sure why there is a distinction between these.

The wrap key id can be piped to the dump command to get around this. Also, yubihsm-shell can be used to list the objects, iterate through them, and then export each wrapped object.

Answer 3 · 2022-01-24T14:05:56.000Z

The fix has been merged to master, please let me know if it solves this issue