This module is used to access the YubiHSM for encrypting and

decrypting the data

linotp.ini: linotpActiveSecurityModule = yubihsm linotpSecurity.yubihsm.module =

linotpSecurity.yubihsm.pinHandle =21 linotpSecurity.yubihsm.valueHandle =22 linotpSecurity.yubihsm.passwordHandle =23 linotpSecurity.yubihsm.defaultHandle = 0x1111 linotpSecurity.yubihsm.password = 14fda9321ae820aa34e57852a31b10d0 linotpSecurity.yubihsm.device = /dev/ttyACM3

You need to change the access rights of /dev/ttyACM? You could add the user “linotp” to the group “dialout”

class, add_conf=None)[source]


Class that handles all AES stuff

createAES(ks=32, label='new AES Key')[source]

Creates a new AES key with the given label and the given length

returns the hanlde

decrypt(data, iv, id=0)[source]

decrypts the given data, using the IV and the key specified by the handle

possible id’s are:
0 1 2

dedicated security module methods: decryptPassword which used one slot id to decryt a string

Parameters:cryptPassword (byte string) – the crypted password - leading iv, seperated by the ‘:’
Returns:decrypted data
Return type:byte string

dedicated security module methods: decryptPin which used one slot id to decryt a string

Parameters:cryptPin (byte string) – the crypted pin - leading iv, seperated by the ‘:’
Returns:decrypted data
Return type:byte string
encrypt(data, iv, id=0)[source]

encrypts the given input data

AES hat eine blocksize von 16 byte. Daher muss die data ein vielfaches von 16 sein und der IV im Falle von CBC auch 16 byte lang.


dedicated security module methods: encryptPassword which used one slot id to encrypt a string

Parameters:password (byte string) – the to be encrypted password
Returns:encrypted data - leading iv, seperated by the ‘:’
Return type:byte string
encryptPin(pin, iv=None)[source]

dedicated security module methods: encryptPin which used one slot id to encrypt a string

  • pin (byte string) – the to be encrypted pin
  • iv (buffer (20 bytes random)) – initialisation vector (optional)

encrypted data - leading iv, seperated by the ‘:’

Return type:

byte string

find_aes_keys(label='testAES', wanted=1)[source]

Find and AES key with the given label The number of keys to be found is restricted by “wanted”

  • the number of keys and
  • the handle to the key

This returns a dictionary with the token info

login(password=None, slotid=0)[source]

Open a session on the first token

After this, we got a self.hSession


closes the existing session

pad(unpadded_str, block=16)[source]

PKCS7 padding pads the missing bytes with the value of the number of the bytes. If 4 bytes are missing, this missing bytes are filled with 

  • unpadded_str (str) – The string to pad
  • block (int) – Block size

padded string

Return type:



create a random value and return it l specifies the length of the random data to be created.


used to set the password, if the password is not contained in the config file

unpad(padded_str, block=16)[source]

This removes and checks the PKCS #7 padding.

  • padded_str (str) – The string to unpad
  • block (int) – Block size

ValueError – If padded_str is not correctly padded a ValueError can be raised. This depends on the ‘yubihsm.accept_invalid_padding’ LinOTP config option. If set to False (default) ValueError is raised. The reason why the data is sometimes incorrectly padded is because the pad() method delivered with LinOTP version < 2.7.1 didn’t pad correctly when the data-length was a multiple of the block-length. Beware that in some cases (statistically about 0.4% of data-chunks whose length is a multiple of the block length) the incorrect padding can not be detected and incomplete data is returned. One example for this last case is when the data ends with the byte 0x01. This is recognized as legitimate padding and is removed before returning the data, thus removing a legitimate byte from the data and making it unusable. If you didn’t upgrade from a LinOTP version before 2.7.1 (or don’t use a YubiHSM) you will not be affected by this in any way. ValueError will of course also be raised if you data became corrupt for some other reason (e.g. disk failure) and can not be unpadded. In this case you should NOT set ‘yubihsm.accept_invalid_padding’ to True because your data will be unusable anyway.


unpadded string or sometimes padded string when ‘yubihsm.accept_invalid_padding’ is set to True. See above.

Return type:


This module can be called to create an AES key.

Parameters are:

-p / –password= The Password of the partition. Can be ommitted.
Then you are asked

-d / –device= The device (default /dev/ttyACM0) -n / –name= The name of the AES key. -f / –find= Find the AES key -h / –help