NAME

       yhsm-decrypt-aead ‐ Decrypt AEADs (with secrets for YubiKeys)

SYNOPSIS

       yhsm-decrypt-aead [options] --aes-key KEY file-or-dir [...]

DESCRIPTION

       Decrypt AEADs generated using a YubiHSM.  NOTE that this requires knowledge of the AES key
       used in the YubiHSM.

       After a number of YubiKey secrets have been generated using yhsm-generate-keys(1)  ,  this
       tool can decrypt them and produce a CSV file usable to personalize corresponding YubiKeys.

OPTIONS

       -v, --verbose
              Enable verbose operation.

       --debug
              Enable debug printout.

       --format str
              Select output format (raw or yubikey-csv).

       --print-filename
              Prefix any output with the input filename.

       --key-handle kh
              Key  handle  used  when  generated  AEADs,  if  not  stored  in the AEAD file (AEAD
              generated with python-pyhsm 1.0.3 or lower).

       --aes-key hexstr
              AES key used to generate the AEADs.

EXIT STATUS

       0   OK

       1   Fail

BUGS

       Report python-pyhsm/yhsm-decrypt-aead bugs in the issue tracker ⟨https://github.com/
       Yubico/python-pyhsm/issues/⟩

SEE ALSO

       The home page ⟨https://developers.yubico.com/python-pyhsm/⟩

       YubiHSMs and YubiKeys can be obtained from Yubico ⟨http://www.yubico.com/⟩.