# Custom Keys

# Yubico HSM Key

This example shows how you can write a custom Key implementation to use the Jigu library with Yubico's HSM (hardware-software module) for stricter security demands.

from jigu import Terra
from jigu.core import Coins
from jigu.core.msg import MsgSend
from jigu.key import Key

from yubihsm import YubiHsm
from yubihsm.defs import ALGORITHM, CAPABILITY
from yubihsm.objects import AsymmetricKey

class YubiHSMKey(Key):
    def __init__(
        self, uri, password, session_id=1, obj=0, key_label="my-key", domain=1
        self.hsm = YubiHsm.connect(uri)
        self.session = hsm.create_session_derived(session_id, password)
        self.key = AsymmetricKey.generate(
            session,  # Secure YubiHsm session to use.
            obj,  # Object ID, 0 to get one assigned.
            key_label,  # Label for the object.
            domain,  # Domain(s) for the object.
            CAPABILITY.SIGN_ECDSA,  # Capabilities for the object.
            ALGORITHM.EC_P256,  # Algorithm for the key.

    def public_key(self) -> bytes:
        return key.get_public_key()

    def sign(self, payload: bytes) -> bytes:
        return key.sign_ecdsa(payload)

    def __del__(self):  # destructor

soju = Terra("soju-0013", "https://soju-lcd.terra.dev/")
wallet = soju.wallet(YubiHSMKey("http://localhost:12345", "password"))
send = MsgSend(
    wallet.address,  # from
    "terra...",  # to
    Coins(uluna=100000000),  # amount, 100 LUNA
tx = wallet.create_and_sign_tx(send)

# LedgerKey

Updated on: 3/10/2020, 11:13:44 AM