Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement commands #1

Open
37 of 49 tasks
sosthene-nitrokey opened this issue Oct 26, 2022 · 1 comment
Open
37 of 49 tasks

Implement commands #1

sosthene-nitrokey opened this issue Oct 26, 2022 · 1 comment
Labels
tracking

Comments

@sosthene-nitrokey
Copy link
Collaborator

sosthene-nitrokey commented Oct 26, 2022
edited
Loading

PIV standard

  • SELECT
  • GET DATA - Add support for PUT DATA, GET DATA and fix GENERAL AUTHENTICATE #5
    • Mandatory Data elements:
      • Card Capability Container
      • Card Holder Unique Identifier
        • asymmetric Signature Field
      • X.509 Certificate for PIV Authentication
      • X.509 Certificate for Card Authentication
      • Cardholder Fingerprints
      • Cardholder Facial Image (only up to 1KB)
      • Security Object
    • Conditional Data elements:
      • X.509 Certificate for Digital Signature
      • X.509 Certificate for Key Management
    • Optional Data Elements
      • Printed Information (Not applicable)
      • Discovery Object
      • Key History Object
      • Retired X.509 Certificates for Key Management
      • Cardholder Iris Images
      • Biometric Information Templates Group Template
      • Secure Messaging Certificate Signer
      • Pairing Code Reference Data Container UUIDs:
      • Card UUID
  • VERIFY
    • Global Pin
    • PivPin
    • Primary finger OCC (Optional)
    • Secondary finger OCC (Optional)
    • Pairing Code (for NFC only)
  • CHANGE REFERENCE DATA
    • PivPIn
    • Puk
  • RESET RETRY COUNTER
  • GENERAL AUTHENTICATE
  • PUT DATA - Add support for PUT DATA, GET DATA and fix GENERAL AUTHENTICATE #5
  • GENERATE ASYMMETRIC KEYPAIR

Yubico extensions
@sosthene-nitrokey sosthene-nitrokey mentioned this issue Aug 23, 2023
Merged
@stv0g
Copy link

stv0g commented May 25, 2024

New YubiKey extensions as part of their 5.7 firmware update should be probably added to this list:

  • Move keys between slots
  • Delete keys from slots
  • AES management keys
  • New algorithms
    • RSA 3072
    • RSA 4096
    • X25519
    • Ed25519

See: https://docs.yubico.com/hardware/yubikey/yk-tech-manual/5.7-firmware-specifics.html#piv-enhancements

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
tracking
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@stv0g @sosthene-nitrokey