hatter/yubikey
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
main
yubikey/pkcs15-tools.md
Hatter Jiang 977f97da4d Update 'pkcs15-tools.md'
2024-08-29 01:33:53 +08:00

3.3 KiB
Raw Permalink Blame History 

$ pkcs15-tool --list-applications
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID

$ pkcs15-tool --list-pins
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
PIN [PIN]
	Object Flags   : [0x01], private
	Auth ID        : 02
	ID             : 01
	Flags          : [0x32], local, initialized, needs-padding
	Length         : min_len:4, max_len:8, stored_len:8
	Pad char       : 0xFF
	Reference      : 128 (0x80)
	Type           : ascii-numeric
	Tries left     : 3

PIN [PIV PUK]
	Object Flags   : [0x01], private
	ID             : 02
	Flags          : [0xF2], local, initialized, needs-padding, unblockingPin, soPin
	Length         : min_len:4, max_len:8, stored_len:8
	Pad char       : 0xFF
	Reference      : 129 (0x81)
	Type           : ascii-numeric

$ pkcs15-tool --list-keys
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
Private EC Key [PIV AUTH key]
	Object Flags   : [0x01], private
	Usage          : [0x04], sign
	Access Flags   : [0x1D], sensitive, alwaysSensitive, neverExtract, local
	Algo_refs      : 0
	FieldLength    : 384
	Key ref        : 154 (0x9A)
	Native         : yes
	Auth ID        : 01
	ID             : 01
	MD:guid        : 0x'30313631313834316666383035356163336461353461636261393937356365650000000000000000'

Private EC Key [SIGN key]
	Object Flags   : [0x01], private
	Usage          : [0x04], sign
	Access Flags   : [0x1D], sensitive, alwaysSensitive, neverExtract, local
	Algo_refs      : 0
	FieldLength    : 256
	Key ref        : 156 (0x9C)
	Native         : yes
	Auth ID        : 01
	ID             : 02
	MD:guid        : 0x'30323631313834316666383035356163336461353461636261393937356365650000000000000000'

$ pkcs15-tool --list-info
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
PKCS#15 Card [hatterjiang]:
	Version        : 0
	Serial number  : f8611841ff8055ac3da54acba9975cee
	Manufacturer ID: piv_II 
	Flags          : 

$ pkcs15-tool --list-certificates 
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
X.509 Certificate [Certificate for Card Authentication]
	Object Flags   : [0x00]
	Authority      : no
	Path           : 
	ID             : 04
	Encoded serial : 02 09 0088891A87487694BA

$ pkcs15-tool --list-public-keys
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
Public EC Key [PIV AUTH pubkey]
	Object Flags   : [0x00]
	Usage          : [0x40], verify
	Access Flags   : [0x02], extract
	FieldLength    : 384
	Key ref        : 154 (0x9A)
	Native         : yes
	ID             : 01
	DirectValue    : <absent>

Public EC Key [SIGN pubkey]
	Object Flags   : [0x00]
	Usage          : [0x40], verify
	Access Flags   : [0x02], extract
	FieldLength    : 256
	Key ref        : 156 (0x9C)
	Native         : yes
	ID             : 02
	DirectValue    : <absent>

$ pkcs15-tool --read-ssh-key 01
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
ecdsa-sha2-nistp384 AAAAE2Vj.... PIV AUTH pubkey

$ pkcs15-tool --read-certificate 01
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
-----BEGIN CERTIFICATE-----
....
-----END CERTIFICATE-----

$ pkcs15-tool --read-public-key 01
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
-----BEGIN PUBLIC KEY-----
....
-----END PUBLIC KEY-----

Reference

  1. https://ubuntu.com/server/docs/smart-card-authentication
Reference in New Issue View Git Blame Copy Permalink