hatter/yubikey
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
main
yubikey/pkcs15-tools.md
Hatter Jiang 977f97da4d Update 'pkcs15-tools.md'
2024-08-29 01:33:53 +08:00

129 lines
3.3 KiB
Markdown
Raw Permalink Blame History

```shell
$ pkcs15-tool --list-applications
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
```
```shell
$ pkcs15-tool --list-pins
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
PIN [PIN]
Object Flags : [0x01], private
Auth ID : 02
ID : 01
Flags : [0x32], local, initialized, needs-padding
Length : min_len:4, max_len:8, stored_len:8
Pad char : 0xFF
Reference : 128 (0x80)
Type : ascii-numeric
Tries left : 3
PIN [PIV PUK]
Object Flags : [0x01], private
ID : 02
Flags : [0xF2], local, initialized, needs-padding, unblockingPin, soPin
Length : min_len:4, max_len:8, stored_len:8
Pad char : 0xFF
Reference : 129 (0x81)
Type : ascii-numeric
```
```shell
$ pkcs15-tool --list-keys
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
Private EC Key [PIV AUTH key]
Object Flags : [0x01], private
Usage : [0x04], sign
Access Flags : [0x1D], sensitive, alwaysSensitive, neverExtract, local
Algo_refs : 0
FieldLength : 384
Key ref : 154 (0x9A)
Native : yes
Auth ID : 01
ID : 01
MD:guid : 0x'30313631313834316666383035356163336461353461636261393937356365650000000000000000'
Private EC Key [SIGN key]
Object Flags : [0x01], private
Usage : [0x04], sign
Access Flags : [0x1D], sensitive, alwaysSensitive, neverExtract, local
Algo_refs : 0
FieldLength : 256
Key ref : 156 (0x9C)
Native : yes
Auth ID : 01
ID : 02
MD:guid : 0x'30323631313834316666383035356163336461353461636261393937356365650000000000000000'
```
```shell
$ pkcs15-tool --list-info
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
PKCS#15 Card [hatterjiang]:
Version : 0
Serial number : f8611841ff8055ac3da54acba9975cee
Manufacturer ID: piv_II
Flags :
```
```shell
$ pkcs15-tool --list-certificates
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
X.509 Certificate [Certificate for Card Authentication]
Object Flags : [0x00]
Authority : no
Path :
ID : 04
Encoded serial : 02 09 0088891A87487694BA
```
```shell
$ pkcs15-tool --list-public-keys
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
Public EC Key [PIV AUTH pubkey]
Object Flags : [0x00]
Usage : [0x40], verify
Access Flags : [0x02], extract
FieldLength : 384
Key ref : 154 (0x9A)
Native : yes
ID : 01
DirectValue : <absent>
Public EC Key [SIGN pubkey]
Object Flags : [0x00]
Usage : [0x40], verify
Access Flags : [0x02], extract
FieldLength : 256
Key ref : 156 (0x9C)
Native : yes
ID : 02
DirectValue : <absent>
```
```shell
$ pkcs15-tool --read-ssh-key 01
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
ecdsa-sha2-nistp384 AAAAE2Vj.... PIV AUTH pubkey
```
```shell
$ pkcs15-tool --read-certificate 01
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
-----BEGIN CERTIFICATE-----
....
-----END CERTIFICATE-----
```
```shell
$ pkcs15-tool --read-public-key 01
Using reader with a card: Yubico YubiKey OTP+FIDO+CCID
-----BEGIN PUBLIC KEY-----
....
-----END PUBLIC KEY-----
```
<br>
# Reference
1. https://ubuntu.com/server/docs/smart-card-authentication
Reference in New Issue View Git Blame Copy Permalink