Yubico Forum
https://forum.yubico.com/

Get public and private key from Yubikey Neo in Java
https://forum.yubico.com/viewtopic.php?f=33&t=2401
Page 1 of 1

Author:  ihsanhaikalz [ Mon Aug 22, 2016 9:55 am ]
Post subject:  Get public and private key from Yubikey Neo in Java

I am trying to create Java client application that will receive private key stored in Yubikey Neo and later use the key to sign the challenge from the server for FIDO U2F, but the problem is when I touched the button in Yubikey Neo it will instead generate the OTP (Yubikey Neo is set with OTP and U2F). I read in the U2F page that currently only Chrome browser is able to use U2F. I tried to use java-u2flib-server package but it seems that it could not access the private key stored CMIIW. So is there anyway I could get the private key from Yubikey Neo in Java?

Thanks

Author:  mouse008 [ Sat Aug 27, 2016 12:42 am ]
Post subject:  Re: Get public and private key from Yubikey Neo in Java

Your application (in Java, or in C/C++) can use the private key stored in the YubiKey by telling the token to perform operations with that key (and supplying the correct PIN) - but there's no way (short of bringing a government lab and destructive equipment :) to [b/extract[/b] the key from the token. That is by design, and is the main reason people buy YubiKey and other similar devices.

For normal public-key cryptography look up PKCS#11 access. Useful references:

P.S. I haven't tried to actually program U2F (only "normal" PK processing using RSA and ECC) - but am pretty sure the approach would be rather similar.

Page 1 of 1 All times are UTC + 1 hour
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/