Yubico Forum

The Yubikey manual (v3.3) says the “Yubikey Neo features a high-quality, cryptographically secure random number generator”. Is there a tool to get some random numbers from a Neo onto a PC?

Presumably the Neo implements javacard.security.RandomData.generateData(…) as an API to the high-quality RNG. That makes the RNG available to applets on the Neo, but is not sufficient to expose the RNG to a PC tool via an APDU. Do any of the standard applets (OTP, OAUTH, PGP, PIV, U2F) support an APDU that returns randomness?

Presumably the high-quality RNG is used when yubico-piv-tool.exe is used to trigger a Neo to generate a new RSA or ECC key-pair. I was hoping there was another command that returns values from the RNG directly.

Hello,

The PIV applet exposes a way to get out randomness. It's a bit of a hack but is exposed through opensc as well. The APDU in question would in this case be:
00 87 03 9b 04 7c 02 81 00
which will return 8 bytes of random data for every call.

/klas

Thanks Klas,
That is a GENERAL AUTHENTICATE command (INS '87') specifying 3-key Triple DES in ECB mode (P1 '03') with the admin key (P2 '9B') and requesting a challenge (tag '81' in dynamic auth template tag '7C').
That works (after selecting the PIV applet 00 A4 04 00 05 A000000308). It returns 8 random bytes after a couple of tags (7C 0A 81 08 <8 random bytes>).

This is a little easier than dealing with the card protocols directly, if it works for your use case (and for other readers who may want to use the card's RNG, it's directly usable in scripts etc):



This sends a command via stdin to gpg-connect-agent, which sends it to your currently running gpg-agent, which in turn sends "random 128" to scdaemon, which should, as I understand the scdaemon command protocol, ask your card to generate 128 bytes and return it to you. You should see your Neo's button flicker every time you run this command. Remove/reinsert your card or run gpg --card-status (or both) if it complains about the card not being connected.

Granted the output isn't exactly clean (it spits out response characters like "OK" along with the entropy sample). I believe it should be possible to have it output this in the GnuPG "machine readable" format (the one used by libgpgme and enabled by gpg's --with-colons option), but it doesn't seem to work as an option to gpg-connect-agent.

Even so, the output of that scd command should be predictable, a script or program could pretty easily account for it (awk could trim it too, but I'm not so good with awk )

Touching this older and interesting thread.

Not sure whether someone's mileage will vary, on my current system the raw binary data is formatted such that all \n, \r and % characters are escaped with url percent encoding, chopped into ~1000 char pieces carefully not to split any escaped symbol, and put into separate lines prefixed with D and space, so i can nicely extract the raw data when i extend the pipe with:

The scd random command words on my Yubikey NEOs, but not on my Yubikey 4s. It fails with the card error seen above. Any ideas why?

Also, to contribute some nice formatting for outputting random numbers from the Yubikey: