Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 9:22 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 3 posts ] 
Author Message
PostPosted: Mon Dec 01, 2014 9:47 pm 
Offline

Joined: Tue Nov 18, 2014 9:14 pm
Posts: 95
Location: San Jose, CA
Just a bit curious... I did a "list algorithms" on my yubikey neo and got the following output:

Code:
$ opensc-tool --list-algorithms
Using reader with a card: Yubico Yubikey NEO OTP+U2F+CCID 00 00
Algorithm: rsa
Key length: 1024
Flags: onboard key generation padding ( none ) hashes ( )

Algorithm: rsa
Key length: 2048
Flags: onboard key generation padding ( none ) hashes ( )

Algorithm: rsa
Key length: 3072
Flags: onboard key generation padding ( none ) hashes ( )

Algorithm: ec
Key length: 256
Flags: onboard key generation

Algorithm: ec
Key length: 384
Flags: onboard key generation



Does the Yubikey NEO really support 3072-bit RSA keys, and 384-bit EC keys? I don't see that capability exposed in the apps.

Likewise, is the following list of supported pkcs11 mechanisms accurate?

Code:
$ pkcs11-tool --module /usr/lib/opensc-pkcs11.so --list-mechanisms
Using slot 1 with a present token (0x1)
Supported mechanisms:
  SHA-1, digest
  SHA256, digest
  SHA384, digest
  SHA512, digest
  MD5, digest
  RIPEMD160, digest
  ECDSA, keySize={256,384}, hw, sign, other flags=0x1800000
  ECDSA-SHA1, keySize={256,384}, hw, sign, other flags=0x1800000
  ECDSA-KEY-PAIR-GEN, keySize={256,384}, hw, generate_key_pair, other flags=0x1800000
  RSA-X-509, keySize={1024,3072}, hw, decrypt, sign, verify
  RSA-PKCS, keySize={1024,3072}, hw, decrypt, sign, verify
  SHA1-RSA-PKCS, keySize={1024,3072}, sign, verify
  SHA256-RSA-PKCS, keySize={1024,3072}, sign, verify
  MD5-RSA-PKCS, keySize={1024,3072}, sign, verify
  RIPEMD160-RSA-PKCS, keySize={1024,3072}, sign, verify
  RSA-PKCS-KEY-PAIR-GEN, keySize={1024,3072}, generate_key_pair


Last edited by darco on Tue Dec 02, 2014 7:29 pm, edited 1 time in total.

Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Tue Dec 02, 2014 2:59 am 
Offline

Joined: Wed Oct 22, 2014 5:16 pm
Posts: 5
This has been elaborated on by Yubico staff in this thread.


Top
 Profile  
Reply with quote  
PostPosted: Tue Dec 02, 2014 7:27 pm 
Offline

Joined: Tue Nov 18, 2014 9:14 pm
Posts: 95
Location: San Jose, CA
Thanks!


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: Heise IT-Markt [Crawler] and 8 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group