Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 12:00 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 4 posts ] 
Author Message
PostPosted: Fri Aug 19, 2016 1:58 pm 
Offline

Joined: Wed Aug 03, 2016 3:29 pm
Posts: 3
I am trying to create Java client application that will receive private key stored in Yubikey Neo and later use the key to sign the challenge from the server for FIDO U2F, but the problem is when I touched the button in Yubikey Neo it will instead generate the OTP (Yubikey Neo is set with OTP and U2F). I read in the U2F page that currently only Chrome browser is able to use U2F. I tried to use java-u2flib-server package but it seems that it could not access the private key stored CMIIW. So is there anyway I could get the private key from Yubikey Neo in Java?

Thanks


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Sat Sep 03, 2016 3:45 am 
Offline
User avatar

Joined: Fri Aug 26, 2016 5:44 pm
Posts: 25
Location: Rochester, New York, USA
ihsanhaikalz wrote:
I am trying to create Java client application that will receive private key stored in Yubikey Neo and later use the key to sign the challenge from the server for FIDO U2F, but the problem is when I touched the button in Yubikey Neo it will instead generate the OTP (Yubikey Neo is set with OTP and U2F). I read in the U2F page that currently only Chrome browser is able to use U2F. I tried to use java-u2flib-server package but it seems that it could not access the private key stored CMIIW. So is there anyway I could get the private key from Yubikey Neo in Java?

Thanks

Maybe there's a translation issue, but if I'm understanding you correctly, no, you cannot do what you're asking. It is not possible to extract the private keys from the secure element, and this is by design, to prevent their compromise. All cryptographic operations are performed on the token itself, not on the host machine.

As far as U2F, officially, yes, only Chrome supports it, however there's a semi-official plug-in for Firefox that works perfectly fine on both the yubico test site and github (it doesn't appear to work for Google, but that seems to be more that they have their stuff hardcoded to say "you're not on chrome, bugger off" than because of an issue with the plug-in; presumably if I changed my user-agent string, it would work fine on Google too). That's only for browsers, though; plenty of other stuff supports it or can be made to. I use U2F for login / sudo on my linux machines.

_________________
Keybase User: sporkwitch
PGP Public Key: B54A 454A 2B29 9D83 0201 CB1B C136 07BD 83A9 E927


Top
 Profile  
Reply with quote  
PostPosted: Sun Sep 04, 2016 7:05 am 
Offline

Joined: Sun Nov 15, 2015 11:47 pm
Posts: 36
Quote:
I use U2F for login / sudo on my linux machines

I'd appreciate some more details please, if you don't mind.


Top
 Profile  
Reply with quote  
PostPosted: Sun Sep 04, 2016 4:08 pm 
Offline
User avatar

Joined: Fri Aug 26, 2016 5:44 pm
Posts: 25
Location: Rochester, New York, USA
mouse008 wrote:
Quote:
I use U2F for login / sudo on my linux machines

I'd appreciate some more details please, if you don't mind.

PM or start a new thread, please; that's not really in-scope for this thread (it's rude to hijack).

_________________
Keybase User: sporkwitch
PGP Public Key: B54A 454A 2B29 9D83 0201 CB1B C136 07BD 83A9 E927


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group