Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 8:42 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 6 posts ] 
Author Message
PostPosted: Tue Dec 16, 2014 9:02 pm 
Offline

Joined: Tue Nov 18, 2014 9:14 pm
Posts: 95
Location: San Jose, CA
I have been trying to find some detailed documentation on PIV and the limitations/capabilities of each of the four slots. There are:
Code:
9a is for PIV Authentication
9c is for Digital Signature (PIN always checked)
9d is for Key Management
9e is for Card Authentication (PIN never checked)

So here are my questions:

  • What are all of the differences in capabilities between slots 9a, 9c, 9d, and 9e? I know it says that the PIN is always checked for 9c and never for 9e, but it isn't clear to me what the other differences are, if any. Are there some operations I can perform with 9c that I can't perform with slot 9a, and vise versa?
  • How is the key in the key management slot (9d) used? Can it be used for decrypting and signing like the other slots, or is it limited only to decrypting private keys when importing private keys into the other slots? And how does that work, anyway? As in, how could I use the key management key to securely load an encrypted private key into the app?
  • Is there a good guide describing all of the capabilities of PIV and how it can be used?


Last edited by darco on Thu Dec 18, 2014 10:31 pm, edited 1 time in total.

Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Wed Dec 17, 2014 1:17 am 
Offline

Joined: Wed Nov 19, 2014 12:11 am
Posts: 31
The NIST SP 800-73 standards for PIV are available free of charge on the NIST web site. You probably want to be looking at the SP 800-73-3 standards.

The Yubico Neo PIV applet doesn't strictly follow the standard in some respects. The PIV standard says that only the 9E slot should be available via a contactless interface - 9E is primarily used for physical access control applications, hence the value of contactless. The Neo makes all slots available via contactless.


From what I remember of the PIV standards, 9A is used for a logon certificate, 9C for digital signing such as signing S/MIME e-mail, 9D for decryption of encrypted S/MIME e-mail, and 9E for physical access control.

In practice, you can use 9A, 9C and 9D freely according to your applications. I have my StartSSL client certificate in 9A and my StartSSL code signing certificate in 9C (where the requirement to enter the PIN every time is an advantage). I have no real use for 9E as I don't have any access control infrastructure, whilst 9D is spare in case in need a client certificate from another CA.


Top
 Profile  
Reply with quote  
PostPosted: Wed Dec 17, 2014 3:32 am 
Offline

Joined: Tue Nov 18, 2014 9:14 pm
Posts: 95
Location: San Jose, CA
Thanks! I'm reading it over now.

Here is the direct link, for posterity: http://csrc.nist.gov/publications/nistp ... el-rep.pdf


Top
 Profile  
Reply with quote  
PostPosted: Wed Dec 17, 2014 6:00 am 
Offline

Joined: Tue Nov 18, 2014 9:14 pm
Posts: 95
Location: San Jose, CA
OK, so, the "key management" key is the confusing (but technically accurate) description of what one would think of as the "encryption" key. Great.

Reading over these docs, I see this tantalizing "retired keys" capability, where we can store up to 20 additional private keys. The yubico-piv-tool doesn't seem to support it, but I'm wondering if the app on the card properly implements retired keys and key history...?


Top
 Profile  
Reply with quote  
PostPosted: Wed Dec 17, 2014 3:23 pm 
Offline
Site Admin
Site Admin

Joined: Thu Apr 19, 2012 1:45 pm
Posts: 148
No implementation of retired keys in the Neo PIV. All (most?) functions are exposed in the yubico-piv-tool.

The main reason we (I) skipped the retired keys is that it seems mostly unspecified how that works and how you'd access that. We could probably be convinced to add support for this if we where fairly certain it'd work fine in windows and with OpenSC.

/klas


Top
 Profile  
Reply with quote  
PostPosted: Wed Dec 17, 2014 7:38 pm 
Offline

Joined: Tue Nov 18, 2014 9:14 pm
Posts: 95
Location: San Jose, CA
What a shame. I would love to have the ability to store more keys and certs, and this seems like a logical way to implement that. But maybe there are better ways.

Reading over the specification, it seems pretty clear how the keys are used and accessed. The offline cert capability is a little hand-wavey, but for on-card certs it seems well-specified.

The only obvious part that seems missing is a way to move a private key from a primary slot to a retired slot if the private key was generated on-device. Seems like an obvious oversight. I guess they are assuming you would always escrow the key management keys, and thus could always just re-upload them.

Would have to dig into OpenSC to see if they support key history.

I'll mark this thread solved at the end of the day.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 6 posts ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 9 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group