Yubico Forum

I'm very new to this so most of my questions may seem trivial.

I'm trying to research whether I could use yubikeys for file encryption/decryption. Basically my goal is to create a small java application that takes a file that is encrypted with the public from the yubikey and then de-crypt it using the matching private key that is on the secure element of the yubikey.

1. First question is, whether this is feasible. If yes - what would be the steps to achieve that (I assume I should utilize PIV applet somehow)

So far I have managed to connect to yubikey and send various commands. However I'm facing certain issues:

2. when sending the authenticate command (INS 0x20, P2 0x82), only few times I have managed to receive a 9000 response. Other times it's either 6A80 or 6D00. Whenever I try to verify pin via yubico-piv-tool command line, it is always successful. I cannot pinpoint the reason why I am receiving different responses (they seem quite random). It looks like it is somehow related to connection modes that I can change using NEO manager tool. When I set it to OTP+CCID, it mostly return 6A80, but then after some time answers to most commands become 6D00 until I reconfigure connection mode to OTP+U2F+CCID and then back to OTP+CCID
3. even with the basic command to get the version (INS 0xFD) I start getting 6D00 response at some point.

Until I get the verification command to work consistently I guess there is no point trying to generate public keys, as authentication is required to be able to do that.

Thanks,
Aurimas

You know that there are two different sides to the key. The PIV and the OTP, right? Check this post out. viewtopic.php?f=35&t=2477&p=9146&hilit=change+pin#p9146