diff --git a/doc/YubiKey-NEO-PIV-Introduction.txt b/doc/YubiKey-NEO-PIV-Introduction.txt new file mode 100644 index 0000000..5cd8427 --- /dev/null +++ b/doc/YubiKey-NEO-PIV-Introduction.txt @@ -0,0 +1,53 @@ +Introduction to the YubiKey NEO PIV Applet +========================================== + +The YubiKey NEO supports the Privilege and Identification Card (PIV) +interface specified in NIST SP 800-73 document "Cryptographic +Algorithms and Key Sizes for PIV". This enables you to perform RSA or +ECC sign/decrypt operations using a private key stored on the +smartcard, through common interfaces like PKCS#11. + +References: +* SP 800-73-3 http://csrc.nist.gov/publications/PubsSPs.html +* NIST SP 800-73-4 (draft) + http://csrc.nist.gov/publications/PubsDrafts.html#800-73-4 + +General information +------------------- + +The default PIN code is 123456. The default PUK code is 12345678. + +The default 3DES management key (9B) is +01:02:03:04:05:06:07:08:01:02:03:04:05:06:07:08:01:02:03:04:05:06:07:08. + +The following key slots exists: + +* 9A, 9C, 9D, 9E: RSA 1024, RSA 2048, or ECC secp256r1 keys + (algorithms 6, 7, 11 respectively). + +* 9B: Triple-DES key (algorithm 3) for PIV management. + +The maximum size of stored objects is 2005 bytes. + +Currently all functionality are available over both contact and +contactless interfaces (contrary to what the specifications mandate). + +Software +-------- + +Card management has been tested with the tools from the OpenSC +project, specifically piv-tool, and Yubico's yubico-piv-tool. Basic +features should work with any PIV compliant middleware. + +* https://github.com/OpenSC/OpenSC/wiki +* https://developers.yubico.com/yubico-piv-tool/ +* https://github.com/OpenSC/OpenSC/wiki/US-PIV +* https://github.com/OpenSC/OpenSC/wiki/PivTool + +Card Holder Unique Identifier +----------------------------- + +For the applet to be usable in windows the object CHUID (Card Holder +Unique Identifier) has to be set and unique. The card contents are +also aggressively cached so the CHUID has to be changed if the card +contents change.