a-dma
commented
7 years ago Unfortunately this is not a supported functionality. As for writing custom applets, we used to allow that with the NEO, but that requires keys from NXP which we can't provide.
As an aside, you won't be able to store keyfiles, but if PKCS#11 is supported for your use case, try having a look at PIV (either NEO or Yk4).
Hello!
I'd like to be able to write keyfiles onto my Yubikey. I use VeraCrypt and I use KeePassX. Both of them can take keyfiles to derive encryption key from. VeraCrypt can work with them over PKCS #11. I'm not sure if KeePassX can. But it would be great if I could upload keyfiles to my Yubikey (or better yet - generate one onboard) and store them there PIN-protected. Nitrokey says it has such functionality. Aladdin eToken pro has it too. Does Yubikey have one? If it’s not currently provided ‘out of box’, can a user (NOT a Yubico stuff) write custom applet and load it onto Yubikey? What’s the best place to start looking for instructions/guides on how to do this?
Thanks and cheers!