Closed ryanswj closed 1 year ago
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-73-4.pdf is the latest PIV specification. In Part 2 "3.2.4 GENERAL AUTHENTICATE Card Command" it refers to: "Algorithm reference. See Table 14 and [SP800-78, Table 6-2]" i.e. https://csrc.nist.gov/publications/detail/sp/800-78/4/final "Table 6-2. Identifiers for Supported Cryptographic Algorithms" only lists for RSA: 1024 and 2048. https://csrc.nist.gov/publications/detail/sp/800-73/1/archive/2006-03-15 (which has been withdrawn did specify RSA 3072.
Google for: Yubikey PIV RSA 4096
https://www.vulnscan.org/yubikey-and-4096-bit-rsa-support/ Says the hardware can support 4096 when used with OpenPGP applet.
Got it, thanks for sharing. Looks like I got tricked by Yubico too...
Hey there.
I’d like to check if RSA 3072 and 4096 keys are supported, since the README doesn’t say anything about that, while also saying that it emulates a Yubikey 5, which does.
If it doesn’t, what is the limitation here?
As a side note, thank you so much for your effort and hard work creating this PivApplet!
Cheers, Ryan