When trying to use the smart card extension configuration function in Yubico Authentic

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

App crash when plugging in Yubikey during smart card extension configuration about yubioath-ios HOT 4 CLOSED

yubico commented on July 21, 2024

App crash when plugging in Yubikey during smart card extension configuration

from yubioath-ios.

Comments (4)

delfuego commented on July 21, 2024

I was asked to provide more info about our Yubikey keys, so here that info is.

First, we have no issues using the derived PIV-D certs on the keys for system login, either on Mac or Windows; they work perfectly. The Yubikey Manager app (on macOS) can't read the PIV certs, though — when going to Applications > PIV, it reports "Failed connecting to the YubiKey.Make sure the application has the required permissions.". We've worked through all the advice on this page, but it doesn't look like it's a permissions issue per se — all the necessary permissions are granted to the app, so that must be a more generic error message that doesn't reflect the actual issue the app has in reading the certs/keys.

Second, the certs are written to the keys using a Deloitte-written application that uses Entrust's PIV-D system as its underpinnings.

Finally, I was asked about the key size of the keys; according to the macOS security/smartcard support infra (at the command line, security export-smartcard), this is the info about the first private key on the card (there are two, and they're similar):

==== private key #1
                crtr : 0
                esiz : 0
                decr : 0
                atag : ""
                kcls : 1
                agrp : "com.apple.token"
                pdmn : "dk"
                bsiz : 2,048
                type : 42
                klbl : <ce 20 3e 93 24 c5 bb e1 1b ae d7 66 28 0d 66 5e 25 bc 8d a5>
                edat : 2001-01-01 00:00:00 +0000
                sign : 1
                mdat : 2023-04-13 12:45:43 +0000
                drve : 0
                labl : "Key For PIV Authentication (Jason E. Levine -A11)"
                sync : 0
                musr : <>
                sha1 : <ff c7 8b b1 e3 77 c0 5b d8 7d 5b 01 cf 0a 29 70 48 db 54 86>
                cdat : 2023-04-13 12:45:43 +0000
                tkid : "com.apple.pivtoken:00000000000000000000000000000000"
                sdat : 2001-01-01 00:00:00 +0000
                tomb : 0
                priv : 1
                accc : constraints: {
                                                osgn : "PIN"
                                }
                                protection: {
                                                tkid : "com.apple.pivtoken:00000000000000000000000000000000"
                                }
                unwp : 0
====

from yubioath-ios.

delfuego commented on July 21, 2024

@jensutbult Will there be a new version of Yubico Authenticator released to the iOS App Store so that we can test whether this resolves the issue on our end?

from yubioath-ios.

jensutbult commented on July 21, 2024

@delfuego there's a new release coming out next week that includes this fix.

from yubioath-ios.

delfuego commented on July 21, 2024

@jensutbult Excellent! If you do any app testing with TestFlight, we'd be happy to enroll and test out the new build before you release it to confirm that it resolves our issue.

from yubioath-ios.

App crash when plugging in Yubikey during smart card extension configuration about yubioath-ios HOT 4 CLOSED

Comments (4)

Related Issues (10)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent