-
Notifications
You must be signed in to change notification settings - Fork 45
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
8 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -7,7 +7,7 @@ Key Management | |
| Key Slots | ||
| --------- | ||
|
|
||
| The PIV application can hold certificates for different purposes. | ||
| The PIV smart card can hold certificates for different purposes. | ||
| For each purpose the private key and its corresponding certificate are stored in a key slot. | ||
|
|
||
| +-------+------------------------+-------------------------------------------------------+ | ||
|
|
@@ -35,8 +35,7 @@ For each purpose the private key and its corresponding certificate are stored in | |
| Algorithms | ||
| ---------- | ||
|
|
||
| The PIV application uses asymmetric and symmetric algorithms. | ||
| The asymmetric algorithms are used for the user private keys and the symmetric algorithms for the management key. | ||
| PIV uses asymmetric and symmetric algorithms. The asymmetric algorithms are used for the user private keys and the symmetric algorithms for the management key. | ||
|
|
||
| Supported asymmetric key algorithms: | ||
|
|
||
|
|
@@ -51,21 +50,21 @@ Supported symmetric key algorithms: | |
| .. warning:: | ||
| It is not recommended to use the 3DES (TDES) algorithm. | ||
|
|
||
| Default management key | ||
| ---------------------- | ||
| Management Key | ||
| -------------- | ||
|
|
||
| The default management key is the following 3DES (TDES) key (24 bytes in hexadecimal): | ||
|
|
||
| :: | ||
|
|
||
| 0102030405060708 0102030405060708 0102030405060708 | ||
|
|
||
| Generate Key | ||
| ------------ | ||
| Key Generation | ||
| -------------- | ||
|
|
||
| The PIV application can generate a new private key on the Nitrokey. | ||
| The PIV smart card can generate a new private key on the Nitrokey. | ||
|
|
||
| The command below will create private key in key slot ``9a`` for the user with the subject name ``John Doe`` and subject alternative name ``[email protected]``. | ||
| The command below will create a private key in key slot ``9a`` for the user with the subject name ``John Doe`` and subject alternative name ``[email protected]``. | ||
|
|
||
| :: | ||
|
|
||
|
|
||