This module provides an implementation of the Personal Identity Verification (PIV) interface specified in the NIST SP 800-73 document Cryptographic Algorithms and Key Sizes for PIV. This standard specifies how to perform RSA or ECC sign/decrypt operations using a private key stored on the YubiKey.
To add the PIV module, along with the Android module as a dependencies to your project, add the following to your gradle configuration:
dependencies {
implementation 'com.yubico.yubikit:android:(insert version here)'
implementation 'com.yubico.yubikit:piv:(insert version here)'
}This module depends on the core module, which will automatically be added as a transitive dependency to your project.
To communicate with the PIV application on a YubiKey, use the PivSession class. You will need a SmartCardConnection to a YubiKey:
PivSession piv = new PivSession(smartCardConnection);
// Verify the PIN:
piv.verifyPin(pin);
// Sign a message using a private key on the YubiKey:
byte[] signature = piv.sign(
Slot.SIGNATURE,
KeyType.ECCP256,
message,
Signature.getInstance("SHA256withECDSA")
);Since YubiKit 2.1.0 the PIV module functionality can be accessed through the Java cryptography architecture interfaces. To learn more refer to the YubiKit PIV JCA guide
-
Read more about PIV on the Yubico developer site