Class ResetPivResponse

Namespace: Yubico.YubiKey.Piv.Commands

Assembly: Yubico.YubiKey.dll

The response to the resetting the PIV application.

public sealed class ResetPivResponse : PivResponse, IYubiKeyResponse

Inheritance: object

YubiKeyResponse

PivResponse

ResetPivResponse

Implements: IYubiKeyResponse

Inherited Members: YubiKeyResponse.Status

YubiKeyResponse.StatusWord

YubiKeyResponse.StatusMessage

YubiKeyResponse.ToString()

Remarks

This is the partner Response class to ResetPivCommand.

The PIV application can be reset only if both the PIN and PUK are blocked. That is, if an incorrect PIN has been entered retry count times in a row, it will be blocked. To unblock it, use the PUK (PIN Unblocking Key) with the ResetRetryCommand. If the incorrect PUK is used retry count times in a row, it will be blocked. If both are blocked, there are very few things the PIV application can do on the YubiKey any more.

At this point, because the YubiKey's PIV application is no longer useful, the user can reset the entire application. All keys in all slots are deleted. This means those keys are no longer usable. But that was the case with both the PIN and PUK blocked, so resetting the application does not make the situation worse. But it does improve things somewhat, because you can use the PIV application again. You just need to generate new key pairs.

After resetting the PIV application, all the asymmetric key slots (other than F9) will be empty, and the PIN, PUK, and management key will be the default values again ("123456", "12345678", and 0x0102030405060708 three times).

To determine the result of the command, look at the Status. If Status is not one of the following values then an error has occurred.

Status	Description
Success	The PIV application was reset successfully.
ConditionsNotSatisfied	The PIN and/or PUK was not blocked, preventing the PIV application from being reset.

Example:

IYubiKeyConnection connection = key.Connect(YubiKeyApplication.Piv);
Command resetPivCmd = new ResetPivCommand();
ResetPivResponse resetPivRsp = connection.SendCommand(resetPivCmd);
if (resetPivResponse.Status != ResponseStatus.Success)
{
    // Handle error
}

Constructors

ResetPivResponse(ResponseApdu)

Constructs a ResetPivResponse based on a ResponseApdu received from the YubiKey.

public ResetPivResponse(ResponseApdu responseApdu)

Parameters

responseApdu ResponseApdu: The object containing the response APDU
returned by the YubiKey.

Table of Contents

Class ResetPivResponse

Remarks

Constructors

ResetPivResponse(ResponseApdu)

Parameters