ResetPivResponse Class

Namespace: Yubico.YubiKey.Piv.Commands Assembly: Yubico.YubiKey.dll

The response to the resetting the PIV application.

C#
public sealed class ResetPivResponse : PivResponse, IYubiKeyResponse
Inheritance System.Object YubiKeyResponse PivResponse ResetPivResponse
Implements

Remarks

This is the partner Response class to ResetPivCommand.

The PIV application can be reset only if both the PIN and PUK are blocked. That is, if an incorrect PIN has been entered retry count times in a row, it will be blocked. To unblock it, use the PUK (PIN Unblocking Key) with the ResetRetryCommand. If the incorrect PUK is used retry count times in a row, it will be blocked. If both are blocked, there are very few things the PIV application can do on the YubiKey any more.

At this point, because the YubiKey's PIV application is no longer useful, the user can reset the entire application. All keys in all slots are deleted. This means those keys are no longer usable. But that was the case with both the PIN and PUK blocked, so resetting the application does not make the situation worse. But it does improve things somewhat, because you can use the PIV application again. You just need to generate new key pairs.

After resetting the PIV application, all the asymmetric key slots (other than F9) will be empty, and the PIN, PUK, and management key will be the default values again ("123456", "12345678", and 0x0102030405060708 three times).

To determine the result of the command, look at the Status. If Status is not one of the following values then an error has occurred.

StatusDescription
SuccessThe PIV application was reset successfully.
ConditionsNotSatisfiedThe PIN and/or PUK was not blocked, preventing the PIV application from being reset.

Example: 

  IYubiKeyConnection connection = key.Connect(YubiKeyApplication.Piv);
  Command resetPivCmd = new ResetPivCommand();
  ResetPivResponse resetPivRsp = connection.SendCommand(resetPivCmd);
  if (resetPivResponse.Status != ResponseStatus.Success)
  {
      // Handle error
  }

Constructors

Name Description
ResetPivResponse(ResponseApdu)

Constructs a ResetPivResponse based on a ResponseApdu received from the YubiKey.