Show / Hide Table of Contents

PivSlot Class

Namespace: Yubico.YubiKey.Piv Assembly: Yubico.YubiKey.dll

The valid PIV slots.

C#
public static class PivSlot
Inheritance object PivSlot

Remarks

Each slot has a name and number. This class provides names to go along with the numbers.

For example, if you want to use the Authentication slot, specify it as PivSlot.Authentication. If you want to use slot 9A, specify 0x9A. The Authentication slot and 9A are actually one and the same, but some applications or standards documents might refer to it as "Slot 9A" and others might refer to it as the "Authentication Slot".

See the User's Manual entry on PIV slots for more details on each of the possible slots.

Fields

Name Description
Attestation

Slot F9, the cert and key can be used to attest keys 9A, 9C, 9D, and 9E, if they were generated on the device.
This is only available on YubiKey version 4.3 and later.

Authentication

Slot 9A, the certificate and its associated private key are used to authenticate
the card and the cardholder, usually for system login.

CardAuthentication

Slot 9E, the certificate and its associated private key are used to support additional
physical access applications, such as providing physical access to buildings via
PIV-enabled door locks.

KeyManagement

Slot 9D, the certificate and its associated private key are are used for encryption
for the purpose of confidentiality. It is generally used for things such as
decrypting e-mails or encrypting/decrypting files.
Note that this is NOT the "Management Key" slot, which is a separate property in this class.

Management

Management Key slot, number 0x9B, before YubiKey 5.4.2, it can only be a Triple-DES key. Beginning with 5.4.2 it can be Triple-DES or AES.
This is a valid slot only with the command GetMetadataCommand.
There is no cert in this slot.
Note that this is NOT the KeyManagement slot, which is a separate property in this class.

Pin

PIN slot, number 0x80.
This is a valid slot only with the command GetMetadataCommand.
There is no cert in this slot.

Puk

PUK slot, number 0x81.
This is a valid slot only with the command GetMetadataCommand.
There is no cert in this slot.

Retired1

Slot 82, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired10

Slot 8B, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired11

Slot 8C, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired12

Slot 8D, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired13

Slot 8E, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired14

Slot 8F, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired15

Slot 90, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired16

Slot 91, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired17

Slot 92, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired18

Slot 93, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired19

Slot 94, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired2

Slot 83, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired20

Slot 95, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired3

Slot 84, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired4

Slot 85, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired5

Slot 86, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired6

Slot 87, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired7

Slot 88, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired8

Slot 89, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Retired9

Slot 8A, the retired key slots are meant for previously used Key Management keys to be
able to decrypt earlier encrypted documents or emails.
In the YubiKey all 20 of the retired slots are fully available for use.
This is only available on YubiKey version 4 and later.

Signing

Slot 9C, the certificate and its associated private key are used for creating
digital signatures, such as signing files and executables.

Methods

Name Description
IsValidSlotNumber(byte)

Is the given number a valid slot number?

IsValidSlotNumberForGenerate(byte)

Is the given number a valid slot number for generating asymmetric keys.

IsValidSlotNumberForSigning(byte)

Is the given number a valid slot number for signing arbitrary data.

In this article
Back to top Generated by DocFX