Created
March 23, 2021 20:19
-
-
Save dmennis/55a1472603a3ca71bb10c357dd8dc62e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
func doSomething() { | |
connection { connection in | |
self.log(message: "Connection: \(connection.description)") | |
guard let smartCard = connection.smartCardInterface else { | |
self.log(error: "Failed to get smart card interface.") | |
return | |
} | |
// 1. Select PIV application (Slot 9c) | |
let selectPIVAPDU = YKFSelectApplicationAPDU(data: Data([0xA0, 0x00, 0x00, 0x03, 0x08]))! | |
smartCard.selectApplication(selectPIVAPDU) { response, error in | |
guard error == nil else { | |
self.log(error: error!) | |
return | |
} | |
// 2. Verify against the PIV application from the key (PIN is default 123456). | |
let verifyApdu = YKFAPDU(data: Data([0x00, 0x20, 0x00, 0x80, 0x08, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0xff, 0xff]))! | |
smartCard.executeCommand(verifyApdu) { response, error in | |
guard error == nil else { | |
self.log(error: error!) | |
return | |
} | |
self.log(message: "PIN verification successful.") | |
// 3. Read the certificate stored on the PIV application in slot 9C. | |
let readApdu = YKFAPDU(data: Data([0x00, 0xCB, 0x3F, 0xFF, 0x05, 0x5C, 0x03, 0x5F, 0xC1, 0x0A]))! | |
smartCard.executeCommand(readApdu) { data, error in | |
certData = data | |
if #available(iOS 13.0, *) { | |
YubiKitManager.shared.stopNFCConnection() | |
} | |
// Get the SecCertificate | |
let certUtil = CertificateUtil() | |
DispatchQueue.main.async { | |
let cert = certUtil.createSecCertificateFromData(data: certData!) | |
if let cert = cert { | |
self.certificates.append(cert) | |
print("Successfully found certificate: \(cert.subjectAlt)") | |
} | |
} | |
} // End smartcard.executeCommand #2 | |
} // End smartcard.executeCommand #1 | |
} // End smartCard.selectApplication | |
} // End YubiKey CONNECTION | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment