I am using the raw command interface exposed by the YubiKit SDK and the example on GitHub only shows how to verify a signature. I want to do the opposite of this and sign a digest of a PDF file using the PIV certificate in slot 9c on the YubiKey.
There are several APDUs issued to the YubiKey such as selecting the PIV application, verifying the PIN and so on. What is the format of the APDU that I must create in order to send the digest to the YubiKey and get the signature string back? And which format would the response be in?
Current APDU that I'm trying starts like [0x00, 0x2A, 0x9E, 0x9A, 0x01, ...] but it doesn't work.
question from:
https://stackoverflow.com/questions/66063269/apdu-to-sign-a-digest-using-piv-with-yubikey-ios-sdk 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…