⭕Files/Abbreviations

Gives a quick list of common PIV and GPG file types, as well as other abbreviations you'll come across on this guide.

The list below provides you with a general description of what the different types of files mean. It can be confusing when there are many different file types, but this is the most simple way of explaining them:

❊ PIV File Types

File Type	Description
.pub	Used for public keys and OpenSSH public keys.
.key	Used to store private key.
.pkcs12, .pfx, .p12	Used to store both public and private key / certificate information. Password protected.
.pem	Used to store any type of key or cert, This includes public key, private key, certificate, or even the certificate signing request (csr).
.crt, .cer	Used to store x509 certificates.
.csr, .req, .p10	Used to store Certificate Signing Requests

❊ PIV Distinguished Name Properties

The following list translates the shorthand distinguished names properties shown in OpenSSL config templates such as in the example below:

[ yubikey_dn ]
0.C                 = NA
1.ST                = NA
2.L                 = NA
3.O                 = Organization
4.OU                = Organization Unit
5.CN                = Your Common Name
6.emailAddress      = email@address.com
7.GN                = Your Given Name
8.title             = Cert Title
9.description       = Description about Cert
10.initials         = ABC
11.serialNumber     = 1234

ID	Abbreviation	Name	Description
0	C	Country Name	The subject's country or region. This is an X.500 two-character country/region code (for example US for United States or CA for Canada).
1	ST	State Or Province Name	Full name of the subject's state or province (for example, California).
2	L	Locality	Name of the subject's city.
3	O	Organization Name	Legal name of the subject's organization.
4	OU	Organizational Unit	Name of the subject's sub-organization or department.
5	CN	Common Name	For user certificates, the person's full name.
6	emailAddress	Email Address	Email address (for example, "someone@example.com").
7	GN	Given Name	First name of the subject.
8	title	Title	Title of individual who requested the certificate (optional).
9	description	Description	Description of certificate
10	initials	Initials	Initials of the subject (optional).
11	serialNumber	serial number	Specify a serial number for your certificate or remove.

❊ GPG File Types

The following list is associated to GPG keys.

File Type	Description
.gpg	gpg key -- binary
.asc	gpg key -- armored
.pub	openssh public key
.sig	gpg signed document, binary format

GPG Certificate Types

This list contains abbreviations you'll come across when you execute gpg --list-secret-keys

such as in the example:

ssc   rsa4096 2023-09-01 [SC]
      1523267825AB67256A25BBAD2567ABCDE2A46BAB
uid           [ultimate] YourName <youremail@outlook.com>
ssb   rsa4096 2023-01-01 [E]
sub   rsa4096 2023-01-01 [A]

Abbreviation	Description
sec	Secret Key
ssb	Secret Subkey
pub	Public Key
sub	Public Subkey
uid	User identification

❊ GPG Key Capabilities

This list contains abbreviations you'll come across when you execute gpg --list-secret-keys

such as in the example:

pub   rsa4096 2023-01-01 [SC]
      12637B4335CB54B37C45AABC4F35ABCDE2A46BAB
uid           [ultimate] YourName <youremail@outlook.com>
sub   rsa4096 2023-01-01 [E]
sub   rsa4096 2023-01-01 [A]

Abbreviation	Description
A	Authenticate
S	Sign
C	Certify
E	Encryption