Table of Contents

Class CredentialManagementData

Namespace
Yubico.YubiKey.Fido2.Commands
Assembly
Yubico.YubiKey.dll

Parses the data returned by the YubiKey after calling one of the authenticatorCredentialManagement subcommands. This class is relevant only to the class in order to extract data from a response.

public class CredentialManagementData
Inheritance
object
CredentialManagementData

Remarks

When a credential management subcommand is sent to the YubiKey, it returns data encoded following the definition of the authenticatorCredentialManagement response. The FIDO2 standard defines this encoded response as a map of a set of elements. The standard also specifies which subset of the total data is returned by each subcommand.

After calling one of the subcommands, get the data out of the response. It will be an instance of this class. Only those elements the particular subcommand returns will be represented in the object, the rest will be null.

For example, if you call the get credential metadata subcommand, the YubiKey will return the number of discoverable credentials and the maximum number of credentials the YubiKey can yet hold (i.e. the number of remaining slots). Hence, the only two properties with values will be NumberOfDiscoverableCredentials and RemainingCredentialCount. All other properties will be null.

Constructors

CredentialManagementData(ReadOnlyMemory<byte>)

Build a new instance of CredentialManagementData based on the given CBOR encoding.

public CredentialManagementData(ReadOnlyMemory<byte> cborEncoding)

Parameters

cborEncoding ReadOnlyMemory<byte>

The credential data, encoded following the CTAP 2.1 and CBOR (RFC 8949) standards.

Remarks

The encoding must follow the definition of the authenticatorCredentialManagement response structure in section 6.8 of the CTAP 2.1 standard.

Exceptions

Ctap2DataException

The cborEncoding is not a valid CBOR encoding, or it is not a correct encoding for FIDO2 credential management data.

Properties

CredProtectPolicy

The credential protection policy. See section 12.1.1 of the FIDO2 standard for a description of the meanings of the number returned.

public int? CredProtectPolicy { get; }

Property Value

int?

Remarks

Not all calls to get credential management data will return this element, hence, it can be null.

CredentialId

The credential ID for a credential returned.

public CredentialId? CredentialId { get; }

Property Value

CredentialId

Remarks

Not all calls to get credential management data will return this element, hence, it can be null.

CredentialPublicKey

The public key for a credential returned.

public CoseKey? CredentialPublicKey { get; }

Property Value

CoseKey

Remarks

Not all calls to get credential management data will return this element, hence, it can be null.

LargeBlobKey

The large blob key for a credential.

public ReadOnlyMemory<byte>? LargeBlobKey { get; }

Property Value

ReadOnlyMemory<byte>?

Remarks

Not all calls to get credential management data will return this element, hence, it can be null.

NumberOfDiscoverableCredentials

The number of discoverable credentials on the YubiKey. This is not the total number of credentials, because there could be non-discoverable credentials as well.

public int? NumberOfDiscoverableCredentials { get; }

Property Value

int?

Remarks

Not all calls to get credential management data will return this element, hence, it can be null.

RelyingParty

The relying party information when the request for data is one related to specific relying parties.

public RelyingParty? RelyingParty { get; }

Property Value

RelyingParty

Remarks

Not all calls to get credential management data will return this element, hence, it can be null.

RelyingPartyIdHash

The SHA-256 digest of the relying party ID when the request for data is one related to specific relying parties.

public ReadOnlyMemory<byte>? RelyingPartyIdHash { get; }

Property Value

ReadOnlyMemory<byte>?

Remarks

Not all calls to get credential management data will return this element, hence, it can be null.

RemainingCredentialCount

The number of credentials the YubiKey can still hold.

public int? RemainingCredentialCount { get; }

Property Value

int?

Remarks

Not all calls to get credential management data will return this element, hence, it can be null.

TotalCredentialsForRelyingParty

The total number of credentials present on the YubiKey for a specified relying party.

public int? TotalCredentialsForRelyingParty { get; }

Property Value

int?

Remarks

Not all calls to get credential management data will return this element, hence, it can be null.

TotalRelyingPartyCount

The total number of relying parties present on the YubiKey, when the request for data is one related to specific relying parties.

public int? TotalRelyingPartyCount { get; }

Property Value

int?

Remarks

Not all calls to get credential management data will return this element, hence, it can be null.

User

The user entity for a credential returned.

public UserEntity? User { get; }

Property Value

UserEntity

Remarks

Not all calls to get credential management data will return this element, hence, it can be null.