SetLargeBlobCommand Constructor

SetLargeBlobCommand(ReadOnlyMemory<byte>, int, int, ReadOnlyMemory<byte>, int)

Constructs an instance of the SetLargeBlobCommand class.

C#
public SetLargeBlobCommand(ReadOnlyMemory<byte> blobData, int offset, int length, ReadOnlyMemory<byte> pinUvAuthParam, int protocol)

Parameters

Type Name Description
ReadOnlyMemory<byte> blobData

The data to store.
int offset

The offset into the currently stored blob where the command should begin storing.
int length

If the offset is zero, this is the total number of bytes to store. Otherwise this argument is ignored.
ReadOnlyMemory<byte> pinUvAuthParam

The authentication (using the pinUvAuthToken) of the data to store (with some other bytes).
int protocol

The PIN UV Auth protocol used to compute the pinUvAuthParam.

Remarks

This will store all the data given by the input arg blobData. The offset and length arguments do not refer to the offset and length of the input data, but rather the offset inside the full blob on the YubiKey and the length is the total length of data that will be stored.

The length argument is used only when the offset is 0. If the input offset arg is not 0, this method will ignore length.

Each call to the set command must contain "maxFragmentLength" or fewer bytes. The value of "maxFragmentLength" (from the standard) is the message size minus 64. See the MaximumMessageSize property in the return from the GetInfoCommand. If the total length to set is more than "maxFragmentLength", make multiple calls to the SetLargeBlobCommand. The first call will use an offset of zero and the length will be the total length. Each successive call will set the offset to pick up where the last set left off, and the length arg will be ignored.

This command will not determine "maxFragmentLength". If the input data is too long, this command will send it to the YubiKey, which will likely not store the data and return an error. If this is the first call to Set (offset is zero), and the input blobData is longer than the length, this command will send the data into the YubiKey which will likely not store the data and return an error.

Each call to Set must provide the "pinUvAuthParam", which the standard defines as 

authenticate (pinUvAuthToken,
    32 x 0xff || 0x0c 00 || uint32LittleEndian(offset) ||
    SHA-256(contents of set byte string)
See AuthenticateUsingPinToken(byte[], byte[]). Note that this is not the "normal" process. All other commands require only the PinUvAuthToken and they compute the PinUvAuthParam. However, because computing the AuthParam requires digesting data, this command requires the caller make the computations.

It is the responsibility of the caller to keep track of the offset.