SetSerializedLargeBlobArray Method
SetSerializedLargeBlobArray(SerializedLargeBlobArray)
Set the Serialized Large Blob Array
in the YubiKey to contain the
data in the input serializedLargeBlobArray
. See also the
User's Manual entry on large
blobs.
public void SetSerializedLargeBlobArray(SerializedLargeBlobArray serializedLargeBlobArray)
Parameters
Type | Name | Description |
---|---|---|
SerializedLargeBlobArray | serializedLargeBlobArray | The object containing the data to store. |
Exceptions
Type | Condition |
---|---|
Fido2Exception | The YubiKey could not complete the operation, likely because of a wrong PIN or fingerprint. |
Remarks
Note that this feature is not available on all YubiKeys. To determine if large blobs are supported on a YubiKey, check the Options in the AuthenticatorInfo property of this class. For example,
OptionValue optionValue =
fido2Session.AuthenticatorInfo.GetOptionValue(AuthenticatorOptions.largeBlobs);
if (optionValue != OptionValue.True)
{
return;
}
int maxLargeBlobsLength = authInfo.MaximumSerializedLargeBlobArray ?? 0;
This method will overwrite the current contents of the large blob data on the YubiKey. Hence, an application should get the current contents (GetSerializedLargeBlobArray()) and add to, remove from, or "edit" the contents. Then use this method to store the updated large blob.
This method will need the PIN to have been verified with the
LargeBlobWrite. If that
permission is not set, this method will verify the PIN (even if it
had already been verified during this session) with the permission,
and use the KeyCollector in order to obtain the PIN. If
you do not want this method to call the KeyCollector
you must
verify the PIN explicitly (see TryVerifyPin
)
with the permissions
argument set with LargeBlobWrite
. You will
likely want to get the current permissions
(AuthTokenPermissions) and add LargeBlobWrite
.
For example,
PinUvAuthTokenPermissions permissions = AuthTokenPermissions ?? PinUvAuthTokenPermissions.None;
if (!permissions.HasFlag(PinUvAuthTokenPermissions.LargeBlobWrite))
{
permissions |= PinUvAuthTokenPermissions.LargeBlobWrite;
bool isVerified = TryVerifyPin(
currentPin, permissions, null, out int retriesRemaining, out bool rebootRequired);
}