PinUvAuthParam Property
PinUvAuthParam
The result of calling the PinProtocol's method AuthenticateUsingPinToken(Byte[], Byte[]) using the PIN token as the key and the client data hash as the message. This is an optional parameter, so it can be null.
Note
If you get assertions by calling the > Fido2Session method GetAssertions(GetAssertionParameters), > you do not need to set this property, the SDK will do so. If you get an assertion using the commands, you must set this property.
public Nullable<ReadOnlyMemory<byte>> PinUvAuthParam { get; set; }
Property Value
Type | Description |
---|---|
System.Nullable<System.ReadOnlyMemory<System.Byte>> |
Remarks
If you are getting assertions using GetAssertions(GetAssertionParameters), you do NOT need to set this property, the SDK will take care of it. But if you are getting assertions using the GetAssertionCommand, then you must set this property.
In order to obtain the pinUvAuthParam
, choose a protocol and
build the appropriate PinUvAuthProtocolBase object.
Obtain the YubiKey's Key Agreement public key and call the protocol
object's Encapsulate
method. Next obtain the PIN token.
Finally, call the protocol object's
AuthenticateUsingPinToken(byte[], byte[])
method using the
ClientDataHash
as the message to authenticate. Note that the
first argument in this call is the PIN token, which is an encrypted
value. Do not decrypt the PIN token. The result of that
authentication operation is the PinUvAuthParam