AuthenticateUsingPinToken Method

AuthenticateUsingPinToken(Byte[], Byte[])

Returns the result of computing HMAC-SHA-256 on the given message using the pinToken as the key. With protocol 1, the result is the first 16 bytes of the HMAC, and with protocol 2 it is the entire 32-byte result.

public byte[] AuthenticateUsingPinToken(byte[] pinToken, byte[] message)

Parameters

Type	Name	Description
System.Byte[]	pinToken	The PIN token returned by the YubiKey. This is the encrypted value, do not decrypt it.
System.Byte[]	message	The data to be authenticated.

Returns

System.Byte[]

A new byte array containing the authentication result.

Exceptions

Type	Condition
System.ArgumentNullException	The `pinToken` or `message` argument is null.
System.InvalidOperationException	The object has been created or initialized, but the Encapsulate(CoseKey) method has not been called.

Remarks

It is possible to obtain the PIN token by calling the command GetPinTokenCommand. The YubiKey will return the PIN token encrypted using the shared secret.

Pass that encrypted PIN token to this method as the first argument. This method will decrypt the PIN token using the EncryptionKey and then perform the authentication on the message.

AuthenticateUsingPinToken(Byte[], Int32, Int32, Byte[])

public virtual byte[] AuthenticateUsingPinToken(byte[] pinToken, int offset, int length, byte[] message)