AuthenticateUsingPinToken Method
AuthenticateUsingPinToken(Byte[], Byte[])
Returns the result of computing HMAC-SHA-256 on the given message
using the pinToken
as the key. With protocol 1, the result is
the first 16 bytes of the HMAC, and with protocol 2 it is the entire
32-byte result.
public byte[] AuthenticateUsingPinToken(byte[] pinToken, byte[] message)
Parameters
Type | Name | Description |
---|---|---|
System.Byte[] | pinToken | The PIN token returned by the YubiKey. This is the encrypted value, do not decrypt it. |
System.Byte[] | message | The data to be authenticated. |
Returns
A new byte array containing the authentication result.
Exceptions
Type | Condition |
---|---|
System.ArgumentNullException | The |
System.InvalidOperationException | The object has been created or initialized, but the Encapsulate(CoseKey) method has not been called. |
Remarks
It is possible to obtain the PIN token by calling the command GetPinTokenCommand. The YubiKey will return the PIN token encrypted using the shared secret.
Pass that encrypted PIN token to this method as the first argument.
This method will decrypt the PIN token using the EncryptionKey
and then perform the authentication on the message
.
AuthenticateUsingPinToken(Byte[], Int32, Int32, Byte[])
Returns the result of computing HMAC-SHA-256 on the given message
using the pinToken
as the key. With protocol 1, the result is
the first 16 bytes of the HMAC, and with protocol 2 it is the entire
32-byte result.
public virtual byte[] AuthenticateUsingPinToken(byte[] pinToken, int offset, int length, byte[] message)
Parameters
Type | Name | Description |
---|---|---|
System.Byte[] | pinToken | The PIN token returned by the YubiKey. This is the encrypted value, do not decrypt it. |
System.Int32 | offset | The offset into |
System.Int32 | length | The length, in bytes, of the pin token. |
System.Byte[] | message | The data to be authenticated. |
Returns
A new byte array containing the authentication result.
Exceptions
Type | Condition |
---|---|
System.ArgumentNullException | The |
System.InvalidOperationException | The object has been created or initialized, but the Encapsulate(CoseKey) method has not been called. |
Remarks
This is the same as AuthenticateUsingPinToken(Byte[], Byte[]),
except this specifies an offset and length of the pinToken
argument.