Class PreviewSignGeneratedKey
Represents the generated key material returned by the YubiKey during previewSign extension registration.
public sealed class PreviewSignGeneratedKey- Inheritance
-
objectPreviewSignGeneratedKey
Remarks
This corresponds to the AuthenticationExtensionsSignGeneratedKey
output defined by the
previewSign extension specification. The generated signing key is
represented by an embedded attestation object whose attested credential
data contains the signing key handle and public key.
Properties
Algorithm
Gets the signing algorithm chosen from the algorithms
extension input.
public CoseAlgorithmIdentifier Algorithm { get; init; }Property Value
Remarks
This expresses how to communicate inputs to the authenticator during
signing. Callers use the selected algorithm to decide how to prepare
later signing input. This may be different from the 3 (alg)
attribute of the PublicKey, which expresses how third
party consumers can use the public key.
AttestationObject
Gets the attestation object for the generated signing key pair.
public AttestationObject AttestationObject { get; init; }Property Value
Remarks
The previewSign specification carries this object in the unsigned extension output during registration. It has the same structure as the top-level attestation object, but attests the generated signing public key.
KeyHandle
Gets the key handle used to request signatures from this generated signing key.
public ReadOnlyMemory<byte> KeyHandle { get; init; }Property Value
- ReadOnlyMemory<byte>
Remarks
This is auxiliary information the authenticator may need to look up or derive the signing private key. It is copied from the credential ID in the embedded attestation object's attested credential data and can be empty.
PublicKey
Gets the CBOR-encoded COSE public key for the generated signing key.
public ReadOnlyMemory<byte> PublicKey { get; }Property Value
- ReadOnlyMemory<byte>
Remarks
This is the
publicKey
field of the AuthenticationExtensionsSignGeneratedKey client
extension output.