Class RelyingParty

Namespace: Yubico.YubiKey.Fido2

Assembly: Yubico.YubiKey.dll

A FIDO2 RelyingParty, consisting of ID and name. This is used when the FIDO2 standard specifies a PublicKeyCredentialRpEntity.

public class RelyingParty

Inheritance: object

RelyingParty

Remarks

A relying party (RP) can specify its ID, but a client can also build an RP ID based on the domain of the page its currently communicating with. In addition, an authenticator or a platform can specify a "human-readable" name of the RP to display to the user.

This class holds the RP ID and name, and can encode and decode them as part of CBOR structures.

The FIDO2 standard specifies that when communicating with the authenticator, the ID is a required element. The W3C standard says the ID is optional. This seeming contradiction is because the RP is not required to specify an ID. In that case, the client will build an ID from the domain it is communicating with. Either way, an ID must be passed to the authenticator. Hence, when building am instance of RelyingParty, an ID is required.

The W3C standard declares the name a required element, and the FIDO2 standard declares it optional. Because the FIDO2 standard specifically prescribes authenticator functionality, this class will allow a null name.

Constructors

RelyingParty(ReadOnlyMemory<byte>)

Constructs a new instance of RelyingParty based on the encoded value.

public RelyingParty(ReadOnlyMemory<byte> encodedRelyingParty)

Parameters

encodedRelyingParty ReadOnlyMemory<byte>: The CBOR-encoded relying party info.

Remarks

This constructor expects the encoding to follow this template.

map {
  "id"          --text string--
  "name"        --text string-- (optional)
}

Exceptions

Ctap2DataException: The encodedRelyingParty is not a correct encoding.

RelyingParty(string)

Constructs a new instance of RelyingParty.

public RelyingParty(string id)

Parameters

id string: The relying party ID.

Properties

Id

The id component of the RelyingParty.

public string Id { get; set; }

Property Value

string

Name

The name component of the RelyingParty.

public string? Name { get; set; }

Property Value

string

RelyingPartyIdHash

The SHA-256 digest of the RelyingParty.Id.

public ReadOnlyMemory<byte> RelyingPartyIdHash { get; }

Property Value

ReadOnlyMemory<byte>

Remarks

When a RelyingParty object is created, the constructor will build the RelyingPartyIdHash. It is the digest of the UTF8 byte array version of the string that is the Id.

Methods

CborEncode()

Return a new byte array that is the object encoded following the FIDO2/CBOR standard.

public byte[] CborEncode()

Returns

byte[]: The encoded construct.

Exceptions

InvalidOperationException: The object contains no data.

IsMatchingRelyingPartyId(ReadOnlyMemory<byte>)

Determine if the candidateHash the same as the computed RelyingPartyIdHash of this object. This is likely used when searching for a RelyingParty when all you have is the RelyingPartyIdHash, or when given a RelyingParty and a RelyingPartyIdHash (e.g. enumerating relying parties), and want to verify that the given value is correct.

public bool IsMatchingRelyingPartyId(ReadOnlyMemory<byte> candidateHash)

Parameters

candidateHash ReadOnlyMemory<byte>: The purported relying party Id hash

Returns

bool: A boolean, true if the candidate matches the hash inside the object and false otherwise.

Table of Contents

Class RelyingParty

Remarks

Constructors

RelyingParty(ReadOnlyMemory<byte>)

Parameters

Remarks

Exceptions

RelyingParty(string)

Parameters

Properties

Id

Property Value

Name

Property Value

RelyingPartyIdHash

Property Value

Remarks

Methods

CborEncode()

Returns

Exceptions

IsMatchingRelyingPartyId(ReadOnlyMemory<byte>)

Parameters

Returns