Class SlotConfigureBase
Base class for commands that configure, update, or delete an OTP slot.
public abstract class SlotConfigureBase : IYubiKeyCommand<ReadStatusResponse>
- Inheritance
-
objectSlotConfigureBase
- Implements
- Derived
Fields
AccessCodeOffset
protected const int AccessCodeOffset = 38
Field Value
- int
AesKeyOffset
protected const int AesKeyOffset = 22
Field Value
- int
ConfigurationFlagsOffset
protected const int ConfigurationFlagsOffset = 47
Field Value
- int
ConfigurationStructSize
protected const int ConfigurationStructSize = 58
Field Value
- int
CrcOffset
protected const int CrcOffset = 50
Field Value
- int
CurrentAccessCodeOffset
protected const int CurrentAccessCodeOffset = 52
Field Value
- int
ExtendedFlagsOffset
protected const int ExtendedFlagsOffset = 45
Field Value
- int
FixedDataOffset
protected const int FixedDataOffset = 0
Field Value
- int
FixedSizeOffset
protected const int FixedSizeOffset = 44
Field Value
- int
ReservedOffset
protected const int ReservedOffset = 48
Field Value
- int
TicketFlagsOffset
protected const int TicketFlagsOffset = 46
Field Value
- int
UidOffset
protected const int UidOffset = 16
Field Value
- int
Properties
Application
Gets the YubiKeyApplication (e.g. PIV, OATH, etc.) to which this command applies.
public YubiKeyApplication Application { get; }
Property Value
- YubiKeyApplication
YubiKeyApplication.Otp, YubiKeyApplication.Piv, etc.
CalculateCrc
Allows the command to indicate whether to calculate the CRC for the buffer.
protected virtual bool CalculateCrc { get; }
Property Value
- bool
ConfigurationBuffer
Gets reference to the raw buffer that contains the configuration.
protected Span<byte> ConfigurationBuffer { get; }
Property Value
- Span<byte>
ConfigurationFlags
Flags that define the mode and other configurable options for this slot.
public virtual ConfigurationFlags ConfigurationFlags { get; set; }
Property Value
Exceptions
- InvalidOperationException
Thrown if an invalid flag set is specified.
ExtendedFlags
Extended flags that control behaviors on either a slot or global basis.
public virtual ExtendedFlags ExtendedFlags { get; set; }
Property Value
Exceptions
- InvalidOperationException
Thrown if an invalid flag set is specified.
LongPressCode
The code to use for indicating the long-press OTP slot.
protected abstract byte LongPressCode { get; }
Property Value
- byte
OtpSlot
Determines which of the two configurable slots this configuration is for.
public Slot OtpSlot { get; set; }
Property Value
Exceptions
- ArgumentException
Thrown if setting an invalid value is attempted.
ShortPressCode
The code to use for indicating the short-press OTP slot.
protected abstract byte ShortPressCode { get; }
Property Value
- byte
TicketFlags
Flags that control the output format of the text returned by the YubiKey button press.
public virtual TicketFlags TicketFlags { get; set; }
Property Value
Exceptions
- InvalidOperationException
Thrown if an invalid flag set is specified.
YubiKeyFlags
YubiKey flags that control YubiKey behavior.
public virtual YubiKeyFlags YubiKeyFlags { get; set; }
Property Value
Exceptions
- InvalidOperationException
Thrown if an invalid flag set is specified.
Methods
ApplyCurrentAccessCode(ReadOnlySpan<byte>)
Adds the access code currently protecting the configuration to the command. This is needed to apply a new configuration to a write-protected slot.
public void ApplyCurrentAccessCode(ReadOnlySpan<byte> accessCode)
Parameters
accessCode
ReadOnlySpan<byte>The current access code to the configurable slot.
Remarks
If the configurable slot is protected by an access code, that code must be supplied by the caller through this method. If the intention is to retain the access code and leave its value unchanged, the SetAccessCode(ReadOnlySpan<byte>) function must also be called. Failure to do so will result in the access code being removed from the slot, effectively making it unprotected.
Clear()
Clears the configuration buffer to remove lingering sensitive data.
public void Clear()
CreateCommandApdu()
Creates a well-formed CommandApdu to send to the YubiKey.
public CommandApdu CreateCommandApdu()
Returns
- CommandApdu
A valid CommandApdu that is ready to be sent to the YubiKey, or passed along to additional encoders for further processing.
Remarks
This method will first perform validation on all of the parameters and data provided to it. The CommandAPDU it creates should contain all of the data payload for the command, even if it exceeds 65,535 bytes as specified by the ISO 7816-4 specification. The APDU will be properly chained by the device connection prior to being sent to the YubiKey, and the responses will collapsed into a single result.
CreateResponseForApdu(ResponseApdu)
Creates the corresponding IYubiKeyResponse implementation for the current command.
public ReadStatusResponse CreateResponseForApdu(ResponseApdu responseApdu)
Parameters
responseApdu
ResponseApduThe ResponseApdu returned by the YubiKey.
Returns
- ReadStatusResponse
The implementation of IYubiKeyResponse that parses and presents ths response APDU.
SetAccessCode(ReadOnlySpan<byte>)
An access code that can be used to protect the slot configuration.
public void SetAccessCode(ReadOnlySpan<byte> accessCode)
Parameters
accessCode
ReadOnlySpan<byte>The value to use as the access code for the new configuration.
Remarks
It should be noted that setting an access code will lock the ability to modify the configuration of the slot. There is no way to recover usage of the slot if the access code is lost or forgotten. It is important to stress this potential pitfall when designing any application or process that relies on this feature.
If a configurable slot already has an access code and you need to apply it to a new configuration, call the ApplyCurrentAccessCode(ReadOnlySpan<byte>) method. The value specified by SetAccessCode will be the code used to protect the slot after the configuration has been applied.
Note that if the slot is already protected by an access code, and you wish to have the same access code remain, both ApplyCurrentAccessCode and SetAccessCode must be called with the same value. Failure to call SetAccessCode will effectively cause the newly applied configuration to be unprotected.
Setting the access code to all zeros is equivalent to not setting an access code. The slot will not be protected.
Exceptions
- ArgumentException
Thrown if the access code length doesn't equal Yubico.YubiKey.Otp.Commands.SlotConfigureBase.AccessCodeLength.