CompleteAuthenticateManagementKeyCommand ClassNamespace: Yubico.YubiKey.Piv.Commands Assembly: Yubico.YubiKey.dll
Complete the process to authenticate the PIV management key.
public sealed class CompleteAuthenticateManagementKeyCommand : Object, IYubiKeyCommand<CompleteAuthenticateManagementKeyResponse>
In the PIV standard, there is a command called GENERAL AUTHENTICATE. Although it is one command, it can do four things: authenticate a management key (challenge-response), sign arbitrary data, RSA decryption, and EC Diffie-Hellman. The SDK breaks these four operations into separate classes. This class is how you complete the process of performing "GENERAL AUTHENTICATE: management key".
The partner Response class is CompleteAuthenticateManagementKeyResponse.
See the comments for the class InitializeAuthenticateManagementKeyCommand, there is a lengthy discussion of the process of authenticating the management key, including descriptions of the challenges and responses.
When you pass a management key to this class (the management key to authenticate), the class will copy it, use it immediately, and overwrite the local buffer. The class will not keep a reference to your key data. Because of this, you can overwrite the management key data immediately upon return from the constructor if you want. See the User's Manual entry on sensitive data for more information on this topic.
This class will need a random number generator and either a triple-DES or AES object. It will get them from the CryptographyProviders class. That class will build default implementations. It is possible to change that class to build alternate versions. See the user's manual entry on alternate crypto for information on how to do so.
Build a new instance of the
Which algorithm is the management key.
Gets the YubiKeyApplication to which this command belongs. For this command it's PIV.
Creates a well-formed CommandApdu to send to the YubiKey.
Creates the corresponding IYubiKeyResponse implementation for the current command.