GenerateKeyPairResponse Class

Namespace: Yubico.YubiKey.Piv.Commands Assembly: Yubico.YubiKey.dll

The response to the generate key pair command, containing the public key of the pair that was generated.

C#

public class GenerateKeyPairResponse : PivResponse, IYubiKeyResponseWithData<PivPublicKey>, IYubiKeyResponse

Inheritance object YubiKeyResponse PivResponse GenerateKeyPairResponse

Implements

IYubiKeyResponseWithData<PivPublicKey>

IYubiKeyResponse

Remarks

This is the partner Response class to GenerateKeyPairCommand.

The data returned by GetData is a PivPublicKey object, containing the algorithm and encoded public key (described below). If the generate is successful, the return will actually be an instance of PivRsaPublicKey or PivEccPublicKey. Each of those objects contain the specific key data parsed. After getting the key, check the Algorithm property or use the "is" operation to determine the actual type.

If the property Status is not ResponseStatus.Success, GetData GetData will throw an exception.

If the key is RSA, the encoded key data will be two successive TLVs, the modulus followed by the public exponent.

81 || length || modulus || 82 || length || publicExponent
where the length is DER length octets.
For example:
81 82 01 00 F1 50 ... E9 82 03 01 00 01
Or to see it parsed,
81 82 01 00
   F1 50 ... 50
82 03
   01 00 01

If the public key is an ECC key, the data will be a single TLV, the public point.

86 || length || publicPoint
where the length is DER length octets and the public point is 04 || x || y
For example:
86 41 04 C4 17 ... 26
Or to see it parsed,
86 41
   04 C4 17 ... 26

To learn about how to use the public key data, see the User's Manual entry on public keys.

Example:

IYubiKeyConnection connection = key.Connect(YubiKeyApplication.Piv);
var generateKeyPairCommand = new GenerateKeyPairCommand(
    PivSlot.Signing, PivAlgorithm.EccP384, PivPinPolicy.Default, PivTouchPolicy.Default);
GenerateKeyPairResponse generateKeyPairResponse =
    connection.SendCommand(generateKeyPairCommand);
if (generateKeyPairCommand.Status != ResponseStatus.Success)
{
  // Handle error
}
PivPublicKey pubKey = generateKeyPairResponse.GetData();

Constructors

Name	Description
GenerateKeyPairResponse(ResponseApdu, byte, PivAlgorithm)	Constructs a GenerateKeyPairResponse based on a ResponseApdu received from the YubiKey.

Properties

Name	Description
Algorithm	The algorithm (and key size) of the key pair.
Data
SlotNumber	The slot where the key pair was generated.

Methods

Name	Description
GetData()	Gets the public key from the YubiKey response.