SetManagementKeyCommand Constructor
SetManagementKeyCommand(ReadOnlyMemory<Byte>)
public SetManagementKeyCommand(ReadOnlyMemory<byte> newKey)Parameters
| Type | Name | Description |
|---|---|---|
| System.ReadOnlyMemory<System.Byte> | newKey |
SetManagementKeyCommand(ReadOnlyMemory<Byte>, PivAlgorithm)
Initializes a new instance of the SetManagementKeyCommand class.
This command takes the new management key as input and will set the
TouchPolicy to the default state and the Algorithm to the algorithm provided.
public SetManagementKeyCommand(ReadOnlyMemory<byte> newKey, PivAlgorithm algorithm)Parameters
| Type | Name | Description |
|---|---|---|
| System.ReadOnlyMemory<System.Byte> | newKey | The bytes that make up the new management key. |
| PivAlgorithm | algorithm | The algorithm of the new management key. |
Remarks
This constructor is provided for those developers who want to use the object initializer pattern. For example:
var command = new SetManagementKeyCommand(keyData)
{
TouchPolicy = PivTouchPolicy.Cached,
Algorithm = PivAlgorithm.AES192,
};
Valid algorithms are PivAlgorithm.TripleDes,
PivAlgorithm.Aes128, PivAlgorithm.Aes192, and
PivAlgorithm.Aes256. FIPS YubiKeys versions 5.7 and greater require PivAlgorithm.Aes192. YubiKeys with firmware versions prior to 5.4.2 can only use PivAlgorithm.TripleDes.
Note that you need to authenticate the current PIV management key before setting it to a new value with this command.
SetManagementKeyCommand(ReadOnlyMemory<Byte>, PivTouchPolicy)
public SetManagementKeyCommand(ReadOnlyMemory<byte> newKey, PivTouchPolicy touchPolicy)Parameters
| Type | Name | Description |
|---|---|---|
| System.ReadOnlyMemory<System.Byte> | newKey | |
| PivTouchPolicy | touchPolicy |
SetManagementKeyCommand(ReadOnlyMemory<Byte>, PivTouchPolicy, PivAlgorithm)
Initializes a new instance of the SetManagementKeyCommand class. This command takes the new management key, the touch policy, and the algorithm as input.
public SetManagementKeyCommand(ReadOnlyMemory<byte> newKey, PivTouchPolicy touchPolicy, PivAlgorithm algorithm)Parameters
| Type | Name | Description |
|---|---|---|
| System.ReadOnlyMemory<System.Byte> | newKey | The bytes that make up the new management key. |
| PivTouchPolicy | touchPolicy | The touch policy for the management key. |
| PivAlgorithm | algorithm | The algorithm of the new management key. |
Remarks
Note that a touchPolicy of PivTouchPolicy.Default or
None is equivalent to Never.
Valid algorithms are PivAlgorithm.TripleDes,
PivAlgorithm.Aes128, PivAlgorithm.Aes192, and
PivAlgorithm.Aes256. FIPS YubiKeys versions 5.7 and greater require PivAlgorithm.Aes192. YubiKeys with firmware versions prior to 5.4.2 can only use PivAlgorithm.TripleDes.
Note also that you need to authenticate the current PIV management key before setting it to a new value with this command.