CardholderUniqueId Class
Namespace: Yubico.YubiKey.Piv.Objects Assembly: Yubico.YubiKey.dllUse this class to process the CHUID (CardHolder Unique IDentifier) data.
public sealed class CardholderUniqueId : PivDataObject, IDisposableImplements
Remarks
A CHUID consists of five values:
- FASC-N (Federal Agency SmartCredential Number)
- GUID (Global Unique Identifier)
- Expiration Date
- Issuer Asymmetric Signature
- LRC (error code)
For the YubiKey, the FASC-N and Expiration Date are fixed. That is, the FASC-N and Expiration Date are the same for all YubiKeys.
The YubiKey does not use the signature value, and the PIV standard does not use the LRC. Hence, those two values are "empty".
You can set the GUID to any 16-byte value you want, but it is generally a random value. That is so each YubiKey has a different GUID.
You will generally get the current CHUID for a YubiKey using one of the
PivSession.ReadObject methods. Upon manufacture, the CHUID is
"empty", so the CardHolderUniqueId object will be empty as well
(the IsEmpty property will be true).
You can then set the GUID (or have a random GUID generated for you) and
then store the CHUID using the PivSession.WriteObject method.
It is also possible the CHUID is already set on the YubiKey. In that
case, call one of the PivSession.ReadObject methods and the
resulting object will have IsEmpty set to false and you can
see the GUID that is on the YubiKey.
Finally, you can create a new CardholderUniqueId object by calling
the constructor directly, then set the GUID and call
PivSession.WriteObject. That will, of course, overwrite the CHUID
on the YubiKey, if there is one. Because that might not be something you
want to do, this is the most dangerous option.
See also the user's manual entry on PIV data objects.
Constructors
| Name | Description |
|---|---|
| CardholderUniqueId() | Build a new object. This will not get a CHUID from any YubiKey, it will only build an "empty" object. |
Properties
| Name | Description |
|---|---|
| ExpirationDate | The PIV card's expiration date. This is a fixed value for every YubiKey: Jan 1, 2030. |
| FascNumber | The "Federal Agency Smart Credential Number" (FASC-N). This is a fixed 25-byte value for every YubiKey, and is a Non-Federal Issuer number. |
| GuidValue | The "Global Unique Identifier" (GUID). If there is no CHUID, this is "empty" (Guid.Length will be 0). This is a 16-byte value. |
Methods
| Name | Description |
|---|---|
| Dispose(Boolean) | Releases any unmanaged resources and overwrites any sensitive data. |
| Encode() | Build the encoding of the data. |
| GetDefinedDataTag() | Get the defined data tag. This is the data tag that the PIV standard or Yubico defines to specify the given data object. |
| SetGuid(ReadOnlySpan<Byte>) | Set the Guid with the given value. If the array is not exactly 16 bytes, this method will throw an exception. |
| SetRandomGuid() | Set the Guid with a random, 16-byte value. |
| TryDecode(ReadOnlyMemory<Byte>) | Try to decode the data given according to the format specified for
the data object. If successful, return |