Class Scp11KeyParameters
SCP key parameters for performing SCP11 authentication. For SCP11b only keyReference and pkSdEcka are required. Note that this does not authenticate the off-card entity (OCE). For SCP11a and SCP11c the off-card entity (OCE) CA key reference must be provided, as well as the off-card entity (OCE) secret key and certificate chain.
public sealed class Scp11KeyParameters : ScpKeyParameters
- Inheritance
-
objectScp11KeyParameters
- Inherited Members
Constructors
Scp11KeyParameters(KeyReference, ECPublicKey)
Creates a new Scp11KeyParameters instance for SCP11b.
public Scp11KeyParameters(KeyReference keyReference, ECPublicKey pkSdEcka)
Parameters
keyReference
KeyReferenceThe key reference associated with the key parameters.
pkSdEcka
ECPublicKeyThe public key of the security domain which is used for key agreement between the off-card entity (OCE) and Yubikey.
Remarks
Note that this does not authenticate the off-card entity (OCE).
Scp11KeyParameters(KeyReference, ECPublicKey, KeyReference, ECPrivateKey, IReadOnlyCollection<X509Certificate2>)
Creates a new Scp11KeyParameters instance. This is used to initiate SCP11A and SCP11C connections.
public Scp11KeyParameters(KeyReference keyReference, ECPublicKey pkSdEcka, KeyReference oceKeyReference, ECPrivateKey skOceEcka, IReadOnlyCollection<X509Certificate2> oceCertificates)
Parameters
keyReference
KeyReferenceThe key reference associated with the key parameters.
pkSdEcka
ECPublicKeyThe public key of the security domain (pkSdEcka) which is used for key agreement between the off-card entity (OCE) and Yubikey.
oceKeyReference
KeyReferenceThe off-card entity (OCE) key reference.
skOceEcka
ECPrivateKeyThe secret key (skOceEcka) of the off-card entity (OCE) used for key agreement between the off-card entity (OCE) and Yubikey.
oceCertificates
IReadOnlyCollection<X509Certificate2>The certificate chain, containing the public key for the off-card entity (OCE).
Properties
OceCertificates
The certificate chain, containing the public key for the off-card entity (OCE) (SCP11a/c).
public IReadOnlyList<X509Certificate2>? OceCertificates { get; }
Property Value
- IReadOnlyList<X509Certificate2>
OceKeyReference
The key reference of the off-card entity (OCE) (SCP11a/c).
public KeyReference? OceKeyReference { get; }
Property Value
PkSdEcka
The public key of the security domain which is used for key agreement between the off-card entity (OCE) and Yubikey (SCP11a/b/c).
public ECPublicKey PkSdEcka { get; }
Property Value
SkOceEcka
The secret key of the off-card entity (OCE) which is used for key agreement between the off-card entity and the YubiKey (SCP11a/c).
public ECPrivateKey? SkOceEcka { get; }
Property Value
Methods
Dispose()
This will clear all references and sensitive buffers
public void Dispose()