Table of Contents

Class SetPinCommand

Namespace
Yubico.YubiKey.U2f.Commands
Assembly
Yubico.YubiKey.dll

Sets the PIN or changes the PIN to a new value.

public sealed class SetPinCommand : IYubiKeyCommand<SetPinResponse>
Inheritance
object
SetPinCommand
Implements

Remarks

This command is only available on the YubiKey FIPS series.

Constructors

SetPinCommand(ReadOnlyMemory<byte>, ReadOnlyMemory<byte>)

Constructs an instance of the SetPinCommand class.

public SetPinCommand(ReadOnlyMemory<byte> currentPin, ReadOnlyMemory<byte> newPin)

Parameters

currentPin ReadOnlyMemory<byte>

The PIN currently required to use the U2F application on this YubiKey, represented as bytes. If there is no current PIN, pass in an Empty value.

newPin ReadOnlyMemory<byte>

The new PIN to set, represented as bytes.

Properties

Application

Gets the YubiKeyApplication to which this command belongs.

public YubiKeyApplication Application { get; }

Property Value

YubiKeyApplication

FidoU2f

CurrentPin

The PIN needed to perform U2F operations on a FIPS YubiKey. If this is empty, then the caller expects that there is no PIN yet set.

public ReadOnlyMemory<byte> CurrentPin { get; set; }

Property Value

ReadOnlyMemory<byte>

Remarks

If there is a PIN, it must be from 6 to 32 bytes long (inclusive). It is binary data. This command class will use whatever PIN you supply, so if it is an incorrect length, you will get the error when trying to execute the command.

This class will copy a reference to the PIN provided. Do not overwrite the data until after the command has executed. After it has executed, overwrite the buffer for security reasons.

If there is no current PIN (this command is being called to set the PIN for the first time), there is no need to set this property.

NewPin

The PIN that will replace the current PIN.

public ReadOnlyMemory<byte> NewPin { get; set; }

Property Value

ReadOnlyMemory<byte>

Remarks

The PIN must be from 6 to 32 bytes long (inclusive). This command class will use whatever PIN you supply, so if it is an incorrect length, you will get the error when trying to execute the command.

It is binary data. It is not possible to pass in an Empty PIN (changing a YubiKey from PIN required to no PIN). Once a PIN is set, the U2F application on that YubiKey must always have a PIN. The only way to remove a PIN is to reset the application.

This class will copy a reference to the PIN provided. Do not overwrite the data until after the command has executed. After it has executed, overwrite the buffer for security reasons.

Methods

CreateCommandApdu()

Creates a well-formed CommandApdu to send to the YubiKey.

public CommandApdu CreateCommandApdu()

Returns

CommandApdu

A valid CommandApdu that is ready to be sent to the YubiKey, or passed along to additional encoders for further processing.

Remarks

This method will first perform validation on all of the parameters and data provided to it. The CommandAPDU it creates should contain all of the data payload for the command, even if it exceeds 65,535 bytes as specified by the ISO 7816-4 specification. The APDU will be properly chained by the device connection prior to being sent to the YubiKey, and the responses will collapsed into a single result.

CreateResponseForApdu(ResponseApdu)

Creates the corresponding IYubiKeyResponse implementation for the current command.

public SetPinResponse CreateResponseForApdu(ResponseApdu responseApdu)

Parameters

responseApdu ResponseApdu

The ResponseApdu returned by the YubiKey.

Returns

SetPinResponse

The implementation of IYubiKeyResponse that parses and presents ths response APDU.