Class DeleteCredentialCommand
- Namespace
- Yubico.YubiKey.YubiHsmAuth.Commands
- Assembly
- Yubico.YubiKey.dll
Remove a credential from the YubiHSM Auth application.
public class DeleteCredentialCommand : IYubiKeyCommand<DeleteCredentialResponse>
- Inheritance
-
objectDeleteCredentialCommand
- Implements
Remarks
The associated response class is DeleteCredentialResponse.
There is a limit of 8 attempts to authenticate with the management key before the management key is blocked. Once the management key is blocked, the application must be reset before performing operations which require authentication with the management key (such as adding credentials, deleting credentials, and changing the management key). To reset the application, see ResetApplicationCommand. Supplying the correct management key before the management key is blocked will reset the retry counter to 8.
Constructors
DeleteCredentialCommand(ReadOnlyMemory<byte>)
Constructs an instance of the DeleteCredentialCommand class.
public DeleteCredentialCommand(ReadOnlyMemory<byte> managementKey)
Parameters
managementKey
ReadOnlyMemory<byte>The secret used to authenticate to the application prior to adding or removing credentials. See ValidManagementKeyLength for its required length. The application has a default management key of all zeros.
Remarks
The Label will need to be set before calling CreateCommandApdu().
Exceptions
- ArgumentException
managementKey
does not meet the length requirements.
DeleteCredentialCommand(ReadOnlyMemory<byte>, string)
Constructs an instance of the DeleteCredentialCommand class.
public DeleteCredentialCommand(ReadOnlyMemory<byte> managementKey, string label)
Parameters
managementKey
ReadOnlyMemory<byte>The secret used to authenticate to the application prior to adding or removing credentials. See ValidManagementKeyLength for its required length. The application has a default management key of all zeros.
label
stringThe label of the credential to be deleted. The string must meet the same requirements as Label.
Exceptions
- ArgumentException
managementKey
does not meet the length requirements.
Fields
ValidManagementKeyLength
The management key must be exactly 16 bytes.
public static readonly int ValidManagementKeyLength
Field Value
- int
Remarks
The management key is supplied as an argument to the constructor.
Properties
Application
Gets the YubiKeyApplication (e.g. PIV, OATH, etc.) to which this command applies.
public YubiKeyApplication Application { get; }
Property Value
- YubiKeyApplication
YubiKeyApplication.Otp, YubiKeyApplication.Piv, etc.
Label
A short name or description of the Credential.
public string Label { get; set; }
Property Value
- string
Remarks
The string only contains characters that can be encoded with UTF-8, and its UTF-8 byte count is between MinLabelByteCount and MaxLabelByteCount. Non-printing characters are allowed, as long as they can be encoded with UTF-8. For example, null (UTF-8: 0x00) and Right-To-Left Mark U+200F (UTF-8: 0xE2 0x80 0x8F) would be acceptable.
The System.Text.UTF8Encoding class contains methods such as System.Text.UTF8Encoding.GetByteCount(string) which can be used to validate the string prior to attempting to set it here. It is recommended to use the constructor System.Text.UTF8Encoding.UTF8Encoding(bool, bool) so error detection is enabled for invalid characters.
Exceptions
- ArgumentNullException
Thrown when the supplied string is null.
- ArgumentOutOfRangeException
Thrown when the string's UTF-8 byte count does not meet the length parameters MinLabelByteCount and MaxLabelByteCount.
- ArgumentException
Thrown when there is a character that cannot be encoded with UTF-8. The exact exception may be derived from ArgumentException.
Methods
CreateCommandApdu()
Creates a well-formed CommandApdu to send to the YubiKey.
public CommandApdu CreateCommandApdu()
Returns
- CommandApdu
A valid CommandApdu that is ready to be sent to the YubiKey, or passed along to additional encoders for further processing.
Remarks
This method will first perform validation on all of the parameters and data provided to it. The CommandAPDU it creates should contain all of the data payload for the command, even if it exceeds 65,535 bytes as specified by the ISO 7816-4 specification. The APDU will be properly chained by the device connection prior to being sent to the YubiKey, and the responses will collapsed into a single result.
CreateResponseForApdu(ResponseApdu)
Creates the corresponding IYubiKeyResponse implementation for the current command.
public DeleteCredentialResponse CreateResponseForApdu(ResponseApdu responseApdu)
Parameters
responseApdu
ResponseApduThe ResponseApdu returned by the YubiKey.
Returns
- DeleteCredentialResponse
The implementation of IYubiKeyResponse that parses and presents ths response APDU.