YubiHsmAuthSession Class
Namespace: Yubico.YubiKey.YubiHsmAuth Assembly: Yubico.YubiKey.dllThe main entry-point for all YubiHSM Auth related operations.
public sealed class YubiHsmAuthSession : ApplicationSession
Constructors
Name | Description |
---|---|
YubiHsmAuthSession(IYubiKeyDevice, ScpKeyParameters?) | Create an instance of |
Properties
Name | Description |
---|---|
KeyCollector | The delegate this class will call when it needs a management key or credential password. |
Methods
Name | Description |
---|---|
AddCredential(ReadOnlyMemory<byte>, CredentialWithSecrets) | Add a credential. |
ChangeManagementKey(ReadOnlyMemory<byte>, ReadOnlyMemory<byte>) | Change the management key, throw an exception if the operation failed. |
DeleteCredential(ReadOnlyMemory<byte>, string) | Remove a credential. |
GetAes128SessionKeys(string, ReadOnlyMemory<byte>, ReadOnlyMemory<byte>, ReadOnlyMemory<byte>) | Calculate session keys from an AES-128 credential. These session keys are used to establish a secure session with a YubiHSM 2 device. |
GetApplicationVersion() | Get the version of the YubiHSM Auth application. |
GetManagementKeyRetries() | Get the number of retries remaining for the management key. |
ListCredentials() | Get the public properties of all Credentials in the YubiHSM Auth application, along with the number of retries remaining for each. |
ResetApplication() | Reset the YubiHSM Auth application, which will delete all credentials, reset the management key to its default value (all zeros), and reset the management key retry counter to 8. |
TryAddCredential(ReadOnlyMemory<byte>, CredentialWithSecrets, out int?) | Add a credential. |
TryAddCredential(CredentialWithSecrets) | Add a credential. This method uses the KeyCollector to retrieve the management key and will retry authentication while there are retries remaining. |
TryChangeManagementKey() | Change the management key, using the KeyCollector to retrieve the current and new management keys. |
TryChangeManagementKey(ReadOnlyMemory<byte>, ReadOnlyMemory<byte>, out int?) | Change the management key. |
TryDeleteCredential(ReadOnlyMemory<byte>, string, out int?) | Remove a credential. |
TryDeleteCredential(string) | Remove a credential. This method uses the KeyCollector to retrieve the management key, and will retry authentication while there are retries remaining. |
TryGetAes128SessionKeys(string, ReadOnlyMemory<byte>, ReadOnlyMemory<byte>, out SessionKeys?) | Calculate session keys from an AES-128 credential, using the KeyCollector to retrieve the credential password and prompt for touch when required. These session keys are used to establish a secure session with a YubiHSM 2 device. |