YubiHsmAuthSession Class

Namespace: Yubico.YubiKey.YubiHsmAuth Assembly: Yubico.YubiKey.dll

The main entry-point for all YubiHSM Auth related operations.

C#
public sealed class YubiHsmAuthSession : Object, IDisposable
Inheritance System.Object YubiHsmAuthSession
Implements
System.IDisposable

Constructors

Name Description
YubiHsmAuthSession(IYubiKeyDevice)

Create an instance of YubiHsmAuthSession class, the object that represents the YubiHSM Auth application on the YubiKey.

Properties

Name Description
Connection

The object that represents the connection to the YubiKey.
KeyCollector

The delegate this class will call when it needs a management key or credential password.

Methods

Name Description
AddCredential(ReadOnlyMemory<Byte>, CredentialWithSecrets)

Add a credential.
ChangeManagementKey(ReadOnlyMemory<Byte>, ReadOnlyMemory<Byte>)

Change the management key, throw an exception if the operation failed.
DeleteCredential(ReadOnlyMemory<Byte>, String)

Remove a credential.
Dispose()

When the YubiHsmAuthSession object goes out of scope, this method is called. It will close the session.
GetAes128SessionKeys(String, ReadOnlyMemory<Byte>, ReadOnlyMemory<Byte>, ReadOnlyMemory<Byte>)

Calculate session keys from an AES-128 credential. These session keys are used to establish a secure session with a YubiHSM 2 device.
GetApplicationVersion()

Get the version of the YubiHSM Auth application.
GetManagementKeyRetries()

Get the number of retries remaining for the management key.
ListCredentials()

Get the public properties of all Credentials in the YubiHSM Auth application, along with the number of retries remaining for each.
ResetApplication()

Reset the YubiHSM Auth application, which will delete all credentials, reset the management key to its default value (all zeros), and reset the management key retry counter to 8.
TryAddCredential(ReadOnlyMemory<Byte>, CredentialWithSecrets, out Nullable<Int32>)

Add a credential.
TryAddCredential(CredentialWithSecrets)

Add a credential. This method uses the KeyCollector to retrieve the management key and will retry authentication while there are retries remaining.
TryChangeManagementKey()

Change the management key, using the KeyCollector to retrieve the current and new management keys.
TryChangeManagementKey(ReadOnlyMemory<Byte>, ReadOnlyMemory<Byte>, out Nullable<Int32>)

Change the management key.
TryDeleteCredential(ReadOnlyMemory<Byte>, String, out Nullable<Int32>)

Remove a credential.
TryDeleteCredential(String)

Remove a credential. This method uses the KeyCollector to retrieve the management key, and will retry authentication while there are retries remaining.
TryGetAes128SessionKeys(String, ReadOnlyMemory<Byte>, ReadOnlyMemory<Byte>, out SessionKeys)

Calculate session keys from an AES-128 credential, using the KeyCollector to retrieve the credential password and prompt for touch when required. These session keys are used to establish a secure session with a YubiHSM 2 device.