Package com.yubico.yubikit.fido.ctap
Class CredentialManagement
java.lang.Object
com.yubico.yubikit.fido.ctap.CredentialManagement
Provides Credential management on the CTAP level.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic class
A data class representing a stored credential.static class
CTAP2 Credential Management Metadata object.static class
A data class representing an RP for which one or more credentials may be stored. -
Constructor Summary
ConstructorsConstructorDescriptionCredentialManagement
(Ctap2Session ctap, PinUvAuthProtocol pinUvAuth, byte[] pinUvToken) Construct a new CredentialManagement object. -
Method Summary
Modifier and TypeMethodDescriptionvoid
deleteCredential
(Map<String, ?> credentialId) Delete a stored credential.enumerateCredentials
(byte[] rpIdHash) Enumerate credentials stored for a particular RP.Enumerate which RPs this YubiKey has credentials stored for.Read metadata about credential management from the YubiKey.Get the underlying Pin/UV Auth protocol in use.static boolean
-
Constructor Details
-
CredentialManagement
Construct a new CredentialManagement object.- Parameters:
ctap
- an active CTAP2 connection.pinUvAuth
- the PIN/UV Auth protocol to usepinUvToken
- a pinUvToken to be used, which must match the protocol and have the proper permissions
-
-
Method Details
-
isSupported
-
getPinUvAuth
Get the underlying Pin/UV Auth protocol in use.- Returns:
- the PinUvAuthProtocol in use
-
getMetadata
public CredentialManagement.Metadata getMetadata() throws IOException, com.yubico.yubikit.core.application.CommandExceptionRead metadata about credential management from the YubiKey.- Returns:
- Metadata from the YubiKey.
- Throws:
IOException
- A communication error in the transport layer.com.yubico.yubikit.core.application.CommandException
- A communication in the protocol layer.
-
enumerateRps
public List<CredentialManagement.RpData> enumerateRps() throws IOException, com.yubico.yubikit.core.application.CommandExceptionEnumerate which RPs this YubiKey has credentials stored for.- Returns:
- A list of RPs.
- Throws:
IOException
- A communication error in the transport layer.com.yubico.yubikit.core.application.CommandException
- A communication in the protocol layer.
-
enumerateCredentials
public List<CredentialManagement.CredentialData> enumerateCredentials(byte[] rpIdHash) throws IOException, com.yubico.yubikit.core.application.CommandException Enumerate credentials stored for a particular RP.- Parameters:
rpIdHash
- The SHA-256 hash of an RP ID to enumerate for.- Returns:
- A list of Credentials.
- Throws:
IOException
- A communication error in the transport layer.com.yubico.yubikit.core.application.CommandException
- A communication in the protocol layer.
-
deleteCredential
public void deleteCredential(Map<String, ?> credentialId) throws IOException, com.yubico.yubikit.core.application.CommandExceptionDelete a stored credential.- Parameters:
credentialId
- A Map representing a PublicKeyCredentialDescriptor identifying a credential to delete.- Throws:
IOException
- A communication error in the transport layer.com.yubico.yubikit.core.application.CommandException
- A communication in the protocol layer.
-