Package com.yubico.yubikit.fido.ctap

Class PinUvAuthProtocolV1

java.lang.Object
com.yubico.yubikit.fido.ctap.PinUvAuthProtocolV1
All Implemented Interfaces:
PinUvAuthProtocol
Direct Known Subclasses:
PinUvAuthProtocolV2
public class PinUvAuthProtocolV1 extends Object implements PinUvAuthProtocol
Implements PIN/UV Auth Protocol 1
See Also:

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final int
    VERSION
     

  • Constructor Summary

    Constructors
    Constructor
    Description
    PinUvAuthProtocolV1()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    byte[]
    authenticate(byte[] key, byte[] message)
    Computes a MAC of the given message.
    byte[]
    decrypt(byte[] key, byte[] demCiphertext)
    Decrypts a ciphertext and returns the plaintext.
    com.yubico.yubikit.core.util.Pair<Map<Integer,?>,byte[]>
    encapsulate(Map<Integer,?> peerCoseKey)
    Generates an encapsulation for the authenticator’s public key and returns the message to transmit and the shared secret.
    byte[]
    encrypt(byte[] key, byte[] demPlaintext)
    Encrypts a plaintext to produce a ciphertext, which may be longer than the plaintext.
    int
    getVersion()
    Returns the version number of the PIN/UV Auth protocol.
    byte[]
    kdf(byte[] z)
    Computes shared secret

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

  • Constructor Details

    • PinUvAuthProtocolV1

      public PinUvAuthProtocolV1()

  • Method Details

    • getVersion

      public int getVersion()
      Description copied from interface: PinUvAuthProtocol
      Returns the version number of the PIN/UV Auth protocol.
      Specified by:
      getVersion in interface PinUvAuthProtocol
      Returns:
      the version of the protocol

    • encapsulate

      public com.yubico.yubikit.core.util.Pair<Map<Integer,?>,byte[]> encapsulate(Map<Integer,?> peerCoseKey)
      Description copied from interface: PinUvAuthProtocol
      Generates an encapsulation for the authenticator’s public key and returns the message to transmit and the shared secret.
      Specified by:
      encapsulate in interface PinUvAuthProtocol
      Parameters:
      peerCoseKey - a public key returned by the YubiKey
      Returns:
      a Pair containing a keyAgreement to transmit, and the shared secret.

    • kdf

      public byte[] kdf(byte[] z)
      Description copied from interface: PinUvAuthProtocol
      Computes shared secret
      Specified by:
      kdf in interface PinUvAuthProtocol

    • encrypt

      public byte[] encrypt(byte[] key, byte[] demPlaintext)
      Description copied from interface: PinUvAuthProtocol
      Encrypts a plaintext to produce a ciphertext, which may be longer than the plaintext. The plaintext is restricted to being a multiple of the AES block size (16 bytes) in length.
      Specified by:
      encrypt in interface PinUvAuthProtocol
      Parameters:
      key - the secret key to use
      demPlaintext - the value to encrypt
      Returns:
      the encrypted value

    • decrypt

      public byte[] decrypt(byte[] key, byte[] demCiphertext)
      Description copied from interface: PinUvAuthProtocol
      Decrypts a ciphertext and returns the plaintext.
      Specified by:
      decrypt in interface PinUvAuthProtocol
      Parameters:
      key - the secret key to use
      demCiphertext - the value to decrypt
      Returns:
      the decrypted value

    • authenticate

      public byte[] authenticate(byte[] key, byte[] message)
      Description copied from interface: PinUvAuthProtocol
      Computes a MAC of the given message.
      Specified by:
      authenticate in interface PinUvAuthProtocol
      Parameters:
      key - the secret key to use
      message - the message to sign
      Returns:
      a signature