Package com.yubico.yubikit.fido.ctap

Class PinUvAuthProtocolV2

java.lang.Object
com.yubico.yubikit.fido.ctap.PinUvAuthProtocolV1
com.yubico.yubikit.fido.ctap.PinUvAuthProtocolV2
All Implemented Interfaces:
PinUvAuthProtocol
public class PinUvAuthProtocolV2 extends PinUvAuthProtocolV1
Implements PIN/UV Auth Protocol 2
See Also:

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final int
    VERSION
     

  • Constructor Summary

    Constructors
    Constructor
    Description
    PinUvAuthProtocolV2()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    byte[]
    authenticate(byte[] key, byte[] message)
    Computes a MAC of the given message.
    byte[]
    decrypt(byte[] key, byte[] ciphertext)
    Decrypts a ciphertext and returns the plaintext.
    byte[]
    encrypt(byte[] key, byte[] plaintext)
    Encrypts a plaintext to produce a ciphertext, which may be longer than the plaintext.
    int
    getVersion()
    Returns the version number of the PIN/UV Auth protocol.
    byte[]
    kdf(byte[] z)
    Computes shared secret

    Methods inherited from class com.yubico.yubikit.fido.ctap.PinUvAuthProtocolV1

    encapsulate

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

  • Constructor Details

    • PinUvAuthProtocolV2

      public PinUvAuthProtocolV2()

  • Method Details

    • getVersion

      public int getVersion()
      Description copied from interface: PinUvAuthProtocol
      Returns the version number of the PIN/UV Auth protocol.
      Specified by:
      getVersion in interface PinUvAuthProtocol
      Overrides:
      getVersion in class PinUvAuthProtocolV1
      Returns:
      the version of the protocol

    • kdf

      public byte[] kdf(byte[] z)
      Description copied from interface: PinUvAuthProtocol
      Computes shared secret
      Specified by:
      kdf in interface PinUvAuthProtocol
      Overrides:
      kdf in class PinUvAuthProtocolV1

    • encrypt

      public byte[] encrypt(byte[] key, byte[] plaintext)
      Description copied from interface: PinUvAuthProtocol
      Encrypts a plaintext to produce a ciphertext, which may be longer than the plaintext. The plaintext is restricted to being a multiple of the AES block size (16 bytes) in length.
      Specified by:
      encrypt in interface PinUvAuthProtocol
      Overrides:
      encrypt in class PinUvAuthProtocolV1
      Parameters:
      key - the secret key to use
      plaintext - the value to encrypt
      Returns:
      the encrypted value

    • decrypt

      public byte[] decrypt(byte[] key, byte[] ciphertext)
      Description copied from interface: PinUvAuthProtocol
      Decrypts a ciphertext and returns the plaintext.
      Specified by:
      decrypt in interface PinUvAuthProtocol
      Overrides:
      decrypt in class PinUvAuthProtocolV1
      Parameters:
      key - the secret key to use
      ciphertext - the value to decrypt
      Returns:
      the decrypted value

    • authenticate

      public byte[] authenticate(byte[] key, byte[] message)
      Description copied from interface: PinUvAuthProtocol
      Computes a MAC of the given message.
      Specified by:
      authenticate in interface PinUvAuthProtocol
      Overrides:
      authenticate in class PinUvAuthProtocolV1
      Parameters:
      key - the secret key to use
      message - the message to sign
      Returns:
      a signature