AttestationResult Interface
public interface AttestationResult
An AttestationResult contains the defined claims included in a Microsoft Azure Attestation Token. An AttestationResult is an IETF RFC 7519 JSON Web Token, and implements many of the claims in IETF Draft-ietf-rats-eat.
Method Summary
Modifier and Type | Method and Description |
---|---|
abstract
Binary |
getEnclaveHeldData()
Get the enclave |
abstract
Offset |
getExpiresOn()
Get the Expires |
abstract Object |
getInitTimeClaims()
Get the init |
abstract
Offset |
getIssuedAt()
Get the Issued At property: The time at which the token was issued. |
abstract String |
getIssuer()
Retrieve the issuer of the attestation token. |
abstract String |
getMrEnclave()
Get the mr |
abstract String |
getMrSigner()
Get the mr |
abstract String |
getNonce()
Returns the Nonce input to the attestation request, if provided. |
abstract
Offset |
getNotBefore()
Get the Not |
abstract Object |
getPolicyClaims()
Get the policy |
abstract
Binary |
getPolicyHash()
Get the policy |
abstract
Attestation |
getPolicySigner()
Get the policy |
abstract int |
getProductId()
Get the product |
abstract Object |
getRuntimeClaims()
Get the runtime |
abstract Object |
getSgxCollateral()
Get the sgx |
abstract int |
getSvn()
Get the svn property: The SGX SVN value for the enclave. |
abstract String |
getUniqueIdentifier()
Get the Unique Identifier property: The Unique Identifier corresponds to the "jti" claim in a Json Web Token. |
abstract String |
getVerifierType()
Get the verifier |
abstract String |
getVersion()
Get the version property: The Schema version of this structure. |
abstract Boolean |
isDebuggable()
Get the is |
Method Details
getEnclaveHeldData
public abstract BinaryData getEnclaveHeldData()
Get the enclaveHeldData property: A copy of the RuntimeData specified as an input to the call to attest if the BINARY data interpretation was set on the AttestationData passed to the setRunTimeData(AttestationData attestationData) API.
Returns:
getExpiresOn
public abstract OffsetDateTime getExpiresOn()
Get the ExpiresOn property: The expiration time after which the token is no longer valid. The ExpiresOn property corresponds to the "exp" claim in a Json Web Token. See RFC 7519 section 4.1.4
Returns:
getInitTimeClaims
public abstract Object getInitTimeClaims()
Get the initTimeClaims property: InitTime Claims. If JSON was specified in the AttestationData for the InitTime data this will contain the input InitTimeData as JSON elements.
Returns:
getIssuedAt
public abstract OffsetDateTime getIssuedAt()
Get the Issued At property: The time at which the token was issued. The IssuedAt property corresponds to the "iat" claim in a Json Web Token. See RFC 7519 section 4.1.6 for more information.
Returns:
getIssuer
public abstract String getIssuer()
Retrieve the issuer of the attestation token. The issuer corresponds to the "iss" claim in a Json Web Token. See RFC 7519 section 4.1.1 for more information. The issuer will always be the same as the attestation service instance endpoint URL.
Returns:
getMrEnclave
public abstract String getMrEnclave()
Get the mrEnclave property: The HEX encoded SGX MRENCLAVE value for the enclave. Represents the HEX encoded MRENCLAVE Measure Register. This is the hash of the binary loaded into the enclave.
Returns:
getMrSigner
public abstract String getMrSigner()
Get the mrSigner property: The HEX encoded SGX MRSIGNER value for the enclave. Represents the HEX encoded MRSIGNER Measure Register. This is the hash of the signer of the code loaded into the enclave.
Returns:
getNonce
public abstract String getNonce()
Returns the Nonce input to the attestation request, if provided. The Nonce claim corresponds to the "nonce" claim defined in draft-ietf-rats-eat-10, section 3.3
Returns:
getNotBefore
public abstract OffsetDateTime getNotBefore()
Get the NotBefore property: The time before which a token cannot be considered valid. The ExpiresOn property corresponds to the "exp" claim in a Json Web Token. See RFC 7519 section 4.1.4
Returns:
getPolicyClaims
public abstract Object getPolicyClaims()
Get the policyClaims property: Policy Generated Claims. This element contains all claims in the token which were generated by customer specified attestation policies.
Returns:
getPolicyHash
public abstract BinaryData getPolicyHash()
Get the policyHash property: The SHA256 hash of the BASE64URL encoded policy text used for attestation.
Returns:
getPolicySigner
public abstract AttestationSigner getPolicySigner()
Get the policySigner property: If the attestation policy was signed, this will contain the certificate used to sign the policy object.
Returns:
getProductId
public abstract int getProductId()
Get the productId property: The SGX Product ID for the enclave. The Product ID represents the ISVPRODID value from the enclave. See oe_identity::product_id for more information.
Returns:
getRuntimeClaims
public abstract Object getRuntimeClaims()
Get the runtimeClaims property: Runtime Claims. If JSON was specified in the AttestationData for the RunTime data this will contain the input RunTimeData as JSON elements.
Returns:
getSgxCollateral
public abstract Object getSgxCollateral()
Get the sgxCollateral property: The SGX SVN value for the enclave. The SGX Collateral contains the HEX encoded SHA256 hash of each of the inputs to the attestation token.
Returns:
getSvn
public abstract int getSvn()
Get the svn property: The SGX SVN value for the enclave. The SVN for the enclave should be incremented on every security update.
Returns:
getUniqueIdentifier
public abstract String getUniqueIdentifier()
Get the Unique Identifier property: The Unique Identifier corresponds to the "jti" claim in a Json Web Token.
Returns:
getVerifierType
public abstract String getVerifierType()
Get the verifierType property: The Attestation Type being attested. Normally this will be one of "sgx", or "tpm"
Returns:
getVersion
public abstract String getVersion()
Get the version property: The Schema version of this structure. Current Value: 1.0.
Returns:
isDebuggable
public abstract Boolean isDebuggable()
Get the isDebuggable property: True if the enclave can be debugged, false otherwise. If the attestation evidence came from OpenEnclave, this corresponds to the OE_REPORT_ATTRIBUTES_DEBUG flag in the generated OpenEnclave report (oe_identity::attributes If the attestation evidence came from the Intel SGX SDK, this corresponds to the SGX_FLAGS_DEBUG flag.
Returns:
Applies to
Azure SDK for Java
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for