Attestation - Attest Sgx Enclave
Attest to an SGX enclave.
Processes an SGX enclave quote, producing an artifact. The type of artifact produced is dependent upon attestation policy.
POST {instanceUrl}/attest/SgxEnclave?api-version=2022-08-01
URI Parameters
Name | In | Required | Type | Description |
---|---|---|---|---|
instance
|
path | True |
string |
The attestation instance base URI, for example https://mytenant.attest.azure.net. |
api-version
|
query | True |
string |
Client API version. Current version is 2022-08-01 |
Request Body
Name | Type | Description |
---|---|---|
draftPolicyForAttestation |
string |
Attest against the provided draft policy. Note that the resulting token cannot be validated. |
initTimeData |
Initialization data provided when the enclave is created. MAA will verify that the init data was known to the enclave. Note that InitTimeData is invalid for CoffeeLake processors. |
|
nonce |
string |
Nonce for incoming request - emitted in the generated attestation token |
quote |
string |
Quote of the enclave to be attested |
runtimeData |
Runtime data provided by the enclave at the time of quote generation. The MAA will verify that the first 32 bytes of the report_data field of the quote contains the SHA256 hash of the decoded "data" field of the runtime data. |
Responses
Name | Type | Description |
---|---|---|
200 OK |
Success |
|
Other Status Codes |
Error response describing why the operation failed |
Examples
Attest SgxEnclave
Sample Request
POST https://instance.attest.azure.net/attest/SgxEnclave?api-version=2022-08-01
{
"quote": "AwACAAAAAAAFAAoAk5pyM_ecTKmUCg2zlX8GBxikFG2RGHbLfXx_vS5gtP8AAAAADg4CBf-ABwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQAAAAAAAAAHAAAAAAAAANlxlh9yS3HfxfFVOsTvtorRYOhJYCzdhRy4QEI-WSpzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACFaCMSMCcBDtDOH31RW2vh11BeWCj7oZeFZ2Aw2P_8KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8SAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjKYv2t_KVJfL8eJMumYwKEA--jtZ1UOGFrKEaj6Tm6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBAAANfCXfxRtqOqDZV2NJAxIFTxDg0BuV-LLuq_D2YGtwp3x331XC_I13E1BqX7zR8dL4GiEACndxFkLGaAv7NTLL6pLrutcGj8wPA8MTOlV4BI9ZLcEwlNobvHIWKrrjtzDs_Wekb9nq08xb-P_yg0R0RvYNMkgIz61v6jPXeuq_n-Dg4CBf-ABwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFQAAAAAAAAAHAAAAAAAAAD-wrOCGnS4w8o6G1wx2ZAOlT7vNZY7s4OG5SKkVWRdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACMT1d115ZQPpYTf3fGioKaAFasje1wFAsIGwlEkMV7_wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACJ_xj1I2YFmziAVUcpkwhFu4bxfwGQ71nD4Xoz4lKoNwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKsDZgMr9cfiWsAr8sI9X5cwgnD3ob0ETj44vViBmw41w5Q7ZpSaH6cAfnRI3-QimRJnpzr_9V5LzIEBCVmloPyAAAAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8FAMgNAAAtLS0tLUJFR0lOIENFUlRJRklDQVRFLS0tLS0KTUlJRWdEQ0NCQ2FnQXdJQkFnSVVmakNyOUhXbmVSZzdLUUEra3krRmRybXdmMXd3Q2dZSUtvWkl6ajBFQXdJd2NURWpNQ0VHQTFVRQpBd3dhU1c1MFpXd2dVMGRZSUZCRFN5QlFjbTlqWlhOemIzSWdRMEV4R2pBWUJnTlZCQW9NRVVsdWRHVnNJRU52Y25CdmNtRjBhVzl1Ck1SUXdFZ1lEVlFRSERBdFRZVzUwWVNCRGJHRnlZVEVMTUFrR0ExVUVDQXdDUTBFeEN6QUpCZ05WQkFZVEFsVlRNQjRYRFRFNU1EY3gKT0RJeU16STFObG9YRFRJMk1EY3hPREl5TXpJMU5sb3djREVpTUNBR0ExVUVBd3daU1c1MFpXd2dVMGRZSUZCRFN5QkRaWEowYVdacApZMkYwWlRFYU1CZ0dBMVVFQ2d3UlNXNTBaV3dnUTI5eWNHOXlZWFJwYjI0eEZEQVNCZ05WQkFjTUMxTmhiblJoSUVOc1lYSmhNUXN3CkNRWURWUVFJREFKRFFURUxNQWtHQTFVRUJoTUNWVk13V1RBVEJnY3Foa2pPUFFJQkJnZ3Foa2pPUFFNQkJ3TkNBQVNpdG1MQTNJYjYKY3R1SGZ0ZnR3R1Qray90UGxwN2VvTVpnSlFDZSsxZFlXKzFvNTUwRXpXREM3dFRreWQ2NTJKdlBDVXBBZVMyUitDYUFRaGlPSThtNQpvNElDbXpDQ0FwY3dId1lEVlIwakJCZ3dGb0FVME9pcTJuWFgrUzVKRjVnOGV4UmwwTlh5V1Uwd1h3WURWUjBmQkZnd1ZqQlVvRktnClVJWk9hSFIwY0hNNkx5OWhjR2t1ZEhKMWMzUmxaSE5sY25acFkyVnpMbWx1ZEdWc0xtTnZiUzl6WjNndlkyVnlkR2xtYVdOaGRHbHYKYmk5Mk1TOXdZMnRqY213L1kyRTljSEp2WTJWemMyOXlNQjBHQTFVZERnUVdCQlN6czNGTVF1UlBLcGtSNWxTbXRkckl5V3BtN2pBTwpCZ05WSFE4QkFmOEVCQU1DQnNBd0RBWURWUjBUQVFIL0JBSXdBRENDQWRRR0NTcUdTSWI0VFFFTkFRU0NBY1V3Z2dIQk1CNEdDaXFHClNJYjRUUUVOQVFFRUVNTDZ5K01oZG4vNkJiSWV6WEdkUHlNd2dnRmtCZ29xaGtpRytFMEJEUUVDTUlJQlZEQVFCZ3NxaGtpRytFMEIKRFFFQ0FRSUJCakFRQmdzcWhraUcrRTBCRFFFQ0FnSUJCakFRQmdzcWhraUcrRTBCRFFFQ0F3SUJBakFRQmdzcWhraUcrRTBCRFFFQwpCQUlCQkRBUUJnc3Foa2lHK0UwQkRRRUNCUUlCQVRBUkJnc3Foa2lHK0UwQkRRRUNCZ0lDQUlBd0VBWUxLb1pJaHZoTkFRMEJBZ2NDCkFRRXdFQVlMS29aSWh2aE5BUTBCQWdnQ0FRQXdFQVlMS29aSWh2aE5BUTBCQWdrQ0FRQXdFQVlMS29aSWh2aE5BUTBCQWdvQ0FRQXcKRUFZTEtvWklodmhOQVEwQkFnc0NBUUF3RUFZTEtvWklodmhOQVEwQkFnd0NBUUF3RUFZTEtvWklodmhOQVEwQkFnMENBUUF3RUFZTApLb1pJaHZoTkFRMEJBZzRDQVFBd0VBWUxLb1pJaHZoTkFRMEJBZzhDQVFBd0VBWUxLb1pJaHZoTkFRMEJBaEFDQVFBd0VBWUxLb1pJCmh2aE5BUTBCQWhFQ0FRY3dId1lMS29aSWh2aE5BUTBCQWhJRUVBWUdBZ1FCZ0FFQUFBQUFBQUFBQUFBd0VBWUtLb1pJaHZoTkFRMEIKQXdRQ0FBQXdGQVlLS29aSWh2aE5BUTBCQkFRR0FKQnVvUUFBTUE4R0NpcUdTSWI0VFFFTkFRVUtBUUF3Q2dZSUtvWkl6ajBFQXdJRApTQUF3UlFJaEFMN25wNTZieGtESFVRRStTaUQ1K1M4eTFEOWFOK0ZyMHY1VENUQlUyazNkQWlCbVdQZUVIOW1ySkJ3SWU5eHV1aHo0Clp4cTlzTnlPaDRCc3NzdEQwV0Jkd3c9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQpNSUlDbHpDQ0FqNmdBd0lCQWdJVkFORG9xdHAxMS9rdVNSZVlQSHNVWmREVjhsbE5NQW9HQ0NxR1NNNDlCQU1DCk1HZ3hHakFZQmdOVkJBTU1FVWx1ZEdWc0lGTkhXQ0JTYjI5MElFTkJNUm93R0FZRFZRUUtEQkZKYm5SbGJDQkQKYjNKd2IzSmhkR2x2YmpFVU1CSUdBMVVFQnd3TFUyRnVkR0VnUTJ4aGNtRXhDekFKQmdOVkJBZ01Ba05CTVFzdwpDUVlEVlFRR0V3SlZVekFlRncweE9EQTFNakV4TURRMU1EaGFGdzB6TXpBMU1qRXhNRFExTURoYU1IRXhJekFoCkJnTlZCQU1NR2tsdWRHVnNJRk5IV0NCUVEwc2dVSEp2WTJWemMyOXlJRU5CTVJvd0dBWURWUVFLREJGSmJuUmwKYkNCRGIzSndiM0poZEdsdmJqRVVNQklHQTFVRUJ3d0xVMkZ1ZEdFZ1EyeGhjbUV4Q3pBSkJnTlZCQWdNQWtOQgpNUXN3Q1FZRFZRUUdFd0pWVXpCWk1CTUdCeXFHU000OUFnRUdDQ3FHU000OUF3RUhBMElBQkw5cStOTXAySU9nCnRkbDFiay91V1o1K1RHUW04YUNpOHo3OGZzK2ZLQ1EzZCt1RHpYblZUQVQyWmhEQ2lmeUl1Snd2TjN3TkJwOWkKSEJTU01KTUpyQk9qZ2Jzd2diZ3dId1lEVlIwakJCZ3dGb0FVSW1VTTFscWROSW56ZzdTVlVyOVFHemtuQnF3dwpVZ1lEVlIwZkJFc3dTVEJIb0VXZ1E0WkJhSFIwY0hNNkx5OWpaWEowYVdacFkyRjBaWE11ZEhKMWMzUmxaSE5sCmNuWnBZMlZ6TG1sdWRHVnNMbU52YlM5SmJuUmxiRk5IV0ZKdmIzUkRRUzVqY213d0hRWURWUjBPQkJZRUZORG8KcXRwMTEva3VTUmVZUEhzVVpkRFY4bGxOTUE0R0ExVWREd0VCL3dRRUF3SUJCakFTQmdOVkhSTUJBZjhFQ0RBRwpBUUgvQWdFQU1Bb0dDQ3FHU000OUJBTUNBMGNBTUVRQ0lDLzlqKzg0VCtIenRWTy9zT1FCV0piU2QrLzJ1ZXhLCjQrYUEwamNGQkxjcEFpQTNkaE1yRjVjRDUydDZGcU12QUlwajhYZEdteTJiZWVsakxKSytwenBjUkE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCi0tLS0tQkVHSU4gQ0VSVElGSUNBVEUtLS0tLQpNSUlDampDQ0FqU2dBd0lCQWdJVUltVU0xbHFkTkluemc3U1ZVcjlRR3prbkJxd3dDZ1lJS29aSXpqMEVBd0l3CmFERWFNQmdHQTFVRUF3d1JTVzUwWld3Z1UwZFlJRkp2YjNRZ1EwRXhHakFZQmdOVkJBb01FVWx1ZEdWc0lFTnYKY25CdmNtRjBhVzl1TVJRd0VnWURWUVFIREF0VFlXNTBZU0JEYkdGeVlURUxNQWtHQTFVRUNBd0NRMEV4Q3pBSgpCZ05WQkFZVEFsVlRNQjRYRFRFNE1EVXlNVEV3TkRFeE1Wb1hEVE16TURVeU1URXdOREV4TUZvd2FERWFNQmdHCkExVUVBd3dSU1c1MFpXd2dVMGRZSUZKdmIzUWdRMEV4R2pBWUJnTlZCQW9NRVVsdWRHVnNJRU52Y25CdmNtRjAKYVc5dU1SUXdFZ1lEVlFRSERBdFRZVzUwWVNCRGJHRnlZVEVMTUFrR0ExVUVDQXdDUTBFeEN6QUpCZ05WQkFZVApBbFZUTUZrd0V3WUhLb1pJemowQ0FRWUlLb1pJemowREFRY0RRZ0FFQzZuRXdNRElZWk9qL2lQV3NDemFFS2k3CjFPaU9TTFJGaFdHamJuQlZKZlZua1k0dTNJamtEWVlMME14TzRtcXN5WWpsQmFsVFZZeEZQMnNKQks1emxLT0IKdXpDQnVEQWZCZ05WSFNNRUdEQVdnQlFpWlF6V1dwMDBpZk9EdEpWU3YxQWJPU2NHckRCU0JnTlZIUjhFU3pCSgpNRWVnUmFCRGhrRm9kSFJ3Y3pvdkwyTmxjblJwWm1sallYUmxjeTUwY25WemRHVmtjMlZ5ZG1salpYTXVhVzUwClpXd3VZMjl0TDBsdWRHVnNVMGRZVW05dmRFTkJMbU55YkRBZEJnTlZIUTRFRmdRVUltVU0xbHFkTkluemc3U1YKVXI5UUd6a25CcXd3RGdZRFZSMFBBUUgvQkFRREFnRUdNQklHQTFVZEV3RUIvd1FJTUFZQkFmOENBUUV3Q2dZSQpLb1pJemowRUF3SURTQUF3UlFJZ1FRcy8wOHJ5Y2RQYXVDRms4VVBRWENNQWxzbG9CZTdOd2FRR1RjZHBhMEVDCklRQ1V0OFNHdnhLbWpwY00vejBXUDlEdm84aDJrNWR1MWlXRGRCa0FuKzBpaUE9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCgA",
"runtimeData": {
"data": "wFdC6gBMrrej2JTuNlTjWOe-ebL7Rz34WjmEUnbfFEc_5BITs2t4V8uuEI8JX73t0g_nUTu6g07xyC6rx9wl8IUQFYyPKhsMk3FLESkryhb5dz9cDxoxwMNnGbu-B7AsOBCe3lckQmoRAEf4_5qUm-PS26DD3SkbNRT-XjMQMQ19Q33dpKFvXPrQyvCK0ly0pL-JXXdnT4hsJUn8tJKW152W2gZWeXIKO8Ge2er_8xXUvQ6gCLZwwcD1--Whg90h9n5tVRNQdqCnWwsFL0LEKVNiCj7Cbii8_XpjYjTTSQKSOiC_i_VbZZF9cY4W_1ZpUj7WWkSSkPhNSuqBHOvmuFrVTlfQvgdsKYQ5zYbSnPtqJ1_4QUoPJsYQIxyFFncIDbuGWuTPd_FDKLBLQADyO4kYWjnVMXdM1p_xjtqo2_UWTznEfrQpoZttQE99GZVEVSXPBn0GXzph4JDKyWq3rDIvzFMhumG5ay1eyQ622hxwBN4WVxVjJ-BtaWMnU15o4OZZVReCpTodGZabT0RgAmJqKNZnH_Vx_ECLKxssxEHoNWZBUCWAS9Qy4OpdQZ1-vINHJaTIZsehSZrkk1a5ttJdghTSUJGbEPWt3Azstjidyq8x1l5q-PIClhJE_Q_vHOvTzxCebqZOhFJl08rx8I2OYxzekLA1miJ4aZs8h3eB6tOHZF06gJC8wcIORvy8d8ysEZvja40AWSg",
"dataType": "Binary"
}
}
Sample Response
{
"token": "eyJhbGciOiAiUlMyNTYiLCAiamt1IjogImh0dHBzOi8vdGVuYW50dGVzdHMudXMvY2VydHMiLCAia2lkIjogImU4VHpCeEJ0VnFIdnRxOUdVbTFEd2Y0VkRoMGRubk1uS1BhemdOOXBUUGM9IiwgInR5cCI6ICJKV1QifQ.eyJhYXMtZWhkIjogIndGZEM2Z0JNcnJlajJKVHVObFRqV09lLWViTDdSejM0V2ptRVVuYmZGRWNfNUJJVHMydDRWOHV1RUk4Slg3M3QwZ19uVVR1NmcwN3h5QzZyeDl3bDhJVVFGWXlQS2hzTWszRkxFU2tyeWhiNWR6OWNEeG94d01ObkdidS1CN0FzT0JDZTNsY2tRbW9SQUVmNF81cVVtLVBTMjZERDNTa2JOUlQtWGpNUU1RMTlRMzNkcEtGdlhQclF5dkNLMGx5MHBMLUpYWGRuVDRoc0pVbjh0SktXMTUyVzJnWldlWElLTzhHZTJlcl84eFhVdlE2Z0NMWnd3Y0QxLS1XaGc5MGg5bjV0VlJOUWRxQ25Xd3NGTDBMRUtWTmlDajdDYmlpOF9YcGpZalRUU1FLU09pQ19pX1ZiWlpGOWNZNFdfMVpwVWo3V1drU1NrUGhOU3VxQkhPdm11RnJWVGxmUXZnZHNLWVE1elliU25QdHFKMV80UVVvUEpzWVFJeHlGRm5jSURidUdXdVRQZF9GREtMQkxRQUR5TzRrWVdqblZNWGRNMXBfeGp0cW8yX1VXVHpuRWZyUXBvWnR0UUU5OUdaVkVWU1hQQm4wR1h6cGg0SkRLeVdxM3JESXZ6Rk1odW1HNWF5MWV5UTYyMmh4d0JONFdWeFZqSi1CdGFXTW5VMTVvNE9aWlZSZUNwVG9kR1phYlQwUmdBbUpxS05abkhfVnhfRUNMS3hzc3hFSG9OV1pCVUNXQVM5UXk0T3BkUVoxLXZJTkhKYVRJWnNlaFNacmtrMWE1dHRKZGdoVFNVSkdiRVBXdDNBenN0amlkeXE4eDFsNXEtUElDbGhKRV9RX3ZIT3ZUenhDZWJxWk9oRkpsMDhyeDhJMk9ZeHpla0xBMW1pSjRhWnM4aDNlQjZ0T0haRjA2Z0pDOHdjSU9Sdnk4ZDh5c0VadmphNDBBV1NnIiwgImV4cCI6IDE2MDE0MzA1NDUsICJpYXQiOiAxNjAxNDAxNzQ1LCAiaXMtZGVidWdnYWJsZSI6IGZhbHNlLCAiaXNzIjogImh0dHBzOi8vdGVuYW50dGVzdHMudXMiLCAibWFhLWF0dGVzdGF0aW9uY29sbGF0ZXJhbCI6IHsibWFhLXFlaWRjZXJ0c2hhc2giOiAiMWIyYTdjZDU5NjY5MjlhZWMxZTA2MWY0N2FiYTAzYWU0MjJjMTFlOWY4ZGNlNDIxMmMyYmIzNjA5MjIyZjMyNCIsICJtYWEtcWVpZGNybGhhc2giOiAiZGExMzc0MTc5NTM0MTk1MGMyZmRkNmU2YWY4ZThhZDgyM2RlNmU5OThiMjEzOTcyMTY3Y2I0ZDY0MzFjOTY5YSIsICJtYWEtcWVpZGhhc2giOiAiYjViMDZjMzJjNDIxYmJhNjViZWRkMTI2NzkyZTZiZTdkY2UxYjkyNGEwMDNkMTg3MTk4MmQwNTcwOWE0NWY0YSIsICJtYWEtcXVvdGVoYXNoIjogImYyM2NmM2E5OGYxZGJhYmQ2N2U3OTcwZGNkNDg2ODNkYzlhODBkMzM3MWFjYmY2OTZhMjU4NjNiYWMyODMzNjIiLCAibWFhLXRjYmluZm9jZXJ0c2hhc2giOiAiMWIyYTdjZDU5NjY5MjlhZWMxZTA2MWY0N2FiYTAzYWU0MjJjMTFlOWY4ZGNlNDIxMmMyYmIzNjA5MjIyZjMyNCIsICJtYWEtdGNiaW5mb2NybGhhc2giOiAiZGExMzc0MTc5NTM0MTk1MGMyZmRkNmU2YWY4ZThhZDgyM2RlNmU5OThiMjEzOTcyMTY3Y2I0ZDY0MzFjOTY5YSIsICJtYWEtdGNiaW5mb2hhc2giOiAiMGUxYzQxMDU2ZTFhNTkwOGJmN2ZhMmJkMWQ5OWFiY2NiMGFiM2JjOTkyNTNjYzQwYTVhNWFjZDE2NWE1N2ViNiJ9LCAibWFhLWVoZCI6ICJ3RmRDNmdCTXJyZWoySlR1TmxUaldPZS1lYkw3UnozNFdqbUVVbmJmRkVjXzVCSVRzMnQ0Vjh1dUVJOEpYNzN0MGdfblVUdTZnMDd4eUM2cng5d2w4SVVRRll5UEtoc01rM0ZMRVNrcnloYjVkejljRHhveHdNTm5HYnUtQjdBc09CQ2UzbGNrUW1vUkFFZjRfNXFVbS1QUzI2REQzU2tiTlJULVhqTVFNUTE5UTMzZHBLRnZYUHJReXZDSzBseTBwTC1KWFhkblQ0aHNKVW44dEpLVzE1MlcyZ1pXZVhJS084R2UyZXJfOHhYVXZRNmdDTFp3d2NEMS0tV2hnOTBoOW41dFZSTlFkcUNuV3dzRkwwTEVLVk5pQ2o3Q2JpaThfWHBqWWpUVFNRS1NPaUNfaV9WYlpaRjljWTRXXzFacFVqN1dXa1NTa1BoTlN1cUJIT3ZtdUZyVlRsZlF2Z2RzS1lRNXpZYlNuUHRxSjFfNFFVb1BKc1lRSXh5RkZuY0lEYnVHV3VUUGRfRkRLTEJMUUFEeU80a1lXam5WTVhkTTFwX3hqdHFvMl9VV1R6bkVmclFwb1p0dFFFOTlHWlZFVlNYUEJuMEdYenBoNEpES3lXcTNyREl2ekZNaHVtRzVheTFleVE2MjJoeHdCTjRXVnhWakotQnRhV01uVTE1bzRPWlpWUmVDcFRvZEdaYWJUMFJnQW1KcUtOWm5IX1Z4X0VDTEt4c3N4RUhvTldaQlVDV0FTOVF5NE9wZFFaMS12SU5ISmFUSVpzZWhTWnJrazFhNXR0SmRnaFRTVUpHYkVQV3QzQXpzdGppZHlxOHgxbDVxLVBJQ2xoSkVfUV92SE92VHp4Q2VicVpPaEZKbDA4cng4STJPWXh6ZWtMQTFtaUo0YVpzOGgzZUI2dE9IWkYwNmdKQzh3Y0lPUnZ5OGQ4eXNFWnZqYTQwQVdTZyIsICJuYmYiOiAxNjAxNDAxNzQ1LCAicHJvZHVjdC1pZCI6IDQ2MzksICJzZ3gtbXJlbmNsYXZlIjogImQ5NzE5NjFmNzI0YjcxZGZjNWYxNTUzYWM0ZWZiNjhhZDE2MGU4NDk2MDJjZGQ4NTFjYjg0MDQyM2U1OTJhNzMiLCAic2d4LW1yc2lnbmVyIjogIjg1NjgyMzEyMzAyNzAxMGVkMGNlMWY3ZDUxNWI2YmUxZDc1MDVlNTgyOGZiYTE5Nzg1Njc2MDMwZDhmZmZjMjgiLCAic3ZuIjogMSwgInRlZSI6ICJzZ3giLCAieC1tcy1wb2xpY3ktaGFzaCI6ICJlZ2puQU5JekVwUzJXZ3BFNE5rLVFFd002OVhSQ2dUczQyX0cwcUxsYm5rIiwgIngtbXMtdmVyIjogIjEuMCJ9.UvBYjpwNgLAq1Xi0IIGYmUId1zaOCB9r5vSFOInmy6Bte4qUZmvK9eI1pt0hcJaRYqNqNajDzE9Bh7_EJmj2TJ3mUJ1IpO6Q2z0krfPzs3arVswi474UOOtzkGCY3N04AVEN5uyBduYngdGOimEvSP2YLLJot95FtBSStI7nIcZB6SaTP9z7zihkVtgLWNOWrCmiSDKKo56yzsT1P_i24WnvPAn4jFZPR7g15i1rRZMvdmRyKmEWfZ_E5SLNTb6XN8wFCfpWPzxBm3JjSOynbcFnts0sbvYT5NpxfnhCmL6i41y3WfO8wGyF3BwRKR7Ox09S0EavryiPkGvb6NAzBA"
}
Definitions
Name | Description |
---|---|
Attestation |
The result of an attestation operation |
Attest |
Attestation request for Intel SGX enclaves |
Cloud |
An error response from Attestation. |
Cloud |
An error response from Attestation. |
Data |
Specifies the type of the data encoded contained within the "data" field of a "RuntimeData" or "InitTimeData" object |
Init |
Initialization time data are a conduit for any configuration information that is unknown when building the Trusted Execution Environment (TEE) and is defined at TEE launch time. This data can be used with confidential container or VM scenarios to capture configuration settings such as disk volume content, network configuration, etc. |
Runtime |
Runtime data are a conduit for any information defined by the Trusted Execution Environment (TEE) when actually running. |
AttestationResponse
The result of an attestation operation
Name | Type | Description |
---|---|---|
token |
string |
An RFC 7519 JSON Web Token, the body of which is an AttestationResult object. |
AttestSgxEnclaveRequest
Attestation request for Intel SGX enclaves
Name | Type | Description |
---|---|---|
draftPolicyForAttestation |
string |
Attest against the provided draft policy. Note that the resulting token cannot be validated. |
initTimeData |
Initialization data provided when the enclave is created. MAA will verify that the init data was known to the enclave. Note that InitTimeData is invalid for CoffeeLake processors. |
|
nonce |
string |
Nonce for incoming request - emitted in the generated attestation token |
quote |
string |
Quote of the enclave to be attested |
runtimeData |
Runtime data provided by the enclave at the time of quote generation. The MAA will verify that the first 32 bytes of the report_data field of the quote contains the SHA256 hash of the decoded "data" field of the runtime data. |
CloudError
An error response from Attestation.
Name | Type | Description |
---|---|---|
error |
An error response from Attestation. |
CloudErrorBody
An error response from Attestation.
Name | Type | Description |
---|---|---|
code |
string |
An identifier for the error. Codes are invariant and are intended to be consumed programmatically. |
message |
string |
A message describing the error, intended to be suitable for displaying in a user interface. |
DataType
Specifies the type of the data encoded contained within the "data" field of a "RuntimeData" or "InitTimeData" object
Name | Type | Description |
---|---|---|
Binary |
string |
The field's content should be treated as binary and not interpreted by MAA. |
JSON |
string |
The field's content should be treated as UTF-8 JSON text that may be further interpreted by MAA. Refer to RFC 8259 for a description of JSON serialization standards for interoperability. |
InitTimeData
Initialization time data are a conduit for any configuration information that is unknown when building the Trusted Execution Environment (TEE) and is defined at TEE launch time. This data can be used with confidential container or VM scenarios to capture configuration settings such as disk volume content, network configuration, etc.
Name | Type | Description |
---|---|---|
data |
string |
Initialization time data are passed into the Trusted Execution Environment (TEE) when it is created. For an Icelake SGX quote, the SHA256 hash of the InitTimeData must match the lower 32 bytes of the quote's "config id" attribute. For a SEV-SNP quote, the SHA256 hash of the InitTimeData must match the quote's "host data" attribute. |
dataType |
The type of data contained within the "data" field |
RuntimeData
Runtime data are a conduit for any information defined by the Trusted Execution Environment (TEE) when actually running.
Name | Type | Description |
---|---|---|
data |
string |
Runtime data are generated by the Trusted Execution Environment (TEE). For an SGX quote (Coffeelake or Icelake), the SHA256 hash of the RuntimeData must match the lower 32 bytes of the quote's "report data" attribute. For a SEV-SNP quote, the SHA256 hash of the RuntimeData must match the quote's "report data" attribute. |
dataType |
The type of data contained within the "data" field |