azure-security-attestation
attestation_administration_client.hpp
1 // Copyright (c) Microsoft Corporation. All rights reserved.
2 // SPDX-License-Identifier: MIT
3 
4 #pragma once
5 
6 #include "azure/attestation/attestation_client_models.hpp"
7 #include "azure/attestation/attestation_client_options.hpp"
8 #include <azure/core/context.hpp>
9 #include <azure/core/url.hpp>
10 #include <string>
11 
12 namespace Azure { namespace Core { namespace Http { namespace _internal {
13  class HttpPipeline;
14 }}}} // namespace Azure::Core::Http::_internal
15 
16 namespace Azure { namespace Security { namespace Attestation {
17 
46  class AttestationAdministrationClient final {
47 
48  public:
57  static AttestationAdministrationClient Create(
58  std::string const& endpoint,
59  std::shared_ptr<Core::Credentials::TokenCredential const> credential,
60  AttestationAdministrationClientOptions const& options
61  = AttestationAdministrationClientOptions{},
62  Azure::Core::Context const& context = Azure::Core::Context{});
63 
70  AttestationAdministrationClient(AttestationAdministrationClient const& attestationClient)
71  : m_endpoint(attestationClient.m_endpoint), m_apiVersion(attestationClient.m_apiVersion),
72  m_pipeline(attestationClient.m_pipeline),
73  m_tokenValidationOptions(attestationClient.m_tokenValidationOptions),
74  m_attestationSigners(attestationClient.m_attestationSigners){};
75 
80  virtual ~AttestationAdministrationClient() = default;
81 
87  std::string const Endpoint() const { return m_endpoint.GetAbsoluteUrl(); }
88 
99  Response<Models::AttestationToken<std::string>> GetAttestationPolicy(
100  Models::AttestationType const& attestationType,
101  GetPolicyOptions const& options = GetPolicyOptions{},
102  Azure::Core::Context const& context = Azure::Core::Context{}) const;
103 
132  Response<Models::AttestationToken<Models::PolicyResult>> SetAttestationPolicy(
133  Models::AttestationType const& attestationType,
134  std::string const& policyToSet,
135  SetPolicyOptions const& options = SetPolicyOptions{},
136  Azure::Core::Context const& context = Azure::Core::Context{}) const;
137 
148  Response<Models::AttestationToken<Models::PolicyResult>> ResetAttestationPolicy(
149  Models::AttestationType const& attestationType,
150  SetPolicyOptions const& options = SetPolicyOptions{},
151  Azure::Core::Context const& context = Azure::Core::Context{}) const;
152 
177  Models::AttestationToken<void> CreateAttestationPolicyToken(
178  Azure::Nullable<std::string> const& policyToSet,
179  Azure::Nullable<AttestationSigningKey> const& signingKey = {}) const;
180 
196  Response<Models::AttestationToken<Models::IsolatedModeCertificateListResult>>
197  GetIsolatedModeCertificates(
198  GetIsolatedModeCertificatesOptions const& options = GetIsolatedModeCertificatesOptions{},
199  Azure::Core::Context const& context = Azure::Core::Context{}) const;
200 
220  Response<Models::AttestationToken<Models::IsolatedModeCertificateModificationResult>>
221  AddIsolatedModeCertificate(
222  std::string const& pemEncodedCertificateToAdd,
223  AttestationSigningKey const& signerForRequest,
224  AddIsolatedModeCertificateOptions const& options = AddIsolatedModeCertificateOptions{},
225  Azure::Core::Context const& context = Azure::Core::Context{}) const;
226 
247  Response<Models::AttestationToken<Models::IsolatedModeCertificateModificationResult>>
248  RemoveIsolatedModeCertificate(
249  std::string const& pemEncodedCertificateToAdd,
250  AttestationSigningKey const& signerForRequest,
251  RemoveIsolatedModeCertificateOptions const& options
252  = RemoveIsolatedModeCertificateOptions{},
253  Azure::Core::Context const& context = Azure::Core::Context{}) const;
254 
255  private:
256  Azure::Core::Url m_endpoint;
257  std::string m_apiVersion;
258  std::shared_ptr<Azure::Core::Credentials::TokenCredential const> m_credentials;
259  std::shared_ptr<Azure::Core::Http::_internal::HttpPipeline> m_pipeline;
260  AttestationTokenValidationOptions m_tokenValidationOptions;
261 
262  std::vector<Models::AttestationSigner> m_attestationSigners;
263 
271  explicit AttestationAdministrationClient(
272  std::string const& endpoint,
273  std::shared_ptr<Core::Credentials::TokenCredential const> credential,
274  AttestationAdministrationClientOptions const& options
275  = AttestationAdministrationClientOptions{});
276 
277  std::string CreateIsolatedModeModificationToken(
278  std::string const& pemEncodedX509CertificateToAdd,
279  AttestationSigningKey const& existingSigningKey) const;
280 
281  Models::AttestationToken<Models::IsolatedModeCertificateModificationResult>
282  ProcessIsolatedModeModificationResult(
283  std::unique_ptr<Azure::Core::Http::RawResponse> const& serverResponse,
284  AttestationTokenValidationOptions const& tokenValidationOptions) const;
285 
295  void RetrieveResponseValidationCollateral(
296  Azure::Core::Context const& context = Azure::Core::Context{});
297  };
298 }}} // namespace Azure::Security::Attestation
Azure::Security::Attestation::AttestationAdministrationClient::RemoveIsolatedModeCertificate
Response< Models::AttestationToken< Models::IsolatedModeCertificateModificationResult > > RemoveIsolatedModeCertificate(std::string const &pemEncodedCertificateToAdd, AttestationSigningKey const &signerForRequest, RemoveIsolatedModeCertificateOptions const &options=RemoveIsolatedModeCertificateOptions{}, Azure::Core::Context const &context=Azure::Core::Context{}) const
Removes a certificate from the list of policy management certificates for the instance.
Definition: attestation_administration_client.cpp:435
Azure::Security::Attestation::AttestationAdministrationClient::Endpoint
std::string const Endpoint() const
Returns the Endpoint which the client is communicating with.
Definition: attestation_administration_client.hpp:87
attestation_client_models.hpp
Defines the Azure Attestation API types.
Azure::Security::Attestation::AttestationAdministrationClient::SetAttestationPolicy
Response< Models::AttestationToken< Models::PolicyResult > > SetAttestationPolicy(Models::AttestationType const &attestationType, std::string const &policyToSet, SetPolicyOptions const &options=SetPolicyOptions{}, Azure::Core::Context const &context=Azure::Core::Context{}) const
Sets the attestation policy for the specified AttestationType.
Definition: attestation_administration_client.cpp:160
Azure::Security::Attestation::AttestationAdministrationClient
The AttestationAdministrationClient implements the functionality required by the "Administration" fam...
Definition: attestation_administration_client.hpp:46
Azure::Security::Attestation::AttestationAdministrationClient::AddIsolatedModeCertificate
Response< Models::AttestationToken< Models::IsolatedModeCertificateModificationResult > > AddIsolatedModeCertificate(std::string const &pemEncodedCertificateToAdd, AttestationSigningKey const &signerForRequest, AddIsolatedModeCertificateOptions const &options=AddIsolatedModeCertificateOptions{}, Azure::Core::Context const &context=Azure::Core::Context{}) const
Adds a new certificate to the list of policy management certificates.
Definition: attestation_administration_client.cpp:409
Azure::Security::Attestation::AttestationAdministrationClient::GetIsolatedModeCertificates
Response< Models::AttestationToken< Models::IsolatedModeCertificateListResult > > GetIsolatedModeCertificates(GetIsolatedModeCertificatesOptions const &options=GetIsolatedModeCertificatesOptions{}, Azure::Core::Context const &context=Azure::Core::Context{}) const
Retrieves the list of isolated mode management certificates.
Definition: attestation_administration_client.cpp:294
Azure::Security::Attestation::AttestationAdministrationClient::ResetAttestationPolicy
Response< Models::AttestationToken< Models::PolicyResult > > ResetAttestationPolicy(Models::AttestationType const &attestationType, SetPolicyOptions const &options=SetPolicyOptions{}, Azure::Core::Context const &context=Azure::Core::Context{}) const
Resets the attestation policy for the specified AttestationType to its default.
Definition: attestation_administration_client.cpp:225
Azure::Security::Attestation::AttestationAdministrationClient::CreateAttestationPolicyToken
Models::AttestationToken< void > CreateAttestationPolicyToken(Azure::Nullable< std::string > const &policyToSet, Azure::Nullable< AttestationSigningKey > const &signingKey={}) const
Returns an Attestation Token object which would be sent to the attestation service to set or reset an...
Definition: attestation_administration_client.cpp:138
Azure::Security::Attestation::AttestationAdministrationClient::AttestationAdministrationClient
AttestationAdministrationClient(AttestationAdministrationClient const &attestationClient)
Construct a new Attestation Administration Client object from another attestation administration clie...
Definition: attestation_administration_client.hpp:70
Azure
Azure SDK abstractions.
Definition: attestation_administration_client.hpp:12
Azure::Security::Attestation::GetPolicyOptions
Parameters sent to the attestation service when retrieving an attestation policy.
Definition: attestation_client_options.hpp:325
attestation_client_options.hpp
Defines the supported options to create a Attestation clients.
Azure::Security::Attestation::AttestationAdministrationClient::~AttestationAdministrationClient
virtual ~AttestationAdministrationClient()=default
Destructor.
Azure::Security::Attestation::AttestationAdministrationClient::GetAttestationPolicy
Response< Models::AttestationToken< std::string > > GetAttestationPolicy(Models::AttestationType const &attestationType, GetPolicyOptions const &options=GetPolicyOptions{}, Azure::Core::Context const &context=Azure::Core::Context{}) const
Retrieves an Attestation Policy from the service.
Definition: attestation_administration_client.cpp:84
Azure::Security::Attestation::AttestationAdministrationClientOptions
Define the options to create an Attestation Administration client.
Definition: attestation_client_options.hpp:145
Azure::Security::Attestation::Models::AttestationType
The AttestationType type represent a Trusted Execution Environment supported by the attestation servi...
Definition: attestation_client_models.hpp:33
Azure::Security::Attestation::AttestationAdministrationClient::Create
static AttestationAdministrationClient Create(std::string const &endpoint, std::shared_ptr< Core::Credentials::TokenCredential const > credential, AttestationAdministrationClientOptions const &options=AttestationAdministrationClientOptions{}, Azure::Core::Context const &context=Azure::Core::Context{})
Construct a new Attestation Administration Client object.
Definition: attestation_administration_client.cpp:68
Generated by   doxygen 1.8.18