|
The AttestationTokenValidationOptions represents a set of options which control how attestation tokens are validated.
#include <attestation_client_options.hpp>
Public Attributes | |
bool | ValidateToken {true} |
Controls whether attestation tokens are validated at all. More... | |
bool | ValidateSigner {true} |
Controls whether the signature for the attestation token should be validated. More... | |
bool | ValidateExpirationTime {true} |
Controls whether the attestation token expiration time is checked. More... | |
bool | ValidateNotBeforeTime {true} |
Controls whether or not the attestation token start time is checked. More... | |
bool | ValidateIssuer {false} |
Controls whether the issuer of the attestation token is checked. More... | |
std::string | ExpectedIssuer |
The expected issuer for this attestation token. More... | |
std::chrono::seconds | TimeValidationSlack {0} |
The slack used when comparing two time elements. | |
TokenValidationCallbackFn | ValidationCallback |
The TokenValidationCallback specifies a callback function which can perform additional token validation actions. More... | |
std::string Azure::Security::Attestation::AttestationTokenValidationOptions::ExpectedIssuer |
Ignored unless AttestationTokenValidationOptions::ValidateIssuer is true.
bool Azure::Security::Attestation::AttestationTokenValidationOptions::ValidateExpirationTime {true} |
Default value: true.
bool Azure::Security::Attestation::AttestationTokenValidationOptions::ValidateIssuer {false} |
Default value: false.
bool Azure::Security::Attestation::AttestationTokenValidationOptions::ValidateNotBeforeTime {true} |
Default value: true.
bool Azure::Security::Attestation::AttestationTokenValidationOptions::ValidateSigner {true} |
Default Value: true:
bool Azure::Security::Attestation::AttestationTokenValidationOptions::ValidateToken {true} |
Default value: true.
TokenValidationCallbackFn Azure::Security::Attestation::AttestationTokenValidationOptions::ValidationCallback |
This callback is called to allow the client to perform additional validations of the attestation token beyond those normally performed by the attestation service.
Possible additional validations include validating the attestation token certificate with the oe_verify_attestation_certificate API, verifying that the certificate issuer matches the expected certificate issuer, etc.