AttestationClient | @azure/attestation

Attestation Client class.

The AttestationClient class enables access to the Attestation related APIs:

getOpenIdMetadata
getAttestationSigners
attestSgxEnclave
attestOpenEnclave
attestTpm

Hierarchy

AttestationClient

Index

Constructors

constructor

Properties

policyCertificates

Methods

Constructors

constructor

new AttestationClient(credentials: TokenCredential, instanceUrl: string, options?: AttestationClientOptions): AttestationClient

- Defined in mnt/vss/_work/1/s/sdk/attestation/attestation/src/attestationClient.ts:115
Creates an instance of AttestationClient.

Example usage:
```
import { AttestationClient } from "@azure/attestation";

const client = new AttestationClient(
   "<service endpoint>",
   new TokenCredential("<>")
);
```
Parameters
- credentials: TokenCredential
- instanceUrl: string
  
  The attestation instance base URI, for example https://mytenant.attest.azure.net.
- Default value options: AttestationClientOptions = {}
  
  Used to configure the Attestation Client.
Returns AttestationClient

Properties

policyCertificates

policyCertificates: PolicyCertificates

Legacy property to access policy certificate management APIs.

Will be removed.

Methods

attestOpenEnclave

attestOpenEnclave(report: Uint8Array, options?: AttestOpenEnclaveOptions): Promise<AttestationResponse<AttestationResult>>

- Defined in mnt/vss/_work/1/s/sdk/attestation/attestation/src/attestationClient.ts:184
Attests an OpenEnclave report generated from an SGX Enclave using the OpenEnclave SDK.

Parameters
- report: Uint8Array
  
  An OpenEnclave report generated by an SGX enclave.
- Default value options: AttestOpenEnclaveOptions = {}
  
  Operation options for the attestOpenEnclave API call.
Returns Promise<AttestationResponse<AttestationResult>>

Returns an AttestationResponse whose body is an AttestationResult describing the claims returned by the attestation service.

attestSgxEnclave

attestSgxEnclave(quote: Uint8Array, options?: AttestSgxEnclaveOptions): Promise<AttestationResponse<AttestationResult>>

- Defined in mnt/vss/_work/1/s/sdk/attestation/attestation/src/attestationClient.ts:241
Attests a quote generated from SGX Enclave using the Intel SDK.

Parameters
- quote: Uint8Array
  
  An SGX quote generated by an SGX enclave.
- Default value options: AttestSgxEnclaveOptions = {}
  
  Operation options for the attestOpenEnclave API call.
Returns Promise<AttestationResponse<AttestationResult>>

Returns an AttestationResponse whose body is an AttestationResult describing the claims returned by the attestation service.

attestTpm

attestTpm(request: string, options?: AttestTpmOptions): Promise<string>

- Defined in mnt/vss/_work/1/s/sdk/attestation/attestation/src/attestationClient.ts:313
Attest a TPM based enclave.

See the TPM Attestation Protocol Reference for more information.
remarks

The incoming requests to the TPM attestation API are stringified JSON objects.

example
For example, the initial call for a TPM attestation operation is:
```
const encodedPayload = JSON.stringify({ payload: { type: "aikcert" } });
const result = await client.attestTpm(encodedPayload);
```
where stringToBytes converts the string to UTF8.
Parameters
- request: string
  
  Incoming request to send to the TPM attestation service, Utf8 encoded.
- Default value options: AttestTpmOptions = {}
  
  Pipeline options for TPM attestation request.
Returns Promise<string>

A structure containing the response from the TPM attestation, Utf8 encoded.

getAttestationSigners

getAttestationSigners(options?: AttestationClientOperationOptions): Promise<AttestationSigner[]>

- Defined in mnt/vss/_work/1/s/sdk/attestation/attestation/src/attestationClient.ts:340
Returns the list of attestation signers which can be used to sign attestation service tokens.

Parameters
- Default value options: AttestationClientOperationOptions = {}
  
  Client operation options.
Returns Promise<AttestationSigner[]>

the set of AttestationSigners which may be used to sign attestation tokens.

getOpenIdMetadata

getOpenIdMetadata(options?: AttestationClientOperationOptions): Promise<any>

- Defined in mnt/vss/_work/1/s/sdk/attestation/attestation/src/attestationClient.ts:364
Returns the OpenID Metadata discovery document for the attestation service instance.

Parameters
- Default value options: AttestationClientOperationOptions = {}
  
  Client operation options.
Returns Promise<any>

The OpenID metadata discovery document for the attestation service.

Hierarchy

Index

Constructors

Properties

Methods

Constructors

constructor

Parameters

credentials: TokenCredential

instanceUrl: string

Default value options: AttestationClientOptions = {}

Returns AttestationClient

Properties

policyCertificates

Methods

attestOpenEnclave

Parameters

report: Uint8Array

Default value options: AttestOpenEnclaveOptions = {}

Returns Promise<AttestationResponse<AttestationResult>>

attestSgxEnclave

Parameters

quote: Uint8Array

Default value options: AttestSgxEnclaveOptions = {}

Returns Promise<AttestationResponse<AttestationResult>>

attestTpm

Parameters

request: string

Default value options: AttestTpmOptions = {}

Returns Promise<string>

getAttestationSigners

Parameters

Default value options: AttestationClientOperationOptions = {}

Returns Promise<AttestationSigner[]>

getOpenIdMetadata

Parameters

Default value options: AttestationClientOperationOptions = {}

Returns Promise<any>