Azure.Security.CodeTransparency Namespace
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Classes
| Name | Description |
|---|---|
| AzureSecurityCodeTransparencyContext |
Context class which will be filled in by the System.ClientModel.SourceGeneration. For more information https://github.com/Azure/azure-sdk-for-net/blob/main/sdk/core/System.ClientModel/src/docs/ModelReaderWriterContext.md |
| CborUtils |
Utility methods for reading simple string values from CBOR-encoded maps used within Signing Transparency receipts and responses. Methods are defensive: on invalid input, key absence, or unexpected CBOR shapes they return an empty string instead of throwing, allowing callers to decide whether absence is an error condition. |
| CcfReceipt |
CcfReceipt class which enables encoding, decoding and verification of receipts issued from the Signing Transparency Service. This class encapsulates the representation and the available operations of CBOR encoded CCF SCITT receipts. This is a reference implementation for a proposed draft IETF specification: https://datatracker.ietf.org/doc/draft-birkholz-scitt-receipts/03/ . |
| CcfReceiptVerifier |
CcfReceiptVerifier class contains the methods to verify the CCF SCITT receipt integrity and the inclusion in the Signing Transparency Service. The verification requires the receipt, the COSE_Sign1 envelope and the service certificate. The COSE_Sign1 envelope is the payload that was submitted to the Signing Transparency Service. The receipt is a cryptographic proof issued by the Signing Transparency Service after the successful submission of the signature. The service certificate is the public key of the Signing Transparency Service that was used to endorse the receipt. The receipt can also be embedded in the COSE_Sign1 envelope. |
| CodeTransparencyCertificateClient |
The client to fetch the service certificate for the use in TLS connection. Very similar to the one used in Azure.Security.ConfidentialLedger. Certificate responses get cached for a configured time. |
| CodeTransparencyClient |
The CodeTransparencyClient. |
| CodeTransparencyClientHostExtensions |
Extension methods to add CodeTransparencyClient to an IHostApplicationBuilder. |
| CodeTransparencyClientOptions |
These options are used in both the certificate client and the regular client. |
| CodeTransparencyClientSettings |
Represents the settings used to configure a CodeTransparencyClient that can be loaded from an IConfigurationSection. |
| CodeTransparencyModelFactory |
A factory class for creating instances of the models for mocking. |
| CodeTransparencyOfflineKeys |
A case-insensitive dictionary mapping ledger domains to their JWKS documents for offline verification. |
| CodeTransparencyVerificationOptions |
Options controlling VerifyTransparentStatement(Byte[], CodeTransparencyVerificationOptions, CodeTransparencyClientOptions). |
| JsonWebKey |
rfc7517 JSON Web Key representation adapted from a shared swagger definition in the common types. |
| JwksDocument |
A JWKS like document. |
| ServiceIdentityResult |
Response from the identity service containing the TLS cert. |
Enums
| Name | Description |
|---|---|
| AuthorizedReceiptBehavior |
Specifies how receipts whose issuer domains ARE in the authorized list should be enforced. |
| CodeTransparencyClientOptions.ServiceVersion |
The version of the service to use. |
| CodeTransparencyOperationStatus |
Represents the status of an operation in CTS. |
| OfflineKeysBehavior |
Specifies behaviors for the use of offline keys contained in OfflineKeys. |
| UnauthorizedReceiptBehavior |
Specifies behaviors for receipts whose issuer domains are not contained in AuthorizedDomains. |