Share via


AttestationRequest Class

Definition

Represents the data sent to the Attestation Service for a call to the AttestOpenEnclave(AttestationRequest, CancellationToken) or AttestSgxEnclave(AttestationRequest, CancellationToken) APIs.

An Attestation Request has three elements:

  • Evidence: The attestation evidence generated from inside the target environment (often an Intel SGX or OpenEnclave enclave). The 'Evidence' is normally an SGX Quote, an OpenEnclave Report, or OpenEnclave Evidence.
  • InitTime Data: Data presented at the time that the target environment was initialized.
  • Runtime Data: Data presented at the time that the Evidence was created.

The "Evidence" MUST be provided in an Attest call, however both Runtime Data and InitTime data are optional.

public class AttestationRequest
type AttestationRequest = class
Public Class AttestationRequest
Inheritance
AttestationRequest

Constructors

AttestationRequest()

Initializes a new instance of the AttestationRequest class.

Properties

DraftPolicyForAttestation

Optional 'draft' policy for attestation. If this field is provided, then this policy document will be used for the attestation request. This allows a caller to test various policy documents against actual data before applying the policy document via the SetPolicy(AttestationType, String, AttestationTokenSigningKey, CancellationToken) API.

Evidence

The attestation evidence generated from inside the target environment (often an Intel SGX or OpenEnclave enclave). The 'Evidence' is normally an SGX Quote, an OpenEnclave Report, or OpenEnclave Evidence.

InittimeData

Initialization Data provided when the target environment was created.

Note that InitTime data is not supported on Azure DCsv2-Series virtual machines.

RuntimeData

Runtime Data provided when the Evidence was created.

Applies to