Share via

@azure/attestation package

  • Reference

Classes

AttestationAdministrationClient

Attestation Client class.

The AttestationClient class enables access to the Attestation related APIs:

  • getPolicy
  • setPolicy
  • resetPolicy
  • getPolicyManagementCertificates
  • addPolicyManagementCertificate
  • removePolicyManagementCertificate
AttestationClient

Attestation Client class.

The AttestationClient class enables access to the Attestation related APIs:

  • getOpenIdMetadata
  • getAttestationSigners
  • attestSgxEnclave
  • attestOpenEnclave
  • attestTpm

Interfaces

AttestOpenEnclaveOptions

Optional parameters for the AttestOpenEnclave API.
AttestSgxEnclaveOptions

Optional parameters for the AttestSgxEnclave API.
AttestTpmOptions

Operation options for the AttestTpm API.
AttestationAdministrationClientOperationOptions

Operation options for the Attestation Administration Client operations.
AttestationAdministrationClientOptions

Attestation Client Construction Options.
AttestationAdministrationClientPolicyCertificateOperationOptions

Operation options for the Policy Certificates operations.
AttestationAdministrationClientPolicyOperationOptions

Operation options for the administration Policy operations.
AttestationClientOperationOptions

Operation options for the Attestation Client operations.
AttestationClientOptions

Attestation Client Construction Options.
AttestationPolicyToken

An AttestationPolicyToken represents an AttestationToken which holds an attestation policy document.

When the attestation service receives a set policy request, the payload of the set policy token contains a JSON Web Signature whose body contains the actual attestation policy document.

The AttestationPolicyToken represents this JWS object.
AttestationResponse

An AttestationResponse represents the response from the Microsoft Azure Attestation service. It has two properties:
AttestationResult

A Microsoft Azure Attestation response token body - the body of a response token issued by MAA
AttestationSgxCollateralInfo

Defines the contents of the sgxCollateral claim in an AttestationResult.
AttestationSigner

An AttestationSigner represents a signing certificate chain/Key ID combination returned by the attestation service.
AttestationToken

An AttestationToken represents an RFC 7515 JSON Web Signature object.

It can represent either the token returned by the attestation service, or it can be used to create a token locally which can be used to verify attestation policy changes.
AttestationTokenValidationOptions

Options used to validate attestation tokens.
PolicyCertificatesModificationResult

The result of a policy certificate modification
PolicyResult

The result of a policy certificate modification

Type Aliases

AttestationType

Defines values for AttestationType.
KnownAttestationType can be used interchangeably with AttestationType, this enum contains the known values that the service supports.

Known values supported by the service

SgxEnclave: Intel Software Guard eXtensions
OpenEnclave: OpenEnclave extensions to SGX
Tpm: Edge TPM Virtualization Based Security
CertificateModification

Defines values for CertificateModification.
KnownCertificateModification can be used interchangeably with CertificateModification, this enum contains the known values that the service supports.

Known values supported by the service

IsPresent: After the operation was performed, the certificate is in the set of certificates.
IsAbsent: After the operation was performed, the certificate is no longer present in the set of certificates.
PolicyModification

Defines values for PolicyModification.
KnownPolicyModification can be used interchangeably with PolicyModification, this enum contains the known values that the service supports.

Known values supported by the service

Updated: The specified policy object was updated.
Removed: The specified policy object was removed.

Enums

KnownAttestationType

Known values of AttestationType that the service accepts.
KnownCertificateModification

Known values of CertificateModification that the service accepts.
KnownPolicyModification

Known values of PolicyModification that the service accepts.

Functions

createAttestationPolicyToken(string, string, string)

Constructs an AttestationToken containing an Attestation Policy document.

Function Details

createAttestationPolicyToken(string, string, string)

Constructs an AttestationToken containing an Attestation Policy document.

function createAttestationPolicyToken(policy: string, privateKey?: string, certificate?: string): AttestationPolicyToken

Parameters

policy

string

Attestation policy to embed in the attestation token.

privateKey

string

optional private key used to sign the attestation token.

certificate

string

optional certificate used to verify the attestation token.

Returns

AttestationPolicyToken

Remarks

Note that if the attestation instance is running in Isolated mode, the privateKey and certificate are required. If the attestation instance is running in AAD mode, they are optional.