Share via

AttestationResult interface

  • Reference
Package:
@azure/attestation

A Microsoft Azure Attestation response token body - the body of a response token issued by MAA

Properties

enclaveHeldData

Returns the value of the runtime_data field specified as an input to the attestSgxEnclave or attestOpenEnclave API.
initTimeClaims

Returns the initialization time claims in the token. This value will match the input initTimeJson property to the attestSgxEnclave or attestOpenEnclave API.
isDebuggable

True if the enclave is debuggable, false otherwise. Only valid if verifierType is SGX.
issuer

Returns the issuer of the attestation token. MUST be the same as the endpoint used when constructing the attestation client instance.
mrEnclave

The HEX encoded SGX MRENCLAVE value for the enclave. Only valid if the verifierType field is "SGX"
mrSigner

The HEX encoded SGX MRSIGNER value for the enclave. Only valid if the verifierType field is "SGX"
nonce

Returns the "nonce" value if one was specified in the Attest request.
policyClaims

Returns the set of claims generated by the attestation policy on the instance.
policyHash

The base64url encoded SHA256 hash of the BASE64URL encoded policy text used for attestation.
policySigner

The certificate used to sign the policy object, if specified.
productId

The SGX Product ID for the enclave. Only valid if the verifierType field is "SGX"
runTimeClaims

Returns the runtime claims in the token.

This value will match the input runTimeJson property to the attestSgxEnclave or attestOpenEnclave API.
sgxCollateral

Returns a set of information describing the complete set of inputs to the Attestation validation logic.

See the Intel SGX documentation for more information on quote validation.
svn

The SGX SVN value for the enclave. Only valid if the verifierType field is "SGX"
uniqueId

Unique Identifier for the token.

Corresponds to the 'jti' claim defined in RFC 7519 section 4.1.7
verifierType

Returns the verifier which generated this attestation token. Normally one of: "SGX" or "TPM", but others can be specified.
version

The Schema version of this structure. Current Value: 1.0

Property Details

enclaveHeldData

Returns the value of the runtime_data field specified as an input to the attestSgxEnclave or attestOpenEnclave API.

enclaveHeldData?: Uint8Array

Property Value

Uint8Array

Remarks

The enclaveHeldData property will only be populated if the runtimeData parameter to the Attest API is specified.

initTimeClaims

Returns the initialization time claims in the token. This value will match the input initTimeJson property to the attestSgxEnclave or attestOpenEnclave API.

initTimeClaims: unknown

Property Value

unknown

Remarks

The initTimeClaims property will only be populated if the initTimeJson parameter to the Attest API is specified. It will not be populated if the initTimeData parameter is specified.

isDebuggable

True if the enclave is debuggable, false otherwise. Only valid if verifierType is SGX.

isDebuggable?: boolean

Property Value

boolean

issuer

Returns the issuer of the attestation token. MUST be the same as the endpoint used when constructing the attestation client instance.

issuer: string

Property Value

string

mrEnclave

The HEX encoded SGX MRENCLAVE value for the enclave. Only valid if the verifierType field is "SGX"

mrEnclave?: string

Property Value

string

mrSigner

The HEX encoded SGX MRSIGNER value for the enclave. Only valid if the verifierType field is "SGX"

mrSigner?: string

Property Value

string

nonce

Returns the "nonce" value if one was specified in the Attest request.

nonce?: string

Property Value

string

policyClaims

Returns the set of claims generated by the attestation policy on the instance.

policyClaims: unknown

Property Value

unknown

policyHash

The base64url encoded SHA256 hash of the BASE64URL encoded policy text used for attestation.

policyHash: Uint8Array

Property Value

Uint8Array

policySigner

The certificate used to sign the policy object, if specified.

policySigner?: AttestationSigner

Property Value

AttestationSigner

productId

The SGX Product ID for the enclave. Only valid if the verifierType field is "SGX"

productId?: number

Property Value

number

runTimeClaims

Returns the runtime claims in the token.

This value will match the input runTimeJson property to the attestSgxEnclave or attestOpenEnclave API.

runTimeClaims: unknown

Property Value

unknown

Remarks

The runtimeClaims property will only be populated if the runtimeJson parameter to the Attest API is specified. It will not be populated if the runtimeData parameter is specified.

sgxCollateral

Returns a set of information describing the complete set of inputs to the Attestation validation logic.

See the Intel SGX documentation for more information on quote validation.

sgxCollateral?: AttestationSgxCollateralInfo

Property Value

AttestationSgxCollateralInfo

svn

The SGX SVN value for the enclave. Only valid if the verifierType field is "SGX"

svn?: number

Property Value

number

uniqueId

Unique Identifier for the token.

Corresponds to the 'jti' claim defined in RFC 7519 section 4.1.7

uniqueId: string

Property Value

string

verifierType

Returns the verifier which generated this attestation token. Normally one of: "SGX" or "TPM", but others can be specified.

verifierType: string

Property Value

string

version

The Schema version of this structure. Current Value: 1.0

version: string

Property Value

string