Class AttestationObject
Represents a FIDO2 attestation object, which contains attestation format, authenticator data, and attestation statement.
public class AttestationObject : ICborEncode- Inheritance
-
objectAttestationObject
- Implements
Remarks
An attestation object is returned by the authenticator during credential creation (MakeCredential). It contains the attestation format identifier, authenticator data, and a typed attestation statement.
The CBOR structure is defined in CTAP 2.1 section 6.1.2 as:
map {
1: fmt (text string) // Attestation statement format identifier
2: authData (byte string) // Authenticator data
3: attStmt (map) // Attestation statement (format-specific)
}Constructors
AttestationObject(ReadOnlyMemory<byte>)
Constructs a new instance of AttestationObject from CBOR-encoded bytes.
public AttestationObject(ReadOnlyMemory<byte> cborEncoding)Parameters
cborEncodingReadOnlyMemory<byte>The CBOR encoding of the attestation object.
Remarks
Use this overload when you do not need to know how many bytes were consumed.
For sequential parsing of multiple CBOR objects from a shared buffer, use the overload
with out int bytesRead.
Exceptions
- Ctap2DataException
The cborEncoding is not a well-formed attestation object.
AttestationObject(ReadOnlyMemory<byte>, out int)
Constructs a new instance of AttestationObject from CBOR-encoded bytes.
public AttestationObject(ReadOnlyMemory<byte> cborEncoding, out int bytesRead)Parameters
cborEncodingReadOnlyMemory<byte>The CBOR encoding of the attestation object.
bytesReadintReturns the number of bytes read from the encoding.
Remarks
This constructor decodes an attestation object from CBOR encoding following the CTAP 2.1 specification (section 6.1.2).
The Statement property is populated with a format-specific statement type for statement formats parsed by this SDK. Unknown or malformed formats are represented by UnknownAttestationStatement, preserving the raw bytes via EncodedAttestationStatement.
Exceptions
- Ctap2DataException
The cborEncoding is not a well-formed attestation object.
Properties
AuthenticatorData
The authenticator data, which includes the relying party ID hash, flags, signature counter, and optionally the attested credential data.
public AuthenticatorData AuthenticatorData { get; }Property Value
Encoded
The CBOR encoding of the entire attestation object.
public ReadOnlyMemory<byte> Encoded { get; }Property Value
- ReadOnlyMemory<byte>
Remarks
This includes the format identifier, authenticator data, and full attestation statement.
EncodedAttestationStatement
The raw CBOR encoding of the full attestation statement map
(attStmt, key 3 in the attestation object).
public ReadOnlyMemory<byte> EncodedAttestationStatement { get; }Property Value
- ReadOnlyMemory<byte>
Format
The attestation statement format identifier (e.g., "packed", "tpm", "android-key"). See AttestationFormats for standard format identifiers.
public string Format { get; }Property Value
- string
Statement
The format-specific attestation statement.
public AttestationStatement Statement { get; }Property Value
Methods
CborEncode()
Return a new byte array that is the object encoded following the FIDO2/CBOR standard.
public byte[] CborEncode()Returns
- byte[]
The encoded construct.
Exceptions
- InvalidOperationException
The object contains no data.