Table of Contents

Class CreateAttestationStatementResponse

Namespace
Yubico.YubiKey.Piv.Commands
Assembly
Yubico.YubiKey.dll

The response to the create attestation statement command, containing the cert created.

public sealed class CreateAttestationStatementResponse : PivResponse, IYubiKeyResponseWithData<X509Certificate2>, IYubiKeyResponse
Inheritance
object
CreateAttestationStatementResponse
Implements
IYubiKeyResponseWithData<X509Certificate2>
Inherited Members

Remarks

This is the partner Response class to CreateAttestationStatementCommand.

The data returned is an X509Certificate2 object. See the documentation for System.Security.Cryptography.X509Certificates.X509Certificate2 for information on examining information about the cert.

The public key in the certificate is the public key partner to the private key in the specified slot, and an extension in the certificate is the serial number of the YubiKey itself. Therefore, it is possible to attest that the specific private key was generated by the specific YubiKey.

Example:

using System.Security.Cryptography.X509Certificates;
IYubiKeyConnection connection = key.Connect(YubiKeyApplication.Piv);
var createAttestationStatementCommand = new CreateAttestationStatementCommand (0x9A);
CreateAttestationStatementResponse createAttestationStatementResponse =
    connection.SendCommand(createAttestationStatementCommand);
if (createAttestationStatementResponse.Status != ResponseStatus.Success)
{
  // Handle error
}
X509Certificate2 attestationStatement = createAttestationStatementResponse.GetData();

Constructors

CreateAttestationStatementResponse(ResponseApdu)

Constructs a CreateAttestationStatementResponse based on a ResponseApdu received from the YubiKey.

public CreateAttestationStatementResponse(ResponseApdu responseApdu)

Parameters

responseApdu ResponseApdu

The object containing the response APDU
returned by the YubiKey.

Methods

GetData()

Gets the attestation statement from the YubiKey response.

public X509Certificate2 GetData()

Returns

X509Certificate2

The X.509 cert in the response APDU, presented as a System.Security.Cryptography.X509Certificates.X509Certificate2.

Exceptions

InvalidOperationException

Thrown when Status is not Success.