CreateAttestationStatementResponse Class
Namespace: Yubico.YubiKey.Piv.Commands Assembly: Yubico.YubiKey.dllThe response to the create attestation statement command, containing the cert created.
public sealed class CreateAttestationStatementResponse : PivResponse, IYubiKeyResponseWithData<X509Certificate2>, IYubiKeyResponse
Implements
Remarks
This is the partner Response class to CreateAttestationStatementCommand.
The data returned is an X509Certificate2
object. See the
documentation for
System.Security.Cryptography.X509Certificates.X509Certificate2
for
information on examining information about the cert.
The public key in the certificate is the public key partner to the private key in the specified slot, and an extension in the certificate is the serial number of the YubiKey itself. Therefore, it is possible to attest that the specific private key was generated by the specific YubiKey.
Example:
using System.Security.Cryptography.X509Certificates;
IYubiKeyConnection connection = key.Connect(YubiKeyApplication.Piv);
var createAttestationStatementCommand = new CreateAttestationStatementCommand (0x9A);
CreateAttestationStatementResponse createAttestationStatementResponse =
connection.SendCommand(createAttestationStatementCommand);
if (createAttestationStatementResponse.Status != ResponseStatus.Success)
{
// Handle error
}
X509Certificate2 attestationStatement = createAttestationStatementResponse.GetData();
Constructors
Name | Description |
---|---|
CreateAttestationStatementResponse(ResponseApdu) | Constructs a CreateAttestationStatementResponse based on a ResponseApdu received from the YubiKey. |
Methods
Name | Description |
---|---|
GetData() | Gets the attestation statement from the YubiKey response. |