Show / Hide Table of Contents

CreateAttestationStatementResponse Class

Namespace: Yubico.YubiKey.Piv.Commands Assembly: Yubico.YubiKey.dll

The response to the create attestation statement command, containing the cert created.

C#
public sealed class CreateAttestationStatementResponse : PivResponse, IYubiKeyResponseWithData<X509Certificate2>, IYubiKeyResponse
Inheritance object YubiKeyResponse PivResponse CreateAttestationStatementResponse
Implements
IYubiKeyResponseWithData<X509Certificate2>
IYubiKeyResponse

Remarks

This is the partner Response class to CreateAttestationStatementCommand.

The data returned is an X509Certificate2 object. See the documentation for System.Security.Cryptography.X509Certificates.X509Certificate2 for information on examining information about the cert.

The public key in the certificate is the public key partner to the private key in the specified slot, and an extension in the certificate is the serial number of the YubiKey itself. Therefore, it is possible to attest that the specific private key was generated by the specific YubiKey.

Example:

using System.Security.Cryptography.X509Certificates;
IYubiKeyConnection connection = key.Connect(YubiKeyApplication.Piv);
var createAttestationStatementCommand = new CreateAttestationStatementCommand (0x9A);
CreateAttestationStatementResponse createAttestationStatementResponse =
    connection.SendCommand(createAttestationStatementCommand);
if (createAttestationStatementResponse.Status != ResponseStatus.Success)
{
  // Handle error
}
X509Certificate2 attestationStatement = createAttestationStatementResponse.GetData();

Constructors

Name Description
CreateAttestationStatementResponse(ResponseApdu)

Constructs a CreateAttestationStatementResponse based on a ResponseApdu received from the YubiKey.

Methods

Name Description
GetData()

Gets the attestation statement from the YubiKey response.

In this article
Back to top Generated by DocFX