CreateAttestationStatementResponse Class
Namespace: Yubico.YubiKey.Piv.Commands Assembly: Yubico.YubiKey.dllThe response to the create attestation statement command, containing the cert created.
public sealed class CreateAttestationStatementResponse : PivResponse, IYubiKeyResponseWithData<X509Certificate2>, IYubiKeyResponseImplements
Remarks
This is the partner Response class to CreateAttestationStatementCommand.
The data returned is an X509Certificate2 object. See the
documentation for
System.Security.Cryptography.X509Certificates.X509Certificate2 for
information on examining information about the cert.
The public key in the certificate is the public key partner to the private key in the specified slot, and an extension in the certificate is the serial number of the YubiKey itself. Therefore, it is possible to attest that the specific private key was generated by the specific YubiKey.
Example:
using System.Security.Cryptography.X509Certificates;
IYubiKeyConnection connection = key.Connect(YubiKeyApplication.Piv);
var createAttestationStatementCommand = new CreateAttestationStatementCommand (0x9A);
CreateAttestationStatementResponse createAttestationStatementResponse =
connection.SendCommand(createAttestationStatementCommand);
if (createAttestationStatementResponse.Status != ResponseStatus.Success)
{
// Handle error
}
X509Certificate2 attestationStatement = createAttestationStatementResponse.GetData();Constructors
| Name | Description |
|---|---|
| CreateAttestationStatementResponse(ResponseApdu) | Constructs a CreateAttestationStatementResponse based on a ResponseApdu received from the YubiKey. |
Methods
| Name | Description |
|---|---|
| GetData() | Gets the attestation statement from the YubiKey response. |