Class CreateAttestationStatementResponse

Namespace: Yubico.YubiKey.Piv.Commands

Assembly: Yubico.YubiKey.dll

The response to the create attestation statement command, containing the cert created.

public sealed class CreateAttestationStatementResponse : PivResponse, IYubiKeyResponseWithData<X509Certificate2>, IYubiKeyResponse

Inheritance: object

YubiKeyResponse

PivResponse

CreateAttestationStatementResponse

Implements: IYubiKeyResponseWithData<X509Certificate2>

IYubiKeyResponse

Inherited Members: YubiKeyResponse.Status

YubiKeyResponse.StatusWord

YubiKeyResponse.StatusMessage

YubiKeyResponse.ToString()

Remarks

This is the partner Response class to CreateAttestationStatementCommand.

The data returned is an X509Certificate2 object. See the documentation for System.Security.Cryptography.X509Certificates.X509Certificate2 for information on examining information about the cert.

The public key in the certificate is the public key partner to the private key in the specified slot, and an extension in the certificate is the serial number of the YubiKey itself. Therefore, it is possible to attest that the specific private key was generated by the specific YubiKey.

Example:

using System.Security.Cryptography.X509Certificates;
IYubiKeyConnection connection = key.Connect(YubiKeyApplication.Piv);
var createAttestationStatementCommand = new CreateAttestationStatementCommand (0x9A);
CreateAttestationStatementResponse createAttestationStatementResponse =
    connection.SendCommand(createAttestationStatementCommand);
if (createAttestationStatementResponse.Status != ResponseStatus.Success)
{
  // Handle error
}
X509Certificate2 attestationStatement = createAttestationStatementResponse.GetData();

Constructors

CreateAttestationStatementResponse(ResponseApdu)

Constructs a CreateAttestationStatementResponse based on a ResponseApdu received from the YubiKey.

public CreateAttestationStatementResponse(ResponseApdu responseApdu)

Parameters

responseApdu ResponseApdu: The object containing the response APDU
returned by the YubiKey.

Methods

GetData()

Gets the attestation statement from the YubiKey response.

public X509Certificate2 GetData()

Returns

X509Certificate2: The X.509 cert in the response APDU, presented as a System.Security.Cryptography.X509Certificates.X509Certificate2.

Exceptions

InvalidOperationException: Thrown when Status is not Success.

Table of Contents