azure-docs-sdk-java/docs-ref-autogen/com.azure.security.attestat...

182 строки
32 KiB
YAML
Исходник Обычный вид История

### YamlMime:JavaType
uid: "com.azure.security.attestation.AttestationAsyncClient"
fullName: "com.azure.security.attestation.AttestationAsyncClient"
name: "AttestationAsyncClient"
nameWithType: "AttestationAsyncClient"
summary: "The Attestation<wbr>Async<wbr>Client implements the functionality required by the \"Attest\" family of APIs."
inheritances:
- "<xref href=\"java.lang.Object?displayProperty=fullName\" data-throw-if-not-resolved=\"False\" />"
inheritedClassMethods:
- classRef: "java.lang.<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html\">Object</a>"
methodsRef:
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#clone--\">clone</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#equals-java.lang.Object-\">equals</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#finalize--\">finalize</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#getClass--\">getClass</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#hashCode--\">hashCode</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#notify--\">notify</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#notifyAll--\">notifyAll</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#toString--\">toString</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#wait--\">wait</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#wait-long-\">wait</a>"
- "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#wait-long-int-\">wait</a>"
syntax: "public final class **AttestationAsyncClient**"
methods:
- uid: "com.azure.security.attestation.AttestationAsyncClient.attestOpenEnclave(com.azure.core.util.BinaryData)"
fullName: "com.azure.security.attestation.AttestationAsyncClient.attestOpenEnclave(BinaryData report)"
name: "attestOpenEnclave(BinaryData report)"
nameWithType: "AttestationAsyncClient.attestOpenEnclave(BinaryData report)"
summary: "Attest an Open<wbr>Enclave report."
parameters:
- description: "- OpenEnclave report to attest."
name: "report"
type: "<xref href=\"com.azure.core.util.BinaryData?alt=com.azure.core.util.BinaryData&text=BinaryData\" data-throw-if-not-resolved=\"False\" />"
syntax: "public Mono<AttestationResult> attestOpenEnclave(BinaryData report)"
desc: "Attest an OpenEnclave report.\n\nThis method is a convenience method which attests evidence from an OpenEnclave enclave with no `RuntimeData` or `InitTimeData`.\n\nThe `report` is generated via the [``oe\\_get\\_report\\}][oe_get_report].\n\nIt returns an <xref uid=\"com.azure.security.attestation.models.AttestationResult\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationResult\"></xref> containing the claims emitted by the attestation service.\n\n```java\nMono<AttestationResult> resultWithReport = client.attestOpenEnclave(openEnclaveReport);\n```\n\n\n[oe_get_report]: https://openenclave.github.io/openenclave/api/enclave_8h_aefcb89c91a9078d595e255bd7901ac71.html"
returns:
description: "the result of an attestation operation."
type: "<a href=\"https://projectreactor.io/docs/core/release/api/reactor/core/publisher/Mono.html\">Mono</a>&lt;<xref href=\"com.azure.security.attestation.models.AttestationResult?alt=com.azure.security.attestation.models.AttestationResult&text=AttestationResult\" data-throw-if-not-resolved=\"False\" />&gt;"
- uid: "com.azure.security.attestation.AttestationAsyncClient.attestOpenEnclave(com.azure.security.attestation.models.AttestationOptions)"
fullName: "com.azure.security.attestation.AttestationAsyncClient.attestOpenEnclave(AttestationOptions options)"
name: "attestOpenEnclave(AttestationOptions options)"
nameWithType: "AttestationAsyncClient.attestOpenEnclave(AttestationOptions options)"
summary: "Processes an Open<wbr>Enclave report , producing an artifact."
parameters:
- description: "Attestation options for Intel SGX enclaves."
name: "options"
type: "<xref href=\"com.azure.security.attestation.models.AttestationOptions?alt=com.azure.security.attestation.models.AttestationOptions&text=AttestationOptions\" data-throw-if-not-resolved=\"False\" />"
syntax: "public Mono<AttestationResult> attestOpenEnclave(AttestationOptions options)"
desc: "Processes an OpenEnclave report , producing an artifact. The type of artifact produced is dependent upon attestation policy."
returns:
description: "the result of an attestation operation."
type: "<a href=\"https://projectreactor.io/docs/core/release/api/reactor/core/publisher/Mono.html\">Mono</a>&lt;<xref href=\"com.azure.security.attestation.models.AttestationResult?alt=com.azure.security.attestation.models.AttestationResult&text=AttestationResult\" data-throw-if-not-resolved=\"False\" />&gt;"
- uid: "com.azure.security.attestation.AttestationAsyncClient.attestOpenEnclaveWithResponse(com.azure.security.attestation.models.AttestationOptions)"
fullName: "com.azure.security.attestation.AttestationAsyncClient.attestOpenEnclaveWithResponse(AttestationOptions options)"
name: "attestOpenEnclaveWithResponse(AttestationOptions options)"
nameWithType: "AttestationAsyncClient.attestOpenEnclaveWithResponse(AttestationOptions options)"
summary: "Attest an Open<wbr>Enclave report, specifying Run<wbr>Time<wbr>Data and Init<wbr>Time<wbr>Data."
parameters:
- description: "Attestation options for attesting SGX enclaves."
name: "options"
type: "<xref href=\"com.azure.security.attestation.models.AttestationOptions?alt=com.azure.security.attestation.models.AttestationOptions&text=AttestationOptions\" data-throw-if-not-resolved=\"False\" />"
syntax: "public Mono<AttestationResponse<AttestationResult>> attestOpenEnclaveWithResponse(AttestationOptions options)"
desc: "Attest an OpenEnclave report, specifying RunTimeData and InitTimeData. The <xref uid=\"com.azure.security.attestation.models.AttestationOptions\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationOptions\"></xref> parameter allows the caller to specify the OpenEnclave `report` which contains evidence from the enclave, and runtime data which allows the enclave to specify additional data from within the enclave. When calling the <xref uid=\"com.azure.security.attestation.models.AttestationOptions.setRunTimeData(com.azure.security.attestation.models.AttestationData)\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationOptions#setRunTimeData(AttestationData)\"></xref> API, the caller can specify whether the attestation service should treat the runtime data as binary or as JSON when it is included in the response attestation token.\n\n**Attest an OpenEnclave enclave with attestation options.**\n\n```java\nMono<AttestationResponse<AttestationResult>> openEnclaveResponse = client.attestOpenEnclaveWithResponse(\n new AttestationOptions(openEnclaveReport)\n .setRunTimeData(new AttestationData(runtimeData, AttestationDataInterpretation.JSON)));\n```"
returns:
description: "the result of an attestation operation."
type: "<a href=\"https://projectreactor.io/docs/core/release/api/reactor/core/publisher/Mono.html\">Mono</a>&lt;<xref href=\"com.azure.security.attestation.models.AttestationResponse?alt=com.azure.security.attestation.models.AttestationResponse&text=AttestationResponse\" data-throw-if-not-resolved=\"False\" />&lt;<xref href=\"com.azure.security.attestation.models.AttestationResult?alt=com.azure.security.attestation.models.AttestationResult&text=AttestationResult\" data-throw-if-not-resolved=\"False\" />&gt;&gt;"
- uid: "com.azure.security.attestation.AttestationAsyncClient.attestSgxEnclave(com.azure.core.util.BinaryData)"
fullName: "com.azure.security.attestation.AttestationAsyncClient.attestSgxEnclave(BinaryData quote)"
name: "attestSgxEnclave(BinaryData quote)"
nameWithType: "AttestationAsyncClient.attestSgxEnclave(BinaryData quote)"
summary: "Attest an SGX Enclave Quote."
parameters:
- description: "SGX Quote to attest."
name: "quote"
type: "<xref href=\"com.azure.core.util.BinaryData?alt=com.azure.core.util.BinaryData&text=BinaryData\" data-throw-if-not-resolved=\"False\" />"
syntax: "public Mono<AttestationResult> attestSgxEnclave(BinaryData quote)"
desc: "Attest an SGX Enclave Quote.\n\nThis method is a convenience method which attests evidence from an Intel SGX enclave with no `RuntimeData` or `InitTimeData`.\n\nIt returns an <xref uid=\"com.azure.security.attestation.models.AttestationResult\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationResult\"></xref> containing the claims emitted by the attestation service.\n\n```java\nMono<AttestationResult> resultWithReport = client.attestSgxEnclave(sgxQuote);\n```"
returns:
description: "the result of an attestation operation."
type: "<a href=\"https://projectreactor.io/docs/core/release/api/reactor/core/publisher/Mono.html\">Mono</a>&lt;<xref href=\"com.azure.security.attestation.models.AttestationResult?alt=com.azure.security.attestation.models.AttestationResult&text=AttestationResult\" data-throw-if-not-resolved=\"False\" />&gt;"
- uid: "com.azure.security.attestation.AttestationAsyncClient.attestSgxEnclave(com.azure.security.attestation.models.AttestationOptions)"
fullName: "com.azure.security.attestation.AttestationAsyncClient.attestSgxEnclave(AttestationOptions options)"
name: "attestSgxEnclave(AttestationOptions options)"
nameWithType: "AttestationAsyncClient.attestSgxEnclave(AttestationOptions options)"
summary: "Attest an SGX enclave quote, specifying Run<wbr>Time<wbr>Data and Init<wbr>Time<wbr>Data."
parameters:
- description: "Attestation options for Intel SGX enclaves."
name: "options"
type: "<xref href=\"com.azure.security.attestation.models.AttestationOptions?alt=com.azure.security.attestation.models.AttestationOptions&text=AttestationOptions\" data-throw-if-not-resolved=\"False\" />"
syntax: "public Mono<AttestationResult> attestSgxEnclave(AttestationOptions options)"
desc: "Attest an SGX enclave quote, specifying RunTimeData and InitTimeData. The <xref uid=\"com.azure.security.attestation.models.AttestationOptions\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationOptions\"></xref> parameter allows the caller to specify the SGX `quote` which contains evidence from the enclave, and runtime data which allows the enclave to specify additional data from within the enclave. When calling the <xref uid=\"com.azure.security.attestation.models.AttestationOptions.setRunTimeData(com.azure.security.attestation.models.AttestationData)\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationOptions#setRunTimeData(AttestationData)\"></xref> API, the caller can specify whether the attestation service should treat the runtime data as binary or as JSON when it is included in the response attestation token.\n\n**Attest an OpenEnclave enclave with attestation options.**\n\n```java\nMono<AttestationResult> result = client.attestSgxEnclave(new AttestationOptions(sgxQuote)\n .setRunTimeData(new AttestationData(runtimeData, AttestationDataInterpretation.BINARY)));\n```"
returns:
description: "the result of an attestation operation."
type: "<a href=\"https://projectreactor.io/docs/core/release/api/reactor/core/publisher/Mono.html\">Mono</a>&lt;<xref href=\"com.azure.security.attestation.models.AttestationResult?alt=com.azure.security.attestation.models.AttestationResult&text=AttestationResult\" data-throw-if-not-resolved=\"False\" />&gt;"
- uid: "com.azure.security.attestation.AttestationAsyncClient.attestSgxEnclaveWithResponse(com.azure.security.attestation.models.AttestationOptions)"
fullName: "com.azure.security.attestation.AttestationAsyncClient.attestSgxEnclaveWithResponse(AttestationOptions options)"
name: "attestSgxEnclaveWithResponse(AttestationOptions options)"
nameWithType: "AttestationAsyncClient.attestSgxEnclaveWithResponse(AttestationOptions options)"
summary: "Attest an SGX enclave quote, specifying Run<wbr>Time<wbr>Data and Init<wbr>Time<wbr>Data."
parameters:
- description: "Attestation options for Intel SGX enclaves."
name: "options"
type: "<xref href=\"com.azure.security.attestation.models.AttestationOptions?alt=com.azure.security.attestation.models.AttestationOptions&text=AttestationOptions\" data-throw-if-not-resolved=\"False\" />"
syntax: "public Mono<AttestationResponse<AttestationResult>> attestSgxEnclaveWithResponse(AttestationOptions options)"
desc: "Attest an SGX enclave quote, specifying RunTimeData and InitTimeData. The <xref uid=\"com.azure.security.attestation.models.AttestationOptions\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationOptions\"></xref> parameter allows the caller to specify the SGX `quote` which contains evidence from the enclave, and runtime data which allows the enclave to specify additional data from within the enclave. When calling the <xref uid=\"com.azure.security.attestation.models.AttestationOptions.setRunTimeData(com.azure.security.attestation.models.AttestationData)\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationOptions#setRunTimeData(AttestationData)\"></xref> API, the caller can specify whether the attestation service should treat the runtime data as binary or as JSON when it is included in the response attestation token.\n\n**Attest an OpenEnclave enclave with attestation options.**\n\n```java\nMono<AttestationResponse<AttestationResult>> openEnclaveResponse = client.attestSgxEnclaveWithResponse(\n new AttestationOptions(sgxQuote)\n .setRunTimeData(new AttestationData(runtimeData, AttestationDataInterpretation.JSON)));\n```"
returns:
description: "the result of an attestation operation."
type: "<a href=\"https://projectreactor.io/docs/core/release/api/reactor/core/publisher/Mono.html\">Mono</a>&lt;<xref href=\"com.azure.security.attestation.models.AttestationResponse?alt=com.azure.security.attestation.models.AttestationResponse&text=AttestationResponse\" data-throw-if-not-resolved=\"False\" />&lt;<xref href=\"com.azure.security.attestation.models.AttestationResult?alt=com.azure.security.attestation.models.AttestationResult&text=AttestationResult\" data-throw-if-not-resolved=\"False\" />&gt;&gt;"
- uid: "com.azure.security.attestation.AttestationAsyncClient.attestTpm(java.lang.String)"
fullName: "com.azure.security.attestation.AttestationAsyncClient.attestTpm(String request)"
name: "attestTpm(String request)"
nameWithType: "AttestationAsyncClient.attestTpm(String request)"
summary: "Performs TPM attestation."
parameters:
- description: "Attestation request for Trusted Platform Module (TPM) attestation."
name: "request"
type: "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/String.html\">String</a>"
syntax: "public Mono<String> attestTpm(String request)"
desc: "Performs TPM attestation. Processes attestation evidence from a VBS enclave, producing an attestation result.\n\nThe TPM attestation protocol is defined [here.][]\n\nUnlike OpenEnclave reports and SGX enclave quotes, TPM attestation is implemented using JSON encoded strings.\n\nThe client formats a string serialized JSON request to the service, which responds with a JSON response. The serialized JSON object exchange continues until the service responds with a JSON string with a property named `\"report\"`, whose value will be an attestation result token.\n\n**Perform the first leg of a TPM attestation operation**\n\n```java\n// The initial payload for TPM attestation is a JSON object with a property named \"payload\",\n // containing an object with a property named \"type\" whose value is \"aikcert\".\n\n String attestInitialPayload = \"{\\\"payload\\\": { \\\"type\\\": \\\"aikcert\\\" } }\";\n Mono<String> tpmResponse = client.attestTpm(attestInitialPayload);\n```\n\n\n[here.]: https://docs.microsoft.com/azure/attestation/virtualization-based-security-protocol"
returns:
description: "attestation response for Trusted Platform Module (TPM) attestation."
type: "<a href=\"https://projectreactor.io/docs/core/release/api/reactor/core/publisher/Mono.html\">Mono</a>&lt;<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/String.html\">String</a>&gt;"
- uid: "com.azure.security.attestation.AttestationAsyncClient.attestTpmWithResponse(java.lang.String)"
fullName: "com.azure.security.attestation.AttestationAsyncClient.attestTpmWithResponse(String request)"
name: "attestTpmWithResponse(String request)"
nameWithType: "AttestationAsyncClient.attestTpmWithResponse(String request)"
summary: "Performs TPM attestation."
parameters:
- description: "Attestation request for Trusted Platform Module (TPM) attestation."
name: "request"
type: "<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/String.html\">String</a>"
syntax: "public Mono<Response<String>> attestTpmWithResponse(String request)"
desc: "Performs TPM attestation. Processes attestation evidence from a VBS enclave, producing an attestation result.\n\nThe TPM attestation protocol is defined [here.][]\n\nUnlike OpenEnclave reports and SGX enclave quotes, TPM attestation is implemented using JSON encoded strings.\n\nThe client formats a string serialized JSON request to the service, which responds with a JSON response. The serialized JSON object exchange continues until the service responds with a JSON string with a property named `\"report\"`, whose value will be an attestation result token.\n\n**Perform the first leg of a TPM attestation operation**\n\n```java\n// The initial payload for TPM attestation is a JSON object with a property named \"payload\",\n // containing an object with a property named \"type\" whose value is \"aikcert\".\n\n String attestInitialPayload = \"{\\\"payload\\\": { \\\"type\\\": \\\"aikcert\\\" } }\";\n Mono<Response<String>> responseMono = client.attestTpmWithResponse(attestInitialPayload);\n```\n\n\n[here.]: https://docs.microsoft.com/azure/attestation/virtualization-based-security-protocol"
returns:
description: "attestation response for Trusted Platform Module (TPM) attestation."
type: "<a href=\"https://projectreactor.io/docs/core/release/api/reactor/core/publisher/Mono.html\">Mono</a>&lt;<xref href=\"com.azure.core.http.rest.Response?alt=com.azure.core.http.rest.Response&text=Response\" data-throw-if-not-resolved=\"False\" />&lt;<a href=\"https://docs.oracle.com/javase/8/docs/api/java/lang/String.html\">String</a>&gt;&gt;"
- uid: "com.azure.security.attestation.AttestationAsyncClient.getOpenIdMetadata()"
fullName: "com.azure.security.attestation.AttestationAsyncClient.getOpenIdMetadata()"
name: "getOpenIdMetadata()"
nameWithType: "AttestationAsyncClient.getOpenIdMetadata()"
summary: "Retrieves metadata about the attestation signing keys in use by the attestation service."
syntax: "public Mono<AttestationOpenIdMetadata> getOpenIdMetadata()"
desc: "Retrieves metadata about the attestation signing keys in use by the attestation service.\n\n**Retrieve the OpenID metadata for this async client.**\n\n```java\nMono<AttestationOpenIdMetadata> openIdMetadata = client.getOpenIdMetadata();\n```"
returns:
description: "any object."
type: "<a href=\"https://projectreactor.io/docs/core/release/api/reactor/core/publisher/Mono.html\">Mono</a>&lt;<xref href=\"com.azure.security.attestation.models.AttestationOpenIdMetadata?alt=com.azure.security.attestation.models.AttestationOpenIdMetadata&text=AttestationOpenIdMetadata\" data-throw-if-not-resolved=\"False\" />&gt;"
- uid: "com.azure.security.attestation.AttestationAsyncClient.getOpenIdMetadataWithResponse()"
fullName: "com.azure.security.attestation.AttestationAsyncClient.getOpenIdMetadataWithResponse()"
name: "getOpenIdMetadataWithResponse()"
nameWithType: "AttestationAsyncClient.getOpenIdMetadataWithResponse()"
summary: "Retrieves metadata about the attestation signing keys in use by the attestation service."
syntax: "public Mono<Response<AttestationOpenIdMetadata>> getOpenIdMetadataWithResponse()"
desc: "Retrieves metadata about the attestation signing keys in use by the attestation service.\n\n**Retrieve the OpenID metadata for this async client.**\n\n```java\nMono<Response<AttestationOpenIdMetadata>> response = client.getOpenIdMetadataWithResponse();\n```"
returns:
description: "any object."
type: "<a href=\"https://projectreactor.io/docs/core/release/api/reactor/core/publisher/Mono.html\">Mono</a>&lt;<xref href=\"com.azure.core.http.rest.Response?alt=com.azure.core.http.rest.Response&text=Response\" data-throw-if-not-resolved=\"False\" />&lt;<xref href=\"com.azure.security.attestation.models.AttestationOpenIdMetadata?alt=com.azure.security.attestation.models.AttestationOpenIdMetadata&text=AttestationOpenIdMetadata\" data-throw-if-not-resolved=\"False\" />&gt;&gt;"
- uid: "com.azure.security.attestation.AttestationAsyncClient.listAttestationSigners()"
fullName: "com.azure.security.attestation.AttestationAsyncClient.listAttestationSigners()"
name: "listAttestationSigners()"
nameWithType: "AttestationAsyncClient.listAttestationSigners()"
summary: "Retrieves the list of <xref uid=\"com.azure.security.attestation.models.AttestationSigner\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationSigner\"></xref> objects associated with this attestation instance."
syntax: "public Mono<AttestationSignerCollection> listAttestationSigners()"
desc: "Retrieves the list of <xref uid=\"com.azure.security.attestation.models.AttestationSigner\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationSigner\"></xref> objects associated with this attestation instance.\n\nAn <xref uid=\"com.azure.security.attestation.models.AttestationSigner\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationSigner\"></xref> represents an X.509 certificate chain and KeyId which can be used to validate an attestation token returned by the service.\n\n**Retrieve Attestation Signers for this async client.**\n\n```java\nMono<AttestationSignerCollection> signersMono = client.listAttestationSigners();\n signersMono.subscribe(signers -> signers.getAttestationSigners().forEach(cert -> {\n System.out.println(\"Found certificate.\");\n if (cert.getKeyId() != null) {\n System.out.println(\" Certificate Key ID: \" + cert.getKeyId());\n } else {\n System.out.println(\" Signer does not have a Key ID\");\n }\n cert.getCertificates().forEach(chainElement -> {\n System.out.println(\" Cert Subject: \" + chainElement.getSubjectDN().getName());\n System.out.println(\" Cert Issuer: \" + chainElement.getIssuerDN().getName());\n });\n }));\n```"
returns:
description: "Returns an array of <xref uid=\"com.azure.security.attestation.models.AttestationSigner\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationSigner\"></xref> objects."
type: "<a href=\"https://projectreactor.io/docs/core/release/api/reactor/core/publisher/Mono.html\">Mono</a>&lt;<xref href=\"com.azure.security.attestation.models.AttestationSignerCollection?alt=com.azure.security.attestation.models.AttestationSignerCollection&text=AttestationSignerCollection\" data-throw-if-not-resolved=\"False\" />&gt;"
- uid: "com.azure.security.attestation.AttestationAsyncClient.listAttestationSignersWithResponse()"
fullName: "com.azure.security.attestation.AttestationAsyncClient.listAttestationSignersWithResponse()"
name: "listAttestationSignersWithResponse()"
nameWithType: "AttestationAsyncClient.listAttestationSignersWithResponse()"
summary: "Retrieves the list of <xref uid=\"com.azure.security.attestation.models.AttestationSigner\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationSigner\"></xref> objects associated with this attestation instance."
syntax: "public Mono<Response<AttestationSignerCollection>> listAttestationSignersWithResponse()"
desc: "Retrieves the list of <xref uid=\"com.azure.security.attestation.models.AttestationSigner\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationSigner\"></xref> objects associated with this attestation instance.\n\nAn <xref uid=\"com.azure.security.attestation.models.AttestationSigner\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationSigner\"></xref> represents an X.509 certificate chain and KeyId which can be used to validate an attestation token returned by the service.\n\n**Retrieve Attestation Signers for this async client.**\n\n```java\nMono<Response<AttestationSignerCollection>> responseOfSigners = client.listAttestationSignersWithResponse();\n responseOfSigners.subscribe();\n```"
returns:
description: "Returns an array of <xref uid=\"com.azure.security.attestation.models.AttestationSigner\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationSigner\"></xref> objects."
type: "<a href=\"https://projectreactor.io/docs/core/release/api/reactor/core/publisher/Mono.html\">Mono</a>&lt;<xref href=\"com.azure.core.http.rest.Response?alt=com.azure.core.http.rest.Response&text=Response\" data-throw-if-not-resolved=\"False\" />&lt;<xref href=\"com.azure.security.attestation.models.AttestationSignerCollection?alt=com.azure.security.attestation.models.AttestationSignerCollection&text=AttestationSignerCollection\" data-throw-if-not-resolved=\"False\" />&gt;&gt;"
type: "class"
desc: "The AttestationAsyncClient implements the functionality required by the \"Attest\" family of APIs.\n\nAn enclave (or Trusted Execution Environment) is a chunk of code that is isolated from the host (think: \"encrypted VM\" or \"encrypted container\"). But there's one key attribute of the enclave: It is encrypted.That means that if data is sent from the enclave, there is no way of knowing that the data came from the enclave.\n\nAnd even worse, there is no way of securely communicating with the enclave (since the enclave is fully isolated from the host, all information passed into the enclave has to go through its host first).\n\nTo solve the communication problem, the Attest API can be used to facilitate what is known as the \"Secure Key Release\" (SKR) protocol.\n\nThere are 4 parties involved in an attestation operation:\n\n * The host (which hosts the enclave)\n * The enclave (which is the enclave :) \x1a encrypted, nobody can see what goes on inside it),\n * The \"verifier\" which verifies the evidence from the enclave (this is the attestation service) and generates a token which can be received by a relying party, and\n * The \"relying party\" which will interpret the token from the service. For the Secure Key Release Protocol, this is the entity which wishes to communicate with the enclave.\n\nIt's possible that all these parties are on the same computer, it's possible they\x1are on multiple computers.\nIt's possible that the host is also the relying party. It's possible that the relying party is a component like Azure Managed HSM.\n\nThere are three primary pieces of data received by the service for the Attest family of APIs. All of them are arrays of bytes, and all of them originate from code running in the enclave (thus they need to be treated as opaque arrays of bytes by the SDK):\n\n1. Evidence. For Intel SGX enclaves, this has two forms, either an SGX 'Quote' or an OpenEnclave 'Report'. It is required for attestation operations.\n2. InitTimeData \x1a This is data which is specified at Initialization Time. It is optional (and not currently supported on all enclave types in Azure)\n3. RunTimeData \x1a this is data which is specified at the time the quote is generated (at \x1aruntime\x1a). It is optional, but required for the Secure Key Release protocol.\n\nThe Evidence is cryptographically signed by a known authority (for Intel SGX Quotes or OpenEnclave reports, this is a key owned by Intel which represents that the SGX enclave is valid and can be trusted).\nThe core idea for all attestation operations is to take advantage of a region within the Evidence which is controlled by enclave. For SGX Enclaves, this is the 64 bytes of \"user data\" contained within SGX quote.\n\nFor the Secure Key Release protocol, code inside the enclave generates an asymmetric key and serializes the public key into a byte buffer. It then calculates the SHA256 hash of the serialized key and creates a quote containing that SHA256 hash. We now have a cryptographically validated indication that the contents of the byte buffer was known inside the enclave.\n\nThe enclave then hands the byte buffer and the quote to its host. The host sends the quote and byte buffer as the \"RunTime Data\" to the via the <xref uid=\"com.azure.security.attestation.AttestationAsyncClient.attestSgxEnclave(com.azure.core.util.BinaryData)\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationAsyncClient#attestSgxEnclave(BinaryData)\"></xref> or <xref uid=\"com.azure.security.attestation.AttestationAsyncClient.attestOpenEnclave*\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationAsyncClient#attestOpenEnclave\"></xref> API. Assuming the byte buffer and quote are valid, and the quote contains the hash of the byte buffer, the attestation service responds with an <xref uid=\"com.azure.security.attestation.models.AttestationToken\" data-throw-if-not-resolved=\"false\" data-raw-source=\"AttestationToken\"></xref> signed by the attestation service, whose body is an <xref uid=\"com.azure.security.attestation.models.Attestation
metadata: {}
package: "com.azure.security.attestation"
artifact: com.azure:azure-security-attestation:1.1.27