Share via

AttestationResult Class

  • Reference

Represents the claims returned from the attestation service as a result of a call to attest_sgx_enclave, or attest_open_enclave.

Inheritance
builtins.object
AttestationResult

Constructor

AttestationResult(**kwargs: Any)

Keyword-Only Parameters

Name Description
issuer
str

Entity which issued the attestation token.
unique_identifier
str or None

Unique identifier for the token.
nonce
str or None

Returns the input nonce attribute passed to the Attest API.
version
str

Version of the token. Must be "1.0"
runtime_claims
dict or None

Runtime claims passed in from the caller of the attest API.
inittime_claims
dict or None

Inittime claims passed in from the caller of the attest API.
enclave_held_data
bytes or None

Runtime data passed in from the caller of the attest API.
policy_claims
dict or None

Attestation claims issued by policies.
verifier_type
str

Verifier which generated this token.
policy_signer
AttestationSigner or None

If the policy which processed the request is signed, this will be the certificate which signed the policy.
policy_hash
str

The hash of the policy which processed the attestation evidence.
is_debuggable
bool

True if a debugger can be attached to the SGX enclave being attested.
product_id
int

Product ID for the SGX enclave being attested.
mr_enclave
str

MRENCLAVE value for the SGX enclave being attested.
mr_signer
str

MRSIGNER value for the SGX enclave being attested.
svn
int

Security version number for the SGX enclave being attested.
sgx_collateral
dict

Collateral which identifies the collateral used to create the token.

Attributes

enclave_held_data

Returns the value of the runtime_data field specified as an input to the attest_sgx_enclave or attest_open_enclave API.

Note

The enclave_held_data property will only be populated if the

runtime_data parameter to the Attest API is specified.

Returns

Type Description
bytes,
None

inittime_claims

Returns the inittime claims in the token.

This value will match the input inittime_json property to the attest_sgx_enclave or attest_open_enclave API.

Note

The inittime_claims property will only be populated if the

inittime_json parameter to the Attest API is specified. It will

not be populated if the inittime_data parameter is specified.

Returns

Type Description
dict[str, Any],
None

is_debuggable

Returns "True" if the source evidence being attested indicates that the TEE has debugging enabled.

Returns

Type Description
bool

issuer

Returns the issuer of the attestation token.

The issuer for the token MUST be the same as the endpoint associated with the AttestationClient object. If it is not, then the token should be rejected.

See RFC 7519 Section 4.1.1 for details.

Returns

Type Description
str

mr_enclave

Returns HEX encoded mr-enclave value of the SGX enclave being attested.

Returns

Type Description
str

mr_signer

Returns HEX encoded mr-signer value of the SGX enclave being attested.

Returns

Type Description
str

nonce

Returns the value of the "nonce" input to the attestation request.

Returns

Type Description
str,
None

policy_claims

Returns the claims for the token generated by attestation policy.

Returns

Type Description
dict[str, Any],
None

policy_hash

Returns the base64url encoded SHA256 hash of the base64url encoded attestation policy which was applied when generating this token.

Returns

Type Description
str

policy_signer

Returns the signing certificate which was used to sign the policy which was applied when the token was generated.

Returns

Type Description
AttestationSigner,
None

product_id

Returns the product id associated with the SGX enclave being attested.

Returns

Type Description
float

runtime_claims

Returns the runtime claims in the token.

This value will match the input runtime_json property to the attest_sgx_enclave or attest_open_enclave API.

Note

The runtime_claims property will only be populated if the

runtime_json parameter to the Attest API is specified. It will

not be populated if the runtime_data parameter is specified.

Returns

Type Description
dict[str, Any],
None

sgx_collateral

Returns a set of information describing the complete set of inputs to the oe_verify_evidence

Returns

Type Description
dict[str, Any]

svn

Returns the svn value of the SGX enclave being attested.

Returns

Type Description
int

unique_id

Returns a unique ID claim for the attestation token.

If present, the unique_id property can be used to distinguish between different attestation tokens.

See RFC 7519 Section 4.1.7 for details.

Returns

Type Description
str,
None

verifier_type

Returns the verifier which generated this attestation token.

Returns

Type Description
str

version

Returns the version of the information returned in the token.

Returns

Type Description
str