/// <summary> /// Adds the specified new signing certificate to the set of policy management certificates. /// </summary> /// <param name="newSigningCertificate">The new certificate to add.</param> /// <param name="existingSigningKey">An existing key corresponding to the existing certificate.</param> /// <param name="cancellationToken">Cancellation token used to cancel this operation.</param> /// <returns>An <see cref="AttestationResponse{PolicyCertificatesModificationResult}"/> with the policy for the specified attestation type.</returns> /// <remarks> /// </remarks> public virtual AttestationResponse <PolicyCertificatesModificationResult> AddPolicyManagementCertificate( X509Certificate2 newSigningCertificate, AttestationTokenSigningKey existingSigningKey, CancellationToken cancellationToken = default) { Argument.AssertNotNull(existingSigningKey, nameof(existingSigningKey)); Argument.AssertNotNull(newSigningCertificate, nameof(newSigningCertificate)); using DiagnosticScope scope = _clientDiagnostics.CreateScope($"{nameof(AttestationAdministrationClient)}.{nameof(AddPolicyManagementCertificate)}"); scope.Start(); try { var tokenToAdd = new AttestationToken( BinaryData.FromObjectAsJson(new PolicyCertificateModification(newSigningCertificate)), existingSigningKey); var result = _policyManagementClient.Add(tokenToAdd.Serialize(), cancellationToken); var token = AttestationToken.Deserialize(result.Value.Token, _clientDiagnostics); if (_options.TokenOptions.ValidateToken) { var signers = GetSignersAsync(false, cancellationToken).EnsureCompleted(); if (!token.ValidateTokenInternal(_options.TokenOptions, signers, false, cancellationToken).EnsureCompleted()) { AttestationTokenValidationFailedException.ThrowFailure(signers, token); } } return(new AttestationResponse <PolicyCertificatesModificationResult>(result.GetRawResponse(), token)); } catch (Exception ex) { scope.Failed(ex); throw; } }
/// <summary> /// Adds the specified new signing certificate to the set of policy management certificates. /// </summary> /// <param name="newSigningCertificate">The new certificate to add.</param> /// <param name="existingSigningKey">An existing key corresponding to the existing certificate.</param> /// <param name="cancellationToken">Cancellation token used to cancel this operation.</param> /// <returns>An <see cref="AttestationResponse{PolicyCertificatesModificationResult}"/> with the policy for the specified attestation type.</returns> /// <remarks> /// </remarks> public virtual AttestationResponse <PolicyCertificatesModificationResult> AddPolicyManagementCertificate( X509Certificate2 newSigningCertificate, TokenSigningKey existingSigningKey, CancellationToken cancellationToken = default) { Argument.AssertNotNull(existingSigningKey, nameof(existingSigningKey)); Argument.AssertNotNull(newSigningCertificate, nameof(newSigningCertificate)); using DiagnosticScope scope = _clientDiagnostics.CreateScope($"{nameof(AttestationAdministrationClient)}.{nameof(AddPolicyManagementCertificate)}"); scope.Start(); try { var tokenToAdd = new AttestationToken( new PolicyCertificateModification(newSigningCertificate), existingSigningKey); var result = _policyManagementClient.Add(tokenToAdd.ToString(), cancellationToken); var token = new AttestationToken(result.Value.Token); if (_options.TokenOptions.ValidateToken) { token.ValidateToken(_options.TokenOptions, GetSigners(cancellationToken), cancellationToken); } return(new AttestationResponse <PolicyCertificatesModificationResult>(result.GetRawResponse(), token)); } catch (Exception ex) { scope.Failed(ex); throw; } }
/// <summary> /// Adds the specified new signing certificate to the set of policy management certificates. /// </summary> /// <param name="newSigningCertificate">The new certificate to add.</param> /// <param name="existingSigningKey">An existing key corresponding to the existing certificate.</param> /// <param name="existingSigningCertificate">One of the existing policy management certificates.</param> /// <param name="cancellationToken">Cancellation token used to cancel this operation.</param> /// <returns>An <see cref="AttestationResponse{PolicyCertificatesModificationResult}"/> with the policy for the specified attestation type.</returns> /// <remarks> /// </remarks> public virtual AttestationResponse <PolicyCertificatesModificationResult> AddPolicyManagementCertificate( X509Certificate2 newSigningCertificate, AsymmetricAlgorithm existingSigningKey, X509Certificate2 existingSigningCertificate, CancellationToken cancellationToken = default) { if (newSigningCertificate is null) { throw new ArgumentNullException(nameof(newSigningCertificate)); } if (existingSigningKey is null) { throw new ArgumentNullException(nameof(existingSigningKey)); } if (existingSigningCertificate is null) { throw new ArgumentNullException(nameof(existingSigningCertificate)); } using DiagnosticScope scope = _clientDiagnostics.CreateScope($"{nameof(AttestationAdministrationClient)}.{nameof(AddPolicyManagementCertificate)}"); scope.Start(); try { var tokenToAdd = new SecuredAttestationToken( new PolicyCertificateModification(newSigningCertificate), existingSigningKey, existingSigningCertificate); var result = _policyManagementClient.Add(tokenToAdd.ToString(), cancellationToken); var token = new AttestationToken(result.Value.Token); if (_options.ValidateAttestationTokens) { token.ValidateToken(GetSigners(), _options.ValidationCallback); } return(new AttestationResponse <PolicyCertificatesModificationResult>(result.GetRawResponse(), token)); } catch (Exception ex) { scope.Failed(ex); throw; } }
/// <summary> /// Retrieves the attesttion policy for the specified <see cref="AttestationType"/>. /// </summary> /// <param name="certificateToAdd">Attestation Type to retrive.</param> /// <param name="cancellationToken"></param> /// <returns>An <see cref="AttestationResponse{PolicyCertificatesModificationResult}"/> with the policy for the specified attestation type.</returns> public virtual AttestationResponse <PolicyCertificatesModificationResult> AddPolicyManagementCertificate(SecuredAttestationToken certificateToAdd, CancellationToken cancellationToken = default) { using DiagnosticScope scope = _clientDiagnostics.CreateScope($"{nameof(AttestationAdministrationClient)}.{nameof(AddPolicyManagementCertificate)}"); scope.Start(); try { var result = _policyManagementClient.Add(certificateToAdd.ToString(), cancellationToken); var token = new AttestationToken(result.Value.Token); if (_options.ValidateAttestationTokens) { token.ValidateToken(GetSigners(), _options.ValidationCallback); } return(new AttestationResponse <PolicyCertificatesModificationResult>(result.GetRawResponse(), token)); } catch (Exception ex) { scope.Failed(ex); throw; } }