Crescendo SDK
Loading...
Searching...
No Matches
CrescendoDLL.PCSC.FIDODataStructures.AttestationStatement Class Reference

Represents a CTAP2 attestation statement containing cryptographic proof of credential origin. More...

Static Public Member Functions

static AttestationStatement FromJson (JToken? json)
 Parses an AttestationStatement from JSON data.
 

Properties

int Alg [get, set]
 COSE algorithm identifier for the attestation signature.
 
byte[] Sig = default! [get, set]
 Cryptographic signature over the attestation data.
 
List< byte[]> X5c = new List<byte[]>() [get, set]
 X.509 certificate chain (for X.509-based attestation formats)
 

Detailed Description

Represents a CTAP2 attestation statement containing cryptographic proof of credential origin.

Member Function Documentation

◆ FromJson()

static AttestationStatement CrescendoDLL.PCSC.FIDODataStructures.AttestationStatement.FromJson ( JToken?  json)
inlinestatic

Parses an AttestationStatement from JSON data.

Parameters
jsonJToken containing attestation statement data
Returns
Populated AttestationStatement instance
Exceptions
InvalidOperationExceptionThrown if required fields (alg, sig) are missing or invalid

References CrescendoDLL.PCSC.cert.

Property Documentation

◆ Alg

int CrescendoDLL.PCSC.FIDODataStructures.AttestationStatement.Alg
getset

COSE algorithm identifier for the attestation signature.

Required parameter. Registered algorithm identifier from IANA COSE Algorithms Registry (e.g., -7 for ES256, -257 for RS256). Matches the algorithm used in the authenticator's attestation key.

◆ Sig

byte [] CrescendoDLL.PCSC.FIDODataStructures.AttestationStatement.Sig = default!
getset

Cryptographic signature over the attestation data.

Required parameter. Signature generated using the attestation private key over:

  • Authenticator data (authData)
  • SHA-256 hash of client data JSON

Verification method depends on the attestation format.

◆ X5c

List<byte[]> CrescendoDLL.PCSC.FIDODataStructures.AttestationStatement.X5c = new List<byte[]>()
getset

X.509 certificate chain (for X.509-based attestation formats)

Optional parameter. Ordered list where:

  • First certificate is the attestation certificate
  • Subsequent certificates chain to a trusted root

May be empty for non-X.509 attestation formats (e.g., packed).