KeyOperationAttestation(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Contains an HSM-generated attestation about a key operation. For more information, see Verifying attestations.
Attributes |
|
---|---|
Name | Description |
format |
google.cloud.kms_v1.types.KeyOperationAttestation.AttestationFormat
Output only. The format of the attestation data. |
content |
bytes
Output only. The attestation data provided by the HSM when the key operation was performed. |
cert_chains |
google.cloud.kms_v1.types.KeyOperationAttestation.CertificateChains
Output only. The certificate chains needed to validate the attestation |
Classes
AttestationFormat
AttestationFormat(value)
Attestation formats provided by the HSM.
Values: ATTESTATION_FORMAT_UNSPECIFIED (0): Not specified. CAVIUM_V1_COMPRESSED (3): Cavium HSM attestation compressed with gzip. Note that this format is defined by Cavium and subject to change at any time.
See
https://www.marvell.com/products/security-solutions/nitrox-hs-adapters/software-key-attestation.html.
CAVIUM_V2_COMPRESSED (4):
Cavium HSM attestation V2 compressed with
gzip. This is a new format introduced in
Cavium's version 3.2-08.
CertificateChains
CertificateChains(mapping=None, *, ignore_unknown_fields=False, **kwargs)
Certificate chains needed to verify the attestation. Certificates in chains are PEM-encoded and are ordered based on https://tools.ietf.org/html/rfc5246#section-7.4.2.