Create Azure.Security.Attestation Track 2 Preview SDK

sdk/attestation/Azure.Security.Attestation/src/AttestationToken.cs

@@ -119,6 +119,7 @@ protected AttestationToken()
         public virtual bool ValidateToken(IReadOnlyList<AttestationSigner> attestationSigningCertificates, Func<AttestationToken, AttestationSigner, bool> validationCallback = default)
         {
             Argument.AssertNotNull(attestationSigningCertificates, nameof(attestationSigningCertificates));
+            Argument.AssertNotNull(attestationSigningCertificates[0], nameof(attestationSigningCertificates));
             if (validationCallback != null)
             {
                 return validationCallback(this, attestationSigningCertificates[0]);

sdk/attestation/Azure.Security.Attestation/src/Azure.Security.Attestation.csproj

@@ -1,6 +1,6 @@
 <Project Sdk="Microsoft.NET.Sdk">
   <PropertyGroup>
-    <Description>This is a template project to demonstrate how to create a package that uses code generation as well as use for testing our build and release pipelines</Description>
+    <Description>This is the project which implements the Microsoft Azure Attestation client API and package</Description>
     <AssemblyTitle>Azure SDK Template</AssemblyTitle>
     <Version>1.0.0-alpha.1</Version>
     <PackageTags>Azure Template</PackageTags>
@@ -25,6 +25,19 @@
     <Compile Include="$(AzureCoreSharedSources)OperationHelpers.cs" Link="Shared\%(RecursiveDir)\%(Filename)%(Extension)" />
     <Compile Include="$(AzureCoreSharedSources)AzureResourceProviderNamespaceAttribute.cs" Link="Shared\%(RecursiveDir)\%(Filename)%(Extension)" />
   </ItemGroup>
+  <ItemGroup>
+    <Compile Update="Azure.Security.Attestation.Designer.cs">
+      <DesignTime>True</DesignTime>
+      <AutoGen>True</AutoGen>
+      <DependentUpon>Azure.Security.Attestation.resx</DependentUpon>
+    </Compile>
+  </ItemGroup>
+  <ItemGroup>
+    <EmbeddedResource Update="Azure.Security.Attestation.resx">
+      <Generator>ResXFileCodeGenerator</Generator>
+      <LastGenOutput>Azure.Security.Attestation.Designer.cs</LastGenOutput>
+    </EmbeddedResource>
+  </ItemGroup>
 
   <Import Project="$(MSBuildThisFileDirectory)..\..\..\core\Azure.Core\src\Azure.Core.props" />
 

sdk/attestation/Azure.Security.Attestation/src/Azure.Security.Attestation.resx

@@ -0,0 +1,123 @@
+<?xml version="1.0" encoding="utf-8"?>
+<root>
+  <!-- 
+    Microsoft ResX Schema 
+
+    Version 2.0
+
+    The primary goals of this format is to allow a simple XML format 
+    that is mostly human readable. The generation and parsing of the 
+    various data types are done through the TypeConverter classes 
+    associated with the data types.
+
+    Example:
+
+    ... ado.net/XML headers & schema ...
+    <resheader name="resmimetype">text/microsoft-resx</resheader>
+    <resheader name="version">2.0</resheader>
+    <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
+    <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
+    <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
+    <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
+    <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
+        <value>[base64 mime encoded serialized .NET Framework object]</value>
+    </data>
+    <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
+        <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
+        <comment>This is a comment</comment>
+    </data>
+
+    There are any number of "resheader" rows that contain simple 
+    name/value pairs.
+
+    Each data row contains a name, and value. The row also contains a 
+    type or mimetype. Type corresponds to a .NET class that support 
+    text/value conversion through the TypeConverter architecture. 
+    Classes that don't support this are serialized and stored with the 
+    mimetype set.
+
+    The mimetype is used for serialized objects, and tells the 
+    ResXResourceReader how to depersist the object. This is currently not 
+    extensible. For a given mimetype the value must be set accordingly:
+
+    Note - application/x-microsoft.net.object.binary.base64 is the format 
+    that the ResXResourceWriter will generate, however the reader can 
+    read any of the formats listed below.
+
+    mimetype: application/x-microsoft.net.object.binary.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
+            : and then encoded with base64 encoding.
+
+    mimetype: application/x-microsoft.net.object.soap.base64
+    value   : The object must be serialized with 
+            : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
+            : and then encoded with base64 encoding.
+
+    mimetype: application/x-microsoft.net.object.bytearray.base64
+    value   : The object must be serialized into a byte array 
+            : using a System.ComponentModel.TypeConverter
+            : and then encoded with base64 encoding.
+    -->
+  <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
+    <xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
+    <xsd:element name="root" msdata:IsDataSet="true">
+      <xsd:complexType>
+        <xsd:choice maxOccurs="unbounded">
+          <xsd:element name="metadata">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" />
+              </xsd:sequence>
+              <xsd:attribute name="name" use="required" type="xsd:string" />
+              <xsd:attribute name="type" type="xsd:string" />
+              <xsd:attribute name="mimetype" type="xsd:string" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="assembly">
+            <xsd:complexType>
+              <xsd:attribute name="alias" type="xsd:string" />
+              <xsd:attribute name="name" type="xsd:string" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="data">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
+              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
+              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
+              <xsd:attribute ref="xml:space" />
+            </xsd:complexType>
+          </xsd:element>
+          <xsd:element name="resheader">
+            <xsd:complexType>
+              <xsd:sequence>
+                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
+              </xsd:sequence>
+              <xsd:attribute name="name" type="xsd:string" use="required" />
+            </xsd:complexType>
+          </xsd:element>
+        </xsd:choice>
+      </xsd:complexType>
+    </xsd:element>
+  </xsd:schema>
+  <resheader name="resmimetype">
+    <value>text/microsoft-resx</value>
+  </resheader>
+  <resheader name="version">
+    <value>2.0</value>
+  </resheader>
+  <resheader name="reader">
+    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <resheader name="writer">
+    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
+  </resheader>
+  <data name="PolicyCertificatesRequireX5C" xml:space="preserve">
+    <value>Policy Certificates must have an associated "X5C" property</value>
+  </data>
+</root>

sdk/attestation/Azure.Security.Attestation/src/Models/AttestationResult.cs

@@ -19,47 +19,47 @@ internal AttestationResult()
         }
 
         /// <summary>
-        /// Returns the time when this attestation token was issued.
+        /// Gets the time when this attestation token was issued.
         /// </summary>
         public DateTimeOffset IssuedAt
         {
             get => DateTimeOffset.FromUnixTimeSeconds(InternalIat);
         }
 
         /// <summary>
-        /// Returns the time when this attestation token will expire.
+        /// Gets the time when this attestation token will expire.
         /// </summary>
         public DateTimeOffset Expiration
         {
             get => DateTimeOffset.FromUnixTimeSeconds(InternalExp);
         }
 
         /// <summary>
-        /// Returns the time before which this token is invalid.
+        /// Gets the time before which this token is invalid.
         /// </summary>
         public DateTimeOffset NotBefore
         {
             get => DateTimeOffset.FromUnixTimeSeconds(InternalNbf);
         }
 
         /// <summary>
-        /// Returns the base URI which issued this token.
+        /// Gets the base URI which issued this token.
         /// </summary>
         public Uri Issuer
         {
             get => new Uri(InternalIss);
         }
 
         /// <summary>
-        /// RFC 7800 (https://tools.ietf.org/html/rfc7800) "cnf" claim (see also https://tools.ietf.org/html/rfc7800#section-3.1).
+        /// Gets the RFC 7800 (https://tools.ietf.org/html/rfc7800) "cnf" claim (see also https://tools.ietf.org/html/rfc7800#section-3.1).
         /// </summary>
         public object Confirmation
         {
             get => InternalCnf;
         }
 
         /// <summary>
-        /// Represents the RFC 7519 "jti" claim name (https://tools.ietf.org/html/rfc7519#section-4)
+        /// Gets the RFC 7519 "jti" claim name (https://tools.ietf.org/html/rfc7519#section-4)
         /// </summary>
         public string UniqueIdentifier { get => InternalJti; }
 

sdk/attestation/Azure.Security.Attestation/src/Models/AttestationSigner.cs

@@ -41,7 +41,6 @@ internal static IReadOnlyList<AttestationSigner> FromJsonWebKeySet(JsonWebKeySet
             foreach (var key in keys.Keys)
             {
                 returnedCertificates.Add(FromJsonWebKey(key));
-
             }
             return returnedCertificates.ToArray();
         }

sdk/attestation/Azure.Security.Attestation/src/Models/PolicyCertificatesResult.cs

@@ -41,7 +41,7 @@ public IReadOnlyList<X509Certificate2> GetPolicyCertificates()
                         if (key.X5C == null)
                         {
                             // the key returned must have a X5c property.
-                            throw new InvalidOperationException();
+                            throw new InvalidOperationException(Azure_Security_Attestation.PolicyCertificatesRequireX5C);
                         }
                         certificates.Add(new X509Certificate2(Convert.FromBase64String(key.X5C[0])));
                     }