Function yubihsm::commands::attest_asymmetric::attest_asymmetric [−][src]
pub fn attest_asymmetric<A: Adapter>(
session: &mut Session<A>,
key_id: ObjectId,
attestation_key_id: Option<ObjectId>
) -> Result<AttestationCertificate, SessionError>
Obtain an X.509 attestation certificate for a key within the YubiHSM2. This can be used to demonstrate that a given key was generated by and stored within a YubiHSM2 in a non-exportable manner.
The key_id
is the subject key for which an attestation certificate
is created, and theattestation_key_id
will be used to sign the
attestation certificate.
If no attestation key is given, the device's default attestation key will be used, and can be verified against Yubico's certificate.