public class X509Attestation extends Attestation implements Serializable
The provisioning service supports Device Identifier Composition Engine, or DICE, as the device attestation
mechanism. To use DICE, user must provide the X509 certificate. This class provide the means to create a new
attestation for a X509 certificate and return it as an abstract interface Attestation
.
An X509 attestation can contains one of the 3 types of certificate:
The provisioning service allows user to create IndividualEnrollment
and EnrollmentGroup
. For all
operations over IndividualEnrollment
with DICE, user must provide a clientCertificates, and
for operations over EnrollmentGroup
, user must provide a rootCertificates or a X509CAReferences.
For each of this types of certificates, user can provide 2 Certificates, a primary and a secondary. Only the primary is mandatory, the secondary is optional.
The provisioning service will process the provided certificates, but will never return it back. Instead of
it, getPrimaryX509CertificateInfo()
and getSecondaryX509CertificateInfo()
will return the
certificate information for the certificates.
Constructor and Description |
---|
X509Attestation(X509Attestation x509Attestation)
Constructor [COPY]
|
Modifier and Type | Method and Description |
---|---|
static X509Attestation |
createFromCAReferences(String primary)
Factory with CAReferences with only primary reference.
|
static X509Attestation |
createFromCAReferences(String primary,
String secondary)
Factory with CAReferences with primary and secondary references.
|
static X509Attestation |
createFromClientCertificates(String primary)
Factory with ClientCertificate with only primary certificate.
|
static X509Attestation |
createFromClientCertificates(String primary,
String secondary)
Factory with ClientCertificates with primary and secondary certificates.
|
static X509Attestation |
createFromRootCertificates(String primary)
Factory with RootCertificates with only primary certificate.
|
static X509Attestation |
createFromRootCertificates(String primary,
String secondary)
Factory with RootCertificates with primary and secondary certificates.
|
X509CAReferences |
getCAReferences()
Getter for the caReferences.
|
X509Certificates |
getClientCertificates()
Getter for the clientCertificates.
|
X509CertificateInfo |
getPrimaryX509CertificateInfo()
Getter for the primary X509 certificate info.
|
X509Certificates |
getRootCertificates()
Getter for the rootCertificates.
|
X509CertificateInfo |
getSecondaryX509CertificateInfo()
Getter for the secondary X509 certificate info.
|
public X509Attestation(X509Attestation x509Attestation)
Creates a new instance of the X509Attestation copping the content of the provided one.
x509Attestation
- the original X509Attestation to copy.IllegalArgumentException
- if the provided x509Attestation is null or do not contains a primary certificate.public static X509Attestation createFromClientCertificates(String primary)
Creates a new instance of the X509Attestation using the provided primary Certificate.
primary
- the String
with the primary certificate. It cannot be null
or empty.IllegalArgumentException
- if the provide certificate is invalid.public static X509Attestation createFromClientCertificates(String primary, String secondary)
Creates a new instance of the X509Attestation with the primary and secondary certificates.
primary
- the String
with the primary certificate. It cannot be null
or empty.secondary
- the String
with the secondary certificate. It can be null
or empty (ignored).IllegalArgumentException
- if the provide primary certificate is invalid.public static X509Attestation createFromRootCertificates(String primary)
Creates a new instance of the X509Attestation using the provided primary Certificate.
primary
- the String
with the primary certificate. It cannot be null
or empty.IllegalArgumentException
- if the provide certificate is invalid.public static X509Attestation createFromRootCertificates(String primary, String secondary)
Creates a new instance of the X509Attestation with the primary and secondary certificates.
primary
- the String
with the primary certificate. It cannot be null
or empty.secondary
- the String
with the secondary certificate. It can be null
or empty (ignored).IllegalArgumentException
- if the provide primary certificate is invalid.public static X509Attestation createFromCAReferences(String primary)
Creates a new instance of the X509Attestation using the provided primary CA reference.
primary
- the String
with the primary CA reference. It cannot be null
or empty.IllegalArgumentException
- if the provide CA reference is invalid.public static X509Attestation createFromCAReferences(String primary, String secondary)
Creates a new instance of the X509Attestation with the primary and secondary CA references.
primary
- the String
with the primary CA references. It cannot be null
or empty.secondary
- the String
with the secondary CA references. It can be null
or empty (ignored).IllegalArgumentException
- if the provide primary CA reference is invalid.public final X509Certificates getClientCertificates()
X509Certificates
with the stored clientCertificates. it can be null
.public final X509Certificates getRootCertificates()
X509Certificates
with the stored rootCertificates. it can be null
.public final X509CAReferences getCAReferences()
X509CAReferences
with the stored caReferences. it can be null
.public X509CertificateInfo getPrimaryX509CertificateInfo()
This method is a getter for the information returned from the provisioning service for the provided primary certificate.
X509CertificateInfo
with the returned certificate information. it can be null
.public X509CertificateInfo getSecondaryX509CertificateInfo()
This method is a getter for the information returned from the provisioning service for the provided secondary certificate.
X509CertificateInfo
with the returned certificate information. it can be null
.Copyright © 2022. All rights reserved.