X509Attestation Class

定义

Representation of a single Device Provisioning Service X509 Attestation.

The provisioning service supports Device Identifier Composition Engine, or DICE, as the device attestation mechanism. To use DICE, user must provide the X509 certificate. This class provide the means to create a new attestation for a X509 certificate and return it as an abstract interface Attestation.

An X509 attestation can contains one of the 3 types of certificate:

Client or Alias certificate:

  • Called on this class as clientCertificates, this certificate can authenticate a single device.

  • Signing or Root certificate:
  • Called on this class as rootCertificates, this certificate can create multiple Client certificates to authenticate multiple devices.

  • CA Reference:
  • Called on this class as X509CAReferences, this is a CA reference for a rootCertificate that can create multiple Client certificates to authenticate multiple devices.

  • The provisioning service allows user to create IndividualEnrollment and EnrollmentGroup. For all operations over IndividualEnrollment with DICE, user must provide a clientCertificates, and for operations over EnrollmentGroup, user must provide a rootCertificates or a X509CAReferences.

    For each of this types of certificates, user can provide 2 Certificates, a primary and a secondary. Only the primary is mandatory, the secondary is optional.

    The provisioning service will process the provided certificates, but will never return it back. Instead of it, getPrimaryX509CertificateInfo() and getSecondaryX509CertificateInfo() will return the certificate information for the certificates.

    public class X509Attestation extends Attestation
    继承
    java.lang.Object
    X509Attestation

    构造函数

    X509Attestation(X509Attestation x509Attestation)

    Constructor [COPY]

    Creates a new instance of the X509Attestation copping the content of the provided one.

    方法

    createFromCAReferences(String primary)

    Factory with CAReferences with only primary reference.

    Creates a new instance of the X509Attestation using the provided primary CA reference.

    createFromCAReferences(String primary, String secondary)

    Factory with CAReferences with primary and secondary references.

    Creates a new instance of the X509Attestation with the primary and secondary CA references.

    createFromClientCertificates(String primary)

    Factory with ClientCertificate with only primary certificate.

    Creates a new instance of the X509Attestation using the provided primary Certificate.

    createFromClientCertificates(String primary, String secondary)

    Factory with ClientCertificates with primary and secondary certificates.

    Creates a new instance of the X509Attestation with the primary and secondary certificates.

    createFromRootCertificates(String primary)

    Factory with RootCertificates with only primary certificate.

    Creates a new instance of the X509Attestation using the provided primary Certificate.

    createFromRootCertificates(String primary, String secondary)

    Factory with RootCertificates with primary and secondary certificates.

    Creates a new instance of the X509Attestation with the primary and secondary certificates.

    getCAReferences()

    Getter for the caReferences.

    Deprecated

    as of provisioning-service-client version 1.3.3, please use getCAReferencesFinal()

    getCAReferencesFinal()

    Getter for the caReferences.

    getClientCertificates()

    Getter for the clientCertificates.

    Deprecated

    as of provisioning-service-client version 1.3.3, please use getClientCertificatesFinal()

    getClientCertificatesFinal()

    Getter for the clientCertificates.

    getPrimaryX509CertificateInfo()

    Getter for the primary X509 certificate info.

    This method is a getter for the information returned from the provisioning service for the provided primary certificate.

    getRootCertificates()

    Getter for the rootCertificates.

    Deprecated

    as of provisioning-service-client version 1.3.3, please use getRootCertificatesFinal()

    getRootCertificatesFinal()

    Getter for the rootCertificates.

    getSecondaryX509CertificateInfo()

    Getter for the secondary X509 certificate info.

    This method is a getter for the information returned from the provisioning service for the provided secondary certificate.

    适用于