Class SystemIdentity

    • Constructor Detail

      • SystemIdentity

        public SystemIdentity​(java.security.cert.Certificate[] chain)
        Creates new system identity from given chain of x.509 certificates.

        The certificate at index 0 must represent the identity in question while all subsequent certificates constitute its chain of issuers. The certificates must be in order in the sense that the certificate at index n must be issued by the certificate at index n + 1.

        The smallest valid chain of certificates contains only two certificates, a system certificate and its issuer cloud certificate. If this constructor completes successfully, the system certificate has been verified to contain a correct Arrowhead system name. The cloud certificate is not ensured to be present or valid.

        Parameters:
        chain - x.509 certificate chain belonging to an Arrowhead system.
        Throws:
        java.lang.NullPointerException - If chain is null.
        java.lang.IllegalArgumentException - If chain.length < 2, if chain contains any other type of certificate than X509Certificate, or if the subject common name of the certificate at index 0 is not a valid Arrowhead system certificate name.
        See Also:
        Arrowhead Identity Management
      • SystemIdentity

        public SystemIdentity​(java.security.cert.X509Certificate[] chain)
        Creates new system identity from given chain of x.509 certificates.

        The certificate at index 0 must represent the identity in question while all subsequent certificates constitute its chain of issuers. The certificates must be in order in the sense that the certificate at index n must be issued by the certificate at index n + 1.

        The smallest valid chain of certificates contains only two certificates, a system certificate and its issuer cloud certificate. If this constructor completes successfully, the system certificate has been verified to contain a correct Arrowhead system name. The cloud certificate is not ensured to be present or valid.

        Parameters:
        chain - x.509 certificate chain belonging to an Arrowhead system.
        Throws:
        java.lang.NullPointerException - If chain is null.
        java.lang.IllegalArgumentException - If chain.length < 2 or if the subject common name of the certificate at index 0 is not a valid Arrowhead system certificate name.
        See Also:
        Arrowhead Identity Management
      • SystemIdentity

        public SystemIdentity​(TrustedIdentity identity)
        Promotes given identity to a SystemIdentity.

        The promotion will succeed only if the certificate of the given identity contains an Arrowhead-compliant subject common name and has a cloud certificate in its certificate chain.

        Parameters:
        identity - Identity to promote.
        Throws:
        java.lang.IllegalArgumentException - If given identity does not satisfy the requirements for being a system identity.
        See Also:
        Arrowhead Identity Management
      • SystemIdentity

        protected SystemIdentity​(SystemIdentity identity)
    • Method Detail

      • tryFrom

        public static java.util.Optional<SystemIdentity> tryFrom​(java.security.cert.Certificate[] chain)
        Attempts to create new system identity from given chain of certificates.

        The certificate at index 0 must represent the identity in question while all subsequent certificates constitute its chain of issuers. The certificates must be in order in the sense that the certificate at index n must be issued by the certificate at index n + 1.

        The smallest valid chain of certificates contains only two certificates, a system certificate and its issuer cloud certificate. If this constructor completes successfully, the system certificate has been verified to contain a correct Arrowhead system name. The cloud certificate is ensured to be present, but not valid.

        Parameters:
        chain - x.509 certificate chain belonging to an Arrowhead system.
        Returns:
        System identity only if given chain satisfies all criteria.
        See Also:
        Arrowhead Identity Management
      • masterName

        public java.lang.String masterName()
        Returns:
        Master name. Always identical to full master CN.
        See Also:
        Arrowhead Identity Management