Class X509Bundle

java.lang.Object
io.spiffe.bundle.x509bundle.X509Bundle
All Implemented Interfaces:
BundleSource<X509Bundle>
public class X509Bundle extends Object implements BundleSource<X509Bundle>
Represents a collection of trusted X.509 authorities for a trust domain.

  • Constructor Details

    • X509Bundle

      public X509Bundle(@NonNull @NonNull TrustDomain trustDomain)
      Creates a new X.509 bundle for a trust domain.
      Parameters:
      trustDomain - a TrustDomain to associate to the JwtBundle

    • X509Bundle

      public X509Bundle(@NonNull @NonNull TrustDomain trustDomain, @NonNull @NonNull Set<X509Certificate> x509Authorities)
      Creates a new X.509 bundle for a trust domain with X.509 Authorities.
      Parameters:
      trustDomain - a TrustDomain to associate to the JwtBundle
      x509Authorities - a Map of X.509 Certificates

  • Method Details

    • load

      public static X509Bundle load(@NonNull @NonNull TrustDomain trustDomain, @NonNull @NonNull Path bundlePath) throws X509BundleException
      Loads an X.509 bundle from a file on disk.
      Parameters:
      trustDomain - a TrustDomain to associate to the bundle
      bundlePath - a path to the file that has the X.509 authorities
      Returns:
      an instance of X509Bundle with the X.509 authorities associated to the trust domain.
      Throws:
      X509BundleException - in case of failure accessing the given bundle path or the bundle cannot be parsed

    • parse

      public static X509Bundle parse(@NonNull @NonNull TrustDomain trustDomain, @NonNull @NonNull byte[] bundleBytes) throws X509BundleException
      Parses an X.509 bundle from an array of bytes.
      Parameters:
      trustDomain - a TrustDomain to associate to the X.509 bundle
      bundleBytes - an array of bytes that represents the X.509 authorities
      Returns:
      an instance of X509Bundle with the X.509 authorities associated to the given trust domain
      Throws:
      X509BundleException - if the bundle cannot be parsed

    • getBundleForTrustDomain

      public X509Bundle getBundleForTrustDomain(@NonNull @NonNull TrustDomain trustDomain) throws BundleNotFoundException
      Returns the X.509 bundle associated to the trust domain.
      Specified by:
      getBundleForTrustDomain in interface BundleSource<X509Bundle>
      Parameters:
      trustDomain - an instance of a TrustDomain
      Returns:
      the X509Bundle associated to the given trust domain
      Throws:
      BundleNotFoundException - if no X.509 bundle can be found for the given trust domain

    • getX509Authorities

      public Set<X509Certificate> getX509Authorities()
      Returns the X.509 Authorities in the bundle.
      Returns:
      the X.509 Authorities in the bundle

    • hasX509Authority

      public boolean hasX509Authority(@NonNull @NonNull X509Certificate x509Authority)
      Checks if the given X.509 authority exists in the bundle.
      Parameters:
      x509Authority - an X.509 certificate
      Returns:
      boolean true if the x509Authority is present in the X.509 bundle, false otherwise

    • addX509Authority

      public void addX509Authority(@NonNull @NonNull X509Certificate x509Authority)
      Adds an X.509 authority to the bundle.
      Parameters:
      x509Authority - an X.509 certificate

    • removeX509Authority

      public void removeX509Authority(@NonNull @NonNull X509Certificate x509Authority)
      Removes an X.509 authority from the bundle.
      Parameters:
      x509Authority - an X.509 certificate