Package ch.nevis.mobile.sdk.api.devicecapabilities

Enum Class CertificateChainValidationResult

java.lang.Object
java.lang.Enum<CertificateChainValidationResult>
ch.nevis.mobile.sdk.api.devicecapabilities.CertificateChainValidationResult
All Implemented Interfaces:
Serializable, Comparable<CertificateChainValidationResult>, Constable
public enum CertificateChainValidationResult extends Enum<CertificateChainValidationResult>
The result of the certificate validation done to know if the keys generated by the device have been generated using a chipset containing a Google root certificate.

For a device to support full basic attestation, the certificate chain validation result is be SUCCESS.

See Also:

  • Enum Constant Details

    • SUCCESS

      public static final CertificateChainValidationResult SUCCESS
      The certificate chain generated by the device is valid. This means that the mobile device has hardware that is using a known Google root certificate, that there are no revoked nor expired certificates in it, and that all certificates in the chain are properly signed.

    • UNKNOWN_ROOT_CERTIFICATE

      public static final CertificateChainValidationResult UNKNOWN_ROOT_CERTIFICATE
      The certificate chain contains an unknown root certificate. This can occur with old devices, or new devices (like some Huawei models) that do not have a Google certified chipset.

    • CRL_VALIDATION_FAILED

      public static final CertificateChainValidationResult CRL_VALIDATION_FAILED
      The certificate chain contains a known Google root certificate. However, it also contains at least one revoked certificate from the certificate revocation list (CRL) published by Google here. This can occur when the device is using a compromised certificate.

    • INVALID_CERTIFICATE_CHAIN

      public static final CertificateChainValidationResult INVALID_CERTIFICATE_CHAIN
      The certificate chain contains a known Google root certificate, but the certificate chain could not be verified. This can occur if a rogue client is trying to mimic a trusted mobile device. It can also occur that in old devices one of the intermediate certificates in the chain has expired.

  • Method Details

    • values

      public static CertificateChainValidationResult[] values()
      Returns an array containing the constants of this enum class, in the order they are declared.
      Returns:
      an array containing the constants of this enum class, in the order they are declared

    • valueOf

      public static CertificateChainValidationResult valueOf(String name)
      Returns the enum constant of this class with the specified name. The string must match exactly an identifier used to declare an enum constant in this class. (Extraneous whitespace characters are not permitted.)
      Parameters:
      name - the name of the enum constant to be returned.
      Returns:
      the enum constant with the specified name
      Throws:
      IllegalArgumentException - if this enum class has no constant with the specified name
      NullPointerException - if the argument is null