AttestationTrustSource.TrustRootsResult (webauthn-server-core 2.4.1-RC1 API)

java.lang.Object
- com.yubico.webauthn.attestation.AttestationTrustSource.TrustRootsResult

Enclosing interface:

AttestationTrustSource
```
public static final class AttestationTrustSource.TrustRootsResult
extends java.lang.Object
```
A result of looking up attestation trust roots for a particular attestation statement.
This primarily consists of a set of trust root certificates - see trustRoots(Set) - but may also:
- include a CertStore of additional CRLs and/or intermediate certificates to use during certificate path validation - see certStore(CertStore);
- disable certificate revocation checking for the relevant attestation statement - see enableRevocationChecking(boolean); and/or
- define a policy tree validator for the PKIX policy tree result - see policyTreeValidator(Predicate).

Nested Class Summary

Nested Classes
Modifier and Type Class and Description

static class AttestationTrustSource.TrustRootsResult.TrustRootsResultBuilder

Nested Classes
Modifier and Type	Class and Description
`static class`	`AttestationTrustSource.TrustRootsResult.TrustRootsResultBuilder`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`static AttestationTrustSource.TrustRootsResult.TrustRootsResultBuilder.Step1`	`builder()`
`boolean`	`equals(java.lang.Object o)`
`java.util.Optional<java.security.cert.CertStore>`	`getCertStore()` A `CertStore` of additional CRLs and/or intermediate certificates to use during certificate path validation, if any.
`java.util.Optional<java.util.function.Predicate<java.security.cert.PolicyNode>>`	`getPolicyTreeValidator()` If non-null, the PolicyQualifiersRejected flag will be set to false during certificate path validation.
`@NonNull java.util.Set<java.security.cert.X509Certificate>`	`getTrustRoots()` A set of attestation root certificates trusted to certify the relevant attestation statement.
`int`	`hashCode()`
`boolean`	`isEnableRevocationChecking()` Whether certificate revocation should be checked during certificate path validation.
`AttestationTrustSource.TrustRootsResult.TrustRootsResultBuilder`	`toBuilder()`
`java.lang.String`	`toString()`

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait

- Method Detail
  - getCertStore
```
public java.util.Optional<java.security.cert.CertStore> getCertStore()
```
    A CertStore of additional CRLs and/or intermediate certificates to use during certificate path validation, if any. This will not be used if trustRoots is empty.
    Any certificates included in this CertStore are NOT considered trusted; they will be trusted only if they chain to any of the trustRoots.
    The default is null.
  - getPolicyTreeValidator
```
public java.util.Optional<java.util.function.Predicate<java.security.cert.PolicyNode>> getPolicyTreeValidator()
```
    If non-null, the PolicyQualifiersRejected flag will be set to false during certificate path validation. See PKIXParameters.setPolicyQualifiersRejected(boolean).
    The given Predicate will be used to validate the policy tree. The Predicate should return true if the policy tree is acceptable, and false otherwise.
    Depending on your "PKIX" JCA provider configuration, this may be required if any certificate in the certificate path contains a certificate policies extension marked critical. If this is not set, then such a certificate will be rejected by the certificate path validator from the default provider.
    Consult the Java PKI Programmer's Guide for how to use the PolicyNode argument of the Predicate.
    The default is null.
  - builder
```
public static AttestationTrustSource.TrustRootsResult.TrustRootsResultBuilder.Step1 builder()
```
  - getTrustRoots
```
@NonNull
public @NonNull java.util.Set<java.security.cert.X509Certificate> getTrustRoots()
```
    A set of attestation root certificates trusted to certify the relevant attestation statement. If the attestation statement is not trusted, or if no trust roots were found, this should be an empty set.
  - isEnableRevocationChecking
```
public boolean isEnableRevocationChecking()
```
    Whether certificate revocation should be checked during certificate path validation.
  - toBuilder
```
public AttestationTrustSource.TrustRootsResult.TrustRootsResultBuilder toBuilder()
```
  - equals
```
public boolean equals(java.lang.Object o)
```
    Overrides:
    
    equals in class java.lang.Object
  - hashCode
```
public int hashCode()
```
    Overrides:
    
    hashCode in class java.lang.Object
  - toString
```
public java.lang.String toString()
```
    Overrides:
    
    toString in class java.lang.Object

Class AttestationTrustSource.TrustRootsResult

Nested Class Summary

Method Summary

Methods inherited from class java.lang.Object

Method Detail

getCertStore

getPolicyTreeValidator

builder

getTrustRoots

isEnableRevocationChecking

toBuilder

equals

hashCode

toString