Package com.yubico.fido.metadata
Class FidoMetadataDownloader.FidoMetadataDownloaderBuilder
- java.lang.Object
-
- com.yubico.fido.metadata.FidoMetadataDownloader.FidoMetadataDownloaderBuilder
-
- Enclosing class:
- FidoMetadataDownloader
public static class FidoMetadataDownloader.FidoMetadataDownloaderBuilder extends java.lang.Object
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classFidoMetadataDownloader.FidoMetadataDownloaderBuilder.Step1Step 1: Set the legal header to expect from the FIDO Metadata Service.static classFidoMetadataDownloader.FidoMetadataDownloaderBuilder.Step2Step 2: Configure how to retrieve the FIDO Metadata Service trust root certificate when necessary.static classFidoMetadataDownloader.FidoMetadataDownloaderBuilder.Step3Step 3: Configure how to cache the trust root certificate.static classFidoMetadataDownloader.FidoMetadataDownloaderBuilder.Step4Step 4: Configure how to fetch the FIDO Metadata Service metadata BLOB.static classFidoMetadataDownloader.FidoMetadataDownloaderBuilder.Step5Step 5: Configure how to cache the metadata BLOB.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description FidoMetadataDownloaderbuild()FidoMetadataDownloader.FidoMetadataDownloaderBuilderclock(@NonNull java.time.Clock clock)Useclockas the source of the current time for some application-level logic.FidoMetadataDownloader.FidoMetadataDownloaderBuildertrustHttpsCerts(@NonNull java.security.cert.X509Certificate... certificates)Use the providedX509Certificates as trust roots for HTTPS downloads.FidoMetadataDownloader.FidoMetadataDownloaderBuilderuseCrls(@NonNull java.util.Collection<java.security.cert.CRL> crls)Use the provided CRLs.FidoMetadataDownloader.FidoMetadataDownloaderBuilderuseCrls(java.security.cert.CertStore certStore)Use CRLs in the providedCertStore.
-
-
-
Method Detail
-
build
public FidoMetadataDownloader build()
-
clock
public FidoMetadataDownloader.FidoMetadataDownloaderBuilder clock(@NonNull @NonNull java.time.Clock clock)
Useclockas the source of the current time for some application-level logic.This is primarily intended for testing.
The default is
Clock.systemUTC().- Parameters:
clock- aClockwhich the finishedFidoMetadataDownloaderwill use to tell the time.
-
useCrls
public FidoMetadataDownloader.FidoMetadataDownloaderBuilder useCrls(@NonNull @NonNull java.util.Collection<java.security.cert.CRL> crls) throws java.security.InvalidAlgorithmParameterException, java.security.NoSuchAlgorithmException
Use the provided CRLs.CRLs will also be downloaded from distribution points if the
com.sun.security.enableCRLDPsystem property is set totrue(assuming the use of theCertPathValidatorimplementation from the SUN provider).- Throws:
java.security.InvalidAlgorithmParameterException- ifCertStore.getInstance(String, CertStoreParameters)does.java.security.NoSuchAlgorithmException- if a"Collection"typeCertStoreprovider is not available.- See Also:
useCrls(CertStore)
-
useCrls
public FidoMetadataDownloader.FidoMetadataDownloaderBuilder useCrls(java.security.cert.CertStore certStore)
Use CRLs in the providedCertStore.CRLs will also be downloaded from distribution points if the
com.sun.security.enableCRLDPsystem property is set totrue(assuming the use of theCertPathValidatorimplementation from the SUN provider).- See Also:
useCrls(Collection)
-
trustHttpsCerts
public FidoMetadataDownloader.FidoMetadataDownloaderBuilder trustHttpsCerts(@NonNull @NonNull java.security.cert.X509Certificate... certificates)
Use the providedX509Certificates as trust roots for HTTPS downloads.This is primarily useful when setting
downloadTrustRootand/ordownloadBlobto download from custom servers instead of the defaults.If provided, these will be used for downloading
- the trust root certificate for the BLOB signature chain, and
- the metadata BLOB.
-
-