public abstract class CertStoreSpi extends Object
The Service Provider Interface (SPI) for the CertStore
class. All CertStore
implementations must include a class (the SPI class) that extends this class (CertStoreSpi
), provides a constructor with a single argument of type CertStoreParameters
, and implements all of its methods. In general, instances of this class should only be accessed through the CertStore
class. For details, see the Java Cryptography Architecture.
Concurrent Access
The public methods of all CertStoreSpi
objects must be thread-safe. That is, multiple threads may concurrently invoke these methods on a single CertStoreSpi
object (or more than one) with no ill effects. This allows a CertPathBuilder
to search for a CRL while simultaneously searching for further certificates, for instance.
Simple CertStoreSpi
implementations will probably ensure thread safety by adding a synchronized
keyword to their engineGetCertificates
and engineGetCRLs
methods. More sophisticated ones may allow truly concurrent access.
public CertStoreSpi(CertStoreParameters params) throws InvalidAlgorithmParameterException
The sole constructor.
params
- the initialization parameters (may be null
)InvalidAlgorithmParameterException
- if the initialization parameters are inappropriate for this CertStoreSpi
public abstract Collection<? extends Certificate> engineGetCertificates(CertSelector selector) throws CertStoreException
Returns a Collection
of Certificate
s that match the specified selector. If no Certificate
s match the selector, an empty Collection
will be returned.
For some CertStore
types, the resulting Collection
may not contain all of the Certificate
s that match the selector. For instance, an LDAP CertStore
may not search all entries in the directory. Instead, it may just search entries that are likely to contain the Certificate
s it is looking for.
Some CertStore
implementations (especially LDAP CertStore
s) may throw a CertStoreException
unless a non-null CertSelector
is provided that includes specific criteria that can be used to find the certificates. Issuer and/or subject names are especially useful criteria.
selector
- A CertSelector
used to select which Certificate
s should be returned. Specify null
to return all Certificate
s (if supported).Collection
of Certificate
s that match the specified selector (never null
)CertStoreException
- if an exception occurspublic abstract Collection<? extends CRL> engineGetCRLs(CRLSelector selector) throws CertStoreException
Returns a Collection
of CRL
s that match the specified selector. If no CRL
s match the selector, an empty Collection
will be returned.
For some CertStore
types, the resulting Collection
may not contain all of the CRL
s that match the selector. For instance, an LDAP CertStore
may not search all entries in the directory. Instead, it may just search entries that are likely to contain the CRL
s it is looking for.
Some CertStore
implementations (especially LDAP CertStore
s) may throw a CertStoreException
unless a non-null CRLSelector
is provided that includes specific criteria that can be used to find the CRLs. Issuer names and/or the certificate to be checked are especially useful.
selector
- A CRLSelector
used to select which CRL
s should be returned. Specify null
to return all CRL
s (if supported).Collection
of CRL
s that match the specified selector (never null
)CertStoreException
- if an exception occurs
© 1993–2017, Oracle and/or its affiliates. All rights reserved.
Documentation extracted from Debian's OpenJDK Development Kit package.
Licensed under the GNU General Public License, version 2, with the Classpath Exception.
Various third party code in OpenJDK is licensed under different licenses (see Debian package).
Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.