Class CertStoreSpi

java.lang.Object
java.security.cert.CertStoreSpi
public abstract class CertStoreSpi extends Object
The Service Provider Interface (SPI) for the CertStore class. All CertStore implementations must include a class (the SPI class) that extends this class (CertStoreSpi), provides a constructor with a single argument of type CertStoreParameters, and implements all of its methods. In general, instances of this class should only be accessed through the CertStore class. For details, see the Java Cryptography Architecture.

Concurrent Access

The public methods of all CertStoreSpi objects must be thread-safe. That is, multiple threads may concurrently invoke these methods on a single CertStoreSpi object (or more than one) with no ill effects. This allows a CertPathBuilder to search for a CRL while simultaneously searching for further certificates, for instance.

Simple CertStoreSpi implementations will probably ensure thread safety by adding a synchronized keyword to their engineGetCertificates and engineGetCRLs methods. More sophisticated ones may allow truly concurrent access.

Since:
1.4

  • Constructor Summary

    Constructors
    Constructor
    Description
    CertStoreSpi(CertStoreParameters params)
    The sole constructor.

  • Method Summary

    Modifier and Type
    Method
    Description
    abstract Collection<? extends Certificate>
    engineGetCertificates(CertSelector selector)
    Returns a Collection of Certificates that match the specified selector.
    abstract Collection<? extends CRL>
    engineGetCRLs(CRLSelector selector)
    Returns a Collection of CRLs that match the specified selector.

    Methods declared in class Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    Modifier and Type
    Method
    Description
    protected Object
    clone()
    Creates and returns a copy of this object.
    boolean
    equals(Object obj)
    Indicates whether some other object is "equal to" this one.
    protected void
    finalize()
    Deprecated, for removal: This API element is subject to removal in a future version.
    Finalization is deprecated and subject to removal in a future release.
    final Class<?>
    getClass()
    Returns the runtime class of this Object.
    int
    hashCode()
    Returns a hash code value for this object.
    final void
    notify()
    Wakes up a single thread that is waiting on this object's monitor.
    final void
    notifyAll()
    Wakes up all threads that are waiting on this object's monitor.
    String
    toString()
    Returns a string representation of the object.
    final void
    wait()
    Causes the current thread to wait until it is awakened, typically by being notified or interrupted.
    final void
    wait(long timeoutMillis)
    Causes the current thread to wait until it is awakened, typically by being notified or interrupted, or until a certain amount of real time has elapsed.
    final void
    wait(long timeoutMillis, int nanos)
    Causes the current thread to wait until it is awakened, typically by being notified or interrupted, or until a certain amount of real time has elapsed.

  • Constructor Details

  • Method Details

    • engineGetCertificates

      public abstract Collection<? extends Certificate> engineGetCertificates(CertSelector selector) throws CertStoreException
      Returns a Collection of Certificates that match the specified selector. If no Certificates match the selector, an empty Collection will be returned.

      For some CertStore types, the resulting Collection may not contain all of the Certificates that match the selector. For instance, an LDAP CertStore may not search all entries in the directory. Instead, it may just search entries that are likely to contain the Certificates it is looking for.

      Some CertStore implementations (especially LDAP CertStores) may throw a CertStoreException unless a non-null CertSelector is provided that includes specific criteria that can be used to find the certificates. Issuer and/or subject names are especially useful criteria.

      Parameters:
      selector - A CertSelector used to select which Certificates should be returned. Specify null to return all Certificates (if supported).
      Returns:
      A Collection of Certificates that match the specified selector (never null)
      Throws:
      CertStoreException - if an exception occurs

    • engineGetCRLs

      public abstract Collection<? extends CRL> engineGetCRLs(CRLSelector selector) throws CertStoreException
      Returns a Collection of CRLs that match the specified selector. If no CRLs match the selector, an empty Collection will be returned.

      For some CertStore types, the resulting Collection may not contain all of the CRLs that match the selector. For instance, an LDAP CertStore may not search all entries in the directory. Instead, it may just search entries that are likely to contain the CRLs it is looking for.

      Some CertStore implementations (especially LDAP CertStores) may throw a CertStoreException unless a non-null CRLSelector is provided that includes specific criteria that can be used to find the CRLs. Issuer names and/or the certificate to be checked are especially useful.

      Parameters:
      selector - A CRLSelector used to select which CRLs should be returned. Specify null to return all CRLs (if supported).
      Returns:
      A Collection of CRLs that match the specified selector (never null)
      Throws:
      CertStoreException - if an exception occurs