java.security.cert

Class CertStore


  • public class CertStore
    extends Object
    A class for retrieving Certificates and CRLs from a repository.

    This class uses a provider-based architecture. To create a CertStore, call one of the static getInstance methods, passing in the type of CertStore desired, any applicable initialization parameters and optionally the name of the provider desired.

    Once the CertStore has been created, it can be used to retrieve Certificates and CRLs by calling its getCertificates and getCRLs methods.

    Unlike a KeyStore, which provides access to a cache of private keys and trusted certificates, a CertStore is designed to provide access to a potentially vast repository of untrusted certificates and CRLs. For example, an LDAP implementation of CertStore provides access to certificates and CRLs stored in one or more directories using the LDAP protocol and the schema as defined in the RFC service attribute.

    Every implementation of the Java platform is required to support the following standard CertStore type:

    • Collection
    This type is described in the CertStore section of the Java Cryptography Architecture Standard Algorithm Name Documentation. Consult the release documentation for your implementation to see if any other types are supported.

    Concurrent Access

    All public methods of CertStore objects must be thread-safe. That is, multiple threads may concurrently invoke these methods on a single CertStore object (or more than one) with no ill effects. This allows a CertPathBuilder to search for a CRL while simultaneously searching for further certificates, for instance.

    The static methods of this class are also guaranteed to be thread-safe. Multiple threads may concurrently invoke the static methods defined in this class with no ill effects.

    Since:
    1.4
    • Constructor Detail

      • CertStore

        protected CertStore(CertStoreSpi storeSpi,
                 Provider provider,
                 String type,
                 CertStoreParameters params)
        Creates a CertStore object of the given type, and encapsulates the given provider implementation (SPI object) in it.
        Parameters:
        storeSpi - the provider implementation
        provider - the provider
        type - the type
        params - the initialization parameters (may be null)
    • Method Detail

      • getCertificates

        public final Collection<? extends Certificate> getCertificates(CertSelector selector)
                                                                throws CertStoreException
        Returns a Collection of Certificates that match the specified selector. If no Certificates match the selector, an empty Collection will be returned.

        For some CertStore types, the resulting Collection may not contain all of the Certificates that match the selector. For instance, an LDAP CertStore may not search all entries in the directory. Instead, it may just search entries that are likely to contain the Certificates it is looking for.

        Some CertStore implementations (especially LDAP CertStores) may throw a CertStoreException unless a non-null CertSelector is provided that includes specific criteria that can be used to find the certificates. Issuer and/or subject names are especially useful criteria.

        Parameters:
        selector - A CertSelector used to select which Certificates should be returned. Specify null to return all Certificates (if supported).
        Returns:
        A Collection of Certificates that match the specified selector (never null)
        Throws:
        CertStoreException - if an exception occurs
      • getCRLs

        public final Collection<? extends CRL> getCRLs(CRLSelector selector)
                                                throws CertStoreException
        Returns a Collection of CRLs that match the specified selector. If no CRLs match the selector, an empty Collection will be returned.

        For some CertStore types, the resulting Collection may not contain all of the CRLs that match the selector. For instance, an LDAP CertStore may not search all entries in the directory. Instead, it may just search entries that are likely to contain the CRLs it is looking for.

        Some CertStore implementations (especially LDAP CertStores) may throw a CertStoreException unless a non-null CRLSelector is provided that includes specific criteria that can be used to find the CRLs. Issuer names and/or the certificate to be checked are especially useful.

        Parameters:
        selector - A CRLSelector used to select which CRLs should be returned. Specify null to return all CRLs (if supported).
        Returns:
        A Collection of CRLs that match the specified selector (never null)
        Throws:
        CertStoreException - if an exception occurs
      • getInstance

        public static CertStore getInstance(String type,
                            CertStoreParameters params)
                                     throws InvalidAlgorithmParameterException,
                                            NoSuchAlgorithmException
        Returns a CertStore object that implements the specified CertStore type and is initialized with the specified parameters.

        This method traverses the list of registered security Providers, starting with the most preferred Provider. A new CertStore object encapsulating the CertStoreSpi implementation from the first Provider that supports the specified type is returned.

        Note that the list of registered providers may be retrieved via the Security.getProviders() method.

        The CertStore that is returned is initialized with the specified CertStoreParameters. The type of parameters needed may vary between different types of CertStores. Note that the specified CertStoreParameters object is cloned.

        Parameters:
        type - the name of the requested CertStore type. See the CertStore section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard types.
        params - the initialization parameters (may be null).
        Returns:
        a CertStore object that implements the specified CertStore type.
        Throws:
        NoSuchAlgorithmException - if no Provider supports a CertStoreSpi implementation for the specified type.
        InvalidAlgorithmParameterException - if the specified initialization parameters are inappropriate for this CertStore.
        See Also:
        Provider
      • getInstance

        public static CertStore getInstance(String type,
                            CertStoreParameters params,
                            Provider provider)
                                     throws NoSuchAlgorithmException,
                                            InvalidAlgorithmParameterException
        Returns a CertStore object that implements the specified CertStore type.

        A new CertStore object encapsulating the CertStoreSpi implementation from the specified Provider object is returned. Note that the specified Provider object does not have to be registered in the provider list.

        The CertStore that is returned is initialized with the specified CertStoreParameters. The type of parameters needed may vary between different types of CertStores. Note that the specified CertStoreParameters object is cloned.

        Parameters:
        type - the requested CertStore type. See the CertStore section in the Java Cryptography Architecture Standard Algorithm Name Documentation for information about standard types.
        params - the initialization parameters (may be null).
        provider - the provider.
        Returns:
        a CertStore object that implements the specified type.
        Throws:
        NoSuchAlgorithmException - if a CertStoreSpi implementation for the specified type is not available from the specified Provider object.
        InvalidAlgorithmParameterException - if the specified initialization parameters are inappropriate for this CertStore
        IllegalArgumentException - if the provider is null.
        See Also:
        Provider
      • getCertStoreParameters

        public final CertStoreParameters getCertStoreParameters()
        Returns the parameters used to initialize this CertStore. Note that the CertStoreParameters object is cloned before it is returned.
        Returns:
        the parameters used to initialize this CertStore (may be null)
      • getType

        public final String getType()
        Returns the type of this CertStore.
        Returns:
        the type of this CertStore
      • getProvider

        public final Provider getProvider()
        Returns the provider of this CertStore.
        Returns:
        the provider of this CertStore
      • getDefaultType

        public static final String getDefaultType()
        Returns the default CertStore type as specified in the Java security properties file, or the string "LDAP" if no such property exists. The Java security properties file is located in the file named <JAVA_HOME>/lib/security/java.security. <JAVA_HOME> refers to the value of the java.home system property, and specifies the directory where the JRE is installed.

        The default CertStore type can be used by applications that do not want to use a hard-coded type when calling one of the getInstance methods, and want to provide a default CertStore type in case a user does not specify its own.

        The default CertStore type can be changed by setting the value of the "certstore.type" security property (in the Java security properties file) to the desired type.

        Returns:
        the default CertStore type as specified in the Java security properties file, or the string "LDAP" if no such property exists.

Deutsche Übersetzung

Sie haben gebeten, diese Seite auf Deutsch zu besuchen. Momentan ist nur die Oberfläche übersetzt, aber noch nicht der gesamte Inhalt.

Wenn Sie mir bei Übersetzungen helfen wollen, ist Ihr Beitrag willkommen. Alles, was Sie tun müssen, ist, sich auf der Website zu registrieren und mir eine Nachricht zu schicken, in der Sie gebeten werden, Sie der Gruppe der Übersetzer hinzuzufügen, die Ihnen die Möglichkeit gibt, die gewünschten Seiten zu übersetzen. Ein Link am Ende jeder übersetzten Seite zeigt an, dass Sie der Übersetzer sind und einen Link zu Ihrem Profil haben.

Vielen Dank im Voraus.

Dokument erstellt 11/06/2005, zuletzt geändert 04/03/2020
Quelle des gedruckten Dokuments:https://www.gaudry.be/de/java-api-rf-java/security/cert/certstore.html

Die Infobro ist eine persönliche Seite, deren Inhalt in meiner alleinigen Verantwortung liegt. Der Text ist unter der CreativeCommons-Lizenz (BY-NC-SA) verfügbar. Weitere Informationen auf die Nutzungsbedingungen und dem Autor.

Referenzen

  1. Zeigen Sie - html-Dokument Sprache des Dokuments:fr Manuel PHP : https://docs.oracle.com

Diese Verweise und Links verweisen auf Dokumente, die während des Schreibens dieser Seite konsultiert wurden, oder die zusätzliche Informationen liefern können, aber die Autoren dieser Quellen können nicht für den Inhalt dieser Seite verantwortlich gemacht werden.
Der Autor Diese Website ist allein dafür verantwortlich, wie die verschiedenen Konzepte und Freiheiten, die mit den Nachschlagewerken gemacht werden, hier dargestellt werden. Denken Sie daran, dass Sie mehrere Quellinformationen austauschen müssen, um das Risiko von Fehlern zu reduzieren.

Inhaltsverzeichnis Haut