Class KeyStoreHelper
- java.lang.Object
-
- eu.emi.security.authn.x509.helpers.KeyStoreHelper
-
-
Constructor Summary
Constructors Constructor Description KeyStoreHelper()
-
Method Summary
All Methods Static Methods Concrete Methods Deprecated Methods Modifier and Type Method Description static KeyStore
getInstance(String type)
Deprecated.use other methods from this class.static KeyStore
getInstanceForCredential(String type)
Creates an instance of KeyStore which should be used for loading/storing credentials.static KeyStore
getInstanceForTrust(String type)
Creates an instance of KeyStore which should be used as a truststore, using our custom logic for choosing a provider: BC for PKCS12 and default for others.
-
-
-
Method Detail
-
getInstance
@Deprecated public static KeyStore getInstance(String type) throws KeyStoreException
Deprecated.use other methods from this class.Creates an instance of KeyStore using our custom logic for choosing a provider: BC for PKCS12 and default for others.- Parameters:
type
- keystore type, usually PKCS12 or JKS- Returns:
- keystore object instance. It is not loaded/initialized.
- Throws:
KeyStoreException
- if there is no provider supporting keystore type
-
getInstanceForTrust
public static KeyStore getInstanceForTrust(String type) throws KeyStoreException
Creates an instance of KeyStore which should be used as a truststore, using our custom logic for choosing a provider: BC for PKCS12 and default for others. Usage of default provider for PKCS12 makes it not usable as a trust anchor store (bug/'feature' in JDK?). BC-created Keystore is universal but in many cases requires the unlimited strength crypto policy.- Parameters:
type
- keystore type, usually PKCS12 or JKS- Returns:
- keystore object instance. It is not loaded/initialized.
- Throws:
KeyStoreException
- if there is no provider supporting keystore type
-
getInstanceForCredential
public static KeyStore getInstanceForCredential(String type) throws KeyStoreException
Creates an instance of KeyStore which should be used for loading/storing credentials. A default provider is used. The default provider in the most cases doesn't need unlimited strength cryptography installed.- Parameters:
type
- keystore type, usually PKCS12 or JKS- Returns:
- keystore object instance. It is not loaded/initialized.
- Throws:
KeyStoreException
- if there is no provider supporting keystore type
-
-