The KeyStore.engineStore(KeyStore.LoadStoreParameter)
and KeyStoreSpi.engineLoad(KeyStore.LoadStoreParameter)
are really needed only when the keystore format is not based on a single file, for example the keystore itself is a directory and entries are individual files inside that directory.
When the keystore format is a single file then stream-based versions of engineStore
/engineLoad
usually suffice and there is no need to overwrite param-based versions.
Assuming that the keystore is indeed can not be represented as a single file and therefore the keystore can not be loaded or saved using stream-based API:
- Throw
UnsupportedOperationException
fromKeyStore.engineStore(OutputStream,char[])
andKeyStore.engineStore(InputStream,char[])
methods. - Create
class MyLoadStoreParameter implements KeyStore.LoadStoreParameter
that will contain all the information required to store or load a keystore, like the path to the directory for the example above, password, etc. Making it immutable is an obviously good thing. Your keystore implementation can even define multiple variants ofLoadStoreParameter
of the keystore has multiple external representations. - Implement
KeyStore.engineStore(KeyStore.LoadStoreParameter)
andKeyStoreSpi.engineLoad(KeyStore.LoadStoreParameter)
accordingly.
You should throw IllegalArgumentException
when KeyStore.LoadStoreParameter
argument is not an instance of MyLoadStoreParameter
. That will automatically cover the case when the parameter is null
.
After checking the param type and casting it you just proceed to write or read the keystore in your specific external representation using the information contained in the param.