Class KeyInfoCredentialResolutionMode

All Implemented Interfaces:

public final class KeyInfoCredentialResolutionMode extends Object implements Criterion
An implementation of Criterion which specifies criteria to a KeyInfoCredentialResolver about whether to resolve public credentials, local credentials, or both.

A local credential is defined as one carrying either a PrivateKey or a SecretKey.

This criterion is used with resolver implementations which are capable of local credential resolution using the (usually public) information available directly within KeyInfo.

If PUBLIC then resolver implementations may skip local resolution and return any credentials extracted directly from KeyInfo. This mode does not mean that a local credential will absolutely not be returned, merely that the resolver is not obligated to do so. For example, an AgreementMethod might produce a credential containing a SecretKey, and this would be returned in this mode.

If LOCAL then resolver implementations which are capable of resolving local credentials should attempt that local credential resolution, and only those local credentials should be returned.

If BOTH then local credential resolution should be attempted as in LOCAL. If a local credential based on a given public credential's info is resolved it will be returned, otherwise the public credential itself will be returned.