The java.security.KeyStore class is the storage facility for cryptographic keys and certificates. This class extends java.lang.Object, as follows:
public class KeyStore extends Object
There are three types of entries that are managed by KeyStore, and each implements the KeyStore.Entry interface, one of the three interfaces provided by the KeyStore class. The entry implementations are defined in the following table:
| Implementation | Description |
| KeyStore.PrivateKeyEntry |
Contains the PrivateKey, which it can store in a protected format. Contains the certificate chain for the public key. |
| KeyStore.SecretKeyEntry | Contains the SecretKey, which it can store in a protected format. |
| KeyStore.TrustedCertifcateEntry | Contains a single public key Certificate from an external source. |
This class has been part of the Java platform since version 1.2. It has one constructor, three interfaces, six subclasses, and several methods. The constructor definition is as follows:
protected KeyStore(KeyStoreSpi keyStoresSpi, Provider provider, String type)
The KeyStore class contains the following interfaces:
- public static interface KeyStore.Entry: This interface serves as a marker for KeyStore entry types and contains no methods.
- public static interface KeyStore.LoadStoreParameter: This interface serves as a marker for load and store parameters and has the following method that returns null, or the parameter used to protect the KeyStore data:
- getProtectionParameter()
- public static interface KeyStore.ProtectionParameter: This interface serves as a marker for KeyStore protection parameters and contains no methods.
The java.security.KeyStore class also contains the six nested classes, each of these are examined in the subsequent sections.