-
public interface AlgorithmConstraints
This interface specifies constraints for cryptographic algorithms, keys (key sizes), and other algorithm parameters.AlgorithmConstraints
objects are immutable. An implementation of this interface should not provide methods that can change the state of an instance once it has been created.Note that
AlgorithmConstraints
can be used to represent the restrictions described by the security propertiesjdk.certpath.disabledAlgorithms
andjdk.tls.disabledAlgorithms
, or could be used by a concretePKIXCertPathChecker
to check whether a specified certificate in the certification path contains the required algorithm constraints.
-
-
Method Summary
Modifier and Type Method Description boolean
permits(Set<CryptoPrimitive> primitives, String algorithm, AlgorithmParameters parameters)
Determines whether an algorithm is granted permission for the specified cryptographic primitives.boolean
permits(Set<CryptoPrimitive> primitives, String algorithm, Key key, AlgorithmParameters parameters)
Determines whether an algorithm and the corresponding key are granted permission for the specified cryptographic primitives.boolean
permits(Set<CryptoPrimitive> primitives, Key key)
Determines whether a key is granted permission for the specified cryptographic primitives.
-
-
-
Method Detail
-
permits
boolean permits(Set<CryptoPrimitive> primitives, String algorithm, AlgorithmParameters parameters)
Determines whether an algorithm is granted permission for the specified cryptographic primitives.- Parameters:
primitives
- a set of cryptographic primitivesalgorithm
- the algorithm nameparameters
- the algorithm parameters, or null if no additional parameters- Returns:
- true if the algorithm is permitted and can be used for all of the specified cryptographic primitives
- Throws:
IllegalArgumentException
- if primitives or algorithm is null or empty
-
permits
boolean permits(Set<CryptoPrimitive> primitives, Key key)
Determines whether a key is granted permission for the specified cryptographic primitives.This method is usually used to check key size and key usage.
- Parameters:
primitives
- a set of cryptographic primitiveskey
- the key- Returns:
- true if the key can be used for all of the specified cryptographic primitives
- Throws:
IllegalArgumentException
- if primitives is null or empty, or the key is null
-
permits
boolean permits(Set<CryptoPrimitive> primitives, String algorithm, Key key, AlgorithmParameters parameters)
Determines whether an algorithm and the corresponding key are granted permission for the specified cryptographic primitives.- Parameters:
primitives
- a set of cryptographic primitivesalgorithm
- the algorithm namekey
- the keyparameters
- the algorithm parameters, or null if no additional parameters- Returns:
- true if the key and the algorithm can be used for all of the specified cryptographic primitives
- Throws:
IllegalArgumentException
- if primitives or algorithm is null or empty, or the key is null
-
-