This interface specifies constraints for cryptographic algorithms, keys (key sizes), and other algorithm parameters.
AlgorithmConstraints
objects are immutable. An implementation
of this interface should not provide methods that can change the state
of an instance once it has been created.
Note that AlgorithmConstraints
can be used to represent the
restrictions described by the security properties
jdk.certpath.disabledAlgorithms
and
jdk.tls.disabledAlgorithms
, or could be used by a
concrete PKIXCertPathChecker
to check whether a specified
certificate in the certification path contains the required algorithm
constraints.
Public Method Summary
abstract boolean |
permits(Set<CryptoPrimitive> primitives, String algorithm, AlgorithmParameters parameters)
Determines whether an algorithm is granted permission for the
specified cryptographic primitives.
|
abstract boolean |
permits(Set<CryptoPrimitive> primitives, String algorithm, Key key, AlgorithmParameters parameters)
Determines whether an algorithm and the corresponding key are granted
permission for the specified cryptographic primitives.
|
abstract boolean |
permits(Set<CryptoPrimitive> primitives, Key key)
Determines whether a key is granted permission for the specified
cryptographic primitives.
|
Public Methods
public abstract boolean permits (Set<CryptoPrimitive> primitives, String algorithm, AlgorithmParameters parameters)
Determines whether an algorithm is granted permission for the specified cryptographic primitives.
Parameters
primitives | a set of cryptographic primitives |
---|---|
algorithm | the algorithm name |
parameters | the algorithm parameters, or null if no additional parameters |
Returns
- true if the algorithm is permitted and can be used for all of the specified cryptographic primitives
Throws
IllegalArgumentException | if primitives or algorithm is null or empty |
---|
public abstract boolean permits (Set<CryptoPrimitive> primitives, String algorithm, Key key, AlgorithmParameters parameters)
Determines whether an algorithm and the corresponding key are granted permission for the specified cryptographic primitives.
Parameters
primitives | a set of cryptographic primitives |
---|---|
algorithm | the algorithm name |
key | the key |
parameters | the algorithm parameters, or null if no additional parameters |
Returns
- true if the key and the algorithm can be used for all of the specified cryptographic primitives
Throws
IllegalArgumentException | if primitives or algorithm is null or empty, or the key is null |
---|
public abstract boolean permits (Set<CryptoPrimitive> primitives, Key key)
Determines whether a key is granted permission for the specified cryptographic primitives.
This method is usually used to check key size and key usage.
Parameters
primitives | a set of cryptographic primitives |
---|---|
key | the key |
Returns
- true if the key can be used for all of the specified cryptographic primitives
Throws
IllegalArgumentException | if primitives is null or empty, or the key is null |
---|