AlgorithmConstraints
Stay organized with collections
Save and categorize content based on your preferences.
This interface specifies constraints for cryptographic algorithms,
keys (key sizes), and other algorithm parameters.
AlgorithmConstraints
objects are immutable. An implementation
of this interface should not provide methods that can change the state
of an instance once it has been created.
Note that AlgorithmConstraints
can be used to represent the
restrictions described by the security properties
jdk.certpath.disabledAlgorithms
and
jdk.tls.disabledAlgorithms
, or could be used by a
concrete PKIXCertPathChecker
to check whether a specified
certificate in the certification path contains the required algorithm
constraints.
Public Method Summary
abstract
boolean
|
|
abstract
boolean
|
|
abstract
boolean
|
permits( Set< CryptoPrimitive> primitives, Key key)
Determines whether a key is granted permission for the specified
cryptographic primitives.
|
Public Methods
Determines whether an algorithm is granted permission for the
specified cryptographic primitives.
Parameters
primitives |
a set of cryptographic primitives |
algorithm |
the algorithm name |
parameters |
the algorithm parameters, or null if no additional
parameters |
Returns
- true if the algorithm is permitted and can be used for all
of the specified cryptographic primitives
Determines whether an algorithm and the corresponding key are granted
permission for the specified cryptographic primitives.
Parameters
primitives |
a set of cryptographic primitives |
algorithm |
the algorithm name |
key |
the key |
parameters |
the algorithm parameters, or null if no additional
parameters |
Returns
- true if the key and the algorithm can be used for all of the
specified cryptographic primitives
public
abstract
boolean
permits
(Set<CryptoPrimitive> primitives, Key key)
Determines whether a key is granted permission for the specified
cryptographic primitives.
This method is usually used to check key size and key usage.
Parameters
primitives |
a set of cryptographic primitives |
key |
the key |
Returns
- true if the key can be used for all of the specified
cryptographic primitives
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-07-10 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-07-10 UTC."],[[["\u003cp\u003e\u003ccode\u003eAlgorithmConstraints\u003c/code\u003e specifies constraints for cryptographic algorithms, keys, and algorithm parameters.\u003c/p\u003e\n"],["\u003cp\u003e\u003ccode\u003eAlgorithmConstraints\u003c/code\u003e objects are immutable and cannot be changed after creation.\u003c/p\u003e\n"],["\u003cp\u003eIt can be used to represent security restrictions defined by \u003ccode\u003ejdk.certpath.disabledAlgorithms\u003c/code\u003e and \u003ccode\u003ejdk.tls.disabledAlgorithms\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003epermits\u003c/code\u003e methods determine if an algorithm or key is allowed for specified cryptographic primitives.\u003c/p\u003e\n"]]],["`AlgorithmConstraints` specifies immutable constraints for cryptographic algorithms, key sizes, and parameters. It checks algorithm permissions against cryptographic primitives using `permits` methods. These methods determine if an algorithm, with or without a key and parameters, or if a key alone, is permitted for specified primitives. It is useful to represent restrictions as `jdk.certpath.disabledAlgorithms` and `jdk.tls.disabledAlgorithms` or within `PKIXCertPathChecker` and cannot have it's internal state changed once created.\n"],null,["# AlgorithmConstraints\n\npublic interface **AlgorithmConstraints** \nThis interface specifies constraints for cryptographic algorithms,\nkeys (key sizes), and other algorithm parameters.\n\n\n`AlgorithmConstraints` objects are immutable. An implementation\nof this interface should not provide methods that can change the state\nof an instance once it has been created.\n\n\nNote that `AlgorithmConstraints` can be used to represent the\nrestrictions described by the security properties\n`jdk.certpath.disabledAlgorithms` and\n`jdk.tls.disabledAlgorithms`, or could be used by a\nconcrete `PKIXCertPathChecker` to check whether a specified\ncertificate in the certification path contains the required algorithm\nconstraints. \n\n##### See Also\n\n- [SSLParameters.getAlgorithmConstraints()](../../../reference/javax/net/ssl/SSLParameters.html#getAlgorithmConstraints())\n- [SSLParameters.setAlgorithmConstraints(AlgorithmConstraints)](../../../reference/javax/net/ssl/SSLParameters.html#setAlgorithmConstraints(java.security.AlgorithmConstraints)) \n\n### Public Method Summary\n\n|------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| abstract boolean | [permits](../../../reference/java/security/AlgorithmConstraints.html#permits(java.util.Set\u003cjava.security.CryptoPrimitive\u003e,%20java.lang.String,%20java.security.AlgorithmParameters))([Set](../../../reference/java/util/Set.html)\\\u003c[CryptoPrimitive](../../../reference/java/security/CryptoPrimitive.html)\\\u003e primitives, [String](../../../reference/java/lang/String.html) algorithm, [AlgorithmParameters](../../../reference/java/security/AlgorithmParameters.html) parameters) Determines whether an algorithm is granted permission for the specified cryptographic primitives. |\n| abstract boolean | [permits](../../../reference/java/security/AlgorithmConstraints.html#permits(java.util.Set\u003cjava.security.CryptoPrimitive\u003e,%20java.lang.String,%20java.security.Key,%20java.security.AlgorithmParameters))([Set](../../../reference/java/util/Set.html)\\\u003c[CryptoPrimitive](../../../reference/java/security/CryptoPrimitive.html)\\\u003e primitives, [String](../../../reference/java/lang/String.html) algorithm, [Key](../../../reference/java/security/Key.html) key, [AlgorithmParameters](../../../reference/java/security/AlgorithmParameters.html) parameters) Determines whether an algorithm and the corresponding key are granted permission for the specified cryptographic primitives. |\n| abstract boolean | [permits](../../../reference/java/security/AlgorithmConstraints.html#permits(java.util.Set\u003cjava.security.CryptoPrimitive\u003e,%20java.security.Key))([Set](../../../reference/java/util/Set.html)\\\u003c[CryptoPrimitive](../../../reference/java/security/CryptoPrimitive.html)\\\u003e primitives, [Key](../../../reference/java/security/Key.html) key) Determines whether a key is granted permission for the specified cryptographic primitives. |\n\nPublic Methods\n--------------\n\n#### public abstract boolean\n**permits**\n([Set](../../../reference/java/util/Set.html)\\\u003c[CryptoPrimitive](../../../reference/java/security/CryptoPrimitive.html)\\\u003e primitives, [String](../../../reference/java/lang/String.html) algorithm, [AlgorithmParameters](../../../reference/java/security/AlgorithmParameters.html) parameters)\n\nDetermines whether an algorithm is granted permission for the\nspecified cryptographic primitives. \n\n##### Parameters\n\n| primitives | a set of cryptographic primitives |\n| algorithm | the algorithm name |\n| parameters | the algorithm parameters, or null if no additional parameters |\n|------------|---------------------------------------------------------------|\n\n##### Returns\n\n- true if the algorithm is permitted and can be used for all of the specified cryptographic primitives \n\n##### Throws\n\n| [IllegalArgumentException](../../../reference/java/lang/IllegalArgumentException.html) | if primitives or algorithm is null or empty |\n|----------------------------------------------------------------------------------------|---------------------------------------------|\n\n#### public abstract boolean\n**permits**\n([Set](../../../reference/java/util/Set.html)\\\u003c[CryptoPrimitive](../../../reference/java/security/CryptoPrimitive.html)\\\u003e primitives, [String](../../../reference/java/lang/String.html) algorithm, [Key](../../../reference/java/security/Key.html) key, [AlgorithmParameters](../../../reference/java/security/AlgorithmParameters.html) parameters)\n\nDetermines whether an algorithm and the corresponding key are granted\npermission for the specified cryptographic primitives. \n\n##### Parameters\n\n| primitives | a set of cryptographic primitives |\n| algorithm | the algorithm name |\n| key | the key |\n| parameters | the algorithm parameters, or null if no additional parameters |\n|------------|---------------------------------------------------------------|\n\n##### Returns\n\n- true if the key and the algorithm can be used for all of the specified cryptographic primitives \n\n##### Throws\n\n| [IllegalArgumentException](../../../reference/java/lang/IllegalArgumentException.html) | if primitives or algorithm is null or empty, or the key is null |\n|----------------------------------------------------------------------------------------|-----------------------------------------------------------------|\n\n#### public abstract boolean\n**permits**\n([Set](../../../reference/java/util/Set.html)\\\u003c[CryptoPrimitive](../../../reference/java/security/CryptoPrimitive.html)\\\u003e primitives, [Key](../../../reference/java/security/Key.html) key)\n\nDetermines whether a key is granted permission for the specified\ncryptographic primitives.\n\n\nThis method is usually used to check key size and key usage. \n\n##### Parameters\n\n| primitives | a set of cryptographic primitives |\n| key | the key |\n|------------|-----------------------------------|\n\n##### Returns\n\n- true if the key can be used for all of the specified cryptographic primitives \n\n##### Throws\n\n| [IllegalArgumentException](../../../reference/java/lang/IllegalArgumentException.html) | if primitives is null or empty, or the key is null |\n|----------------------------------------------------------------------------------------|----------------------------------------------------|"]]