Java tutorial
/* * Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it * under the terms of the GNU General Public License version 2 only, as * published by the Free Software Foundation. Oracle designates this * particular file as subject to the "Classpath" exception as provided * by Oracle in the LICENSE file that accompanied this code. * * This code is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * version 2 for more details (a copy is included in the LICENSE file that * accompanied this code). * * You should have received a copy of the GNU General Public License version * 2 along with this work; if not, write to the Free Software Foundation, * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. * * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA * or visit www.oracle.com if you need additional information or have any * questions. */ package java.security; import java.util.Set; /** * This interface specifies constraints for cryptographic algorithms, * keys (key sizes), and other algorithm parameters. * <p> * {@code AlgorithmConstraints} objects are immutable. An implementation * of this interface should not provide methods that can change the state * of an instance once it has been created. * <p> * Note that {@code AlgorithmConstraints} can be used to represent the * restrictions described by the security properties * {@code jdk.certpath.disabledAlgorithms} and * {@code jdk.tls.disabledAlgorithms}, or could be used by a * concrete {@code PKIXCertPathChecker} to check whether a specified * certificate in the certification path contains the required algorithm * constraints. * * @see javax.net.ssl.SSLParameters#getAlgorithmConstraints * @see javax.net.ssl.SSLParameters#setAlgorithmConstraints(AlgorithmConstraints) * * @since 1.7 */ public interface AlgorithmConstraints { /** * Determines whether an algorithm is granted permission for the * specified cryptographic primitives. * * @param primitives a set of cryptographic primitives * @param algorithm the algorithm name * @param parameters the algorithm parameters, or null if no additional * parameters * * @return true if the algorithm is permitted and can be used for all * of the specified cryptographic primitives * * @throws IllegalArgumentException if primitives or algorithm is null * or empty */ public boolean permits(Set<CryptoPrimitive> primitives, String algorithm, AlgorithmParameters parameters); /** * Determines whether a key is granted permission for the specified * cryptographic primitives. * <p> * This method is usually used to check key size and key usage. * * @param primitives a set of cryptographic primitives * @param key the key * * @return true if the key can be used for all of the specified * cryptographic primitives * * @throws IllegalArgumentException if primitives is null or empty, * or the key is null */ public boolean permits(Set<CryptoPrimitive> primitives, Key key); /** * Determines whether an algorithm and the corresponding key are granted * permission for the specified cryptographic primitives. * * @param primitives a set of cryptographic primitives * @param algorithm the algorithm name * @param key the key * @param parameters the algorithm parameters, or null if no additional * parameters * * @return true if the key and the algorithm can be used for all of the * specified cryptographic primitives * * @throws IllegalArgumentException if primitives or algorithm is null * or empty, or the key is null */ public boolean permits(Set<CryptoPrimitive> primitives, String algorithm, Key key, AlgorithmParameters parameters); }