Path: blob/master/src/java.base/share/classes/java/security/AlgorithmConstraints.java
41152 views
/*1* Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.2* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.3*4* This code is free software; you can redistribute it and/or modify it5* under the terms of the GNU General Public License version 2 only, as6* published by the Free Software Foundation. Oracle designates this7* particular file as subject to the "Classpath" exception as provided8* by Oracle in the LICENSE file that accompanied this code.9*10* This code is distributed in the hope that it will be useful, but WITHOUT11* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or12* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License13* version 2 for more details (a copy is included in the LICENSE file that14* accompanied this code).15*16* You should have received a copy of the GNU General Public License version17* 2 along with this work; if not, write to the Free Software Foundation,18* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.19*20* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA21* or visit www.oracle.com if you need additional information or have any22* questions.23*/2425package java.security;2627import java.util.Set;2829/**30* This interface specifies constraints for cryptographic algorithms,31* keys (key sizes), and other algorithm parameters.32* <p>33* {@code AlgorithmConstraints} objects are immutable. An implementation34* of this interface should not provide methods that can change the state35* of an instance once it has been created.36* <p>37* Note that {@code AlgorithmConstraints} can be used to represent the38* restrictions described by the security properties39* {@code jdk.certpath.disabledAlgorithms} and40* {@code jdk.tls.disabledAlgorithms}, or could be used by a41* concrete {@code PKIXCertPathChecker} to check whether a specified42* certificate in the certification path contains the required algorithm43* constraints.44*45* @see javax.net.ssl.SSLParameters#getAlgorithmConstraints46* @see javax.net.ssl.SSLParameters#setAlgorithmConstraints(AlgorithmConstraints)47*48* @since 1.749*/5051public interface AlgorithmConstraints {5253/**54* Determines whether an algorithm is granted permission for the55* specified cryptographic primitives.56*57* @param primitives a set of cryptographic primitives58* @param algorithm the algorithm name59* @param parameters the algorithm parameters, or null if no additional60* parameters61*62* @return true if the algorithm is permitted and can be used for all63* of the specified cryptographic primitives64*65* @throws IllegalArgumentException if primitives or algorithm is null66* or empty67*/68public boolean permits(Set<CryptoPrimitive> primitives,69String algorithm, AlgorithmParameters parameters);7071/**72* Determines whether a key is granted permission for the specified73* cryptographic primitives.74* <p>75* This method is usually used to check key size and key usage.76*77* @param primitives a set of cryptographic primitives78* @param key the key79*80* @return true if the key can be used for all of the specified81* cryptographic primitives82*83* @throws IllegalArgumentException if primitives is null or empty,84* or the key is null85*/86public boolean permits(Set<CryptoPrimitive> primitives, Key key);8788/**89* Determines whether an algorithm and the corresponding key are granted90* permission for the specified cryptographic primitives.91*92* @param primitives a set of cryptographic primitives93* @param algorithm the algorithm name94* @param key the key95* @param parameters the algorithm parameters, or null if no additional96* parameters97*98* @return true if the key and the algorithm can be used for all of the99* specified cryptographic primitives100*101* @throws IllegalArgumentException if primitives or algorithm is null102* or empty, or the key is null103*/104public boolean permits(Set<CryptoPrimitive> primitives,105String algorithm, Key key, AlgorithmParameters parameters);106107}108109110