Back to index...

	/*
	* Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
	* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
	*
	* This code is free software; you can redistribute it and/or modify it
	* under the terms of the GNU General Public License version 2 only, as
	* published by the Free Software Foundation. Oracle designates this
	* particular file as subject to the "Classpath" exception as provided
	* by Oracle in the LICENSE file that accompanied this code.
	*
	* This code is distributed in the hope that it will be useful, but WITHOUT
	* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
	* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
	* version 2 for more details (a copy is included in the LICENSE file that
	* accompanied this code).
	*
	* You should have received a copy of the GNU General Public License version
	* 2 along with this work; if not, write to the Free Software Foundation,
	* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
	*
	* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
	* or visit www.oracle.com if you need additional information or have any
	* questions.
	*/

	package java.security;

	import java.util.Set;

	/**
	* This interface specifies constraints for cryptographic algorithms,
	* keys (key sizes), and other algorithm parameters.
	* <p>
	* {@code AlgorithmConstraints} objects are immutable. An implementation
	* of this interface should not provide methods that can change the state
	* of an instance once it has been created.
	* <p>
	* Note that {@code AlgorithmConstraints} can be used to represent the
	* restrictions described by the security properties
	* {@code jdk.certpath.disabledAlgorithms} and
	* {@code jdk.tls.disabledAlgorithms}, or could be used by a
	* concrete {@code PKIXCertPathChecker} to check whether a specified
	* certificate in the certification path contains the required algorithm
	* constraints.
	*
	* @see javax.net.ssl.SSLParameters#getAlgorithmConstraints
	* @see javax.net.ssl.SSLParameters#setAlgorithmConstraints(AlgorithmConstraints)
	*
	* @since 1.7
	*/

	public interface AlgorithmConstraints {

	/**
	* Determines whether an algorithm is granted permission for the
	* specified cryptographic primitives.
	*
	* @param primitives a set of cryptographic primitives
	* @param algorithm the algorithm name
	* @param parameters the algorithm parameters, or null if no additional
	* parameters
	*
	* @return true if the algorithm is permitted and can be used for all
	* of the specified cryptographic primitives
	*
	* @throws IllegalArgumentException if primitives or algorithm is null
	* or empty
	*/
	public boolean permits(Set<CryptoPrimitive> primitives,
	String algorithm, AlgorithmParameters parameters);

	/**
	* Determines whether a key is granted permission for the specified
	* cryptographic primitives.
	* <p>
	* This method is usually used to check key size and key usage.
	*
	* @param primitives a set of cryptographic primitives
	* @param key the key
	*
	* @return true if the key can be used for all of the specified
	* cryptographic primitives
	*
	* @throws IllegalArgumentException if primitives is null or empty,
	* or the key is null
	*/
	public boolean permits(Set<CryptoPrimitive> primitives, Key key);

	/**
	* Determines whether an algorithm and the corresponding key are granted
	* permission for the specified cryptographic primitives.
	*
	* @param primitives a set of cryptographic primitives
	* @param algorithm the algorithm name
	* @param key the key
	* @param parameters the algorithm parameters, or null if no additional
	* parameters
	*
	* @return true if the key and the algorithm can be used for all of the
	* specified cryptographic primitives
	*
	* @throws IllegalArgumentException if primitives or algorithm is null
	* or empty, or the key is null
	*/
	public boolean permits(Set<CryptoPrimitive> primitives,
	String algorithm, Key key, AlgorithmParameters parameters);

	}

Back to index...