Save the date! Android Dev Summit is coming to Mountain View, CA on November 7-8, 2018.
added in API level 24

AlgorithmConstraints

public interface AlgorithmConstraints

java.security.AlgorithmConstraints


This interface specifies constraints for cryptographic algorithms, keys (key sizes), and other algorithm parameters.

AlgorithmConstraints objects are immutable. An implementation of this interface should not provide methods that can change the state of an instance once it has been created.

Note that AlgorithmConstraints can be used to represent the restrictions described by the security properties jdk.certpath.disabledAlgorithms and jdk.tls.disabledAlgorithms, or could be used by a concrete PKIXCertPathChecker to check whether a specified certificate in the certification path contains the required algorithm constraints.

Summary

Public methods

abstract boolean permits(Set<CryptoPrimitive> primitives, String algorithm, AlgorithmParameters parameters)

Determines whether an algorithm is granted permission for the specified cryptographic primitives.

abstract boolean permits(Set<CryptoPrimitive> primitives, String algorithm, Key key, AlgorithmParameters parameters)

Determines whether an algorithm and the corresponding key are granted permission for the specified cryptographic primitives.

abstract boolean permits(Set<CryptoPrimitive> primitives, Key key)

Determines whether a key is granted permission for the specified cryptographic primitives.

Public methods

permits

added in API level 24
public abstract boolean permits (Set<CryptoPrimitive> primitives, 
                String algorithm, 
                AlgorithmParameters parameters)

Determines whether an algorithm is granted permission for the specified cryptographic primitives.

Parameters
primitives Set: a set of cryptographic primitives

algorithm String: the algorithm name

parameters AlgorithmParameters: the algorithm parameters, or null if no additional parameters

Returns
boolean true if the algorithm is permitted and can be used for all of the specified cryptographic primitives

Throws
IllegalArgumentException if primitives or algorithm is null or empty

permits

added in API level 24
public abstract boolean permits (Set<CryptoPrimitive> primitives, 
                String algorithm, 
                Key key, 
                AlgorithmParameters parameters)

Determines whether an algorithm and the corresponding key are granted permission for the specified cryptographic primitives.

Parameters
primitives Set: a set of cryptographic primitives

algorithm String: the algorithm name

key Key: the key

parameters AlgorithmParameters: the algorithm parameters, or null if no additional parameters

Returns
boolean true if the key and the algorithm can be used for all of the specified cryptographic primitives

Throws
IllegalArgumentException if primitives or algorithm is null or empty, or the key is null

permits

added in API level 24
public abstract boolean permits (Set<CryptoPrimitive> primitives, 
                Key key)

Determines whether a key is granted permission for the specified cryptographic primitives.

This method is usually used to check key size and key usage.

Parameters
primitives Set: a set of cryptographic primitives

key Key: the key

Returns
boolean true if the key can be used for all of the specified cryptographic primitives

Throws
IllegalArgumentException if primitives is null or empty, or the key is null