118 return true;
119 }
120
121 /*
122 * Checks if the key algorithm has been disabled or constraints have been
123 * placed on the key.
124 */
125 @Override
126 public final boolean permits(Set<CryptoPrimitive> primitives, Key key) {
127 return checkConstraints(primitives, "", key, null);
128 }
129
130 /*
131 * Checks if the key algorithm has been disabled or if constraints have
132 * been placed on the key.
133 */
134 @Override
135 public final boolean permits(Set<CryptoPrimitive> primitives,
136 String algorithm, Key key, AlgorithmParameters parameters) {
137
138 if (algorithm == null || algorithm.length() == 0) {
139 throw new IllegalArgumentException("No algorithm name specified");
140 }
141
142 return checkConstraints(primitives, algorithm, key, parameters);
143 }
144
145 public final void permits(ConstraintsParameters cp)
146 throws CertPathValidatorException {
147 permits(cp.getAlgorithm(), cp);
148 }
149
150 public final void permits(String algorithm, Key key,
151 AlgorithmParameters params, String variant)
152 throws CertPathValidatorException {
153 permits(algorithm, new ConstraintsParameters(algorithm, params, key,
154 (variant == null) ? Validator.VAR_GENERIC : variant));
155 }
156
157 /*
158 * Check if a x509Certificate object is permitted. Check if all
171 public boolean checkProperty(String param) {
172 param = param.toLowerCase(Locale.ENGLISH);
173 for (String block : disabledAlgorithms) {
174 if (block.toLowerCase(Locale.ENGLISH).indexOf(param) >= 0) {
175 return true;
176 }
177 }
178 return false;
179 }
180
181 // Check algorithm constraints with key and algorithm
182 private boolean checkConstraints(Set<CryptoPrimitive> primitives,
183 String algorithm, Key key, AlgorithmParameters parameters) {
184
185 // check the key parameter, it cannot be null.
186 if (key == null) {
187 throw new IllegalArgumentException("The key cannot be null");
188 }
189
190 // check the signature algorithm with parameters
191 if (algorithm != null && algorithm.length() != 0) {
192 if (!permits(primitives, algorithm, parameters)) {
193 return false;
194 }
195 }
196
197 // check the key algorithm
198 if (!permits(primitives, key.getAlgorithm(), null)) {
199 return false;
200 }
201
202 // check the key constraints
203 return algorithmConstraints.permits(key);
204 }
205
206
207 /**
208 * Key and Certificate Constraints
209 *
210 * The complete disabling of an algorithm is not handled by Constraints or
211 * Constraint classes. That is addressed with
|
118 return true;
119 }
120
121 /*
122 * Checks if the key algorithm has been disabled or constraints have been
123 * placed on the key.
124 */
125 @Override
126 public final boolean permits(Set<CryptoPrimitive> primitives, Key key) {
127 return checkConstraints(primitives, "", key, null);
128 }
129
130 /*
131 * Checks if the key algorithm has been disabled or if constraints have
132 * been placed on the key.
133 */
134 @Override
135 public final boolean permits(Set<CryptoPrimitive> primitives,
136 String algorithm, Key key, AlgorithmParameters parameters) {
137
138 if (algorithm == null || algorithm.isEmpty()) {
139 throw new IllegalArgumentException("No algorithm name specified");
140 }
141
142 return checkConstraints(primitives, algorithm, key, parameters);
143 }
144
145 public final void permits(ConstraintsParameters cp)
146 throws CertPathValidatorException {
147 permits(cp.getAlgorithm(), cp);
148 }
149
150 public final void permits(String algorithm, Key key,
151 AlgorithmParameters params, String variant)
152 throws CertPathValidatorException {
153 permits(algorithm, new ConstraintsParameters(algorithm, params, key,
154 (variant == null) ? Validator.VAR_GENERIC : variant));
155 }
156
157 /*
158 * Check if a x509Certificate object is permitted. Check if all
171 public boolean checkProperty(String param) {
172 param = param.toLowerCase(Locale.ENGLISH);
173 for (String block : disabledAlgorithms) {
174 if (block.toLowerCase(Locale.ENGLISH).indexOf(param) >= 0) {
175 return true;
176 }
177 }
178 return false;
179 }
180
181 // Check algorithm constraints with key and algorithm
182 private boolean checkConstraints(Set<CryptoPrimitive> primitives,
183 String algorithm, Key key, AlgorithmParameters parameters) {
184
185 // check the key parameter, it cannot be null.
186 if (key == null) {
187 throw new IllegalArgumentException("The key cannot be null");
188 }
189
190 // check the signature algorithm with parameters
191 if (algorithm != null && !algorithm.isEmpty()) {
192 if (!permits(primitives, algorithm, parameters)) {
193 return false;
194 }
195 }
196
197 // check the key algorithm
198 if (!permits(primitives, key.getAlgorithm(), null)) {
199 return false;
200 }
201
202 // check the key constraints
203 return algorithmConstraints.permits(key);
204 }
205
206
207 /**
208 * Key and Certificate Constraints
209 *
210 * The complete disabling of an algorithm is not handled by Constraints or
211 * Constraint classes. That is addressed with
|