Class Policy

java.lang.Object
org.mozilla.jss.crypto.Policy

public class Policy extends Object
This class helps JSS callers align with local system cryptographic policy. In the event of a policy violation, applications can override policy by writing to the desired variable. Refer to SSLCipher.isSupported() for whether or not a given TLS cipher suite is allowed by local policy.
  • Field Details

    • ENFORCING_KEY_SIZES

      public static boolean ENFORCING_KEY_SIZES
      Whether or not this JSS instance is enforcing local crypto-policy, with respect to key sizes. Defaults to false; this lets applications use whatever key sizes are supported by NSS, at the risk of performing non-compliant operations. Set to true to enable enforcement, where it exists.
    • RSA_MINIMUM_KEY_SIZE

      public static int RSA_MINIMUM_KEY_SIZE
      Minimum RSA key length in bits permitted by local policy.
    • RSA_MINIMUM_PUBLIC_EXPONENT

      public static BigInteger RSA_MINIMUM_PUBLIC_EXPONENT
      Minimum RSA public exponent allowed by JSS.
    • DH_MINIMUM_KEY_SIZE

      public static int DH_MINIMUM_KEY_SIZE
      Minimum DH key length in bits permitted by local policy.
    • DSA_MINIMUM_KEY_SIZE

      public static int DSA_MINIMUM_KEY_SIZE
      Minimum DSA key length in bits permitted by local policy.
    • TLS_VERSION_RANGE

      public static SSLVersionRange TLS_VERSION_RANGE
    • TLS_MINIMUM_VERSION

      public static SSLVersion TLS_MINIMUM_VERSION
    • TLS_MAXIMUM_VERSION

      public static SSLVersion TLS_MAXIMUM_VERSION
  • Constructor Details

    • Policy

      public Policy()
  • Method Details

    • getTLSVersionRange

      private static SSLVersionRange getTLSVersionRange()
    • getRSAMinimumKeySize

      private static int getRSAMinimumKeySize()
    • getDHMinimumKeySize

      private static int getDHMinimumKeySize()
    • getDSAMinimumKeySize

      private static int getDSAMinimumKeySize()