001 package com.nimbusds.jose;
002
003
004 import net.jcip.annotations.Immutable;
005
006
007 /**
008 * Encryption method name, represents the {@code enc} header parameter in JSON
009 * Web Encryption (JWE) objects. This class is immutable.
010 *
011 * <p>Includes constants for the following standard encryption method names:
012 *
013 * <ul>
014 * <li>{@link #A128CBC_HS256 A128CBC-HS256}
015 * <li>{@link #A256CBC_HS512 A256CBC-HS512}
016 * <li>{@link #A128GCM}
017 * <li>{@link #A256GCM}
018 * </ul>
019 *
020 * <p>Additional encryption method names can be defined using the constructors.
021 *
022 * @author Vladimir Dzhuvinov
023 * @version $version$ (2013-05-05)
024 */
025 @Immutable
026 public final class EncryptionMethod extends Algorithm {
027
028
029 /**
030 * The Content Encryption Key (CEK) bit length, zero if not specified.
031 */
032 private final int cekBitLength;
033
034
035 /**
036 * AES_128_CBC_HMAC_SHA_256 authenticated encryption using a 256 bit
037 * key (required).
038 */
039 public static final EncryptionMethod A128CBC_HS256 =
040 new EncryptionMethod("A128CBC-HS256", Requirement.REQUIRED, 256);
041
042
043 /**
044 * AES_256_CBC_HMAC_SHA_512 authenticated encryption using a 512 bit
045 * key (required).
046 */
047 public static final EncryptionMethod A256CBC_HS512 =
048 new EncryptionMethod("A256CBC-HS512", Requirement.REQUIRED, 512);
049
050
051 /**
052 * AES in Galois/Counter Mode (GCM) (NIST.800-38D) using a 128 bit key
053 * (recommended).
054 */
055 public static final EncryptionMethod A128GCM =
056 new EncryptionMethod("A128GCM", Requirement.RECOMMENDED, 128);
057
058
059 /**
060 * AES in Galois/Counter Mode (GCM) (NIST.800-38D) using a 256 bit key
061 * (recommended).
062 */
063 public static final EncryptionMethod A256GCM =
064 new EncryptionMethod("A256GCM", Requirement.RECOMMENDED, 256);
065
066
067 /**
068 * Creates a new encryption method.
069 *
070 * @param name The encryption method name. Must not be
071 * {@code null}.
072 * @param req The implementation requirement, {@code null} if
073 * not known.
074 * @param cekBitLength The Content Encryption Key (CEK) bit length,
075 * zero if not specified.
076 */
077 public EncryptionMethod(final String name, final Requirement req, final int cekBitLength) {
078
079 super(name, req);
080
081 this.cekBitLength = cekBitLength;
082 }
083
084
085 /**
086 * Creates a new encryption method. The Content Encryption Key (CEK)
087 * bit length is not specified.
088 *
089 * @param name The encryption method name. Must not be {@code null}.
090 * @param req The implementation requirement, {@code null} if not
091 * known.
092 */
093 public EncryptionMethod(final String name, final Requirement req) {
094
095 this(name, req, 0);
096 }
097
098
099 /**
100 * Creates a new encryption method. The implementation requirement and
101 * the Content Encryption Key (CEK) bit length are not specified.
102 *
103 * @param name The encryption method name. Must not be {@code null}.
104 */
105 public EncryptionMethod(final String name) {
106
107 this(name, null, 0);
108 }
109
110
111 /**
112 * Gets the length of the associated Content Encryption Key (CEK).
113 *
114 * @return The Content Encryption Key (CEK) bit length, zero if not
115 * specified.
116 */
117 public int cekBitLength() {
118
119 return cekBitLength;
120 }
121
122
123 /**
124 * Parses an encryption method from the specified string.
125 *
126 * @param s The string to parse. Must not be {@code null}.
127 *
128 * @return The encryption method (matching standard algorithm constant,
129 * else a newly created algorithm).
130 */
131 public static EncryptionMethod parse(final String s) {
132
133 if (s.equals(A128CBC_HS256.getName())) {
134
135 return A128CBC_HS256;
136
137 } else if (s.equals(A256CBC_HS512.getName())) {
138
139 return A256CBC_HS512;
140
141 } else if (s.equals(A128GCM.getName())) {
142
143 return A128GCM;
144
145 } else if (s.equals(A256GCM.getName())) {
146
147 return A256GCM;
148
149 } else {
150
151 return new EncryptionMethod(s);
152 }
153 }
154 }