001 package com.nimbusds.jose; 002 003 004 import net.jcip.annotations.Immutable; 005 006 007 /** 008 * Encryption method name, represents the {@code enc} header parameter in JSON 009 * Web Encryption (JWE) objects. This class is immutable. 010 * 011 * <p>Includes constants for the following standard encryption method names: 012 * 013 * <ul> 014 * <li>{@link #A128CBC_HS256 A128CBC-HS256} 015 * <li>{@link #A256CBC_HS512 A256CBC-HS512} 016 * <li>{@link #A128GCM} 017 * <li>{@link #A256GCM} 018 * </ul> 019 * 020 * <p>Additional encryption method names can be defined using the constructors. 021 * 022 * @author Vladimir Dzhuvinov 023 * @version $version$ (2013-05-05) 024 */ 025 @Immutable 026 public final class EncryptionMethod extends Algorithm { 027 028 029 /** 030 * The Content Encryption Key (CEK) bit length, zero if not specified. 031 */ 032 private final int cekBitLength; 033 034 035 /** 036 * AES_128_CBC_HMAC_SHA_256 authenticated encryption using a 256 bit 037 * key (required). 038 */ 039 public static final EncryptionMethod A128CBC_HS256 = 040 new EncryptionMethod("A128CBC-HS256", Requirement.REQUIRED, 256); 041 042 043 /** 044 * AES_256_CBC_HMAC_SHA_512 authenticated encryption using a 512 bit 045 * key (required). 046 */ 047 public static final EncryptionMethod A256CBC_HS512 = 048 new EncryptionMethod("A256CBC-HS512", Requirement.REQUIRED, 512); 049 050 051 /** 052 * AES in Galois/Counter Mode (GCM) (NIST.800-38D) using a 128 bit key 053 * (recommended). 054 */ 055 public static final EncryptionMethod A128GCM = 056 new EncryptionMethod("A128GCM", Requirement.RECOMMENDED, 128); 057 058 059 /** 060 * AES in Galois/Counter Mode (GCM) (NIST.800-38D) using a 256 bit key 061 * (recommended). 062 */ 063 public static final EncryptionMethod A256GCM = 064 new EncryptionMethod("A256GCM", Requirement.RECOMMENDED, 256); 065 066 067 /** 068 * Creates a new encryption method. 069 * 070 * @param name The encryption method name. Must not be 071 * {@code null}. 072 * @param req The implementation requirement, {@code null} if 073 * not known. 074 * @param cekBitLength The Content Encryption Key (CEK) bit length, 075 * zero if not specified. 076 */ 077 public EncryptionMethod(final String name, final Requirement req, final int cekBitLength) { 078 079 super(name, req); 080 081 this.cekBitLength = cekBitLength; 082 } 083 084 085 /** 086 * Creates a new encryption method. The Content Encryption Key (CEK) 087 * bit length is not specified. 088 * 089 * @param name The encryption method name. Must not be {@code null}. 090 * @param req The implementation requirement, {@code null} if not 091 * known. 092 */ 093 public EncryptionMethod(final String name, final Requirement req) { 094 095 this(name, req, 0); 096 } 097 098 099 /** 100 * Creates a new encryption method. The implementation requirement and 101 * the Content Encryption Key (CEK) bit length are not specified. 102 * 103 * @param name The encryption method name. Must not be {@code null}. 104 */ 105 public EncryptionMethod(final String name) { 106 107 this(name, null, 0); 108 } 109 110 111 /** 112 * Gets the length of the associated Content Encryption Key (CEK). 113 * 114 * @return The Content Encryption Key (CEK) bit length, zero if not 115 * specified. 116 */ 117 public int cekBitLength() { 118 119 return cekBitLength; 120 } 121 122 123 /** 124 * Parses an encryption method from the specified string. 125 * 126 * @param s The string to parse. Must not be {@code null}. 127 * 128 * @return The encryption method (matching standard algorithm constant, 129 * else a newly created algorithm). 130 */ 131 public static EncryptionMethod parse(final String s) { 132 133 if (s.equals(A128CBC_HS256.getName())) { 134 135 return A128CBC_HS256; 136 137 } else if (s.equals(A256CBC_HS512.getName())) { 138 139 return A256CBC_HS512; 140 141 } else if (s.equals(A128GCM.getName())) { 142 143 return A128GCM; 144 145 } else if (s.equals(A256GCM.getName())) { 146 147 return A256GCM; 148 149 } else { 150 151 return new EncryptionMethod(s); 152 } 153 } 154 }