001package com.nimbusds.jose; 002 003 004import net.jcip.annotations.Immutable; 005 006 007/** 008 * Encryption method name, represents the {@code enc} header parameter in JSON 009 * Web Encryption (JWE) objects. This class is immutable. 010 * 011 * <p>Includes constants for the following standard encryption method names: 012 * 013 * <ul> 014 * <li>{@link #A128CBC_HS256 A128CBC-HS256} 015 * <li>{@link #A192CBC_HS384 A192CBC-HS384} 016 * <li>{@link #A256CBC_HS512 A256CBC-HS512} 017 * <li>{@link #A128GCM} 018 * <li>{@link #A192GCM} 019 * <li>{@link #A256GCM} 020 * </ul> 021 * 022 * <p>Additional encryption method names can be defined using the constructors. 023 * 024 * @author Vladimir Dzhuvinov 025 * @version $version$ (2013-08-20) 026 */ 027@Immutable 028public final class EncryptionMethod extends Algorithm { 029 030 031 /** 032 * The Content Encryption Key (CEK) bit length, zero if not specified. 033 */ 034 private final int cekBitLength; 035 036 037 /** 038 * AES_128_CBC_HMAC_SHA_256 authenticated encryption using a 256 bit 039 * key (required). 040 */ 041 public static final EncryptionMethod A128CBC_HS256 = 042 new EncryptionMethod("A128CBC-HS256", Requirement.REQUIRED, 256); 043 044 045 /** 046 * AES_192_CBC_HMAC_SHA_384 authenticated encryption using a 384 bit 047 * key (optional). 048 */ 049 public static final EncryptionMethod A192CBC_HS384 = 050 new EncryptionMethod("A192CBC-HS384", Requirement.OPTIONAL, 384); 051 052 053 /** 054 * AES_256_CBC_HMAC_SHA_512 authenticated encryption using a 512 bit 055 * key (required). 056 */ 057 public static final EncryptionMethod A256CBC_HS512 = 058 new EncryptionMethod("A256CBC-HS512", Requirement.REQUIRED, 512); 059 060 061 /** 062 * AES in Galois/Counter Mode (GCM) (NIST.800-38D) using a 128 bit key 063 * (recommended). 064 */ 065 public static final EncryptionMethod A128GCM = 066 new EncryptionMethod("A128GCM", Requirement.RECOMMENDED, 128); 067 068 069 /** 070 * AES in Galois/Counter Mode (GCM) (NIST.800-38D) using a 192 bit key 071 * (optional). 072 */ 073 public static final EncryptionMethod A192GCM = 074 new EncryptionMethod("A192GCM", Requirement.OPTIONAL, 192); 075 076 077 /** 078 * AES in Galois/Counter Mode (GCM) (NIST.800-38D) using a 256 bit key 079 * (recommended). 080 */ 081 public static final EncryptionMethod A256GCM = 082 new EncryptionMethod("A256GCM", Requirement.RECOMMENDED, 256); 083 084 085 /** 086 * Creates a new encryption method. 087 * 088 * @param name The encryption method name. Must not be 089 * {@code null}. 090 * @param req The implementation requirement, {@code null} if 091 * not known. 092 * @param cekBitLength The Content Encryption Key (CEK) bit length, 093 * zero if not specified. 094 */ 095 public EncryptionMethod(final String name, final Requirement req, final int cekBitLength) { 096 097 super(name, req); 098 099 this.cekBitLength = cekBitLength; 100 } 101 102 103 /** 104 * Creates a new encryption method. The Content Encryption Key (CEK) 105 * bit length is not specified. 106 * 107 * @param name The encryption method name. Must not be {@code null}. 108 * @param req The implementation requirement, {@code null} if not 109 * known. 110 */ 111 public EncryptionMethod(final String name, final Requirement req) { 112 113 this(name, req, 0); 114 } 115 116 117 /** 118 * Creates a new encryption method. The implementation requirement and 119 * the Content Encryption Key (CEK) bit length are not specified. 120 * 121 * @param name The encryption method name. Must not be {@code null}. 122 */ 123 public EncryptionMethod(final String name) { 124 125 this(name, null, 0); 126 } 127 128 129 /** 130 * Gets the length of the associated Content Encryption Key (CEK). 131 * 132 * @return The Content Encryption Key (CEK) bit length, zero if not 133 * specified. 134 */ 135 public int cekBitLength() { 136 137 return cekBitLength; 138 } 139 140 141 /** 142 * Parses an encryption method from the specified string. 143 * 144 * @param s The string to parse. Must not be {@code null}. 145 * 146 * @return The encryption method (matching standard algorithm 147 * constant, else a newly created algorithm). 148 */ 149 public static EncryptionMethod parse(final String s) { 150 151 if (s.equals(A128CBC_HS256.getName())) { 152 153 return A128CBC_HS256; 154 155 } else if (s.equals(A192CBC_HS384.getName())) { 156 157 return A192CBC_HS384; 158 159 } else if (s.equals(A256CBC_HS512.getName())) { 160 161 return A256CBC_HS512; 162 163 } else if (s.equals(A128GCM.getName())) { 164 165 return A128GCM; 166 167 } else if (s.equals(A192GCM.getName())) { 168 169 return A192GCM; 170 171 } else if (s.equals(A256GCM.getName())) { 172 173 return A256GCM; 174 175 } else { 176 177 return new EncryptionMethod(s); 178 } 179 } 180}