001package com.nimbusds.jose; 002 003 004import net.jcip.annotations.Immutable; 005 006 007/** 008 * JSON Web Encryption (JWE) algorithm name, represents the {@code alg} header 009 * parameter in JWE objects. This class is immutable. 010 * 011 * <p>Includes constants for the following standard JWE algorithm names: 012 * 013 * <ul> 014 * <li>{@link #RSA1_5} 015 * <li>{@link #RSA_OAEP RSA-OAEP} 016 * <li>{@link #RSA_OAEP_256 RSA-OAEP-256} 017 * <li>{@link #A128KW} 018 * <li>{@link #A192KW} 019 * <li>{@link #A256KW} 020 * <li>{@link #DIR dir} 021 * <li>{@link #ECDH_ES ECDH-ES} 022 * <li>{@link #ECDH_ES_A128KW ESDH-ES+A128KW} 023 * <li>{@link #ECDH_ES_A128KW ESDH-ES+A192KW} 024 * <li>{@link #ECDH_ES_A256KW ESDH-ES+A256KW} 025 * <li>{@link #PBES2_HS256_A128KW PBES2-HS256+A128KW} 026 * <li>{@link #PBES2_HS384_A192KW PBES2-HS256+A192KW} 027 * <li>{@link #PBES2_HS512_A256KW PBES2-HS256+A256KW} 028 * </ul> 029 * 030 * <p>Additional JWE algorithm names can be defined using the constructors. 031 * 032 * @author Vladimir Dzhuvinov 033 * @version 2015-10-14 034 */ 035@Immutable 036public final class JWEAlgorithm extends Algorithm { 037 038 039 /** 040 * RSAES-PKCS1-V1_5 (RFC 3447) (required). 041 */ 042 public static final JWEAlgorithm RSA1_5 = new JWEAlgorithm("RSA1_5", Requirement.REQUIRED); 043 044 045 /** 046 * RSAES using Optimal Asymmetric Encryption Padding (OAEP) (RFC 3447), 047 * with the default parameters specified by RFC 3447 in section A.2.1 048 * (recommended). 049 */ 050 public static final JWEAlgorithm RSA_OAEP = new JWEAlgorithm("RSA-OAEP", Requirement.OPTIONAL); 051 052 053 /** 054 * RSAES using Optimal Asymmetric Encryption Padding (OAEP) (RFC 3447), 055 * with the SHA-256 hash function and the MGF1 with SHA-256 mask 056 * generation function (recommended). 057 */ 058 public static final JWEAlgorithm RSA_OAEP_256 = new JWEAlgorithm("RSA-OAEP-256", Requirement.OPTIONAL); 059 060 061 /** 062 * Advanced Encryption Standard (AES) Key Wrap Algorithm (RFC 3394) 063 * using 128 bit keys (recommended). 064 */ 065 public static final JWEAlgorithm A128KW = new JWEAlgorithm("A128KW", Requirement.RECOMMENDED); 066 067 068 /** 069 * Advanced Encryption Standard (AES) Key Wrap Algorithm (RFC 3394) 070 * using 192 bit keys (optional). 071 */ 072 public static final JWEAlgorithm A192KW = new JWEAlgorithm("A192KW", Requirement.OPTIONAL); 073 074 075 /** 076 * Advanced Encryption Standard (AES) Key Wrap Algorithm (RFC 3394) 077 * using 256 bit keys (recommended). 078 */ 079 public static final JWEAlgorithm A256KW = new JWEAlgorithm("A256KW", Requirement.RECOMMENDED); 080 081 082 /** 083 * Direct use of a shared symmetric key as the Content Encryption Key 084 * (CEK) for the block encryption step (rather than using the symmetric 085 * key to wrap the CEK) (recommended). 086 */ 087 public static final JWEAlgorithm DIR = new JWEAlgorithm("dir", Requirement.RECOMMENDED); 088 089 090 /** 091 * Elliptic Curve Diffie-Hellman Ephemeral Static (RFC 6090) key 092 * agreement using the Concat KDF, as defined in section 5.8.1 of 093 * NIST.800-56A, with the agreed-upon key being used directly as the 094 * Content Encryption Key (CEK) (rather than being used to wrap the 095 * CEK) (recommended). 096 */ 097 public static final JWEAlgorithm ECDH_ES = new JWEAlgorithm("ECDH-ES", Requirement.RECOMMENDED); 098 099 100 /** 101 * Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per 102 * "ECDH-ES", but where the agreed-upon key is used to wrap the Content 103 * Encryption Key (CEK) with the "A128KW" function (rather than being 104 * used directly as the CEK) (recommended). 105 */ 106 public static final JWEAlgorithm ECDH_ES_A128KW = new JWEAlgorithm("ECDH-ES+A128KW", Requirement.RECOMMENDED); 107 108 109 /** 110 * Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per 111 * "ECDH-ES", but where the agreed-upon key is used to wrap the Content 112 * Encryption Key (CEK) with the "A192KW" function (rather than being 113 * used directly as the CEK) (optional). 114 */ 115 public static final JWEAlgorithm ECDH_ES_A192KW = new JWEAlgorithm("ECDH-ES+A192KW", Requirement.OPTIONAL); 116 117 118 /** 119 * Elliptic Curve Diffie-Hellman Ephemeral Static key agreement per 120 * "ECDH-ES", but where the agreed-upon key is used to wrap the Content 121 * Encryption Key (CEK) with the "A256KW" function (rather than being 122 * used directly as the CEK) (recommended). 123 */ 124 public static final JWEAlgorithm ECDH_ES_A256KW = new JWEAlgorithm("ECDH-ES+A256KW", Requirement.RECOMMENDED); 125 126 127 /** 128 * AES in Galois/Counter Mode (GCM) (NIST.800-38D) 128 bit keys 129 * (optional). 130 */ 131 public static final JWEAlgorithm A128GCMKW = new JWEAlgorithm("A128GCMKW", Requirement.OPTIONAL); 132 133 134 /** 135 * AES in Galois/Counter Mode (GCM) (NIST.800-38D) 192 bit keys 136 * (optional). 137 */ 138 public static final JWEAlgorithm A192GCMKW = new JWEAlgorithm("A192GCMKW", Requirement.OPTIONAL); 139 140 141 /** 142 * AES in Galois/Counter Mode (GCM) (NIST.800-38D) 256 bit keys 143 * (optional). 144 */ 145 public static final JWEAlgorithm A256GCMKW = new JWEAlgorithm("A256GCMKW", Requirement.OPTIONAL); 146 147 148 /** 149 * PBES2 (RFC 2898) with HMAC SHA-256 as the PRF and AES Key Wrap 150 * (RFC 3394) using 128 bit keys for the encryption scheme (optional). 151 */ 152 public static final JWEAlgorithm PBES2_HS256_A128KW = new JWEAlgorithm("PBES2-HS256+A128KW", Requirement.OPTIONAL); 153 154 155 /** 156 * PBES2 (RFC 2898) with HMAC SHA-384 as the PRF and AES Key Wrap 157 * (RFC 3394) using 192 bit keys for the encryption scheme (optional). 158 */ 159 public static final JWEAlgorithm PBES2_HS384_A192KW = new JWEAlgorithm("PBES2-HS384+A192KW", Requirement.OPTIONAL); 160 161 162 /** 163 * PBES2 (RFC 2898) with HMAC SHA-512 as the PRF and AES Key Wrap 164 * (RFC 3394) using 256 bit keys for the encryption scheme (optional). 165 */ 166 public static final JWEAlgorithm PBES2_HS512_A256KW = new JWEAlgorithm("PBES2-HS512+A256KW", Requirement.OPTIONAL); 167 168 169 /** 170 * JWE algorithm family. 171 */ 172 public static final class Family extends AlgorithmFamily<JWEAlgorithm> { 173 174 175 /** 176 * RSA key encryption. 177 */ 178 public static final Family RSA = new Family(RSA1_5, RSA_OAEP, RSA_OAEP_256); 179 180 181 /** 182 * AES key wrap. 183 */ 184 public static final Family AES_KW = new Family(A128KW, A192KW, A256KW); 185 186 187 /** 188 * Elliptic Curve Diffie-Hellman Ephemeral Static key 189 * agreement. 190 */ 191 public static final Family ECDH_ES = new Family(JWEAlgorithm.ECDH_ES, ECDH_ES_A128KW, ECDH_ES_A192KW, ECDH_ES_A256KW); 192 193 194 /** 195 * AES GCM key wrap. 196 */ 197 public static final Family AES_GCM_KW = new Family(A128GCMKW, A192GCMKW, A256GCMKW); 198 199 200 /** 201 * Password-Based Cryptography Specification Version 2.0 202 */ 203 public static final Family PBES2 = new Family(PBES2_HS256_A128KW, PBES2_HS384_A192KW, PBES2_HS512_A256KW); 204 205 206 /*** 207 * Creates a new JWE algorithm family. 208 * 209 * @param algs The JWE algorithms of the family. Must not be 210 * {@code null}. 211 */ 212 public Family(final JWEAlgorithm ... algs) { 213 super(algs); 214 } 215 } 216 217 218 /** 219 * Creates a new JSON Web Encryption (JWE) algorithm. 220 * 221 * @param name The algorithm name. Must not be {@code null}. 222 * @param req The implementation requirement, {@code null} if not 223 * known. 224 */ 225 public JWEAlgorithm(final String name, final Requirement req) { 226 227 super(name, req); 228 } 229 230 231 /** 232 * Creates a new JSON Web Encryption (JWE) algorithm. 233 * 234 * @param name The algorithm name. Must not be {@code null}. 235 */ 236 public JWEAlgorithm(final String name) { 237 238 super(name, null); 239 } 240 241 242 /** 243 * Parses a JWE algorithm from the specified string. 244 * 245 * @param s The string to parse. Must not be {@code null}. 246 * 247 * @return The JWE algorithm (matching standard algorithm constant, else 248 * a newly created algorithm). 249 */ 250 public static JWEAlgorithm parse(final String s) { 251 252 if (s.equals(RSA1_5.getName())) { 253 return RSA1_5; 254 } else if (s.equals(RSA_OAEP.getName())) { 255 return RSA_OAEP; 256 } else if (s.equals(A128KW.getName())) { 257 return A128KW; 258 } else if (s.equals(A192KW.getName())) { 259 return A192KW; 260 } else if (s.equals(A256KW.getName())) { 261 return A256KW; 262 } else if (s.equals(DIR.getName())) { 263 return DIR; 264 } else if (s.equals(ECDH_ES.getName())) { 265 return ECDH_ES; 266 } else if (s.equals(ECDH_ES_A128KW.getName())) { 267 return ECDH_ES_A128KW; 268 } else if (s.equals(ECDH_ES_A192KW.getName())) { 269 return ECDH_ES_A192KW; 270 } else if (s.equals(ECDH_ES_A256KW.getName())) { 271 return ECDH_ES_A256KW; 272 } else if (s.equals(A128GCMKW.getName())) { 273 return A128GCMKW; 274 } else if (s.equals(A192GCMKW.getName())) { 275 return A192GCMKW; 276 } else if (s.equals(A256GCMKW.getName())) { 277 return A256GCMKW; 278 } else if (s.equals(PBES2_HS256_A128KW.getName())) { 279 return PBES2_HS256_A128KW; 280 } else if (s.equals(PBES2_HS384_A192KW.getName())) { 281 return PBES2_HS384_A192KW; 282 } else if (s.equals(PBES2_HS512_A256KW.getName())) { 283 return PBES2_HS512_A256KW; 284 } else { 285 return new JWEAlgorithm(s); 286 } 287 } 288}