001/*
002 * nimbus-jose-jwt
003 *
004 * Copyright 2012-2016, Connect2id Ltd.
005 *
006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use
007 * this file except in compliance with the License. You may obtain a copy of the
008 * License at
009 *
010 *    http://www.apache.org/licenses/LICENSE-2.0
011 *
012 * Unless required by applicable law or agreed to in writing, software distributed
013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the
015 * specific language governing permissions and limitations under the License.
016 */
017
018package com.nimbusds.jose.jwk;
019
020
021import java.text.ParseException;
022import java.util.LinkedHashSet;
023import java.util.List;
024import java.util.Set;
025
026
027/**
028 * Enumeration of key operations. Represents the {@code key_ops} parameter in a
029 * JSON Web Key (JWK).
030 *
031 * <p>JWK operation values:
032 *
033 * <ul>
034 *     <li>{@link #SIGN sign}
035 *     <li>{@link #VERIFY verify}
036 *     <li>{@link #ENCRYPT encrypt}
037 *     <li>{@link #DECRYPT decrypt}
038 *     <li>{@link #WRAP_KEY wrapKey}
039 *     <li>{@link #UNWRAP_KEY unwrapKey}
040 *     <li>{@link #DERIVE_KEY deriveKey}
041 *     <li>{@link #DERIVE_BITS deriveBits}
042 * </ul>
043 *
044 * @author Vladimir Dzhuvinov
045 * @version 2014-04-02
046 */
047public enum KeyOperation {
048
049
050        /**
051         * Compute signature or MAC.
052         */
053        SIGN("sign"),
054
055
056        /**
057         * Verify signature or MAC.
058         */
059        VERIFY("verify"),
060
061
062        /**
063         * Encrypt content.
064         */
065        ENCRYPT("encrypt"),
066
067
068        /**
069         * Decrypt content and validate decryption, if applicable.
070         */
071        DECRYPT("decrypt"),
072
073
074        /**
075         * Encrypt key.
076         */
077        WRAP_KEY("wrapKey"),
078
079
080        /**
081         * Decrypt key and validate decryption, if applicable.
082         */
083        UNWRAP_KEY("unwrapKey"),
084
085
086        /**
087         * Derive key.
088         */
089        DERIVE_KEY("deriveKey"),
090
091
092        /**
093         * Derive bits not to be used as a key.
094         */
095        DERIVE_BITS("deriveBits");
096
097
098        /**
099         * The key operation identifier.
100         */
101        private final String identifier;
102
103
104        /**
105         * Creates a new key operation with the specified identifier.
106         *
107         * @param identifier The key operation identifier. Must not be
108         *                   {@code null}.
109         */
110        KeyOperation(final String identifier) {
111
112                if (identifier == null)
113                        throw new IllegalArgumentException("The key operation identifier must not be null");
114
115                this.identifier = identifier;
116        }
117
118
119        /**
120         * Returns the identifier of this public key use.
121         *
122         * @return The identifier.
123         */
124        public String identifier() {
125
126                return identifier;
127        }
128
129
130        /**
131         * @see #identifier()
132         */
133        @Override
134        public String toString() {
135
136                return identifier();
137        }
138
139
140        /**
141         * Parses a key operation set from the specified JWK {@code key_ops}
142         * parameter value.
143         *
144         * @param sl The string list to parse. May be {@code null}.
145         *
146         * @return The key operation set, {@code null} if none.
147         *
148         * @throws ParseException If the string list couldn't be parsed to a
149         *                        valid key operation list.
150         */
151        public static Set<KeyOperation> parse(final List<String> sl)
152                throws ParseException {
153
154                if (sl == null) {
155                        return null;
156                }
157
158                Set<KeyOperation> keyOps = new LinkedHashSet<>();
159
160                for (String s: sl) {
161
162                        if (s == null) {
163                                // skip
164                                continue;
165                        }
166
167                        KeyOperation parsedOp = null;
168
169                        for (KeyOperation op: KeyOperation.values()) {
170
171                                if (s.equals(op.identifier())) {
172                                        parsedOp = op;
173                                        break;
174                                }
175                        }
176
177                        if (parsedOp != null) {
178                                keyOps.add(parsedOp);
179                        }
180                        else {
181                                throw new ParseException("Invalid JWK operation: " + s, 0);
182                        }
183                }
184
185                return keyOps;
186        }
187}