001/* 002 * nimbus-jose-jwt 003 * 004 * Copyright 2012-2016, Connect2id Ltd. 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use 007 * this file except in compliance with the License. You may obtain a copy of the 008 * License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software distributed 013 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 014 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 015 * specific language governing permissions and limitations under the License. 016 */ 017 018package com.nimbusds.jose.jwk; 019 020 021import java.text.ParseException; 022import java.util.LinkedHashSet; 023import java.util.List; 024import java.util.Set; 025 026 027/** 028 * Enumeration of key operations. Represents the {@code key_ops} parameter in a 029 * JSON Web Key (JWK). 030 * 031 * <p>JWK operation values: 032 * 033 * <ul> 034 * <li>{@link #SIGN sign} 035 * <li>{@link #VERIFY verify} 036 * <li>{@link #ENCRYPT encrypt} 037 * <li>{@link #DECRYPT decrypt} 038 * <li>{@link #WRAP_KEY wrapKey} 039 * <li>{@link #UNWRAP_KEY unwrapKey} 040 * <li>{@link #DERIVE_KEY deriveKey} 041 * <li>{@link #DERIVE_BITS deriveBits} 042 * </ul> 043 * 044 * @author Vladimir Dzhuvinov 045 * @version 2014-04-02 046 */ 047public enum KeyOperation { 048 049 050 /** 051 * Compute signature or MAC. 052 */ 053 SIGN("sign"), 054 055 056 /** 057 * Verify signature or MAC. 058 */ 059 VERIFY("verify"), 060 061 062 /** 063 * Encrypt content. 064 */ 065 ENCRYPT("encrypt"), 066 067 068 /** 069 * Decrypt content and validate decryption, if applicable. 070 */ 071 DECRYPT("decrypt"), 072 073 074 /** 075 * Encrypt key. 076 */ 077 WRAP_KEY("wrapKey"), 078 079 080 /** 081 * Decrypt key and validate decryption, if applicable. 082 */ 083 UNWRAP_KEY("unwrapKey"), 084 085 086 /** 087 * Derive key. 088 */ 089 DERIVE_KEY("deriveKey"), 090 091 092 /** 093 * Derive bits not to be used as a key. 094 */ 095 DERIVE_BITS("deriveBits"); 096 097 098 /** 099 * The key operation identifier. 100 */ 101 private final String identifier; 102 103 104 /** 105 * Creates a new key operation with the specified identifier. 106 * 107 * @param identifier The key operation identifier. Must not be 108 * {@code null}. 109 */ 110 KeyOperation(final String identifier) { 111 112 if (identifier == null) 113 throw new IllegalArgumentException("The key operation identifier must not be null"); 114 115 this.identifier = identifier; 116 } 117 118 119 /** 120 * Returns the identifier of this public key use. 121 * 122 * @return The identifier. 123 */ 124 public String identifier() { 125 126 return identifier; 127 } 128 129 130 /** 131 * @see #identifier() 132 */ 133 @Override 134 public String toString() { 135 136 return identifier(); 137 } 138 139 140 /** 141 * Parses a key operation set from the specified JWK {@code key_ops} 142 * parameter value. 143 * 144 * @param sl The string list to parse. May be {@code null}. 145 * 146 * @return The key operation set, {@code null} if none. 147 * 148 * @throws ParseException If the string list couldn't be parsed to a 149 * valid key operation list. 150 */ 151 public static Set<KeyOperation> parse(final List<String> sl) 152 throws ParseException { 153 154 if (sl == null) { 155 return null; 156 } 157 158 Set<KeyOperation> keyOps = new LinkedHashSet<>(); 159 160 for (String s: sl) { 161 162 if (s == null) { 163 // skip 164 continue; 165 } 166 167 KeyOperation parsedOp = null; 168 169 for (KeyOperation op: KeyOperation.values()) { 170 171 if (s.equals(op.identifier())) { 172 parsedOp = op; 173 break; 174 } 175 } 176 177 if (parsedOp != null) { 178 keyOps.add(parsedOp); 179 } 180 else { 181 throw new ParseException("Invalid JWK operation: " + s, 0); 182 } 183 } 184 185 return keyOps; 186 } 187}