Source code

001package com.nimbusds.jose;
002
003
004import net.jcip.annotations.Immutable;
005
006
007/**
008 * Encryption method name, represents the {@code enc} header parameter in JSON
009 * Web Encryption (JWE) objects. This class is immutable.
010 *
011 * <p>Includes constants for the following standard encryption method names:
012 *
013 * <ul>
014 *     <li>{@link #A128CBC_HS256 A128CBC-HS256}
015 *     <li>{@link #A192CBC_HS384 A192CBC-HS384}
016 *     <li>{@link #A256CBC_HS512 A256CBC-HS512}
017 *     <li>{@link #A128GCM}
018 *     <li>{@link #A192GCM}
019 *     <li>{@link #A256GCM}
020 * </ul>
021 *
022 * <p>Additional encryption method names can be defined using the constructors.
023 *
024 * @author Vladimir Dzhuvinov
025 * @version $version$ (2013-08-20)
026 */
027@Immutable
028public final class EncryptionMethod extends Algorithm {
029
030
031        /**
032         * The Content Encryption Key (CEK) bit length, zero if not specified.
033         */
034        private final int cekBitLength;
035
036
037        /**
038         * AES_128_CBC_HMAC_SHA_256 authenticated encryption using a 256 bit 
039         * key (required).
040         */
041        public static final EncryptionMethod A128CBC_HS256 = 
042                new EncryptionMethod("A128CBC-HS256", Requirement.REQUIRED, 256);
043
044
045        /**
046         * AES_192_CBC_HMAC_SHA_384 authenticated encryption using a 384 bit
047         * key (optional).
048         */
049        public static final EncryptionMethod A192CBC_HS384 =
050                new EncryptionMethod("A192CBC-HS384", Requirement.OPTIONAL, 384);
051
052
053        /**
054         * AES_256_CBC_HMAC_SHA_512 authenticated encryption using a 512 bit
055         * key (required).
056         */
057        public static final EncryptionMethod A256CBC_HS512 = 
058                new EncryptionMethod("A256CBC-HS512", Requirement.REQUIRED, 512);
059
060
061        /**
062         * AES in Galois/Counter Mode (GCM) (NIST.800-38D) using a 128 bit key 
063         * (recommended).
064         */
065        public static final EncryptionMethod A128GCM = 
066                new EncryptionMethod("A128GCM", Requirement.RECOMMENDED, 128);
067
068
069        /**
070         * AES in Galois/Counter Mode (GCM) (NIST.800-38D) using a 192 bit key
071         * (optional).
072         */
073        public static final EncryptionMethod A192GCM =
074                new EncryptionMethod("A192GCM", Requirement.OPTIONAL, 192);
075
076
077        /**
078         * AES in Galois/Counter Mode (GCM) (NIST.800-38D) using a 256 bit key 
079         * (recommended).
080         */
081        public static final EncryptionMethod A256GCM = 
082                new EncryptionMethod("A256GCM", Requirement.RECOMMENDED, 256);
083
084
085        /**
086         * Creates a new encryption method.
087         *
088         * @param name         The encryption method name. Must not be 
089         *                     {@code null}.
090         * @param req          The implementation requirement, {@code null} if 
091         *                     not known.
092         * @param cekBitLength The Content Encryption Key (CEK) bit length, 
093         *                     zero if not specified.
094         */
095        public EncryptionMethod(final String name, final Requirement req, final int cekBitLength) {
096
097                super(name, req);
098
099                this.cekBitLength = cekBitLength;
100        }
101
102
103        /**
104         * Creates a new encryption method. The Content Encryption Key (CEK)
105         * bit length is not specified.
106         *
107         * @param name The encryption method name. Must not be {@code null}.
108         * @param req  The implementation requirement, {@code null} if not 
109         *             known.
110         */
111        public EncryptionMethod(final String name, final Requirement req) {
112
113                this(name, req, 0);
114        }
115
116
117        /**
118         * Creates a new encryption method. The implementation requirement and
119         * the Content Encryption Key (CEK) bit length are not specified.
120         *
121         * @param name The encryption method name. Must not be {@code null}.
122         */
123        public EncryptionMethod(final String name) {
124
125                this(name, null, 0);
126        }
127
128
129        /**
130         * Gets the length of the associated Content Encryption Key (CEK).
131         *
132         * @return The Content Encryption Key (CEK) bit length, zero if not 
133         *         specified.
134         */
135        public int cekBitLength() {
136
137                return cekBitLength;
138        }
139
140
141        /**
142         * Parses an encryption method from the specified string.
143         *
144         * @param s The string to parse. Must not be {@code null}.
145         *
146         * @return The encryption method  (matching standard algorithm
147         *         constant, else a newly created algorithm).
148         */
149        public static EncryptionMethod parse(final String s) {
150
151                if (s.equals(A128CBC_HS256.getName())) {
152
153                        return A128CBC_HS256;
154
155                } else if (s.equals(A192CBC_HS384.getName())) {
156
157                        return A192CBC_HS384;
158
159                } else if (s.equals(A256CBC_HS512.getName())) {
160
161                        return A256CBC_HS512;
162
163                } else if (s.equals(A128GCM.getName())) {
164
165                        return A128GCM;
166
167                } else if (s.equals(A192GCM.getName())) {
168
169                        return A192GCM;
170
171                } else if (s.equals(A256GCM.getName())) {
172
173                        return A256GCM;
174
175                } else {
176
177                        return new EncryptionMethod(s);
178                }
179        }
180}