Package com.nimbusds.jose

Class EncryptionMethod

java.lang.Object

com.nimbusds.jose.Algorithm

com.nimbusds.jose.EncryptionMethod

All Implemented Interfaces:

Serializable

@Immutable
public final class EncryptionMethod
extends Algorithm

Encryption method name, represents the enc header parameter in JSON Web Encryption (JWE) objects. This class is immutable.

Includes constants for the following encryption method names:

• A128CBC-HS256
• A192CBC-HS384
• A256CBC-HS512
• A128GCM
• A192GCM
• A256GCM
• XC20P
• A128CBC+HS256 (deprecated)
• A256CBC+HS512 (deprecated)

Additional encryption method names can be defined using the constructors.

Version:

2021-08-22

Author:

Vladimir Dzhuvinov

See Also:

Serialized Form

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	EncryptionMethod.Family	Encryption method family.

Field Summary

Fields

Modifier and Type	Field	Description
static EncryptionMethod	A128CBC_HS256	AES_128_CBC_HMAC_SHA_256 authenticated encryption using a 256 bit key (required).
static EncryptionMethod	A128CBC_HS256_DEPRECATED	AES_128_CBC_HMAC_SHA_256 authenticated encryption using a 256 bit key, deprecated in JOSE draft suite version 09.
static EncryptionMethod	A128GCM	AES in Galois/Counter Mode (GCM) (NIST.800-38D) using a 128 bit key (recommended).
static EncryptionMethod	A192CBC_HS384	AES_192_CBC_HMAC_SHA_384 authenticated encryption using a 384 bit key (optional).
static EncryptionMethod	A192GCM	AES in Galois/Counter Mode (GCM) (NIST.800-38D) using a 192 bit key (optional).
static EncryptionMethod	A256CBC_HS512	AES_256_CBC_HMAC_SHA_512 authenticated encryption using a 512 bit key (required).
static EncryptionMethod	A256CBC_HS512_DEPRECATED	AES_256_CBC_HMAC_SHA_512 authenticated encryption using a 512 bit key, deprecated in JOSE draft suite version 09.
static EncryptionMethod	A256GCM	AES in Galois/Counter Mode (GCM) (NIST.800-38D) using a 256 bit key (recommended).
static EncryptionMethod	XC20P	XChaCha: eXtended-nonce ChaCha and AEAD_XChaCha20_Poly1305 (optional)

Fields inherited from class com.nimbusds.jose.Algorithm

NONE

Constructor Summary

Constructors

Constructor	Description
EncryptionMethod(String name)	Creates a new encryption method.
EncryptionMethod(String name, Requirement req)	Creates a new encryption method.
EncryptionMethod(String name, Requirement req, int cekBitLength)	Creates a new encryption method.

Method Summary

Modifier and Type	Method	Description
int	cekBitLength()	Gets the length of the associated Content Encryption Key (CEK).
static EncryptionMethod	parse(String s)	Parses an encryption method from the specified string.

Methods inherited from class com.nimbusds.jose.Algorithm

equals, getName, getRequirement, hashCode, toJSONString, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

A128CBC_HS256

public static final EncryptionMethod A128CBC_HS256

AES_128_CBC_HMAC_SHA_256 authenticated encryption using a 256 bit key (required).

A192CBC_HS384

public static final EncryptionMethod A192CBC_HS384

AES_192_CBC_HMAC_SHA_384 authenticated encryption using a 384 bit key (optional).

A256CBC_HS512

public static final EncryptionMethod A256CBC_HS512

AES_256_CBC_HMAC_SHA_512 authenticated encryption using a 512 bit key (required).

A128CBC_HS256_DEPRECATED

public static final EncryptionMethod A128CBC_HS256_DEPRECATED

AES_128_CBC_HMAC_SHA_256 authenticated encryption using a 256 bit key, deprecated in JOSE draft suite version 09.

A256CBC_HS512_DEPRECATED

public static final EncryptionMethod A256CBC_HS512_DEPRECATED

AES_256_CBC_HMAC_SHA_512 authenticated encryption using a 512 bit key, deprecated in JOSE draft suite version 09.

A128GCM

public static final EncryptionMethod A128GCM

AES in Galois/Counter Mode (GCM) (NIST.800-38D) using a 128 bit key (recommended).

A192GCM

public static final EncryptionMethod A192GCM

AES in Galois/Counter Mode (GCM) (NIST.800-38D) using a 192 bit key (optional).

A256GCM

public static final EncryptionMethod A256GCM

AES in Galois/Counter Mode (GCM) (NIST.800-38D) using a 256 bit key (recommended).

XC20P

public static final EncryptionMethod XC20P

XChaCha: eXtended-nonce ChaCha and AEAD_XChaCha20_Poly1305 (optional)

Constructor Detail

EncryptionMethod

public EncryptionMethod(String name,
                        Requirement req,
                        int cekBitLength)

Creates a new encryption method.

Parameters:

name - The encryption method name. Must not be null.

req - The implementation requirement, null if not known.

cekBitLength - The Content Encryption Key (CEK) bit length, zero if not specified.

EncryptionMethod

public EncryptionMethod(String name,
                        Requirement req)

Creates a new encryption method. The Content Encryption Key (CEK) bit length is not specified.

Parameters:

name - The encryption method name. Must not be null.

req - The implementation requirement, null if not known.

EncryptionMethod

public EncryptionMethod(String name)

Creates a new encryption method. The implementation requirement and the Content Encryption Key (CEK) bit length are not specified.

Parameters:

name - The encryption method name. Must not be null.

Method Detail

cekBitLength

public int cekBitLength()

Gets the length of the associated Content Encryption Key (CEK).

Returns:

The Content Encryption Key (CEK) bit length, zero if not specified.

parse

public static EncryptionMethod parse(String s)

Parses an encryption method from the specified string.

Parameters:

s - The string to parse. Must not be null.

Returns:

The encryption method (matching standard algorithm constant, else a newly created algorithm).