Package org.forgerock.json.jose.jwe

Enum Class JweAlgorithm

java.lang.Object
java.lang.Enum<JweAlgorithm>
org.forgerock.json.jose.jwe.JweAlgorithm
All Implemented Interfaces:
Serializable, Comparable<JweAlgorithm>, Constable, Algorithm
public enum JweAlgorithm extends Enum<JweAlgorithm> implements Algorithm
An Enum of the possible encryption algorithms that can be used to encrypt a JWT.

Since:
2.0.0
See Also:

  • Enum Constant Details

    • RSAES_PKCS1_V1_5

      @Deprecated public static final JweAlgorithm RSAES_PKCS1_V1_5
      Deprecated.
      RSA1_5 is an insecure encryption mode. Use RSA_OAEP_256 instead.
      RSA in ECB mode with PKCS1 Padding.

    • RSA_OAEP

      public static final JweAlgorithm RSA_OAEP
      RSA in ECB mode with OAEP with SHA-1 and MGF1 padding.

    • RSA_OAEP_256

      public static final JweAlgorithm RSA_OAEP_256
      RSA in ECB mode with OAEP with SHA-256 and MGF1 with SHA-256 padding.

    • DIRECT

      public static final JweAlgorithm DIRECT
      Direct encryption with a shared symmetric key.

    • A128KW

      public static final JweAlgorithm A128KW
      AES-128 KeyWrap.

    • A192KW

      public static final JweAlgorithm A192KW
      AES-192 KeyWrap.

    • A256KW

      public static final JweAlgorithm A256KW
      AES-256 KeyWrap.

    • ECDH_ES

      public static final JweAlgorithm ECDH_ES
      Elliptic Curve Diffie-Hellman (ECDH) key agreement, directly using the derived key for encryption.

    • ECDH_ES_A128KW

      public static final JweAlgorithm ECDH_ES_A128KW
      Elliptic Curve Diffie-Hellman (ECDH) key agreement using the derived key for 128-bit AES Key Wrapping.

    • ECDH_ES_A192KW

      public static final JweAlgorithm ECDH_ES_A192KW
      Elliptic Curve Diffie-Hellman (ECDH) key agreement using the derived key for 192-bit AES Key Wrapping.

    • ECDH_ES_A256KW

      public static final JweAlgorithm ECDH_ES_A256KW
      Elliptic Curve Diffie-Hellman (ECDH) key agreement using the derived key for 256-bit AES Key Wrapping.

  • Method Details

    • values

      public static JweAlgorithm[] values()
      Returns an array containing the constants of this enum class, in the order they are declared.
      Returns:
      an array containing the constants of this enum class, in the order they are declared

    • valueOf

      public static JweAlgorithm valueOf(String name)
      Returns the enum constant of this class with the specified name. The string must match exactly an identifier used to declare an enum constant in this class. (Extraneous whitespace characters are not permitted.)
      Parameters:
      name - the name of the enum constant to be returned.
      Returns:
      the enum constant with the specified name
      Throws:
      IllegalArgumentException - if this enum class has no constant with the specified name
      NullPointerException - if the argument is null

    • getAlgorithm

      public String getAlgorithm()
      Description copied from interface: Algorithm
      Gets the actual name of the algorithm that is understood by Java cryptographic operations.
      Specified by:
      getAlgorithm in interface Algorithm
      Returns:
      The name of the algorithm.

    • getJwaAlgorithmName

      public String getJwaAlgorithmName()
      Description copied from interface: Algorithm
      Gets the name of the algorithm as defined in the JWA standard.
      Specified by:
      getJwaAlgorithmName in interface Algorithm
      Returns:
      The name of the algorithm.

    • getKeyWrappingAlgorithm

      public JweAlgorithm getKeyWrappingAlgorithm()
      For ECDH-ES key agreement modes, this indicates the key wrapping mode that should be applied to the resulting derived key. This will either be the DIRECT mode or one of the A128KW, A192KW or A256KW symmetric key wrapping modes. For non-ECDH modes this will always be null.
      Returns:
      the ECDH key wrapping algorithm to use or null if this is not a key agreement mode.

    • getAlgorithmType

      public JweAlgorithmType getAlgorithmType()
      Gets the JweAlgorithmType of the JweAlgorithm.
      Returns:
      The JweAlgorithmType.

    • parseAlgorithm

      public static JweAlgorithm parseAlgorithm(String jwaAlgorithmName)
      Parses the given algorithm string to find the matching Jwe algorithm enum constant.
      Parameters:
      jwaAlgorithmName - The encryption JWA algorithm name.
      Returns:
      The JweAlgorithm enum.

    • toString

      public String toString()
      Turns the JweAlgorithm constant into a JSON value string.
      Overrides:
      toString in class Enum<JweAlgorithm>
      Returns:

    • isAuthenticated

      public boolean isAuthenticated()
      Indicates whether the encryption algorithm ensures authenticity of data origin as well as confidentiality and integrity. Authenticated encryption algorithms may be used without a separate signature.
      Returns:
      true if the algorithm provides authenticated encryption.

    • isSymmetric

      public boolean isSymmetric()
      Indicates whether the algorithm uses the same key for both encryption and decryption operations (symmetric encryption). Otherwise, a public key is used for encryption and a corresponding private key for decryption.
      Specified by:
      isSymmetric in interface Algorithm
      Returns:
      true if the algorithm is symmetric, or false if it is a public key algorithm.

    • getEncryptionPurpose

      public Purpose<? extends CryptoKey> getEncryptionPurpose(String label)
      Returns a Purpose that can be used to retrieve keys that are suitable for encryption with this JWE algorithm. The returned purpose is constrained to only allow keys that support this JWE algorithm.
      Parameters:
      label - the purpose label.
      Returns:
      a purpose with the given label and an appropriate key type.

    • getDecryptionPurpose

      public Purpose<? extends CryptoKey> getDecryptionPurpose(String label)
      Returns a Purpose that can be used to retrieve keys that are suitable for decryption with this JWE algorithm. The returned purpose is constrained to only allow keys that support this JWE algorithm.
      Parameters:
      label - the purpose label.
      Returns:
      a purpose with the given label and an appropriate key type.