Package org.forgerock.json.jose.jwe

Enum Class EncryptionMethod

java.lang.Object
java.lang.Enum<EncryptionMethod>
org.forgerock.json.jose.jwe.EncryptionMethod
All Implemented Interfaces:
Serializable, Comparable<EncryptionMethod>, Constable
public enum EncryptionMethod extends Enum<EncryptionMethod>
An Enum of the possible encryption methods that can be used when encrypting a JWT.

Since:
2.0.0
See Also:

  • Nested Class Summary

    Nested classes/interfaces inherited from class java.lang.Enum

    Enum.EnumDesc<E extends Enum<E>>

  • Enum Constant Summary

    Enum Constants
    Enum Constant
    Description
    A128CBC_HS256
    AES encryption in CBC mode with PKCS5 Padding and a 128 bit length, AES encryption for CEK, HMAC using SHA-256 hash algorithm for authentication tag.
    A128GCM
    AES encryption in Galois Counter Mode (GCM) with a 128 bit key length.
    A192CBC_HS384
    AES encryption in CBC mode with PKCS5 Padding and a 192 bit length, AES encryption for CEK, HMAC using SHA-384 hash algorithm for the authentication tag.
    A192GCM
    AES encryption in Galois Counter Mode (GCM) with a 192 bit key length.
    A256CBC_HS512
    AES encryption in CBC mode with PKCS5 Padding and a 256 bit length, AES encryption for CEK, HMAC using SHA-256 hash algorithm for authentication tag.
    A256GCM
    AES encryption in Galois Counter Mode (GCM) with a 256 bit key length.
    CC20_P1305
    The ChaCha20-Poly1305 algorithm as described in RFC 7539.
    XC20_P1305
    The XChaCha20-Poly1305 algorithm as used in libsodium, Wireguard, etc.

  • Method Summary

    Modifier and Type
    Method
    Description
    String
    getEncryptionAlgorithm()
    Gets the Java Cryptographic algorithm name for the algorithm that will create the Content Encryption Key (CEK).
    String
    getJweStandardName()
    Returns the JWE standard encryption method name for this encryption method.
    int
    getKeyOffset()
    Gets the number of octets in each of the CEK and MAC key.
    int
    getKeySize()
    Gets the bit length of the Content Encryption Key (CEK).
    String
    getMacAlgorithm()
    Gets the Java Cryptographic algorithm name for the algorithm that will generate the MAC key.
    String
    getName()
    Gets the full name of the encryption method.
    String
    getTransformation()
    Gets the Java Cryptographic algorithm name for the algorithm that will eb used to encrypt the plaintext.
    static EncryptionMethod
    parseMethod(String method)
    Parses the given algorithm string to find the matching EncryptionMethod enum constant.
    String
    toString()
    Turns the EncryptionMethod constant into a JSON value string.
    static EncryptionMethod
    valueOf(String name)
    Returns the enum constant of this class with the specified name.
    static EncryptionMethod[]
    values()
    Returns an array containing the constants of this enum class, in the order they are declared.

    Methods inherited from class java.lang.Enum

    clone, compareTo, describeConstable, equals, finalize, getDeclaringClass, hashCode, name, ordinal, valueOf

    Methods inherited from class java.lang.Object

    getClass, notify, notifyAll, wait, wait, wait

  • Enum Constant Details

    • A128CBC_HS256

      public static final EncryptionMethod A128CBC_HS256
      AES encryption in CBC mode with PKCS5 Padding and a 128 bit length, AES encryption for CEK, HMAC using SHA-256 hash algorithm for authentication tag.

    • A192CBC_HS384

      public static final EncryptionMethod A192CBC_HS384
      AES encryption in CBC mode with PKCS5 Padding and a 192 bit length, AES encryption for CEK, HMAC using SHA-384 hash algorithm for the authentication tag.

    • A256CBC_HS512

      public static final EncryptionMethod A256CBC_HS512
      AES encryption in CBC mode with PKCS5 Padding and a 256 bit length, AES encryption for CEK, HMAC using SHA-256 hash algorithm for authentication tag.

    • A128GCM

      public static final EncryptionMethod A128GCM
      AES encryption in Galois Counter Mode (GCM) with a 128 bit key length.

    • A192GCM

      public static final EncryptionMethod A192GCM
      AES encryption in Galois Counter Mode (GCM) with a 192 bit key length.

    • A256GCM

      public static final EncryptionMethod A256GCM
      AES encryption in Galois Counter Mode (GCM) with a 256 bit key length.

    • CC20_P1305

      public static final EncryptionMethod CC20_P1305
      The ChaCha20-Poly1305 algorithm as described in RFC 7539. This takes a 256-bit key, a 96-bit nonce, and produces a ciphertext and a 128-bit authentication tag.

    • XC20_P1305

      public static final EncryptionMethod XC20_P1305
      The XChaCha20-Poly1305 algorithm as used in libsodium, Wireguard, etc. This is a variant of CC20_P1305 that takes a 192-bit random nonce and uses the first 128-bits to derive a unique per-message key. The remaining bytes of the nonce and the fresh key are then used with CC20_P1305. This allows using random nonces, which are much easier to generate safely, for encrypting up to 280 messages with the same key.

  • Method Details

    • values

      public static EncryptionMethod[] values()
      Returns an array containing the constants of this enum class, in the order they are declared.
      Returns:
      an array containing the constants of this enum class, in the order they are declared

    • valueOf

      public static EncryptionMethod valueOf(String name)
      Returns the enum constant of this class with the specified name. The string must match exactly an identifier used to declare an enum constant in this class. (Extraneous whitespace characters are not permitted.)
      Parameters:
      name - the name of the enum constant to be returned.
      Returns:
      the enum constant with the specified name
      Throws:
      IllegalArgumentException - if this enum class has no constant with the specified name
      NullPointerException - if the argument is null

    • getName

      public String getName()
      Gets the full name of the encryption method.
      Returns:
      The name of the encryption method.

    • getTransformation

      public String getTransformation()
      Gets the Java Cryptographic algorithm name for the algorithm that will eb used to encrypt the plaintext.
      Returns:
      The transformation algorithm.

    • getMacAlgorithm

      public String getMacAlgorithm()
      Gets the Java Cryptographic algorithm name for the algorithm that will generate the MAC key.
      Returns:
      The mac algorithm.

    • getEncryptionAlgorithm

      public String getEncryptionAlgorithm()
      Gets the Java Cryptographic algorithm name for the algorithm that will create the Content Encryption Key (CEK).
      Returns:
      The encryption algorithm.

    • getKeyOffset

      public int getKeyOffset()
      Gets the number of octets in each of the CEK and MAC key.
      Returns:
      The Key Offset.

    • getKeySize

      public int getKeySize()
      Gets the bit length of the Content Encryption Key (CEK).
      Returns:
      The key size.

    • parseMethod

      public static EncryptionMethod parseMethod(String method)
      Parses the given algorithm string to find the matching EncryptionMethod enum constant.
      Parameters:
      method - The encryption method.
      Returns:
      The EncryptionMethod enum.

    • getJweStandardName

      public String getJweStandardName()
      Returns the JWE standard encryption method name for this encryption method. For example A128GCM or A256CBC-HS512.
      Returns:
      the standard JWE name for this encryption method.

    • toString

      public String toString()
      Turns the EncryptionMethod constant into a JSON value string.
      Overrides:
      toString in class Enum<EncryptionMethod>
      Returns: