Package org.forgerock.json.jose.jwe
Enum Class JweAlgorithm
- All Implemented Interfaces:
Serializable
,Comparable<JweAlgorithm>
,Constable
,Algorithm
An Enum of the possible encryption algorithms that can be used to encrypt a JWT.
- Since:
- 2.0.0
- See Also:
-
Nested Class Summary
Nested classes/interfaces inherited from class java.lang.Enum
Enum.EnumDesc<E extends Enum<E>>
-
Enum Constant Summary
Enum ConstantDescriptionAES-128 KeyWrap.AES-192 KeyWrap.AES-256 KeyWrap.Direct encryption with a shared symmetric key.Elliptic Curve Diffie-Hellman (ECDH) key agreement, directly using the derived key for encryption.Elliptic Curve Diffie-Hellman (ECDH) key agreement using the derived key for 128-bit AES Key Wrapping.Elliptic Curve Diffie-Hellman (ECDH) key agreement using the derived key for 192-bit AES Key Wrapping.Elliptic Curve Diffie-Hellman (ECDH) key agreement using the derived key for 256-bit AES Key Wrapping.RSA in ECB mode with OAEP with SHA-1 and MGF1 padding.RSA in ECB mode with OAEP with SHA-256 and MGF1 with SHA-256 padding.Deprecated.RSA1_5 is an insecure encryption mode. -
Method Summary
Modifier and TypeMethodDescriptionGets the actual name of the algorithm that is understood by Java cryptographic operations.Gets the JweAlgorithmType of the JweAlgorithm.getDecryptionPurpose
(String label) Returns aPurpose
that can be used to retrieve keys that are suitable for decryption with this JWE algorithm.getEncryptionPurpose
(String label) Returns aPurpose
that can be used to retrieve keys that are suitable for encryption with this JWE algorithm.Gets the name of the algorithm as defined in the JWA standard.For ECDH-ES key agreement modes, this indicates the key wrapping mode that should be applied to the resulting derived key.boolean
Indicates whether the encryption algorithm ensures authenticity of data origin as well as confidentiality and integrity.boolean
Indicates whether the algorithm uses the same key for both encryption and decryption operations (symmetric encryption).static JweAlgorithm
parseAlgorithm
(String jwaAlgorithmName) Parses the given algorithm string to find the matching Jwe algorithm enum constant.toString()
Turns the JweAlgorithm constant into a JSON value string.static JweAlgorithm
Returns the enum constant of this class with the specified name.static JweAlgorithm[]
values()
Returns an array containing the constants of this enum class, in the order they are declared.
-
Enum Constant Details
-
RSAES_PKCS1_V1_5
Deprecated.RSA1_5 is an insecure encryption mode. UseRSA_OAEP_256
instead.RSA in ECB mode with PKCS1 Padding. -
RSA_OAEP
RSA in ECB mode with OAEP with SHA-1 and MGF1 padding. -
RSA_OAEP_256
RSA in ECB mode with OAEP with SHA-256 and MGF1 with SHA-256 padding. -
DIRECT
Direct encryption with a shared symmetric key. -
A128KW
AES-128 KeyWrap. -
A192KW
AES-192 KeyWrap. -
A256KW
AES-256 KeyWrap. -
ECDH_ES
Elliptic Curve Diffie-Hellman (ECDH) key agreement, directly using the derived key for encryption. -
ECDH_ES_A128KW
Elliptic Curve Diffie-Hellman (ECDH) key agreement using the derived key for 128-bit AES Key Wrapping. -
ECDH_ES_A192KW
Elliptic Curve Diffie-Hellman (ECDH) key agreement using the derived key for 192-bit AES Key Wrapping. -
ECDH_ES_A256KW
Elliptic Curve Diffie-Hellman (ECDH) key agreement using the derived key for 256-bit AES Key Wrapping.
-
-
Method Details
-
values
Returns an array containing the constants of this enum class, in the order they are declared.- Returns:
- an array containing the constants of this enum class, in the order they are declared
-
valueOf
Returns the enum constant of this class with the specified name. The string must match exactly an identifier used to declare an enum constant in this class. (Extraneous whitespace characters are not permitted.)- Parameters:
name
- the name of the enum constant to be returned.- Returns:
- the enum constant with the specified name
- Throws:
IllegalArgumentException
- if this enum class has no constant with the specified nameNullPointerException
- if the argument is null
-
getAlgorithm
Description copied from interface:Algorithm
Gets the actual name of the algorithm that is understood by Java cryptographic operations.- Specified by:
getAlgorithm
in interfaceAlgorithm
- Returns:
- The name of the algorithm.
-
getJwaAlgorithmName
Description copied from interface:Algorithm
Gets the name of the algorithm as defined in the JWA standard.- Specified by:
getJwaAlgorithmName
in interfaceAlgorithm
- Returns:
- The name of the algorithm.
-
getKeyWrappingAlgorithm
For ECDH-ES key agreement modes, this indicates the key wrapping mode that should be applied to the resulting derived key. This will either be theDIRECT
mode or one of theA128KW
,A192KW
orA256KW
symmetric key wrapping modes. For non-ECDH modes this will always be null.- Returns:
- the ECDH key wrapping algorithm to use or null if this is not a key agreement mode.
-
getAlgorithmType
Gets the JweAlgorithmType of the JweAlgorithm.- Returns:
- The JweAlgorithmType.
-
parseAlgorithm
Parses the given algorithm string to find the matching Jwe algorithm enum constant.- Parameters:
jwaAlgorithmName
- The encryption JWA algorithm name.- Returns:
- The JweAlgorithm enum.
-
toString
Turns the JweAlgorithm constant into a JSON value string.- Overrides:
toString
in classEnum<JweAlgorithm>
- Returns:
-
isAuthenticated
public boolean isAuthenticated()Indicates whether the encryption algorithm ensures authenticity of data origin as well as confidentiality and integrity. Authenticated encryption algorithms may be used without a separate signature.- Returns:
- true if the algorithm provides authenticated encryption.
-
isSymmetric
public boolean isSymmetric()Indicates whether the algorithm uses the same key for both encryption and decryption operations (symmetric encryption). Otherwise, a public key is used for encryption and a corresponding private key for decryption.- Specified by:
isSymmetric
in interfaceAlgorithm
- Returns:
true
if the algorithm is symmetric, orfalse
if it is a public key algorithm.
-
getEncryptionPurpose
Returns aPurpose
that can be used to retrieve keys that are suitable for encryption with this JWE algorithm. The returned purpose is constrained to only allow keys that support this JWE algorithm.- Parameters:
label
- the purpose label.- Returns:
- a purpose with the given label and an appropriate key type.
-
getDecryptionPurpose
Returns aPurpose
that can be used to retrieve keys that are suitable for decryption with this JWE algorithm. The returned purpose is constrained to only allow keys that support this JWE algorithm.- Parameters:
label
- the purpose label.- Returns:
- a purpose with the given label and an appropriate key type.
-