001/* 002 * The contents of this file are subject to the terms of the Common Development and 003 * Distribution License (the License). You may not use this file except in compliance with the 004 * License. 005 * 006 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the 007 * specific language governing permission and limitations under the License. 008 * 009 * When distributing Covered Software, include this CDDL Header Notice in each file and include 010 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL 011 * Header, with the fields enclosed by brackets [] replaced by your own identifying 012 * information: "Portions copyright [year] [name of copyright owner]". 013 * 014 * Copyright 2013-2017 ForgeRock AS. 015 */ 016 017package org.forgerock.json.jose.jwe; 018 019import org.forgerock.json.jose.exceptions.JweException; 020import org.forgerock.json.jose.jwt.Algorithm; 021 022/** 023 * An Enum of the possible encryption algorithms that can be used to encrypt a JWT. 024 * <p> 025 * @see <a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-11#section-4.1">JWE Algorithms</a> 026 * 027 * @since 2.0.0 028 */ 029public enum JweAlgorithm implements Algorithm { 030 031 /** RSA in ECB mode with PKCS1 Padding. */ 032 RSAES_PKCS1_V1_5("RSA1_5", "RSA/ECB/PKCS1Padding", JweAlgorithmType.RSA), 033 /** RSA in ECB mode with OAEP with SHA-1 and MGF1 padding.*/ 034 RSA_OAEP("RSA-OAEP", "RSA/ECB/OAEPWithSHA-1AndMGF1Padding", JweAlgorithmType.RSA), 035 /** RSA in ECB mode with OAEP with SHA-256 and MGF1 with SHA-256 padding. */ 036 RSA_OAEP_256("RSA-OAEP-256", "RSA/ECB/OAEPWithSHA-256AndMGF1Padding", JweAlgorithmType.RSA), 037 /** Direct encryption with a shared symmetric key. */ 038 DIRECT("dir", null, JweAlgorithmType.DIRECT), 039 /** AES-128 KeyWrap. */ 040 A128KW("A128KW", "AESWrap", JweAlgorithmType.AES_KEYWRAP), 041 /** AES-192 KeyWrap. */ 042 A192KW("A192KW", "AESWrap", JweAlgorithmType.AES_KEYWRAP), 043 /** AES-256 KeyWrap. */ 044 A256KW("A256KW", "AESWrap", JweAlgorithmType.AES_KEYWRAP); 045 046 private final String name; 047 private final String transformation; 048 private final JweAlgorithmType algorithmType; 049 050 /** 051 * Constructs a new JweAlgorithm with the Java Cryptographic string name of the algorithm and The JweAlgorithmType 052 * of the algorithm. 053 * 054 * @param name The header name of the algorithm. 055 * @param transformation The Java Cryptographic algorithm name 056 * @param algorithmType The JweAlgorithmType of the JweAlgorithm. 057 */ 058 JweAlgorithm(String name, String transformation, JweAlgorithmType algorithmType) { 059 this.name = name; 060 this.transformation = transformation; 061 this.algorithmType = algorithmType; 062 } 063 064 @Override 065 public String getAlgorithm() { 066 return transformation; 067 } 068 069 @Override 070 public String getJwaAlgorithmName() { 071 return name; 072 } 073 074 /** 075 * Gets the JweAlgorithmType of the JweAlgorithm. 076 * 077 * @return The JweAlgorithmType. 078 */ 079 public JweAlgorithmType getAlgorithmType() { 080 return algorithmType; 081 } 082 083 /** 084 * Parses the given algorithm string to find the matching EncryptionMethod enum constant. 085 * 086 * @param algorithm The encryption algorithm. 087 * @return The JweAlgorithm enum. 088 */ 089 public static JweAlgorithm parseAlgorithm(String algorithm) { 090 for (JweAlgorithm alg : JweAlgorithm.values()) { 091 if (alg.name.equals(algorithm)) { 092 return alg; 093 } 094 } 095 // Compatibility fix: previous version of that library used to issue a wrong 096 // (non-standard) algorithm name. When reconstructing old JWTs, we have to recognize 097 // these old values ('RSAES_PKCS1_V1_5') 098 if (RSAES_PKCS1_V1_5.name().equals(algorithm)) { 099 return RSAES_PKCS1_V1_5; 100 } 101 throw new JweException("Unknown Encryption Algorithm, " + algorithm); 102 } 103 104 /** 105 * Turns the JweAlgorithm constant into a JSON value string. 106 * 107 * @return {@inheritDoc} 108 */ 109 @Override 110 public String toString() { 111 return name; 112 } 113}