1 /*
2 * The contents of this file are subject to the terms of the Common Development and
3 * Distribution License (the License). You may not use this file except in compliance with the
4 * License.
5 *
6 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
7 * specific language governing permission and limitations under the License.
8 *
9 * When distributing Covered Software, include this CDDL Header Notice in each file and include
10 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
11 * Header, with the fields enclosed by brackets [] replaced by your own identifying
12 * information: "Portions copyright [year] [name of copyright owner]".
13 *
14 * Copyright 2013-2017 ForgeRock AS.
15 */
16
17 package org.forgerock.json.jose.jwe;
18
19 import org.forgerock.json.jose.exceptions.JweException;
20 import org.forgerock.json.jose.jwt.Algorithm;
21
22 /**
23 * An Enum of the possible encryption algorithms that can be used to encrypt a JWT.
24 * <p>
25 * @see <a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-11#section-4.1">JWE Algorithms</a>
26 *
27 * @since 2.0.0
28 */
29 public enum JweAlgorithm implements Algorithm {
30
31 /** RSA in ECB mode with PKCS1 Padding. */
32 RSAES_PKCS1_V1_5("RSA1_5", "RSA/ECB/PKCS1Padding", JweAlgorithmType.RSA),
33 /** RSA in ECB mode with OAEP with SHA-1 and MGF1 padding.*/
34 RSA_OAEP("RSA-OAEP", "RSA/ECB/OAEPWithSHA-1AndMGF1Padding", JweAlgorithmType.RSA),
35 /** RSA in ECB mode with OAEP with SHA-256 and MGF1 with SHA-256 padding. */
36 RSA_OAEP_256("RSA-OAEP-256", "RSA/ECB/OAEPWithSHA-256AndMGF1Padding", JweAlgorithmType.RSA),
37 /** Direct encryption with a shared symmetric key. */
38 DIRECT("dir", null, JweAlgorithmType.DIRECT),
39 /** AES-128 KeyWrap. */
40 A128KW("A128KW", "AESWrap", JweAlgorithmType.AES_KEYWRAP),
41 /** AES-192 KeyWrap. */
42 A192KW("A192KW", "AESWrap", JweAlgorithmType.AES_KEYWRAP),
43 /** AES-256 KeyWrap. */
44 A256KW("A256KW", "AESWrap", JweAlgorithmType.AES_KEYWRAP);
45
46 private final String name;
47 private final String transformation;
48 private final JweAlgorithmType algorithmType;
49
50 /**
51 * Constructs a new JweAlgorithm with the Java Cryptographic string name of the algorithm and The JweAlgorithmType
52 * of the algorithm.
53 *
54 * @param name The header name of the algorithm.
55 * @param transformation The Java Cryptographic algorithm name
56 * @param algorithmType The JweAlgorithmType of the JweAlgorithm.
57 */
58 JweAlgorithm(String name, String transformation, JweAlgorithmType algorithmType) {
59 this.name = name;
60 this.transformation = transformation;
61 this.algorithmType = algorithmType;
62 }
63
64 @Override
65 public String getAlgorithm() {
66 return transformation;
67 }
68
69 @Override
70 public String getJwaAlgorithmName() {
71 return name;
72 }
73
74 /**
75 * Gets the JweAlgorithmType of the JweAlgorithm.
76 *
77 * @return The JweAlgorithmType.
78 */
79 public JweAlgorithmType getAlgorithmType() {
80 return algorithmType;
81 }
82
83 /**
84 * Parses the given algorithm string to find the matching EncryptionMethod enum constant.
85 *
86 * @param algorithm The encryption algorithm.
87 * @return The JweAlgorithm enum.
88 */
89 public static JweAlgorithm parseAlgorithm(String algorithm) {
90 for (JweAlgorithm alg : JweAlgorithm.values()) {
91 if (alg.name.equals(algorithm)) {
92 return alg;
93 }
94 }
95 // Compatibility fix: previous version of that library used to issue a wrong
96 // (non-standard) algorithm name. When reconstructing old JWTs, we have to recognize
97 // these old values ('RSAES_PKCS1_V1_5')
98 if (RSAES_PKCS1_V1_5.name().equals(algorithm)) {
99 return RSAES_PKCS1_V1_5;
100 }
101 throw new JweException("Unknown Encryption Algorithm, " + algorithm);
102 }
103
104 /**
105 * Turns the JweAlgorithm constant into a JSON value string.
106 *
107 * @return {@inheritDoc}
108 */
109 @Override
110 public String toString() {
111 return name;
112 }
113 }