com.nimbusds.jose.JWSAlgorithm Maven / Gradle / Ivy
Show all versions of nimbus-jose-jwt Show documentation
/*
* nimbus-jose-jwt
*
* Copyright 2012-2016, Connect2id Ltd.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use
* this file except in compliance with the License. You may obtain a copy of the
* License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software distributed
* under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the
* specific language governing permissions and limitations under the License.
*/
package com.nimbusds.jose;
import com.nimbusds.jose.util.ArrayUtils;
import net.jcip.annotations.Immutable;
/**
* JSON Web Signature (JWS) algorithm name, represents the {@code alg} header
* parameter in JWS objects. Also used to represent integrity algorithm
* ({@code ia}) header parameters in JWE objects. This class is immutable.
*
* Includes constants for the following standard JWS algorithm names:
*
*
* - {@link #HS256}
*
- {@link #HS384}
*
- {@link #HS512}
*
- {@link #RS256}
*
- {@link #RS384}
*
- {@link #RS512}
*
- {@link #ES256}
*
- {@link #ES256K}
*
- {@link #ES384}
*
- {@link #ES512}
*
- {@link #PS256}
*
- {@link #PS384}
*
- {@link #PS512}
*
- {@link #EdDSA}
*
- {@link #Ed25519}
*
- {@link #Ed448}
*
*
* Additional JWS algorithm names can be defined using the constructors.
*
* @author Vladimir Dzhuvinov
* @author Aleksei Doroganov
* @version 2024-05-07
*/
@Immutable
public final class JWSAlgorithm extends Algorithm {
private static final long serialVersionUID = 1L;
/**
* HMAC using SHA-256 hash algorithm (required).
*/
public static final JWSAlgorithm HS256 = new JWSAlgorithm("HS256", Requirement.REQUIRED);
/**
* HMAC using SHA-384 hash algorithm (optional).
*/
public static final JWSAlgorithm HS384 = new JWSAlgorithm("HS384", Requirement.OPTIONAL);
/**
* HMAC using SHA-512 hash algorithm (optional).
*/
public static final JWSAlgorithm HS512 = new JWSAlgorithm("HS512", Requirement.OPTIONAL);
/**
* RSASSA-PKCS-v1_5 using SHA-256 hash algorithm (recommended).
*/
public static final JWSAlgorithm RS256 = new JWSAlgorithm("RS256", Requirement.RECOMMENDED);
/**
* RSASSA-PKCS-v1_5 using SHA-384 hash algorithm (optional).
*/
public static final JWSAlgorithm RS384 = new JWSAlgorithm("RS384", Requirement.OPTIONAL);
/**
* RSASSA-PKCS-v1_5 using SHA-512 hash algorithm (optional).
*/
public static final JWSAlgorithm RS512 = new JWSAlgorithm("RS512", Requirement.OPTIONAL);
/**
* ECDSA using P-256 (secp256r1) curve and SHA-256 hash algorithm
* (recommended).
*/
public static final JWSAlgorithm ES256 = new JWSAlgorithm("ES256", Requirement.RECOMMENDED);
/**
* ECDSA using P-256K (secp256k1) curve and SHA-256 hash algorithm
* (optional).
*/
public static final JWSAlgorithm ES256K = new JWSAlgorithm("ES256K", Requirement.OPTIONAL);
/**
* ECDSA using P-384 curve and SHA-384 hash algorithm (optional).
*/
public static final JWSAlgorithm ES384 = new JWSAlgorithm("ES384", Requirement.OPTIONAL);
/**
* ECDSA using P-521 curve and SHA-512 hash algorithm (optional).
*/
public static final JWSAlgorithm ES512 = new JWSAlgorithm("ES512", Requirement.OPTIONAL);
/**
* RSASSA-PSS using SHA-256 hash algorithm and MGF1 mask generation
* function with SHA-256 (optional).
*/
public static final JWSAlgorithm PS256 = new JWSAlgorithm("PS256", Requirement.OPTIONAL);
/**
* RSASSA-PSS using SHA-384 hash algorithm and MGF1 mask generation
* function with SHA-384 (optional).
*/
public static final JWSAlgorithm PS384 = new JWSAlgorithm("PS384", Requirement.OPTIONAL);
/**
* RSASSA-PSS using SHA-512 hash algorithm and MGF1 mask generation
* function with SHA-512 (optional).
*/
public static final JWSAlgorithm PS512 = new JWSAlgorithm("PS512", Requirement.OPTIONAL);
/**
* EdDSA signature algorithms (optional).
*/
public static final JWSAlgorithm EdDSA = new JWSAlgorithm("EdDSA", Requirement.OPTIONAL);
/**
* EdDSA signature algorithms using Ed25519 curve (optional).
*/
public static final JWSAlgorithm Ed25519 = new JWSAlgorithm("Ed25519", Requirement.OPTIONAL);
/**
* EdDSA signature algorithms using Ed448 curve (optional).
*/
public static final JWSAlgorithm Ed448 = new JWSAlgorithm("Ed448", Requirement.OPTIONAL);
/**
* JWS algorithm family.
*/
public static final class Family extends AlgorithmFamily {
private static final long serialVersionUID = 1L;
/**
* HMAC using a SHA-2 hash.
*/
public static final Family HMAC_SHA = new Family(HS256, HS384, HS512);
/**
* RSA signature (RSASSA-PKCS-v1_5 or RSASSA-PSS) using a SHA-2
* hash.
*/
public static final Family RSA = new Family(RS256, RS384, RS512, PS256, PS384, PS512);
/**
* Elliptic Curve signature (ECDSA) using a SHA-2 hash.
*/
public static final Family EC = new Family(ES256, ES256K, ES384, ES512);
/**
* Edwards Curve signature (EdDSA).
*/
public static final Family ED = new Family(EdDSA, Ed25519, Ed448);
/**
* Super family of all digital signature based JWS algorithms.
*/
public static final Family SIGNATURE = new Family(ArrayUtils
.concat(
RSA.toArray(new JWSAlgorithm[]{}),
EC.toArray(new JWSAlgorithm[]{}),
ED.toArray(new JWSAlgorithm[]{})
)
);
/***
* Creates a new JWS algorithm family.
*
* @param algs The JWS algorithms of the family. Must not be
* {@code null}.
*/
public Family(final JWSAlgorithm ... algs) {
super(algs);
}
}
/**
* Creates a new JSON Web Signature (JWS) algorithm name.
*
* @param name The algorithm name. Must not be {@code null}.
* @param req The implementation requirement, {@code null} if not
* known.
*/
public JWSAlgorithm(final String name, final Requirement req) {
super(name, req);
}
/**
* Creates a new JSON Web Signature (JWS) algorithm name.
*
* @param name The algorithm name. Must not be {@code null}.
*/
public JWSAlgorithm(final String name) {
super(name, null);
}
/**
* Parses a JWS algorithm from the specified string.
*
* @param s The string to parse. Must not be {@code null}.
*
* @return The JWS algorithm (matching standard algorithm constant, else
* a newly created algorithm).
*/
public static JWSAlgorithm parse(final String s) {
if (s.equals(HS256.getName())) {
return HS256;
} else if (s.equals(HS384.getName())) {
return HS384;
} else if (s.equals(HS512.getName())) {
return HS512;
} else if (s.equals(RS256.getName())) {
return RS256;
} else if (s.equals(RS384.getName())) {
return RS384;
} else if (s.equals(RS512.getName())) {
return RS512;
} else if (s.equals(ES256.getName())) {
return ES256;
} else if (s.equals(ES256K.getName())) {
return ES256K;
} else if (s.equals(ES384.getName())) {
return ES384;
} else if (s.equals(ES512.getName())) {
return ES512;
} else if (s.equals(PS256.getName())) {
return PS256;
} else if (s.equals(PS384.getName())) {
return PS384;
} else if (s.equals(PS512.getName())) {
return PS512;
} else if (s.equals(EdDSA.getName())) {
return EdDSA;
} else if (s.equals(Ed25519.getName())) {
return Ed25519;
} else if (s.equals(Ed448.getName())) {
return Ed448;
} else {
return new JWSAlgorithm(s);
}
}
}