Package com.amazonaws.encryptionsdk

Enum CryptoAlgorithm

java.lang.Object
java.lang.Enum<CryptoAlgorithm>
com.amazonaws.encryptionsdk.CryptoAlgorithm
All Implemented Interfaces:
Serializable, Comparable<CryptoAlgorithm>, java.lang.constant.Constable
public enum CryptoAlgorithm extends Enum<CryptoAlgorithm>
Describes the cryptographic algorithms available for use in this library.

Format: CryptoAlgorithm(block size, nonce length, tag length, max content length, key algo, key length, short value representing this algorithm, trailing signature alg, trailing signature length)

  • Enum Constant Details

    • ALG_AES_128_GCM_IV12_TAG16_NO_KDF

      public static final CryptoAlgorithm ALG_AES_128_GCM_IV12_TAG16_NO_KDF
      AES-GCM 128

    • ALG_AES_192_GCM_IV12_TAG16_NO_KDF

      public static final CryptoAlgorithm ALG_AES_192_GCM_IV12_TAG16_NO_KDF
      AES-GCM 192

    • ALG_AES_256_GCM_IV12_TAG16_NO_KDF

      public static final CryptoAlgorithm ALG_AES_256_GCM_IV12_TAG16_NO_KDF
      AES-GCM 256

    • ALG_AES_128_GCM_IV12_TAG16_HKDF_SHA256

      public static final CryptoAlgorithm ALG_AES_128_GCM_IV12_TAG16_HKDF_SHA256
      AES-GCM 128 with HKDF-SHA256

    • ALG_AES_192_GCM_IV12_TAG16_HKDF_SHA256

      public static final CryptoAlgorithm ALG_AES_192_GCM_IV12_TAG16_HKDF_SHA256
      AES-GCM 192

    • ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA256

      public static final CryptoAlgorithm ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA256
      AES-GCM 256

    • ALG_AES_128_GCM_IV12_TAG16_HKDF_SHA256_ECDSA_P256

      public static final CryptoAlgorithm ALG_AES_128_GCM_IV12_TAG16_HKDF_SHA256_ECDSA_P256
      AES-GCM 128 with ECDSA (SHA256 with the secp256r1 curve)

    • ALG_AES_192_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384

      public static final CryptoAlgorithm ALG_AES_192_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384
      AES-GCM 192 with ECDSA (SHA384 with the secp384r1 curve)

    • ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384

      public static final CryptoAlgorithm ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384
      AES-GCM 256 with ECDSA (SHA384 with the secp384r1 curve)

    • ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY

      public static final CryptoAlgorithm ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY
      AES-GCM 256 with key commitment Note: 1.7.0 of this library only supports decryption of using this crypto algorithm and does not support encryption with this algorithm

    • ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY_ECDSA_P384

      public static final CryptoAlgorithm ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY_ECDSA_P384
      AES-GCM 256 with ECDSA (SHA384 with the secp384r1 curve) and key commitment Note: 1.7.0 of this library only supports decryption of using this crypto algorithm and does not support encryption with this algorithm

  • Method Details

    • values

      public static CryptoAlgorithm[] values()
      Returns an array containing the constants of this enum type, in the order they are declared.
      Returns:
      an array containing the constants of this enum type, in the order they are declared

    • valueOf

      public static CryptoAlgorithm valueOf(String name)
      Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)
      Parameters:
      name - the name of the enum constant to be returned.
      Returns:
      the enum constant with the specified name
      Throws:
      IllegalArgumentException - if this enum type has no constant with the specified name
      NullPointerException - if the argument is null

    • deserialize

      public static CryptoAlgorithm deserialize(byte messageFormatVersion, short value)
      Deprecated.
      See deserialize(byte, short)
      Returns the CryptoAlgorithm object that matches the given value assuming a message format version of 1.
      Parameters:
      value - the value of the object
      Returns:
      the CryptoAlgorithm object that matches the given value, null if no match is found.

    • getMessageIdLength

      public int getMessageIdLength()
      Returns the length of the message Id in the header for this algorithm.

    • getHeaderNonce

      public byte[] getHeaderNonce()
      Returns the header nonce to use with this algorithm. null indicates that the header nonce is not a parameter of the algorithm, and is instead stored as part of the message header.

    • getMessageFormatVersion

      public byte getMessageFormatVersion()
      Returns the message format version associated with this algorithm suite.

    • getBlockSize

      public int getBlockSize()
      Returns the block size of this algorithm in bytes.

    • getNonceLen

      public byte getNonceLen()
      Returns the nonce length used in this algorithm in bytes.

    • getTagLen

      public int getTagLen()
      Returns the tag length used in this algorithm in bytes.

    • getMaxContentLen

      public long getMaxContentLen()
      Returns the maximum content length in bytes that can be processed under a single data key in this algorithm.

    • getKeyAlgo

      public String getKeyAlgo()
      Returns the algorithm used for encrypting the plaintext data.

    • getKeyLength

      public int getKeyLength()
      Returns the length of the key used in this algorithm in bytes.

    • getValue

      public short getValue()
      Returns the value used to encode this algorithm in the ciphertext.

    • getDataKeyAlgo

      public String getDataKeyAlgo()
      Returns the algorithm associated with the data key.

    • getDataKeyLength

      public int getDataKeyLength()
      Returns the length of the data key in bytes.

    • getTrailingSignatureAlgo

      public String getTrailingSignatureAlgo()
      Returns the algorithm used to calculate the trailing signature

    • isSafeToCache

      public boolean isSafeToCache()
      Returns whether data keys used with this crypto algorithm can safely be cached and reused for a different message. If this returns false, reuse of data keys is likely to result in severe cryptographic weaknesses, potentially even with only a single such use.

    • getTrailingSignatureLength

      public short getTrailingSignatureLength()
      Returns the length of the trailing signature generated by this algorithm. The actual trailing signature may be shorter than this.

    • getKeyCommitmentAlgo_

      public String getKeyCommitmentAlgo_()

    • isCommitting

      public boolean isCommitting()
      Returns a derived value of whether a commitment value is generated with the key in order to ensure key commitment.

    • getCommitmentLength

      public int getCommitmentLength()

    • getCommitmentNonceLength

      public int getCommitmentNonceLength()

    • getSuiteDataLength

      public int getSuiteDataLength()

    • getEncryptionKeyFromDataKey

      public SecretKey getEncryptionKeyFromDataKey(SecretKey dataKey, CiphertextHeaders headers) throws InvalidKeyException
      Throws:
      InvalidKeyException