com.amazonaws.encryptionsdk

Enum CryptoAlgorithm

java.lang.Object

java.lang.Enum<CryptoAlgorithm>

com.amazonaws.encryptionsdk.CryptoAlgorithm

All Implemented Interfaces:

Serializable, Comparable<CryptoAlgorithm>

public enum CryptoAlgorithm
extends Enum<CryptoAlgorithm>

Describes the cryptographic algorithms available for use in this library.

Format: CryptoAlgorithm(block size, nonce length, tag length, max content length, key algo, key length, short value representing this algorithm, trailing signature alg, trailing signature length)

Enum Constant Summary

Enum Constants

Enum Constant and Description
ALG_AES_128_GCM_IV12_TAG16_HKDF_SHA256 AES-GCM 128 with HKDF-SHA256
ALG_AES_128_GCM_IV12_TAG16_HKDF_SHA256_ECDSA_P256 AES-GCM 128 with ECDSA (SHA256 with the secp256r1 curve)
ALG_AES_128_GCM_IV12_TAG16_NO_KDF AES-GCM 128
ALG_AES_192_GCM_IV12_TAG16_HKDF_SHA256 AES-GCM 192
ALG_AES_192_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384 AES-GCM 192 with ECDSA (SHA384 with the secp384r1 curve)
ALG_AES_192_GCM_IV12_TAG16_NO_KDF AES-GCM 192
ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY AES-GCM 256 with key commitment Note: 1.7.0 of this library only supports decryption of using this crypto algorithm and does not support encryption with this algorithm
ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY_ECDSA_P384 AES-GCM 256 with ECDSA (SHA384 with the secp384r1 curve) and key commitment Note: 1.7.0 of this library only supports decryption of using this crypto algorithm and does not support encryption with this algorithm
ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA256 AES-GCM 256
ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384 AES-GCM 256 with ECDSA (SHA384 with the secp384r1 curve)
ALG_AES_256_GCM_IV12_TAG16_NO_KDF AES-GCM 256

Method Summary

Modifier and Type	Method and Description
static CryptoAlgorithm	deserialize(byte messageFormatVersion, short value) Deprecated. See deserialize(byte, short)
int	getBlockSize() Returns the block size of this algorithm in bytes.
int	getCommitmentLength()
int	getCommitmentNonceLength()
String	getDataKeyAlgo() Returns the algorithm associated with the data key.
int	getDataKeyLength() Returns the length of the data key in bytes.
SecretKey	getEncryptionKeyFromDataKey(SecretKey dataKey, CiphertextHeaders headers)
byte[]	getHeaderNonce() Returns the header nonce to use with this algorithm.
String	getKeyAlgo() Returns the algorithm used for encrypting the plaintext data.
String	getKeyCommitmentAlgo_()
int	getKeyLength() Returns the length of the key used in this algorithm in bytes.
long	getMaxContentLen() Returns the maximum content length in bytes that can be processed under a single data key in this algorithm.
byte	getMessageFormatVersion() Returns the message format version associated with this algorithm suite.
int	getMessageIdLength() Returns the length of the message Id in the header for this algorithm.
byte	getNonceLen() Returns the nonce length used in this algorithm in bytes.
int	getSuiteDataLength()
int	getTagLen() Returns the tag length used in this algorithm in bytes.
String	getTrailingSignatureAlgo() Returns the algorithm used to calculate the trailing signature
short	getTrailingSignatureLength() Returns the length of the trailing signature generated by this algorithm.
short	getValue() Returns the value used to encode this algorithm in the ciphertext.
boolean	isCommitting() Returns a derived value of whether a commitment value is generated with the key in order to ensure key commitment.
boolean	isSafeToCache() Returns whether data keys used with this crypto algorithm can safely be cached and reused for a different message.
static CryptoAlgorithm	valueOf(String name) Returns the enum constant of this type with the specified name.
static CryptoAlgorithm[]	values() Returns an array containing the constants of this enum type, in the order they are declared.

Methods inherited from class java.lang.Enum

clone, compareTo, equals, finalize, getDeclaringClass, hashCode, name, ordinal, toString, valueOf

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Enum Constant Detail

ALG_AES_128_GCM_IV12_TAG16_NO_KDF

public static final CryptoAlgorithm ALG_AES_128_GCM_IV12_TAG16_NO_KDF

AES-GCM 128

ALG_AES_192_GCM_IV12_TAG16_NO_KDF

public static final CryptoAlgorithm ALG_AES_192_GCM_IV12_TAG16_NO_KDF

AES-GCM 192

ALG_AES_256_GCM_IV12_TAG16_NO_KDF

public static final CryptoAlgorithm ALG_AES_256_GCM_IV12_TAG16_NO_KDF

AES-GCM 256

ALG_AES_128_GCM_IV12_TAG16_HKDF_SHA256

public static final CryptoAlgorithm ALG_AES_128_GCM_IV12_TAG16_HKDF_SHA256

AES-GCM 128 with HKDF-SHA256

ALG_AES_192_GCM_IV12_TAG16_HKDF_SHA256

public static final CryptoAlgorithm ALG_AES_192_GCM_IV12_TAG16_HKDF_SHA256

AES-GCM 192

ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA256

public static final CryptoAlgorithm ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA256

AES-GCM 256

ALG_AES_128_GCM_IV12_TAG16_HKDF_SHA256_ECDSA_P256

public static final CryptoAlgorithm ALG_AES_128_GCM_IV12_TAG16_HKDF_SHA256_ECDSA_P256

AES-GCM 128 with ECDSA (SHA256 with the secp256r1 curve)

ALG_AES_192_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384

public static final CryptoAlgorithm ALG_AES_192_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384

AES-GCM 192 with ECDSA (SHA384 with the secp384r1 curve)

ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384

public static final CryptoAlgorithm ALG_AES_256_GCM_IV12_TAG16_HKDF_SHA384_ECDSA_P384

AES-GCM 256 with ECDSA (SHA384 with the secp384r1 curve)

ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY

public static final CryptoAlgorithm ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY

AES-GCM 256 with key commitment Note: 1.7.0 of this library only supports decryption of using this crypto algorithm and does not support encryption with this algorithm

ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY_ECDSA_P384

public static final CryptoAlgorithm ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY_ECDSA_P384

AES-GCM 256 with ECDSA (SHA384 with the secp384r1 curve) and key commitment Note: 1.7.0 of this library only supports decryption of using this crypto algorithm and does not support encryption with this algorithm

Method Detail

values

public static CryptoAlgorithm[] values()

Returns an array containing the constants of this enum type, in the order they are declared. This method may be used to iterate over the constants as follows:

for (CryptoAlgorithm c : CryptoAlgorithm.values())
    System.out.println(c);

Returns:

an array containing the constants of this enum type, in the order they are declared

valueOf

public static CryptoAlgorithm valueOf(String name)

Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)

Parameters:

name - the name of the enum constant to be returned.

Returns:

the enum constant with the specified name

Throws:

IllegalArgumentException - if this enum type has no constant with the specified name

NullPointerException - if the argument is null

deserialize

public static CryptoAlgorithm deserialize(byte messageFormatVersion,
                                          short value)

Deprecated. See deserialize(byte, short)

Returns the CryptoAlgorithm object that matches the given value assuming a message format version of 1.

Parameters:

value - the value of the object

Returns:

the CryptoAlgorithm object that matches the given value, null if no match is found.

getMessageIdLength

public int getMessageIdLength()

Returns the length of the message Id in the header for this algorithm.

getHeaderNonce

public byte[] getHeaderNonce()

Returns the header nonce to use with this algorithm. null indicates that the header nonce is not a parameter of the algorithm, and is instead stored as part of the message header.

getMessageFormatVersion

public byte getMessageFormatVersion()

Returns the message format version associated with this algorithm suite.

getBlockSize

public int getBlockSize()

Returns the block size of this algorithm in bytes.

getNonceLen

public byte getNonceLen()

Returns the nonce length used in this algorithm in bytes.

getTagLen

public int getTagLen()

Returns the tag length used in this algorithm in bytes.

getMaxContentLen

public long getMaxContentLen()

Returns the maximum content length in bytes that can be processed under a single data key in this algorithm.

getKeyAlgo

public String getKeyAlgo()

Returns the algorithm used for encrypting the plaintext data.

getKeyLength

public int getKeyLength()

Returns the length of the key used in this algorithm in bytes.

getValue

public short getValue()

Returns the value used to encode this algorithm in the ciphertext.

getDataKeyAlgo

public String getDataKeyAlgo()

Returns the algorithm associated with the data key.

getDataKeyLength

public int getDataKeyLength()

Returns the length of the data key in bytes.

getTrailingSignatureAlgo

public String getTrailingSignatureAlgo()

Returns the algorithm used to calculate the trailing signature

isSafeToCache

public boolean isSafeToCache()

Returns whether data keys used with this crypto algorithm can safely be cached and reused for a different message. If this returns false, reuse of data keys is likely to result in severe cryptographic weaknesses, potentially even with only a single such use.

getTrailingSignatureLength

public short getTrailingSignatureLength()

Returns the length of the trailing signature generated by this algorithm. The actual trailing signature may be shorter than this.

getKeyCommitmentAlgo_

public String getKeyCommitmentAlgo_()

isCommitting

public boolean isCommitting()

Returns a derived value of whether a commitment value is generated with the key in order to ensure key commitment.

getCommitmentLength

public int getCommitmentLength()

getCommitmentNonceLength

public int getCommitmentNonceLength()

getSuiteDataLength

public int getSuiteDataLength()

getEncryptionKeyFromDataKey

public SecretKey getEncryptionKeyFromDataKey(SecretKey dataKey,
                                             CiphertextHeaders headers)
                                      throws InvalidKeyException

Throws:

InvalidKeyException