View Javadoc

1   package com.atlassian.asap.api;
2   
3   import static com.atlassian.asap.api.AlgorithmType.ECDSA;
4   import static com.atlassian.asap.api.AlgorithmType.RSA;
5   import static com.atlassian.asap.api.AlgorithmType.RSASSA_PSS;
6   
7   /**
8    * An enumeration of asymmetric JWS algorithms. Values must match the names used in the JWT 'alg' header. Valid values
9    * are specified by <a href="https://tools.ietf.org/html/rfc7518">JSON Web Algorithms</a>.
10   */
11  public enum SigningAlgorithm {
12      RS256(RSA, 256), RS384(RSA, 384), RS512(RSA, 512),
13      ES256(ECDSA, 256), ES384(ECDSA, 384), ES512(ECDSA, 512),
14      PS256(RSASSA_PSS, 256), PS384(RSASSA_PSS, 384), PS512(RSASSA_PSS, 512);
15      // Do NOT add here symmetric JWS algorithms (like HS256) because the security of the ASAP protocol depends on the
16      // use of asymmetric keys, which allow the key used for signing the token to remain a secret.
17  
18      private final AlgorithmType type;
19      private final int hashSize;
20  
21      SigningAlgorithm(AlgorithmType type, int hashSize) {
22          this.type = type;
23          this.hashSize = hashSize;
24      }
25  
26      public AlgorithmType type() {
27          return type;
28      }
29  
30      public int hashSize() {
31          return hashSize;
32      }
33  }