Java tutorial
/* * Licensed to the Apache Software Foundation (ASF) under one or more * contributor license agreements. See the NOTICE file distributed with * this work for additional information regarding copyright ownership. * The ASF licenses this file to You under the Apache License, Version 2.0 * (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.apache.nifi.security.util; import org.apache.commons.lang3.builder.ToStringBuilder; import org.apache.commons.lang3.builder.ToStringStyle; /** * Enumeration capturing essential information about the various encryption * methods that might be supported. * */ public enum EncryptionMethod { MD5_128AES("PBEWITHMD5AND128BITAES-CBC-OPENSSL", "BC", false, false), MD5_192AES( "PBEWITHMD5AND192BITAES-CBC-OPENSSL", "BC", true, false), MD5_256AES("PBEWITHMD5AND256BITAES-CBC-OPENSSL", "BC", true, false), MD5_DES("PBEWITHMD5ANDDES", "BC", false, false), MD5_RC2("PBEWITHMD5ANDRC2", "BC", false, false), SHA1_RC2("PBEWITHSHA1ANDRC2", "BC", false, false), SHA1_DES("PBEWITHSHA1ANDDES", "BC", false, false), SHA_128AES( "PBEWITHSHAAND128BITAES-CBC-BC", "BC", false, false), SHA_192AES("PBEWITHSHAAND192BITAES-CBC-BC", "BC", true, false), SHA_256AES("PBEWITHSHAAND256BITAES-CBC-BC", "BC", true, false), SHA_40RC2("PBEWITHSHAAND40BITRC2-CBC", "BC", false, false), SHA_128RC2("PBEWITHSHAAND128BITRC2-CBC", "BC", false, false), SHA_40RC4("PBEWITHSHAAND40BITRC4", "BC", false, false), SHA_128RC4( "PBEWITHSHAAND128BITRC4", "BC", false, false), SHA256_128AES( "PBEWITHSHA256AND128BITAES-CBC-BC", "BC", false, false), SHA256_192AES( "PBEWITHSHA256AND192BITAES-CBC-BC", "BC", true, false), SHA256_256AES( "PBEWITHSHA256AND256BITAES-CBC-BC", "BC", true, false), SHA_2KEYTRIPLEDES( "PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "BC", false, false), SHA_3KEYTRIPLEDES( "PBEWITHSHAAND3-KEYTRIPLEDES-CBC", "BC", false, false), SHA_TWOFISH( "PBEWITHSHAANDTWOFISH-CBC", "BC", false, false), PGP( "PGP", "BC", false, false), PGP_ASCII_ARMOR( "PGP-ASCII-ARMOR", "BC", false, false), // New encryption methods which used keyed encryption AES_CBC("AES/CBC/PKCS7Padding", "BC", false, true), AES_CTR("AES/CTR/NoPadding", "BC", false, true), AES_GCM("AES/GCM/NoPadding", "BC", false, true); private final String algorithm; private final String provider; private final boolean unlimitedStrength; private final boolean compatibleWithStrongKDFs; EncryptionMethod(String algorithm, String provider, boolean unlimitedStrength, boolean compatibleWithStrongKDFs) { this.algorithm = algorithm; this.provider = provider; this.unlimitedStrength = unlimitedStrength; this.compatibleWithStrongKDFs = compatibleWithStrongKDFs; } public String getProvider() { return provider; } public String getAlgorithm() { return algorithm; } /** * @return true if algorithm requires unlimited strength policies */ public boolean isUnlimitedStrength() { return unlimitedStrength; } /** * @return true if algorithm is compatible with strong {@link KeyDerivationFunction}s */ public boolean isCompatibleWithStrongKDFs() { return compatibleWithStrongKDFs; } /** * @return true if this algorithm does not rely on its own internal key derivation process */ public boolean isKeyedCipher() { return !algorithm.startsWith("PBE") && !algorithm.startsWith("PGP"); } @Override public String toString() { final ToStringBuilder builder = new ToStringBuilder(this); ToStringBuilder.setDefaultStyle(ToStringStyle.SHORT_PREFIX_STYLE); builder.append("Algorithm name", algorithm); builder.append("Requires unlimited strength JCE policy", unlimitedStrength); builder.append("Algorithm Provider", provider); builder.append("Compatible with strong KDFs", compatibleWithStrongKDFs); builder.append("Keyed cipher", isKeyedCipher()); return builder.toString(); } }