EncryptionAlgorithm Property
The key encryption algorithm.
Syntax
public var encryptionAlgorithm: JweEncryptionAlgorithms {
get {...}
set {...} }
public enum JweEncryptionAlgorithms: Int32 { case eaRSA1_5 = 0 case eaRSA_OAEP = 1 case eaRSA_OAEP_256 = 2 case eaA128KW = 3 case eaA192KW = 4 case eaA256KW = 5 case eaDir = 6 case eaECDH_ES = 7 case eaECDH_ES_A128KW = 8 case eaECDH_ES_A192KW = 9 case eaECDH_ES_A256KW = 10 case eaA128GCMKW = 11 case eaA192GCMKW = 12 case eaA256GCMKW = 13 case eaPBES2_HS256_A128KW = 14 case eaPBES2_HS384_A192KW = 15 case eaPBES2_HS512_A256KW = 16 }
Default Value
0
Remarks
This property specifies the algorithm used to encrypt the randomly generated content encryption key.
When using an AES algorithm Key must be specified. When using an RSA or ECDH algorithm Certificate must be specified. When using a PBES algorithm KeyPassword must be specified;. Possible values are:
Algorithm | Description | Key Location |
0 (eaRSA1_5 - default) | RSAES-PKCS1-v1_5 | Certificate |
1 (eaRSA_OAEP) | RSAES OAEP using default parameters | Certificate |
2 (eaRSA_OAEP_256) | RSAES OAEP using SHA-256 and MGF1 with SHA-256 | Certificate |
3 (eaA128KW) | AES Key Wrap with default initial using 128-bit key | Key |
4 (eaA192KW) | AES Key Wrap with default initial using 192-bit key | Key |
5 (eaA256KW) | AES Key Wrap with default initial using 256-bit key | Key |
6 (eaDir) | Direct use of a shared symmetric key as the CEK | Key |
7 (eaECDH_ES) | Elliptic Curve Ephemeral Static key agreement using Concat KDF | Certificate |
8 (eaECDH_ES_A128KW) | ECDH-ES using Concat KDF and CEK wrapped with A128KW | Certificate |
9 (eaECDH_ES_A192KW) | ECDH-ES using Concat KDF and CEK wrapped with A192KW | Certificate |
10 (eaECDH_ES_A256KW) | ECDH-ES using Concat KDF and CEK wrapped with A256KW | Certificate |
11 (eaA128GCMKW) | Key wrapping with AES GCM using 128-bit key | Key |
12 (eaA192GCMKW) | Key wrapping with AES GCM using 192-bit key | Key |
13 (eaA256GCMKW) | Key wrapping with AES GCM using 256-bit key | Key |
14 (eaPBES2_HS256_A128KW) | PBES2 with HMAC SHA-256 and A128KW | KeyPassword |
15 (eaPBES2_HS384_A192KW) | PBES2 with HMAC SHA-384 and A192KW | KeyPassword |
16 (eaPBES2_HS512_A256KW) | PBES2 with HMAC SHA-512 and A256KW | KeyPassword |
When set to an ECDH algorithm the following settings are also applicable:
When set to a PBES algorithm the following settings are also applicable: