Package com.nimbusds.jose.crypto.impl

Class MACProvider

java.lang.Object

com.nimbusds.jose.crypto.impl.BaseJWSProvider

com.nimbusds.jose.crypto.impl.MACProvider

All Implemented Interfaces:

JCAAware<JCAContext>, JOSEProvider, JWSProvider

Direct Known Subclasses:

MACSigner, MACVerifier

public abstract class MACProvider
extends BaseJWSProvider

The base abstract class for Message Authentication Code (MAC) signers and verifiers of JWS objects.

Supports the following algorithms:

• JWSAlgorithm.HS256
• JWSAlgorithm.HS384
• JWSAlgorithm.HS512

Version:

2019-09-14

Author:

Vladimir Dzhuvinov, Ulrich Winter

Field Summary

Fields

Modifier and Type	Field	Description
static final Set<JWSAlgorithm>	SUPPORTED_ALGORITHMS	The supported JWS algorithms by the MAC provider class.

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	MACProvider(byte[] secret, Set<JWSAlgorithm> supportedAlgs)	Creates a new Message Authentication (MAC) provider.
protected	MACProvider(SecretKey secretKey, Set<JWSAlgorithm> supportedAlgs)	Creates a new Message Authentication (MAC) provider.

Method Summary

Modifier and Type	Method	Description
protected static String	getJCAAlgorithmName(JWSAlgorithm alg)	Gets the matching Java Cryptography Architecture (JCA) algorithm name for the specified HMAC-based JSON Web Algorithm (JWA).
byte[]	getSecret()	Gets the secret bytes.
SecretKey	getSecretKey()	Gets the secret key.
String	getSecretString()	Gets the secret as a UTF-8 encoded string.

Methods inherited from class com.nimbusds.jose.crypto.impl.BaseJWSProvider

getJCAContext, supportedJWSAlgorithms

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

SUPPORTED_ALGORITHMS

public static final Set<JWSAlgorithm> SUPPORTED_ALGORITHMS

The supported JWS algorithms by the MAC provider class.

Constructor Details

MACProvider

protected MACProvider(byte[] secret,
 Set<JWSAlgorithm> supportedAlgs)
               throws KeyLengthException

Creates a new Message Authentication (MAC) provider.

Parameters:

secret - The secret. Must be at least 256 bits long and not null.

supportedAlgs - The supported HMAC algorithms. Must not be null.

Throws:

KeyLengthException - If the secret length is shorter than the minimum 256-bit requirement.

MACProvider

protected MACProvider(SecretKey secretKey,
 Set<JWSAlgorithm> supportedAlgs)
               throws KeyLengthException

Creates a new Message Authentication (MAC) provider.

Parameters:

secretKey - The secret key. Must be at least 256 bits long and not null.

supportedAlgs - The supported HMAC algorithms. Must not be null.

Throws:

KeyLengthException - If the secret length is shorter than the minimum 256-bit requirement.

Method Details

getJCAAlgorithmName

protected static String getJCAAlgorithmName(JWSAlgorithm alg)
                                     throws JOSEException

Gets the matching Java Cryptography Architecture (JCA) algorithm name for the specified HMAC-based JSON Web Algorithm (JWA).

Parameters:

alg - The JSON Web Algorithm (JWA). Must be supported and not null.

Returns:

The matching JCA algorithm name.

Throws:

JOSEException - If the algorithm is not supported.

getSecretKey

public SecretKey getSecretKey()

Gets the secret key.

Returns:

The secret key.

getSecret

public byte[] getSecret()

Gets the secret bytes.

Returns:

The secret bytes, null if this provider was constructed with a SecretKey that doesn't expose the key material.

getSecretString

public String getSecretString()

Gets the secret as a UTF-8 encoded string.

Returns:

The secret as a UTF-8 encoded string, null if this provider was constructed with a SecretKey that doesn't expose the key material.