• Home
• io.jsonwebtoken
• jjwt-api
• 0.12.2
• source code
• MacAlgorithm.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.jsonwebtoken.security.MacAlgorithm Maven / Gradle / Ivy

/*
 * Copyright © 2022 jsonwebtoken.io
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package io.jsonwebtoken.security;

import io.jsonwebtoken.Identifiable;

import javax.crypto.SecretKey;

/**
 * A {@link SecureDigestAlgorithm} that uses symmetric {@link SecretKey}s to both compute and verify digests as
 * message authentication codes (MACs).
 *
 * 
Standard Identifier
 *
 * 
{@code MacAlgorithm} extends {@link Identifiable}: when a {@code MacAlgorithm} is used to compute the MAC of a
 * JWS, the value returned from {@link Identifiable#getId() macAlgorithm.getId()} will be set as the JWS
 * "alg" protected header value.
 *
 * 
Key Strength
 *
 * 
MAC algorithm strength is in part attributed to how difficult it is to discover the secret key.
 * As such, MAC algorithms usually require keys of a minimum length to ensure the keys are difficult to discover
 * and the algorithm's security properties are maintained.
 *
 * 
The {@code MacAlgorithm} interface extends the {@link KeyLengthSupplier} interface to represent
 * the length in bits (not bytes) a key must have to be used with its implementation.  If you do not want to
 * worry about lengths and parameters of keys required for an algorithm, it is often easier to automatically generate
 * a key that adheres to the algorithms requirements, as discussed below.
 *
 * 
Key Generation
 *
 * 
{@code MacAlgorithm} extends {@link KeyBuilderSupplier} to enable {@link SecretKey} generation.
 * Each {@code MacAlgorithm} algorithm instance will return a {@link KeyBuilder} that ensures any created keys will
 * have a sufficient length and any algorithm parameters required by that algorithm. For example:
 *
 * 
 * SecretKey key = macAlgorithm.key().build();
 *
 * 
The resulting {@code key} is guaranteed to have the correct algorithm parameters and strength/length necessary for
 * that exact {@code MacAlgorithm} instance.
 *
 * 
JWA Standard Implementations
 *
 * 
Constant definitions and utility methods for all JWA (RFC 7518) standard MAC algorithms are
 * available via {@link io.jsonwebtoken.Jwts.SIG Jwts.SIG}.
 *
 * @see io.jsonwebtoken.Jwts.SIG Jwts.SIG
 * @since 0.12.0
 */
public interface MacAlgorithm extends SecureDigestAlgorithm,
        KeyBuilderSupplier, KeyLengthSupplier {
}