All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.jsonwebtoken.security.MacAlgorithm Maven / Gradle / Ivy

There is a newer version: 0.12.6
Show newest version
/*
 * Copyright © 2022 jsonwebtoken.io
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package io.jsonwebtoken.security;

import io.jsonwebtoken.Identifiable;

import javax.crypto.SecretKey;

/**
 * A {@link SecureDigestAlgorithm} that uses symmetric {@link SecretKey}s to both compute and verify digests as
 * message authentication codes (MACs).
 *
 * 

Standard Identifier

* *

{@code MacAlgorithm} extends {@link Identifiable}: when a {@code MacAlgorithm} is used to compute the MAC of a * JWS, the value returned from {@link Identifiable#getId() macAlgorithm.getId()} will be set as the JWS * "alg" protected header value.

* *

Key Strength

* *

MAC algorithm strength is in part attributed to how difficult it is to discover the secret key. * As such, MAC algorithms usually require keys of a minimum length to ensure the keys are difficult to discover * and the algorithm's security properties are maintained.

* *

The {@code MacAlgorithm} interface extends the {@link KeyLengthSupplier} interface to represent * the length in bits (not bytes) a key must have to be used with its implementation. If you do not want to * worry about lengths and parameters of keys required for an algorithm, it is often easier to automatically generate * a key that adheres to the algorithms requirements, as discussed below.

* *

Key Generation

* *

{@code MacAlgorithm} extends {@link KeyBuilderSupplier} to enable {@link SecretKey} generation. * Each {@code MacAlgorithm} algorithm instance will return a {@link KeyBuilder} that ensures any created keys will * have a sufficient length and any algorithm parameters required by that algorithm. For example:

* *
 * SecretKey key = macAlgorithm.key().build();
* *

The resulting {@code key} is guaranteed to have the correct algorithm parameters and strength/length necessary for * that exact {@code MacAlgorithm} instance.

* *

JWA Standard Implementations

* *

Constant definitions and utility methods for all JWA (RFC 7518) standard MAC algorithms are * available via {@link io.jsonwebtoken.Jwts.SIG Jwts.SIG}.

* * @see io.jsonwebtoken.Jwts.SIG Jwts.SIG * @since 0.12.0 */ public interface MacAlgorithm extends SecureDigestAlgorithm, KeyBuilderSupplier, KeyLengthSupplier { }




© 2015 - 2024 Weber Informatics LLC | Privacy Policy