HmacSigningHandler.java
/*
* The contents of this file are subject to the terms of the Common Development and
* Distribution License (the License). You may not use this file except in compliance with the
* License.
*
* You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
* specific language governing permission and limitations under the License.
*
* When distributing Covered Software, include this CDDL Header Notice in each file and include
* the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
* Header, with the fields enclosed by brackets [] replaced by your own identifying
* information: "Portions copyright [year] [name of copyright owner]".
*
* Copyright 2013-2015 ForgeRock AS.
*/
package org.forgerock.json.jose.jws.handlers;
import org.forgerock.json.jose.exceptions.JwsSigningException;
import org.forgerock.json.jose.jws.JwsAlgorithm;
import org.forgerock.json.jose.utils.Utils;
import org.forgerock.util.Reject;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
/**
* An implementation of the SigningHandler which can sign and verify using algorithms from the HMAC family.
*
* @since 2.0.0
*/
public class HmacSigningHandler implements SigningHandler {
private final byte[] sharedSecret;
/**
* Constructs a new HmacSigningHandler.
*
* @param sharedSecret The shared secret to use to sign the data.
*/
public HmacSigningHandler(byte[] sharedSecret) {
Reject.ifNull(sharedSecret, "Shared secret cannot be null.");
this.sharedSecret = sharedSecret.clone();
}
/**
* {@inheritDoc}
*/
@Override
public byte[] sign(JwsAlgorithm algorithm, String data) {
return signWithHMAC(algorithm.getAlgorithm(), sharedSecret, data.getBytes(Utils.CHARSET));
}
/**
* {@inheritDoc}
*/
@Override
public byte[] sign(final JwsAlgorithm algorithm, final byte[] data) {
return signWithHMAC(algorithm.getAlgorithm(), sharedSecret, data);
}
/**
* Performs the creation of the MAC for the data using the given Java Cryptographic algorithm.
*
* @param algorithm The Java Cryptographic algorithm.
* @param sharedSecret The shared secret to use to sign the data.
* @param data The data to sign.
* @return A byte array of the signature.
*/
private byte[] signWithHMAC(String algorithm, byte[] sharedSecret, byte[] data) {
try {
Mac mac = Mac.getInstance(algorithm);
SecretKey secretKey = new SecretKeySpec(sharedSecret, algorithm.toUpperCase());
mac.init(secretKey);
return mac.doFinal(data);
} catch (NoSuchAlgorithmException e) {
throw new JwsSigningException("Unsupported Signing Algorithm, " + algorithm, e);
} catch (InvalidKeyException e) {
throw new JwsSigningException(e);
}
}
/**
* Verifies that the given signature is valid for the given data.
* <p>
* Uses the Java Cryptographic algorithm defined by the JwsAlgorithm and private key to create a new signature
* of the data to compare against the given signature to see if they are identical.
*
* This implementation avoids timing attacks by enforcing checking of each element of the
* array against one another. We do not rely on Arrays.equal or other methods which
* may return early upon discovering a mistake.
*
* @param algorithm The JwsAlgorithm defining the JavaCryptographic algorithm.
* @param data The data that was signed.
* @param signature The signature of the data.
* @return <code>true</code> if the signature is a valid signature of the data.
*/
@Override
public boolean verify(JwsAlgorithm algorithm, byte[] data, byte[] signature) {
byte[] signed = signWithHMAC(algorithm.getAlgorithm(), sharedSecret, data);
return MessageDigest.isEqual(signed, signature);
}
}