Package org.forgerock.json.jose.jws.handlers

Class HmacSigningHandler

java.lang.Object
org.forgerock.json.jose.jws.handlers.HmacSigningHandler
All Implemented Interfaces:
SigningHandler
@Deprecated public class HmacSigningHandler extends Object implements SigningHandler
Deprecated.
Use SecretHmacSigningHandler instead
An implementation of the SigningHandler which can sign and verify using algorithms from the HMAC family.
Since:
2.0.0

  • Constructor Summary

    Constructors
    Constructor
    Description
    HmacSigningHandler(byte[] sharedSecret)
    Deprecated.
    Constructs a new HmacSigningHandler.
    HmacSigningHandler(SecretKey key)
    Deprecated.
    Constructs a new HmacSigningHandler.

  • Method Summary

    Modifier and Type
    Method
    Description
    byte[]
    sign(JwsAlgorithm algorithm, byte[] data)
    Deprecated.
    Signs the given raw data bytes using the Java Cryptographic algorithm defined by the JwsAlgorithm.
    byte[]
    sign(JwsAlgorithm algorithm, String data)
    Deprecated.
    Signs the given String data using the Java Cryptographic algorithm defined by the JwsAlgorithm.
    boolean
    verify(JwsAlgorithm algorithm, byte[] data, byte[] signature)
    Deprecated.
    Verifies that the given signature is valid for the given data.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

    • HmacSigningHandler

      public HmacSigningHandler(byte[] sharedSecret)
      Deprecated.
      Constructs a new HmacSigningHandler.
      Parameters:
      sharedSecret - The shared secret to use to sign the data.

    • HmacSigningHandler

      public HmacSigningHandler(SecretKey key)
      Deprecated.
      Constructs a new HmacSigningHandler.
      Parameters:
      key - The HMAC secret key to use to sign the data.

  • Method Details

    • sign

      public byte[] sign(JwsAlgorithm algorithm, String data)
      Deprecated.
      Signs the given String data using the Java Cryptographic algorithm defined by the JwsAlgorithm. The signature is created using the given private key.
      Specified by:
      sign in interface SigningHandler
      Parameters:
      algorithm - The JwsAlgorithm defining the Java Cryptographic algorithm.
      data - The data to be signed.
      Returns:
      A byte array of the signature.

    • sign

      public byte[] sign(JwsAlgorithm algorithm, byte[] data)
      Deprecated.
      Signs the given raw data bytes using the Java Cryptographic algorithm defined by the JwsAlgorithm.
      Specified by:
      sign in interface SigningHandler
      Parameters:
      algorithm - the JWS signature algorithm to use.
      data - the raw data to sign.
      Returns:
      the signature.

    • verify

      public boolean verify(JwsAlgorithm algorithm, byte[] data, byte[] signature)
      Deprecated.
      Verifies that the given signature is valid for the given data.

      Uses the Java Cryptographic algorithm defined by the JwsAlgorithm and private key to create a new signature of the data to compare against the given signature to see if they are identical. This implementation avoids timing attacks by enforcing checking of each element of the array against one another. We do not rely on Arrays.equal or other methods which may return early upon discovering a mistake.

      Specified by:
      verify in interface SigningHandler
      Parameters:
      algorithm - The JwsAlgorithm defining the JavaCryptographic algorithm.
      data - The data that was signed.
      signature - The signature of the data.
      Returns:
      true if the signature is a valid signature of the data.