patrickfav / hkdf / 96

Committed 13 Jun 2019 - 17:19 coverage decreased (-2.6%) to 97.436%

Build # 96

Build Type

Pull #5

travis-ci

Committed by

web-flow

Commit Message

Small fix in tests

Pull Request Pull Request #5: Extends the API with SecretKey types in addition to raw byte[]

Run Details

18 of 19 new or added lines in 2 files covered. (94.74%)

1 existing line in 1 file now uncovered.

76 of 78 relevant lines covered (97.44%)

0.97 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

92.31

/src/main/java/at/favre/lib/crypto/HkdfMacFactory.java

/*
 * Copyright 2017 Patrick Favre-Bulle
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package at.favre.lib.crypto;

import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;

/**
 * Factory class for creating {@link Mac} hashers
 */
public interface HkdfMacFactory {

    /**
     * Creates a new instance of Hmac with given key, i.e. it must already be initialized
     * with {@link Mac#init(Key)}.
     *
     * @param key the key used, must not be null
     * @return a new mac instance
     */
    Mac createInstance(SecretKey key);

    /**
     * Get the length of the mac output in bytes
     *
     * @return the length of mac output in bytes
     */
    int getMacLengthBytes();

    /**
     * Creates a secret key from a byte raw key material to be used with {@link #createInstance(SecretKey)}
     *
     * @param rawKeyMaterial the raw key
     * @return wrapped as secret key instance or null if input is null or empty
     */
    SecretKey createSecretKey(byte[] rawKeyMaterial);

    /**
     * Default implementation
     */
    @SuppressWarnings("WeakerAccess")
    final class Default implements HkdfMacFactory {
        private final String macAlgorithmName;
        private final Provider provider;

        /**
         * Creates a factory creating HMAC with SHA-256
         *
         * @return factory
         */
        public static HkdfMacFactory hmacSha256() {
            return new Default("HmacSHA256", null);
        }

        /**
         * Creates a factory creating HMAC with SHA-512
         *
         * @return factory
         */
        public static HkdfMacFactory hmacSha512() {
            return new Default("HmacSHA512", null);
        }

        /**
         * Creates a factory creating HMAC with SHA-1
         *
         * @return factory
         * @deprecated sha1 with HMAC should be fine, but not recommended for new protocols; see https://crypto.stackexchange.com/questions/26510/why-is-hmac-sha1-still-considered-secure
         */
        @Deprecated
        public static HkdfMacFactory hmacSha1() {
            return new Default("HmacSHA1", null);
        }

        /**
         * Creates a mac factory
         *
         * @param macAlgorithmName as used by {@link Mac#getInstance(String)}
         */
        public Default(String macAlgorithmName) {
            this(macAlgorithmName, null);
        }

        /**
         * Creates a mac factory
         *
         * @param macAlgorithmName as used by {@link Mac#getInstance(String)}
         * @param provider         the security provider, see {@link Mac#getInstance(String, Provider)}; may be null to use default
         */
        public Default(String macAlgorithmName, Provider provider) {
            this.macAlgorithmName = macAlgorithmName;
            this.provider = provider;
        }

        @Override
        public Mac createInstance(SecretKey key) {
            try {
                Mac mac = createMacInstance();
                mac.init(key);
                return mac;
            } catch (Exception e) {
                throw new IllegalStateException("could not make hmac hasher in hkdf", e);
            }
        }

        private Mac createMacInstance() {
            try {
                Mac hmacInstance;

                if (provider == null) {
                    hmacInstance = Mac.getInstance(macAlgorithmName);
                } else {
                    hmacInstance = Mac.getInstance(macAlgorithmName, provider);
                }

                return hmacInstance;
            } catch (NoSuchAlgorithmException e) {
                throw new IllegalStateException("defined mac algorithm was not found", e);
            } catch (Exception e) {
                throw new IllegalStateException("could not create mac instance in hkdf", e);
            }
        }

        @Override
        public int getMacLengthBytes() {
            return createMacInstance().getMacLength();
        }

        @Override
        public SecretKey createSecretKey(byte[] rawKeyMaterial) {
            if (rawKeyMaterial == null || rawKeyMaterial.length <= 0) {
                return null;
            }
            return new SecretKeySpec(rawKeyMaterial, macAlgorithmName);
        }
    }
}

1	/*
2	* Copyright 2017 Patrick Favre-Bulle
3	*
4	* Licensed under the Apache License, Version 2.0 (the "License");
5	* you may not use this file except in compliance with the License.
6	* You may obtain a copy of the License at
7	*
8	* http://www.apache.org/licenses/LICENSE-2.0
9	*
10	* Unless required by applicable law or agreed to in writing, software
11	* distributed under the License is distributed on an "AS IS" BASIS,
12	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13	* See the License for the specific language governing permissions and
14	* limitations under the License.
15	*/
16
17	package at.favre.lib.crypto;
18
19	import javax.crypto.Mac;
20	import javax.crypto.SecretKey;
21	import javax.crypto.spec.SecretKeySpec;
22	import java.security.Key;
23	import java.security.NoSuchAlgorithmException;
24	import java.security.Provider;
25
26	/**
27	* Factory class for creating {@link Mac} hashers
28	*/
29	public interface HkdfMacFactory {
30
31	/**
32	* Creates a new instance of Hmac with given key, i.e. it must already be initialized
33	* with {@link Mac#init(Key)}.
34	*
35	* @param key the key used, must not be null
36	* @return a new mac instance
37	*/
38	Mac createInstance(SecretKey key);
39
40	/**
41	* Get the length of the mac output in bytes
42	*
43	* @return the length of mac output in bytes
44	*/
45	int getMacLengthBytes();
46
47	/**
48	* Creates a secret key from a byte raw key material to be used with {@link #createInstance(SecretKey)}
49	*
50	* @param rawKeyMaterial the raw key
51	* @return wrapped as secret key instance or null if input is null or empty
52	*/
53	SecretKey createSecretKey(byte[] rawKeyMaterial);
54
55	/**
56	* Default implementation
57	*/
58	@SuppressWarnings("WeakerAccess")
59	final class Default implements HkdfMacFactory {
60	private final String macAlgorithmName;
61	private final Provider provider;
62
63	/**
64	* Creates a factory creating HMAC with SHA-256
65	*
66	* @return factory
67	*/
68	public static HkdfMacFactory hmacSha256() {
69	return new Default("HmacSHA256", null);	1×
70	}
71
72	/**
73	* Creates a factory creating HMAC with SHA-512
74	*
75	* @return factory
76	*/
77	public static HkdfMacFactory hmacSha512() {
78	return new Default("HmacSHA512", null);	1×
79	}
80
81	/**
82	* Creates a factory creating HMAC with SHA-1
83	*
84	* @return factory
85	* @deprecated sha1 with HMAC should be fine, but not recommended for new protocols; see https://crypto.stackexchange.com/questions/26510/why-is-hmac-sha1-still-considered-secure
86	*/
87	@Deprecated
88	public static HkdfMacFactory hmacSha1() {
89	return new Default("HmacSHA1", null);	1×
90	}
91
92	/**
93	* Creates a mac factory
94	*
95	* @param macAlgorithmName as used by {@link Mac#getInstance(String)}
96	*/
97	public Default(String macAlgorithmName) {
98	this(macAlgorithmName, null);	1×
99	}	1×
100
101	/**
102	* Creates a mac factory
103	*
104	* @param macAlgorithmName as used by {@link Mac#getInstance(String)}
105	* @param provider the security provider, see {@link Mac#getInstance(String, Provider)}; may be null to use default
106	*/
107	public Default(String macAlgorithmName, Provider provider) {	1×
108	this.macAlgorithmName = macAlgorithmName;	1×
109	this.provider = provider;	1×
110	}	1×
111
112	@Override
113	public Mac createInstance(SecretKey key) {
114	try {
115	Mac mac = createMacInstance();	1×
116	mac.init(key);	1×
117	return mac;	1×
118	} catch (Exception e) {	1×
119	throw new IllegalStateException("could not make hmac hasher in hkdf", e);	1×
120	}
121	}
122
123	private Mac createMacInstance() {
124	try {
125	Mac hmacInstance;
126
127	if (provider == null) {	1×
128	hmacInstance = Mac.getInstance(macAlgorithmName);	1×
129	} else {
130	hmacInstance = Mac.getInstance(macAlgorithmName, provider);	1×
131	}
132
133	return hmacInstance;	1×
134	} catch (NoSuchAlgorithmException e) {	1×
135	throw new IllegalStateException("defined mac algorithm was not found", e);	1×
UNCOV 136	} catch (Exception e) {	!
NEW 137	throw new IllegalStateException("could not create mac instance in hkdf", e);	!
138	}
139	}
140
141	@Override
142	public int getMacLengthBytes() {
143	return createMacInstance().getMacLength();	1×
144	}
145
146	@Override
147	public SecretKey createSecretKey(byte[] rawKeyMaterial) {
148	if (rawKeyMaterial == null \|\| rawKeyMaterial.length <= 0) {	1×
149	return null;	1×
150	}
151	return new SecretKeySpec(rawKeyMaterial, macAlgorithmName);	1×
152	}
153	}
154	}

patrickfav / hkdf / 96

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous