Picsart v24.6版本的 MD5 值为:21a61631d94e54da68d2ad9268b8b9d9
以下内容为反编译后的 SignatureAlgorithm.java 源代码,内容仅作参考
package io.jsonwebtoken;
import com.google.android.gms.vision.barcode.Barcode;
import io.jsonwebtoken.security.InvalidKeyException;
import io.jsonwebtoken.security.Keys;
import io.jsonwebtoken.security.WeakKeyException;
import java.security.Key;
import java.security.PrivateKey;
import java.security.interfaces.ECKey;
import java.security.interfaces.RSAKey;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import javax.crypto.SecretKey;
import myobfuscated.b0.b;
public enum SignatureAlgorithm {
NONE("none", "No digital signature or MAC performed", "None", null, false, 0, 0),
HS256("HS256", "HMAC using SHA-256", "HMAC", "HmacSHA256", true, Barcode.QR_CODE, Barcode.QR_CODE),
HS384("HS384", "HMAC using SHA-384", "HMAC", "HmacSHA384", true, 384, 384),
HS512("HS512", "HMAC using SHA-512", "HMAC", "HmacSHA512", true, 512, 512),
RS256("RS256", "RSASSA-PKCS-v1_5 using SHA-256", "RSA", "SHA256withRSA", true, Barcode.QR_CODE, 2048),
RS384("RS384", "RSASSA-PKCS-v1_5 using SHA-384", "RSA", "SHA384withRSA", true, 384, 2048),
RS512("RS512", "RSASSA-PKCS-v1_5 using SHA-512", "RSA", "SHA512withRSA", true, 512, 2048),
ES256("ES256", "ECDSA using P-256 and SHA-256", "ECDSA", "SHA256withECDSA", true, Barcode.QR_CODE, Barcode.QR_CODE),
ES384("ES384", "ECDSA using P-384 and SHA-384", "ECDSA", "SHA384withECDSA", true, 384, 384),
ES512("ES512", "ECDSA using P-521 and SHA-512", "ECDSA", "SHA512withECDSA", true, 512, 521),
PS256("PS256", "RSASSA-PSS using SHA-256 and MGF1 with SHA-256", "RSA", "RSASSA-PSS", false, Barcode.QR_CODE, 2048),
PS384("PS384", "RSASSA-PSS using SHA-384 and MGF1 with SHA-384", "RSA", "RSASSA-PSS", false, 384, 2048),
PS512("PS512", "RSASSA-PSS using SHA-512 and MGF1 with SHA-512", "RSA", "RSASSA-PSS", false, 512, 2048);
private static final List<SignatureAlgorithm> PREFERRED_EC_ALGS;
private static final List<SignatureAlgorithm> PREFERRED_HMAC_ALGS;
private final String description;
private final int digestLength;
private final String familyName;
private final String jcaName;
private final boolean jdkStandard;
private final int minKeyLength;
private final String value;
static {
SignatureAlgorithm signatureAlgorithm = HS256;
SignatureAlgorithm signatureAlgorithm2 = HS384;
SignatureAlgorithm signatureAlgorithm3 = HS512;
SignatureAlgorithm signatureAlgorithm4 = ES256;
SignatureAlgorithm signatureAlgorithm5 = ES384;
SignatureAlgorithm signatureAlgorithm6 = ES512;
PREFERRED_HMAC_ALGS = Collections.unmodifiableList(Arrays.asList(signatureAlgorithm3, signatureAlgorithm2, signatureAlgorithm));
PREFERRED_EC_ALGS = Collections.unmodifiableList(Arrays.asList(signatureAlgorithm6, signatureAlgorithm5, signatureAlgorithm4));
}
SignatureAlgorithm(String str, String str2, String str3, String str4, boolean z, int i, int i2) {
this.value = str;
this.description = str2;
this.familyName = str3;
this.jcaName = str4;
this.jdkStandard = z;
this.digestLength = i;
this.minKeyLength = i2;
}
private void assertValid(Key key, boolean z) throws InvalidKeyException {
if (this == NONE) {
throw new InvalidKeyException("The 'NONE' signature algorithm does not support cryptographic keys.");
}
if (isHmac()) {
if (!(key instanceof SecretKey)) {
StringBuilder sb = new StringBuilder();
sb.append(this.familyName);
sb.append(" ");
throw new InvalidKeyException(e.m(sb, keyType(z), " keys must be SecretKey instances."));
}
SecretKey secretKey = (SecretKey) key;
byte[] encoded = secretKey.getEncoded();
if (encoded == null) {
throw new InvalidKeyException(e.m(new StringBuilder("The "), keyType(z), " key's encoded bytes cannot be null."));
}
String algorithm = secretKey.getAlgorithm();
if (algorithm == null) {
throw new InvalidKeyException(e.m(new StringBuilder("The "), keyType(z), " key's algorithm cannot be null."));
}
if (!HS256.jcaName.equalsIgnoreCase(algorithm) && !HS384.jcaName.equalsIgnoreCase(algorithm) && !HS512.jcaName.equalsIgnoreCase(algorithm)) {
StringBuilder sb2 = new StringBuilder("The ");
j.z(sb2, keyType(z), " key's algorithm '", algorithm, "' does not equal a valid HmacSHA* algorithm name and cannot be used with ");
sb2.append(name());
sb2.append(".");
throw new InvalidKeyException(sb2.toString());
}
int length = encoded.length * 8;
if (length >= this.minKeyLength) {
return;
}
StringBuilder sb3 = new StringBuilder("The ");
e.x(sb3, keyType(z), " key's size is ", length, " bits which is not secure enough for the ");
sb3.append(name());
sb3.append(" algorithm. The JWT JWA Specification (RFC 7518, Section 3.2) states that keys used with ");
sb3.append(name());
sb3.append(" MUST have a size >= ");
sb3.append(this.minKeyLength);
sb3.append(" bits (the key size must be greater than or equal to the hash output size). Consider using the ");
sb3.append(Keys.class.getName());
sb3.append(" class's 'secretKeyFor(SignatureAlgorithm.");
sb3.append(name());
sb3.append(")' method to create a key guaranteed to be secure enough for ");
sb3.append(name());
sb3.append(". See https://tools.ietf.org/html/rfc7518#section-3.2 for more information.");
throw new WeakKeyException(sb3.toString());
} else if (z && !(key instanceof PrivateKey)) {
throw new InvalidKeyException(e.m(new StringBuilder(), this.familyName, " signing keys must be PrivateKey instances."));
} else {
if (isEllipticCurve()) {
if (!(key instanceof ECKey)) {
StringBuilder sb4 = new StringBuilder();
sb4.append(this.familyName);
sb4.append(" ");
throw new InvalidKeyException(e.m(sb4, keyType(z), " keys must be ECKey instances."));
}
int bitLength = ((ECKey) key).getParams().getOrder().bitLength();
if (bitLength >= this.minKeyLength) {
return;
}
StringBuilder sb5 = new StringBuilder("The ");
e.x(sb5, keyType(z), " key's size (ECParameterSpec order) is ", bitLength, " bits which is not secure enough for the ");
sb5.append(name());
sb5.append(" algorithm. The JWT JWA Specification (RFC 7518, Section 3.4) states that keys used with ");
sb5.append(name());
sb5.append(" MUST have a size >= ");
sb5.append(this.minKeyLength);
sb5.append(" bits. Consider using the ");
sb5.append(Keys.class.getName());
sb5.append(" class's 'keyPairFor(SignatureAlgorithm.");
sb5.append(name());
sb5.append(")' method to create a key pair guaranteed to be secure enough for ");
sb5.append(name());
sb5.append(". See https://tools.ietf.org/html/rfc7518#section-3.4 for more information.");
throw new WeakKeyException(sb5.toString());
} else if (!(key instanceof RSAKey)) {
StringBuilder sb6 = new StringBuilder();
sb6.append(this.familyName);
sb6.append(" ");
throw new InvalidKeyException(e.m(sb6, keyType(z), " keys must be RSAKey instances."));
} else {
int bitLength2 = ((RSAKey) key).getModulus().bitLength();
if (bitLength2 < this.minKeyLength) {
String str = name().startsWith("P") ? "3.5" : "3.3";
StringBuilder sb7 = new StringBuilder("The ");
e.x(sb7, keyType(z), " key's size is ", bitLength2, " bits which is not secure enough for the ");
sb7.append(name());
sb7.append(" algorithm. The JWT JWA Specification (RFC 7518, Section ");
sb7.append(str);
sb7.append(") states that keys used with ");
sb7.append(name());
sb7.append(" MUST have a size >= ");
sb7.append(this.minKeyLength);
sb7.append(" bits. Consider using the ");
sb7.append(Keys.class.getName());
sb7.append(" class's 'keyPairFor(SignatureAlgorithm.");
sb7.append(name());
sb7.append(")' method to create a key pair guaranteed to be secure enough for ");
sb7.append(name());
sb7.append(". See https://tools.ietf.org/html/rfc7518#section-");
sb7.append(str);
sb7.append(" for more information.");
throw new WeakKeyException(sb7.toString());
}
}
}
}
public static SignatureAlgorithm forName(String str) throws io.jsonwebtoken.security.SignatureException {
SignatureAlgorithm[] values;
for (SignatureAlgorithm signatureAlgorithm : values()) {
if (signatureAlgorithm.getValue().equalsIgnoreCase(str)) {
return signatureAlgorithm;
}
}
throw new io.jsonwebtoken.security.SignatureException(b.s("Unsupported signature algorithm '", str, "'"));
}
public static SignatureAlgorithm forSigningKey(Key key) throws InvalidKeyException {
if (key != null) {
boolean z = key instanceof SecretKey;
if (z || ((key instanceof PrivateKey) && ((key instanceof ECKey) || (key instanceof RSAKey)))) {
if (z) {
int length = io.jsonwebtoken.lang.Arrays.length(((SecretKey) key).getEncoded()) * 8;
for (SignatureAlgorithm signatureAlgorithm : PREFERRED_HMAC_ALGS) {
if (length >= signatureAlgorithm.minKeyLength) {
return signatureAlgorithm;
}
}
throw new WeakKeyException(d.o("The specified SecretKey is not strong enough to be used with JWT HMAC signature algorithms. The JWT specification requires HMAC keys to be >= 256 bits long. The specified key is ", length, " bits. See https://tools.ietf.org/html/rfc7518#section-3.2 for more information."));
} else if (!(key instanceof RSAKey)) {
int bitLength = ((ECKey) key).getParams().getOrder().bitLength();
for (SignatureAlgorithm signatureAlgorithm2 : PREFERRED_EC_ALGS) {
if (bitLength >= signatureAlgorithm2.minKeyLength) {
signatureAlgorithm2.assertValidSigningKey(key);
return signatureAlgorithm2;
}
}
throw new WeakKeyException(d.o("The specified Elliptic Curve signing key is not strong enough to be used with JWT ECDSA signature algorithms. The JWT specification requires ECDSA keys to be >= 256 bits long. The specified ECDSA key is ", bitLength, " bits. See https://tools.ietf.org/html/rfc7518#section-3.4 for more information."));
} else {
int bitLength2 = ((RSAKey) key).getModulus().bitLength();
if (bitLength2 >= 4096) {
SignatureAlgorithm signatureAlgorithm3 = RS512;
signatureAlgorithm3.assertValidSigningKey(key);
return signatureAlgorithm3;
} else if (bitLength2 >= 3072) {
SignatureAlgorithm signatureAlgorithm4 = RS384;
signatureAlgorithm4.assertValidSigningKey(key);
return signatureAlgorithm4;
} else {
SignatureAlgorithm signatureAlgorithm5 = RS256;
if (bitLength2 >= signatureAlgorithm5.minKeyLength) {
signatureAlgorithm5.assertValidSigningKey(key);
return signatureAlgorithm5;
}
throw new WeakKeyException(d.o("The specified RSA signing key is not strong enough to be used with JWT RSA signature algorithms. The JWT specification requires RSA keys to be >= 2048 bits long. The specified RSA key is ", bitLength2, " bits. See https://tools.ietf.org/html/rfc7518#section-3.3 for more information."));
}
}
}
throw new InvalidKeyException("JWT standard signing algorithms require either 1) a SecretKey for HMAC-SHA algorithms or 2) a private RSAKey for RSA algorithms or 3) a private ECKey for Elliptic Curve algorithms. The specified key is of type ".concat(key.getClass().getName()));
}
throw new InvalidKeyException("Key argument cannot be null.");
}
private static String keyType(boolean z) {
return z ? "signing" : "verification";
}
public void assertValidSigningKey(Key key) throws InvalidKeyException {
assertValid(key, true);
}
public void assertValidVerificationKey(Key key) throws InvalidKeyException {
assertValid(key, false);
}
public String getDescription() {
return this.description;
}
public String getFamilyName() {
return this.familyName;
}
public String getJcaName() {
return this.jcaName;
}
public int getMinKeyLength() {
return this.minKeyLength;
}
public String getValue() {
return this.value;
}
public boolean isEllipticCurve() {
return this.familyName.equals("ECDSA");
}
public boolean isHmac() {
return this.familyName.equals("HMAC");
}
public boolean isJdkStandard() {
return this.jdkStandard;
}
public boolean isRsa() {
return this.familyName.equals("RSA");
}
}