Package io.github.pratiyush.totp.internal

Class HMACProvider

java.lang.Object
io.github.pratiyush.totp.internal.HMACProvider
public final class HMACProvider extends Object
Secure HMAC computation for TOTP.

This utility class provides thread-safe HMAC calculation using the Java Cryptography Architecture (JCA).

Thread Safety

This class is thread-safe. Each call creates a fresh Mac instance.

Security Notes

  • Uses standard JCA providers (no external crypto libraries)
  • Validates algorithm availability before use
  • Clear error messages for debugging (no secret leakage)

  • Method Details

    • compute

      public static byte[] compute(Algorithm algorithm, byte[] key, byte[] data) throws TOTPException
      Computes HMAC using the specified algorithm.
      Parameters:
      algorithm - the HMAC algorithm
      key - the secret key
      data - the data to authenticate
      Returns:
      the HMAC result
      Throws:
      TOTPException - if HMAC computation fails

    • compute

      public static byte[] compute(String algorithmName, byte[] key, byte[] data) throws TOTPException
      Computes HMAC using the specified algorithm name.
      Parameters:
      algorithmName - the JCA algorithm name (e.g., "HmacSHA256")
      key - the secret key
      data - the data to authenticate
      Returns:
      the HMAC result
      Throws:
      TOTPException - if HMAC computation fails

    • isAlgorithmAvailable

      public static boolean isAlgorithmAvailable(Algorithm algorithm)
      Checks if an algorithm is available in the current JVM.
      Parameters:
      algorithm - the algorithm to check
      Returns:
      true if the algorithm is available

    • isAlgorithmAvailable

      public static boolean isAlgorithmAvailable(String algorithmName)
      Checks if an algorithm is available in the current JVM.
      Parameters:
      algorithmName - the JCA algorithm name
      Returns:
      true if the algorithm is available