Class CMac
- All Implemented Interfaces:
Mac
- Direct Known Subclasses:
CMacWithIV
CMAC is analogous to OMAC1 - see also en.wikipedia.org/wiki/CMAC
CMAC is a NIST recomendation - see csrc.nist.gov/CryptoToolkit/modes/800-38_Series_Publications/SP800-38B.pdf
CMAC/OMAC1 is a blockcipher-based message authentication code designed and analyzed by Tetsu Iwata and Kaoru Kurosawa.
CMAC/OMAC1 is a simple variant of the CBC MAC (Cipher Block Chaining Message Authentication Code). OMAC stands for One-Key CBC MAC.
It supports 128- or 64-bits block ciphers, with any key size, and returns a MAC with dimension less or equal to the block size of the underlying cipher.
-
Constructor Summary
ConstructorsConstructorDescriptionCMac(BlockCipher cipher) create a standard MAC based on a CBC block cipher (64 or 128 bit block).CMac(BlockCipher cipher, int macSizeInBits) create a standard MAC based on a block cipher with the size of the MAC been given in bits. -
Method Summary
Modifier and TypeMethodDescriptionintdoFinal(byte[] out, int outOff) Compute the final stage of the MAC writing the output to the out parameter.Return the name of the algorithm the MAC implements.intReturn the block size for this MAC (in bytes).voidinit(CipherParameters params) Initialise the MAC.voidreset()Reset the mac generator.voidupdate(byte in) add a single byte to the mac for processing.voidupdate(byte[] in, int inOff, int len)
-
Constructor Details
-
CMac
create a standard MAC based on a CBC block cipher (64 or 128 bit block). This will produce an authentication code the length of the block size of the cipher.- Parameters:
cipher- the cipher to be used as the basis of the MAC generation.
-
CMac
create a standard MAC based on a block cipher with the size of the MAC been given in bits.Note: the size of the MAC must be at least 24 bits (FIPS Publication 81), or 16 bits if being used as a data authenticator (FIPS Publication 113), and in general should be less than the size of the block cipher as it reduces the chance of an exhaustive attack (see Handbook of Applied Cryptography).
- Parameters:
cipher- the cipher to be used as the basis of the MAC generation.macSizeInBits- the size of the MAC in bits, must be a multiple of 8 and <= 128.
-
-
Method Details
-
getAlgorithmName
Description copied from interface:MacReturn the name of the algorithm the MAC implements.- Specified by:
getAlgorithmNamein interfaceMac- Returns:
- the name of the algorithm the MAC implements.
-
init
Description copied from interface:MacInitialise the MAC. -
getMacSize
public int getMacSize()Description copied from interface:MacReturn the block size for this MAC (in bytes).- Specified by:
getMacSizein interfaceMac- Returns:
- the block size for this MAC in bytes.
-
update
public void update(byte in) Description copied from interface:Macadd a single byte to the mac for processing. -
update
public void update(byte[] in, int inOff, int len) -
doFinal
public int doFinal(byte[] out, int outOff) Description copied from interface:MacCompute the final stage of the MAC writing the output to the out parameter.doFinal leaves the MAC in the same state it was after the last init.
-
reset
public void reset()Reset the mac generator.
-