org.bouncycastle.crypto.macs

Class CMac

Implemented Interfaces:
Mac

public class CMac
extends java.lang.Object
implements Mac

CMAC - as specified at www.nuee.nagoya-u.ac.jp/labs/tiwata/omac/omac.html

CMAC is analogous to OMAC1 - see also en.wikipedia.org/wiki/CMAC

CMAC is a NIST recomendation - see csrc.nist.gov/CryptoToolkit/modes/800-38_Series_Publications/SP800-38B.pdf

CMAC/OMAC1 is a blockcipher-based message authentication code designed and analyzed by Tetsu Iwata and Kaoru Kurosawa.

CMAC/OMAC1 is a simple variant of the CBC MAC (Cipher Block Chaining Message Authentication Code). OMAC stands for One-Key CBC MAC.

It supports 128- or 64-bits block ciphers, with any key size, and returns a MAC with dimension less or equal to the block size of the underlying cipher.

Constructor Summary

CMac(BlockCipher cipher)
create a standard MAC based on a CBC block cipher (64 or 128 bit block).
CMac(BlockCipher cipher, int macSizeInBits)
create a standard MAC based on a block cipher with the size of the MAC been given in bits.

Method Summary

int
doFinal(byte[] out, int outOff)
String
getAlgorithmName()
int
getMacSize()
void
init(CipherParameters params)
void
reset()
Reset the mac generator.
void
update(byte in)
void
update(byte[] in, int inOff, int len)

Constructor Details

CMac

public CMac(BlockCipher cipher)
create a standard MAC based on a CBC block cipher (64 or 128 bit block). This will produce an authentication code the length of the block size of the cipher.
Parameters:
cipher - the cipher to be used as the basis of the MAC generation.

CMac

public CMac(BlockCipher cipher,
            int macSizeInBits)
create a standard MAC based on a block cipher with the size of the MAC been given in bits.

Note: the size of the MAC must be at least 24 bits (FIPS Publication 81), or 16 bits if being used as a data authenticator (FIPS Publication 113), and in general should be less than the size of the block cipher as it reduces the chance of an exhaustive attack (see Handbook of Applied Cryptography).

Parameters:
cipher - the cipher to be used as the basis of the MAC generation.
macSizeInBits - the size of the MAC in bits, must be a multiple of 8 and <= 128.

Method Details

doFinal

public int doFinal(byte[] out,
                   int outOff)
Specified by:
doFinal in interface Mac

getAlgorithmName

public String getAlgorithmName()
Specified by:
getAlgorithmName in interface Mac

getMacSize

public int getMacSize()
Specified by:
getMacSize in interface Mac

init

public void init(CipherParameters params)
Specified by:
init in interface Mac

reset

public void reset()
Reset the mac generator.
Specified by:
reset in interface Mac

update

public void update(byte in)
Specified by:
update in interface Mac

update

public void update(byte[] in,
                   int inOff,
                   int len)
Specified by:
update in interface Mac