org.bouncycastle.crypto.macs
Class ISO9797Alg3Mac
java.lang.Object
org.bouncycastle.crypto.macs.ISO9797Alg3Mac
- Mac
public class ISO9797Alg3Mac
extends java.lang.Object
DES based CBC Block Cipher MAC according to ISO9797, algorithm 3 (ANSI X9.19 Retail MAC)
This could as well be derived from CBCBlockCipherMac, but then the property mac in the base
class must be changed to protected
int | doFinal(byte[] out, int outOff) - Compute the final statge of the MAC writing the output to the out
parameter.
|
String | getAlgorithmName() - Return the name of the algorithm the MAC implements.
|
int | getMacSize() - Return the block size for this MAC (in bytes).
|
void | init(CipherParameters params) - Initialise the MAC.
|
void | reset() - Reset the mac generator.
|
void | update(byte in) - add a single byte to the mac for processing.
|
void | update(byte[] in, int inOff, int len)
|
ISO9797Alg3Mac
public ISO9797Alg3Mac(BlockCipher cipher)
create a Retail-MAC based on a CBC block cipher. This will produce an
authentication code of the length of the block size of the cipher.
cipher
- the cipher to be used as the basis of the MAC generation. This must
be DESEngine.
ISO9797Alg3Mac
public ISO9797Alg3Mac(BlockCipher cipher,
int macSizeInBits)
create a Retail-MAC based on a block cipher with the size of the
MAC been given in bits. This class uses single DES CBC mode as the basis for the
MAC generation.
Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
or 16 bits if being used as a data authenticator (FIPS Publication 113),
and in general should be less than the size of the block cipher as it reduces
the chance of an exhaustive attack (see Handbook of Applied Cryptography).
cipher
- the cipher to be used as the basis of the MAC generation.macSizeInBits
- the size of the MAC in bits, must be a multiple of 8.
ISO9797Alg3Mac
public ISO9797Alg3Mac(BlockCipher cipher,
int macSizeInBits,
BlockCipherPadding padding)
create a standard MAC based on a block cipher with the size of the
MAC been given in bits. This class uses single DES CBC mode as the basis for the
MAC generation. The final block is decrypted and then encrypted using the
middle and right part of the key.
Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
or 16 bits if being used as a data authenticator (FIPS Publication 113),
and in general should be less than the size of the block cipher as it reduces
the chance of an exhaustive attack (see Handbook of Applied Cryptography).
cipher
- the cipher to be used as the basis of the MAC generation.macSizeInBits
- the size of the MAC in bits, must be a multiple of 8.padding
- the padding to be used to complete the last block.
ISO9797Alg3Mac
public ISO9797Alg3Mac(BlockCipher cipher,
BlockCipherPadding padding)
create a Retail-MAC based on a CBC block cipher. This will produce an
authentication code of the length of the block size of the cipher.
cipher
- the cipher to be used as the basis of the MAC generation.padding
- the padding to be used to complete the last block.
doFinal
public int doFinal(byte[] out,
int outOff)
Compute the final statge of the MAC writing the output to the out
parameter.
doFinal leaves the MAC in the same state it was after the last init.
- doFinal in interface Mac
out
- the array the MAC is to be output to.outOff
- the offset into the out buffer the output is to start at.
getAlgorithmName
public String getAlgorithmName()
Return the name of the algorithm the MAC implements.
- getAlgorithmName in interface Mac
- the name of the algorithm the MAC implements.
getMacSize
public int getMacSize()
Return the block size for this MAC (in bytes).
- getMacSize in interface Mac
- the block size for this MAC in bytes.
init
public void init(CipherParameters params)
Initialise the MAC.
- init in interface Mac
params
- the key and other data required by the MAC.
reset
public void reset()
Reset the mac generator.
- reset in interface Mac
update
public void update(byte in)
add a single byte to the mac for processing.
- update in interface Mac
in
- the byte to be processed.
update
public void update(byte[] in,
int inOff,
int len)
- update in interface Mac
in
- the array containing the input.inOff
- the index in the array the data begins at.len
- the length of the input starting at inOff.