|
For the latest news and information visit The GNU Crypto project |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface IMac
The basic visible methods of any MAC (Message Authentication Code) algorithm.
A MAC provides a way to check the integrity of information transmitted over, or stored in, an unreliable medium, based on a secret key. Typically, MACs are used between two parties, that share a common secret key, in order to validate information transmitted between them.
When a MAC algorithm is based on a cryptographic hash function, it is then called to a HMAC (Hashed Message Authentication Code) --see RFC-2104.
Another type of MAC algorithms exist: UMAC or Universal Message Authentication Code, described in draft-krovetz-umac-01.txt.With UMACs, the sender and receiver share a common secret key (the MAC key) which determines:
References:
Field Summary | |
---|---|
static String |
MAC_KEY_MATERIAL
Property name of the user-supplied key material. |
static String |
TRUNCATED_SIZE
Property name of the desired truncated output size in bytes. |
Method Summary | |
---|---|
Object |
clone()
Returns a clone copy of this instance. |
byte[] |
digest()
Completes the MAC by performing final operations such as padding and resetting the instance. |
void |
init(Map attributes)
Initialises the algorithm with designated attributes. |
int |
macSize()
Returns the output length in bytes of this MAC algorithm. |
String |
name()
Returns the canonical name of this algorithm. |
void |
reset()
Resets the algorithm instance for re-initialisation and use with other characteristics. |
boolean |
selfTest()
A basic test. |
void |
update(byte b)
Continues a MAC operation using the input byte. |
void |
update(byte[] in,
int offset,
int length)
Continues a MAC operation, by filling the buffer, processing data in the algorithm's MAC_SIZE-bit block(s), updating the context and count, and buffering the remaining bytes in buffer for the next operation. |
Field Detail |
---|
static final String MAC_KEY_MATERIAL
static final String TRUNCATED_SIZE
Property name of the desired truncated output size in bytes. The value associated to this property name is taken to be an integer. If no value is specified in the attributes map at initialisation time, then all bytes of the underlying hash algorithm's output are emitted.
This implementation, follows the recommendation of the RFC 2104 authors; specifically:
We recommend that the output length t be not less than half the length of the hash output (to match the birthday attack bound) and not less than 80 bits (a suitable lower bound on the number of bits that need to be predicted by an attacker).
Method Detail |
---|
String name()
Returns the canonical name of this algorithm.
int macSize()
Returns the output length in bytes of this MAC algorithm.
void init(Map attributes) throws InvalidKeyException, IllegalStateException
Initialises the algorithm with designated attributes. Permissible names and values are described in the class documentation above.
attributes
- a set of name-value pairs that describe the desired
future instance behaviour.
InvalidKeyException
- if the key data is invalid.
IllegalStateException
- if the instance is already initialised.MAC_KEY_MATERIAL
void update(byte b)
Continues a MAC operation using the input byte.
b
- the input byte to digest.void update(byte[] in, int offset, int length)
Continues a MAC operation, by filling the buffer, processing data in the algorithm's MAC_SIZE-bit block(s), updating the context and count, and buffering the remaining bytes in buffer for the next operation.
in
- the input block.offset
- start of meaningful bytes in input block.length
- number of bytes, in input block, to consider.byte[] digest()
Completes the MAC by performing final operations such as padding and resetting the instance.
void reset()
Resets the algorithm instance for re-initialisation and use with other characteristics. This method always succeeds.
boolean selfTest()
A basic test. Ensures that the MAC of a pre-determined message is equal to a known pre-computed value.
true
if the implementation passes a basic self-test.
Returns false
otherwise.Object clone() throws CloneNotSupportedException
Returns a clone copy of this instance.
CloneNotSupportedException
|
For the latest news and information visit The GNU Crypto project |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |