Module CMAC
CMAC (Cipher-based Message Authentication Code) algorithm
CMAC is a MAC defined in NIST SP 800-38B and in RFC4493 (for AES only)
and constructed using a block cipher. It was originally known as OMAC1.
The algorithm is sometimes named X-CMAC where X is the name
of the cipher (e.g. AES-CMAC).
This is an example showing how to create an AES-CMAC:
>>> from Crypto.Hash import CMAC
>>> from Crypto.Cipher import AES
>>>
>>> secret = b'Sixteen byte key'
>>> cobj = CMAC.new(secret, ciphermod=AES)
>>> cobj.update(b'Hello')
>>> print cobj.hexdigest()
And this is an example showing how to check an AES-CMAC:
>>> from Crypto.Hash import CMAC
>>> from Crypto.Cipher import AES
>>>
>>>
>>>
>>>
>>> secret = b'Sixteen byte key'
>>> cobj = CMAC.new(secret, ciphermod=AES)
>>> cobj.update(msg)
>>> try:
>>> cobj.verify(mac)
>>> print "The message '%s' is authentic" % msg
>>> except ValueError:
>>> print "The message or the key is wrong"
|
CMAC
Class that implements CMAC
|
|
new(key,
msg=None,
ciphermod=None)
Create a new CMAC object. |
|
|
|
digest_size = None
The size of the authentication tag produced by the MAC.
|
new(key,
msg=None,
ciphermod=None)
|
|
Create a new CMAC object.
- Parameters:
key (byte string) - secret key for the CMAC object.
The key must be valid for the underlying cipher algorithm.
For instance, it must be 16 bytes long for AES-128.
msg (byte string) - The very first chunk of the message to authenticate.
It is equivalent to an early call to CMAC.update. Optional.
ciphermod (module) - A cipher module from Crypto.Cipher.
The cipher's block size must be 64 or 128 bits.
Default is Crypto.Cipher.AES.
- Returns:
- A CMAC object
|