com.google.crypto.tink.subtle

Class PrfAesCmac

java.lang.Object

com.google.crypto.tink.subtle.PrfAesCmac

All Implemented Interfaces:

Prf

@Immutable
public final class PrfAesCmac
extends Object
implements Prf

An implementation of CMAC following RFC 4493.

Field Summary

Fields

Modifier and Type	Field and Description
static TinkFipsUtil.AlgorithmFipsCompatibility	FIPS

Constructor Summary

Constructors

Constructor and Description
PrfAesCmac(byte[] key)

Method Summary

Modifier and Type	Method and Description
byte[]	compute(byte[] data, int outputLength) Computes the PRF selected by the underlying key on input and returns the first outputLength bytes.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

FIPS

public static final TinkFipsUtil.AlgorithmFipsCompatibility FIPS

Constructor Detail

PrfAesCmac

public PrfAesCmac(byte[] key)
           throws GeneralSecurityException

Throws:

GeneralSecurityException

Method Detail

compute

public byte[] compute(byte[] data,
                      int outputLength)
               throws GeneralSecurityException

Description copied from interface: Prf

Computes the PRF selected by the underlying key on input and returns the first outputLength bytes.

Specified by:

compute in interface Prf

Parameters:

data - the input to compute the PRF on.

outputLength - the desired length of the output in bytes. When choosing this parameter keep the birthday paradox in mind. If you have 2^n different inputs that your system has to handle set the output length to ceil(n/4 + 4) This corresponds to 2*n + 32 bits, meaning a collision will occur with a probability less than 1:2^32. When in doubt, request a security review.

Throws:

GeneralSecurityException - if the algorithm fails or if the output of algorithm is less than outputLength.