Skip to content
/ cmac-go Public

Cipher-based Message Authentication Code as described in RFC4493 and NIST 800-38B

License

Notifications You must be signed in to change notification settings

chmike/cmac-go

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

GoDoc Build codecov Go Report Status release

Cipher-based Message Authentication Code

This package implements the Cipher-based Message Authentication Code as defined in the RFC4493 and NIST special publication 800-38B, "Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication", May 2005.

It achieves a security goal similar to that of HMAC, but uses a symmetric key block cipher like AES. CMAC is appropriate for information systems in which a block cipher is more readily available than a hash function.

Like HMAC, CMAC uses a key to sign a message. The receiver verifies the Massage Authenticating Code by recomputing it using the same key.

Installation

go get github.com/chmike/cmac-go

Usage example

import (
    "crypto/aes"

    "github.com/chmike/cmac-go"
)

// Instantiate the cmac hash.Hash.
cm, err := cmac.New(aes.NewCipher, key)
if err != nil {
    // ...
}

// Compute the CMAC of a message. Never returns an error.
// The parameter may be an empty slice or nil. 
// Write may be called multiple times.
cm.Write([]byte("some message"))

// Get the computed MAC. It may be followed by more Writes and sum calls.
mac1 := cm.Sum(nil)

// Important: use cmac.Equal() instead of bytes.Equal().
// It doesn't leak timing information.
if !cmac.Equal(mac1, mac2) {
    // mac mismatch
}

// Use Reset to clear the state of the cmac calculator. You may then
// start processing a new message.
cm.Reset()

About

Cipher-based Message Authentication Code as described in RFC4493 and NIST 800-38B

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages