[PATCH] Add CMAC mode (Cipher-based MAC)

Werner Koch wk at gnupg.org
Thu Oct 31 16:01:32 CET 2013

On Thu, 31 Oct 2013 13:41, jussi.kivilinna at iki.fi said:

> Patch adds CMAC (Cipher-based MAC) mode as defined in RFC 4493 and NIST
> Special Publication 800-38B.
> Example of usage:
>   /* Message 1 is split to two buffers, buf1_a and buf1_b. */
>   gcry_cipher_setkey(h, key, len(key));

I wonder whether it is a good idea to put MAC algorithms into the cipher
module.  It is a bit of surprise because a MAC has IMHO more of a hash
algorithm than of a cipher algorithm.  Also, we already have HMAC in
gcry_md_*.  Right, there is quite some overlap now with the
authenticated methods.  The later are however justified in gcry_cipher
because their main purpose is encryption.




Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gcrypt-devel mailing list