This class provides the functionality of a "Message Authentication Code"
(MAC) algorithm.
A MAC provides a way to check
the integrity of information transmitted over or stored in an unreliable
medium, based on a secret key. Typically, message
authentication codes are used between two parties that share a secret
key in order to validate information transmitted between these
parties.
A MAC mechanism that is based on cryptographic hash functions is
referred to as HMAC. HMAC can be used with any cryptographic hash function,
e.g., MD5 or SHA-1, in combination with a secret shared key. HMAC is
specified in RFC 2104.
Every implementation of the Java platform is required to support
the following standard Mac algorithms:
of the
Java Cryptography Architecture Standard Algorithm Name Documentation.
Consult the release documentation for your implementation to see if any
other algorithms are supported.
| Method from javax.crypto.Mac Detail: |
|---|
 void chooseFirstProvider() {
if ((spi != null) || (serviceIterator == null)) {
return;
}
synchronized (lock) {
if (spi != null) {
return;
}
if (debug != null) {
int w = --warnCount;
if (w >= 0) {
debug.println("Mac.init() not first method "
+ "called, disabling delayed provider selection");
if (w == 0) {
debug.println("Further warnings of this type will "
+ "be suppressed");
}
new Exception("Call trace").printStackTrace();
}
}
Exception lastException = null;
while ((firstService != null) || serviceIterator.hasNext()) {
Service s;
if (firstService != null) {
s = firstService;
firstService = null;
} else {
s = (Service)serviceIterator.next();
}
if (JceSecurity.canUseProvider(s.getProvider()) == false) {
continue;
}
try {
Object obj = s.newInstance(null);
if (obj instanceof MacSpi == false) {
continue;
}
spi = (MacSpi)obj;
provider = s.getProvider();
// not needed any more
firstService = null;
serviceIterator = null;
return;
} catch (NoSuchAlgorithmException e) {
lastException = e;
}
}
ProviderException e = new ProviderException
("Could not construct MacSpi instance");
if (lastException != null) {
e.initCause(lastException);
}
throw e;
}
}
Choose the Spi from the first provider available. Used if
delayed provider selection is not possible because init()
is not the first method called. |
public final Object clone() throws CloneNotSupportedException {
chooseFirstProvider();
Mac that = (Mac)super.clone();
that.spi = (MacSpi)this.spi.clone();
return that;
} Returns a clone if the provider implementation is cloneable. |
public final byte[] doFinal() throws IllegalStateException {
chooseFirstProvider();
if (initialized == false) {
throw new IllegalStateException("MAC not initialized");
}
byte[] mac = spi.engineDoFinal();
spi.engineReset();
return mac;
} Finishes the MAC operation.
A call to this method resets this Mac object to the
state it was in when previously initialized via a call to
init(Key) or
init(Key, AlgorithmParameterSpec).
That is, the object is reset and available to generate another MAC from
the same key, if desired, via new calls to update and
doFinal.
(In order to reuse this Mac object with a different key,
it must be reinitialized via a call to init(Key) or
init(Key, AlgorithmParameterSpec). |
public final byte[] doFinal(byte[] input) throws IllegalStateException {
chooseFirstProvider();
if (initialized == false) {
throw new IllegalStateException("MAC not initialized");
}
update(input);
return doFinal();
} Processes the given array of bytes and finishes the MAC operation.
A call to this method resets this Mac object to the
state it was in when previously initialized via a call to
init(Key) or
init(Key, AlgorithmParameterSpec).
That is, the object is reset and available to generate another MAC from
the same key, if desired, via new calls to update and
doFinal.
(In order to reuse this Mac object with a different key,
it must be reinitialized via a call to init(Key) or
init(Key, AlgorithmParameterSpec). |
public final void doFinal(byte[] output,
int outOffset) throws ShortBufferException, IllegalStateException {
chooseFirstProvider();
if (initialized == false) {
throw new IllegalStateException("MAC not initialized");
}
int macLen = getMacLength();
if (output == null || output.length-outOffset < macLen) {
throw new ShortBufferException
("Cannot store MAC in output buffer");
}
byte[] mac = doFinal();
System.arraycopy(mac, 0, output, outOffset, macLen);
return;
} Finishes the MAC operation.
A call to this method resets this Mac object to the
state it was in when previously initialized via a call to
init(Key) or
init(Key, AlgorithmParameterSpec).
That is, the object is reset and available to generate another MAC from
the same key, if desired, via new calls to update and
doFinal.
(In order to reuse this Mac object with a different key,
it must be reinitialized via a call to init(Key) or
init(Key, AlgorithmParameterSpec).
The MAC result is stored in output, starting at
outOffset inclusive. |
public final String getAlgorithm() {
return this.algorithm;
} Returns the algorithm name of this Mac object.
This is the same name that was specified in one of the
getInstance calls that created this
Mac object. |
public static final Mac getInstance(String algorithm) throws NoSuchAlgorithmException {
List services = GetInstance.getServices("Mac", algorithm);
// make sure there is at least one service from a signed provider
Iterator t = services.iterator();
while (t.hasNext()) {
Service s = (Service)t.next();
if (JceSecurity.canUseProvider(s.getProvider()) == false) {
continue;
}
return new Mac(s, t, algorithm);
}
throw new NoSuchAlgorithmException
("Algorithm " + algorithm + " not available");
} Returns a Mac object that implements the
specified MAC algorithm.
This method traverses the list of registered security Providers,
starting with the most preferred Provider.
A new Mac object encapsulating the
MacSpi implementation from the first
Provider that supports the specified algorithm is returned.
Note that the list of registered providers may be retrieved via
the Security.getProviders() method. |
public static final Mac getInstance(String algorithm,
String provider) throws NoSuchAlgorithmException, NoSuchProviderException {
Instance instance = JceSecurity.getInstance
("Mac", MacSpi.class, algorithm, provider);
return new Mac((MacSpi)instance.impl, instance.provider, algorithm);
} Returns a Mac object that implements the
specified MAC algorithm.
A new Mac object encapsulating the
MacSpi implementation from the specified provider
is returned. The specified provider must be registered
in the security provider list.
Note that the list of registered providers may be retrieved via
the Security.getProviders() method. |
public static final Mac getInstance(String algorithm,
Provider provider) throws NoSuchAlgorithmException {
Instance instance = JceSecurity.getInstance
("Mac", MacSpi.class, algorithm, provider);
return new Mac((MacSpi)instance.impl, instance.provider, algorithm);
} Returns a Mac object that implements the
specified MAC algorithm.
A new Mac object encapsulating the
MacSpi implementation from the specified Provider
object is returned. Note that the specified Provider object
does not have to be registered in the provider list. |
public final int getMacLength() {
chooseFirstProvider();
return spi.engineGetMacLength();
} Returns the length of the MAC in bytes. |
public final Provider getProvider() {
chooseFirstProvider();
return this.provider;
} Returns the provider of this Mac object. |
public final void init(Key key) throws InvalidKeyException {
try {
if (spi != null) {
spi.engineInit(key, null);
} else {
chooseProvider(key, null);
}
} catch (InvalidAlgorithmParameterException e) {
throw new InvalidKeyException("init() failed", e);
}
initialized = true;
} Initializes this Mac object with the given key. |
public final void init(Key key,
AlgorithmParameterSpec params) throws InvalidKeyException, InvalidAlgorithmParameterException {
if (spi != null) {
spi.engineInit(key, params);
} else {
chooseProvider(key, params);
}
initialized = true;
} Initializes this Mac object with the given key and
algorithm parameters. |
public final void reset() {
chooseFirstProvider();
spi.engineReset();
} Resets this Mac object.
A call to this method resets this Mac object to the
state it was in when previously initialized via a call to
init(Key) or
init(Key, AlgorithmParameterSpec).
That is, the object is reset and available to generate another MAC from
the same key, if desired, via new calls to update and
doFinal.
(In order to reuse this Mac object with a different key,
it must be reinitialized via a call to init(Key) or
init(Key, AlgorithmParameterSpec). |
public final void update(byte input) throws IllegalStateException {
chooseFirstProvider();
if (initialized == false) {
throw new IllegalStateException("MAC not initialized");
}
spi.engineUpdate(input);
} Processes the given byte. |
public final void update(byte[] input) throws IllegalStateException {
chooseFirstProvider();
if (initialized == false) {
throw new IllegalStateException("MAC not initialized");
}
if (input != null) {
spi.engineUpdate(input, 0, input.length);
}
} Processes the given array of bytes. |
public final void update(ByteBuffer input) {
chooseFirstProvider();
if (initialized == false) {
throw new IllegalStateException("MAC not initialized");
}
if (input == null) {
throw new IllegalArgumentException("Buffer must not be null");
}
spi.engineUpdate(input);
} Processes input.remaining() bytes in the ByteBuffer
input, starting at input.position().
Upon return, the buffer's position will be equal to its limit;
its limit will not have changed. |
public final void update(byte[] input,
int offset,
int len) throws IllegalStateException {
chooseFirstProvider();
if (initialized == false) {
throw new IllegalStateException("MAC not initialized");
}
if (input != null) {
if ((offset < 0) || (len > (input.length - offset)) || (len < 0))
throw new IllegalArgumentException("Bad arguments");
spi.engineUpdate(input, offset, len);
}
} Processes the first len bytes in input,
starting at offset inclusive. |
javax.crypto.Mac