diff options
-rw-r--r-- | cryptography/hazmat/backends/openssl/backend.py | 3 | ||||
-rw-r--r-- | docs/hazmat/primitives/mac/cmac.rst | 2 |
2 files changed, 3 insertions, 2 deletions
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py index 0692492b..4137ad10 100644 --- a/cryptography/hazmat/backends/openssl/backend.py +++ b/cryptography/hazmat/backends/openssl/backend.py @@ -1254,7 +1254,6 @@ class _RSAVerificationContext(object): @utils.register_interface(interfaces.CMACContext) class _CMACContext(object): def __init__(self, backend, algorithm, ctx=None): - if not backend.cmac_algorithm_supported(algorithm): raise UnsupportedAlgorithm("This backend does not support CMAC") @@ -1317,7 +1316,7 @@ class _CMACContext(object): res = self._backend._lib.CMAC_CTX_copy( copied_ctx, self._ctx ) - assert res != 0 + assert res == 0 return _CMACContext( self._backend, self.algorithm, ctx=copied_ctx ) diff --git a/docs/hazmat/primitives/mac/cmac.rst b/docs/hazmat/primitives/mac/cmac.rst index be35014f..8b88a3ce 100644 --- a/docs/hazmat/primitives/mac/cmac.rst +++ b/docs/hazmat/primitives/mac/cmac.rst @@ -15,6 +15,8 @@ message authentication codes using a block cipher coupled with a secret key. You can use an CMAC to verify both the integrity and authenticity of a message. +A subset of CMAC with the AES-128 algorithm is described in :rfc:`4493`. + .. class:: CMAC(algorithm, backend) CMAC objects take a |