aboutsummaryrefslogtreecommitdiffstats
path: root/docs/hazmat
diff options
context:
space:
mode:
Diffstat (limited to 'docs/hazmat')
-rw-r--r--docs/hazmat/backends/interfaces.rst2
-rw-r--r--docs/hazmat/primitives/index.rst2
-rw-r--r--docs/hazmat/primitives/mac/cmac.rst105
-rw-r--r--docs/hazmat/primitives/mac/hmac.rst (renamed from docs/hazmat/primitives/hmac.rst)0
-rw-r--r--docs/hazmat/primitives/mac/index.rst10
-rw-r--r--docs/hazmat/primitives/symmetric-encryption.rst4
6 files changed, 119 insertions, 4 deletions
diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst
index 71cd4564..3ed4cfb6 100644
--- a/docs/hazmat/backends/interfaces.rst
+++ b/docs/hazmat/backends/interfaces.rst
@@ -9,7 +9,7 @@ Backend interfaces
Backend implementations may provide a number of interfaces to support operations
such as :doc:`/hazmat/primitives/symmetric-encryption`,
:doc:`/hazmat/primitives/cryptographic-hashes`, and
-:doc:`/hazmat/primitives/hmac`.
+:doc:`/hazmat/primitives/mac/hmac`.
A specific ``backend`` may provide one or more of these interfaces.
diff --git a/docs/hazmat/primitives/index.rst b/docs/hazmat/primitives/index.rst
index 90deec8b..a9ab38a0 100644
--- a/docs/hazmat/primitives/index.rst
+++ b/docs/hazmat/primitives/index.rst
@@ -7,7 +7,7 @@ Primitives
:maxdepth: 1
cryptographic-hashes
- hmac
+ mac/index
symmetric-encryption
padding
key-derivation-functions
diff --git a/docs/hazmat/primitives/mac/cmac.rst b/docs/hazmat/primitives/mac/cmac.rst
new file mode 100644
index 00000000..8b88a3ce
--- /dev/null
+++ b/docs/hazmat/primitives/mac/cmac.rst
@@ -0,0 +1,105 @@
+.. hazmat::
+
+Cipher-based message authentication code
+========================================
+
+.. currentmodule:: cryptography.hazmat.primitives.cmac
+
+.. testsetup::
+
+ import binascii
+ key = binascii.unhexlify(b"0" * 32)
+
+`Cipher-based message authentication codes`_ (or CMACs) are a tool for calculating
+message authentication codes using a block cipher coupled with a
+secret key. You can use an CMAC to verify both the integrity and authenticity
+of a message.
+
+A subset of CMAC with the AES-128 algorithm is described in :rfc:`4493`.
+
+.. class:: CMAC(algorithm, backend)
+
+ CMAC objects take a
+ :class:`~cryptography.hazmat.primitives.interfaces.BlockCipherAlgorithm` provider.
+
+ .. code-block:: pycon
+
+ >>> from cryptography.hazmat.backends import default_backend
+ >>> from cryptography.hazmat.primitives import cmac
+ >>> from cryptography.hazmat.primitives.ciphers import algorithms
+ >>> c = cmac.CMAC(algorithms.AES(key), backend=default_backend())
+ >>> c.update(b"message to authenticate")
+ >>> c.finalize()
+ 'CT\x1d\xc8\x0e\x15\xbe4e\xdb\xb6\x84\xca\xd9Xk'
+
+ If the backend doesn't support the requested ``algorithm`` an
+ :class:`~cryptography.exceptions.UnsupportedAlgorithm` exception will be
+ raised.
+
+ If the `algorithm`` isn't a
+ :class:`~cryptography.primitives.interfaces.BlockCipherAlgorithm` provider,
+ ``TypeError`` will be raised.
+
+ To check that a given signature is correct use the :meth:`verify` method.
+ You will receive an exception if the signature is wrong:
+
+ .. code-block:: pycon
+
+ >>> c.verify(b"an incorrect signature")
+ Traceback (most recent call last):
+ ...
+ cryptography.exceptions.InvalidSignature: Signature did not match digest.
+
+ :param algorithm: An
+ :class:`~cryptography.hazmat.primitives.interfaces.BlockCipherAlgorithm`
+ provider.
+ :param backend: An
+ :class:`~cryptography.hazmat.backends.interfaces.CMACBackend`
+ provider.
+ :raises TypeError: This is raised if the provided ``algorithm`` is not an instance of
+ :class:`~cryptography.hazmat.primitives.interfaces.BlockCipherAlgorithm`
+ :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised if the
+ provided ``backend`` does not implement
+ :class:`~cryptography.hazmat.backends.interfaces.CMACBackend`
+
+ .. method:: update(data)
+
+ :param bytes data: The bytes to hash and authenticate.
+ :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize`
+
+ .. method:: copy()
+
+ Copy this :class:`CMAC` instance, usually so that we may call
+ :meth:`finalize` to get an intermediate value while we continue
+ to call :meth:`update` on the original instance.
+
+ :return: A new instance of :class:`CMAC` that can be updated
+ and finalized independently of the original instance.
+ :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize`
+
+ .. method:: verify(signature)
+
+ Finalize the current context and securely compare the MAC to
+ ``signature``.
+
+ :param bytes signature: The bytes to compare the current CMAC
+ against.
+ :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize`
+ :raises cryptography.exceptions.InvalidSignature: If signature does not
+ match digest
+
+ .. method:: finalize()
+
+ Finalize the current context and return the message authentication code
+ as bytes.
+
+ After ``finalize`` has been called this object can no longer be used
+ and :meth:`update`, :meth:`copy`, :meth:`verify` and :meth:`finalize`
+ will raise an :class:`~cryptography.exceptions.AlreadyFinalized`
+ exception.
+
+ :return bytes: The message authentication code as bytes.
+ :raises cryptography.exceptions.AlreadyFinalized:
+
+
+.. _`Cipher-based message authentication codes`: https://en.wikipedia.org/wiki/CMAC
diff --git a/docs/hazmat/primitives/hmac.rst b/docs/hazmat/primitives/mac/hmac.rst
index 11b10735..11b10735 100644
--- a/docs/hazmat/primitives/hmac.rst
+++ b/docs/hazmat/primitives/mac/hmac.rst
diff --git a/docs/hazmat/primitives/mac/index.rst b/docs/hazmat/primitives/mac/index.rst
new file mode 100644
index 00000000..59fb8da2
--- /dev/null
+++ b/docs/hazmat/primitives/mac/index.rst
@@ -0,0 +1,10 @@
+.. hazmat::
+
+Message Authentication Codes
+============================
+
+.. toctree::
+ :maxdepth: 1
+
+ cmac
+ hmac
diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst
index 1a4df222..c2692ae2 100644
--- a/docs/hazmat/primitives/symmetric-encryption.rst
+++ b/docs/hazmat/primitives/symmetric-encryption.rst
@@ -21,7 +21,7 @@ message but an attacker can create bogus messages and force the application to
decrypt them.
For this reason it is *strongly* recommended to combine encryption with a
-message authentication code, such as :doc:`HMAC </hazmat/primitives/hmac>`, in
+message authentication code, such as :doc:`HMAC </hazmat/primitives/mac/hmac>`, in
an "encrypt-then-MAC" formulation as `described by Colin Percival`_.
.. class:: Cipher(algorithm, mode, backend)
@@ -289,7 +289,7 @@ Modes
block cipher mode that simultaneously encrypts the message as well as
authenticating it. Additional unencrypted data may also be authenticated.
Additional means of verifying integrity such as
- :doc:`HMAC </hazmat/primitives/hmac>` are not necessary.
+ :doc:`HMAC </hazmat/primitives/mac/hmac>` are not necessary.
**This mode does not require padding.**
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-31 04:28:59 +0000