#message-authentication #mac #block-cipher #generic #encryption #omac

no-std cmac

Generic implementation of Cipher-based Message Authentication Code

17 unstable releases

Uses new Rust 2024

0.8.0-rc.0 May 30, 2025
0.8.0-pre.3 Mar 7, 2025
0.8.0-pre.2 Aug 14, 2024
0.8.0-pre.1 Jul 27, 2024
0.0.0 Jul 22, 2017

#2670 in Cryptography

Download history 42845/week @ 2025-02-26 42417/week @ 2025-03-05 51148/week @ 2025-03-12 47920/week @ 2025-03-19 39290/week @ 2025-03-26 38352/week @ 2025-04-02 50535/week @ 2025-04-09 65945/week @ 2025-04-16 58867/week @ 2025-04-23 45940/week @ 2025-04-30 34771/week @ 2025-05-07 42135/week @ 2025-05-14 48078/week @ 2025-05-21 37021/week @ 2025-05-28 37991/week @ 2025-06-04 46098/week @ 2025-06-11

179,641 downloads per month
Used in 155 crates (27 directly)

MIT/Apache

47KB
152 lines

RustCrypto: CMAC

crate Docs Build Status Apache2/MIT licensed Rust Version Project Chat

Generic implementation of Cipher-based Message Authentication Code (CMAC), otherwise known as OMAC1.

Examples

We will use AES-128 block cipher from the aes crate.

To get the authentication code:

use aes::Aes128;
use cmac::{digest::KeyInit, Cmac, Mac};

// Create `Mac` trait implementation, namely CMAC-AES128
let mut mac = Cmac::<Aes128>::new_from_slice(b"very secret key.").unwrap();
mac.update(b"input message");

// `result` has type `Output` which is a thin wrapper around array of
// bytes for providing constant time equality check
let result = mac.finalize();
// To get underlying array use the `into_bytes` method, but be careful,
// since incorrect use of the tag value may permit timing attacks which
// defeat the security provided by the `Output` wrapper
let tag_bytes = result.into_bytes();

To verify the message:

use aes::Aes128;
use cmac::{digest::KeyInit, Cmac, Mac};

let mut mac = Cmac::<Aes128>::new_from_slice(b"very secret key.").unwrap();

mac.update(b"input message");

# let tag_bytes = mac.clone().finalize().into_bytes();
// `verify` will return `Ok(())` if tag is correct, `Err(MacError)` otherwise
mac.verify(&tag_bytes).unwrap();

License

Licensed under either of:

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

Dependencies

~795KB
~20K SLoC