Class Mac
- All Implemented Interfaces:
- Cloneable
A MAC provides a way to check the integrity of information transmitted over or stored in an unreliable medium, based on a secret key. Typically, message authentication codes are used between two parties that share a secret key in order to validate information transmitted between these parties.
A MAC mechanism that is based on cryptographic hash functions is referred to as HMAC. HMAC can be used with any cryptographic hash function, e.g., SHA256 or SHA384, in combination with a secret shared key. HMAC is specified in RFC 2104.
 Every implementation of the Java platform is required to support
 the following standard Mac algorithms:
 
- HmacSHA1
- HmacSHA256
- Since:
- 1.4
- 
Constructor SummaryConstructors
- 
Method SummaryModifier and TypeMethodDescriptionfinal Objectclone()Returns a clone if the provider implementation is cloneable.final byte[]doFinal()Finishes the MAC operation.final byte[]doFinal(byte[] input) Processes the given array of bytes and finishes the MAC operation.final voiddoFinal(byte[] output, int outOffset) Finishes the MAC operation.final StringReturns the algorithm name of thisMacobject.static final MacgetInstance(String algorithm) Returns aMacobject that implements the specified MAC algorithm.static final MacgetInstance(String algorithm, String provider) Returns aMacobject that implements the specified MAC algorithm.static final MacgetInstance(String algorithm, Provider provider) Returns aMacobject that implements the specified MAC algorithm.final intReturns the length of the MAC in bytes.final ProviderReturns the provider of thisMacobject.final voidInitializes thisMacobject with the given key.final voidinit(Key key, AlgorithmParameterSpec params) Initializes thisMacobject with the given key and algorithm parameters.final voidreset()Resets thisMacobject.final voidupdate(byte input) Processes the given byte.final voidupdate(byte[] input) Processes the given array of bytes.final voidupdate(byte[] input, int offset, int len) Processes the firstlenbytes ininput, starting atoffsetinclusive.final voidupdate(ByteBuffer input) Processesinput.remaining()bytes in the ByteBufferinput, starting atinput.position().
- 
Constructor Details- 
Mac
 
- 
- 
Method Details- 
getAlgorithmReturns the algorithm name of thisMacobject.This is the same name that was specified in one of the getInstancecalls that created thisMacobject.- Returns:
- the algorithm name of this Macobject.
 
- 
getInstanceReturns aMacobject that implements the specified MAC algorithm.This method traverses the list of registered security providers, starting with the most preferred provider. A new Macobject encapsulating theMacSpiimplementation from the first provider that supports the specified algorithm is returned.Note that the list of registered providers may be retrieved via the Security.getProviders()method.- Implementation Note:
- The JDK Reference Implementation additionally uses the
 jdk.security.provider.preferredSecurityproperty to determine the preferred provider order for the specified algorithm. This may be different from the order of providers returned bySecurity.getProviders().
- Parameters:
- algorithm- the standard name of the requested MAC algorithm. See the Mac section in the Java Security Standard Algorithm Names Specification for information about standard algorithm names.
- Returns:
- the new Macobject
- Throws:
- NoSuchAlgorithmException- if no- Providersupports a- MacSpiimplementation for the specified algorithm
- NullPointerException- if- algorithmis- null
- See Also:
 
- 
getInstancepublic static final Mac getInstance(String algorithm, String provider) throws NoSuchAlgorithmException, NoSuchProviderException Returns aMacobject that implements the specified MAC algorithm.A new Macobject encapsulating theMacSpiimplementation from the specified provider is returned. The specified provider must be registered in the security provider list.Note that the list of registered providers may be retrieved via the Security.getProviders()method.- Parameters:
- algorithm- the standard name of the requested MAC algorithm. See the Mac section in the Java Security Standard Algorithm Names Specification for information about standard algorithm names.
- provider- the name of the provider.
- Returns:
- the new Macobject
- Throws:
- IllegalArgumentException- if the- provideris- nullor empty
- NoSuchAlgorithmException- if a- MacSpiimplementation for the specified algorithm is not available from the specified provider
- NoSuchProviderException- if the specified provider is not registered in the security provider list
- NullPointerException- if- algorithmis- null
- See Also:
 
- 
getInstancepublic static final Mac getInstance(String algorithm, Provider provider) throws NoSuchAlgorithmException Returns aMacobject that implements the specified MAC algorithm.A new Macobject encapsulating theMacSpiimplementation from the specified provider is returned. Note that the specified provider does not have to be registered in the provider list.- Parameters:
- algorithm- the standard name of the requested MAC algorithm. See the Mac section in the Java Security Standard Algorithm Names Specification for information about standard algorithm names.
- provider- the provider.
- Returns:
- the new Macobject
- Throws:
- IllegalArgumentException- if the- provideris- null
- NoSuchAlgorithmException- if a- MacSpiimplementation for the specified algorithm is not available from the specified- Providerobject
- NullPointerException- if- algorithmis- null
- See Also:
 
- 
getProviderReturns the provider of thisMacobject.- Returns:
- the provider of this Macobject.
 
- 
getMacLengthpublic final int getMacLength()Returns the length of the MAC in bytes.- Returns:
- the MAC length in bytes.
 
- 
initInitializes thisMacobject with the given key.- Parameters:
- key- the key.
- Throws:
- InvalidKeyException- if the given key is inappropriate for initializing this MAC.
 
- 
initpublic final void init(Key key, AlgorithmParameterSpec params) throws InvalidKeyException, InvalidAlgorithmParameterException Initializes thisMacobject with the given key and algorithm parameters.- Parameters:
- key- the key.
- params- the algorithm parameters.
- Throws:
- InvalidKeyException- if the given key is inappropriate for initializing this MAC.
- InvalidAlgorithmParameterException- if the given algorithm parameters are inappropriate for this MAC.
 
- 
updateProcesses the given byte.- Parameters:
- input- the input byte to be processed.
- Throws:
- IllegalStateException- if this- Machas not been initialized.
 
- 
updateProcesses the given array of bytes.- Parameters:
- input- the array of bytes to be processed.
- Throws:
- IllegalStateException- if this- Machas not been initialized.
 
- 
updateProcesses the firstlenbytes ininput, starting atoffsetinclusive.- Parameters:
- input- the input buffer.
- offset- the offset in- inputwhere the input starts.
- len- the number of bytes to process.
- Throws:
- IllegalStateException- if this- Machas not been initialized.
 
- 
updateProcessesinput.remaining()bytes in the ByteBufferinput, starting atinput.position(). Upon return, the buffer's position will be equal to its limit; its limit will not have changed.- Parameters:
- input- the ByteBuffer
- Throws:
- IllegalStateException- if this- Machas not been initialized.
- IllegalArgumentException- if- inputis null
- Since:
- 1.5
 
- 
doFinalFinishes the MAC operation.A call to this method resets this Macobject to the state it was in when previously initialized via a call toinit(Key)orinit(Key, AlgorithmParameterSpec). That is, the object is reset and available to generate another MAC from the same key, if desired, via new calls toupdateanddoFinal. (In order to reuse thisMacobject with a different key, it must be reinitialized via a call toinit(Key)orinit(Key, AlgorithmParameterSpec).- Returns:
- the MAC result.
- Throws:
- IllegalStateException- if this- Machas not been initialized.
 
- 
doFinalpublic final void doFinal(byte[] output, int outOffset) throws ShortBufferException, IllegalStateException Finishes the MAC operation.A call to this method resets this Macobject to the state it was in when previously initialized via a call toinit(Key)orinit(Key, AlgorithmParameterSpec). That is, the object is reset and available to generate another MAC from the same key, if desired, via new calls toupdateanddoFinal. (In order to reuse thisMacobject with a different key, it must be reinitialized via a call toinit(Key)orinit(Key, AlgorithmParameterSpec).The MAC result is stored in output, starting atoutOffsetinclusive.- Parameters:
- output- the buffer where the MAC result is stored
- outOffset- the offset in- outputwhere the MAC is stored
- Throws:
- ShortBufferException- if the given output buffer is too small to hold the result
- IllegalStateException- if this- Machas not been initialized.
 
- 
doFinalProcesses the given array of bytes and finishes the MAC operation.A call to this method resets this Macobject to the state it was in when previously initialized via a call toinit(Key)orinit(Key, AlgorithmParameterSpec). That is, the object is reset and available to generate another MAC from the same key, if desired, via new calls toupdateanddoFinal. (In order to reuse thisMacobject with a different key, it must be reinitialized via a call toinit(Key)orinit(Key, AlgorithmParameterSpec).- Parameters:
- input- data in bytes
- Returns:
- the MAC result.
- Throws:
- IllegalStateException- if this- Machas not been initialized.
 
- 
resetpublic final void reset()Resets thisMacobject.A call to this method resets this Macobject to the state it was in when previously initialized via a call toinit(Key)orinit(Key, AlgorithmParameterSpec). That is, the object is reset and available to generate another MAC from the same key, if desired, via new calls toupdateanddoFinal. (In order to reuse thisMacobject with a different key, it must be reinitialized via a call toinit(Key)orinit(Key, AlgorithmParameterSpec).
- 
cloneReturns a clone if the provider implementation is cloneable.- Overrides:
- clonein class- Object
- Returns:
- a clone if the provider implementation is cloneable.
- Throws:
- CloneNotSupportedException- if this is called on a delegate that does not support- Cloneable.
- See Also:
 
 
-