This class defines an API for computing a message authentication code (MAC) that can check the integrity of information transmitted between two parties that share a secret key. A MAC is similar to a digital signature, except that it is generated with a secret key rather than with a public/private key pair. The Mac class is algorithm-independent and provider-based. Obtain a Mac object by calling one of the static getInstance( ) factory methods and specifying the name of the desired MAC algorithm and, optionally , the name of the provider of the desired implementation. In Java 5.0 The "SunJCE" provider implement MAC algorithms with the following names :
After obtaining a Mac object, initialize it by calling the init( ) method and specifying a SecretKey and, optionally, a java.security.spec.AlgorithmParameterSpec object. The "HmacMD5" and "HmacSHA1" algorithms can use any kind of SecretKey ; they are not restricted to a particular cryptographic algorithm. And neither algorithm requires an AlgorithmParameterSpec object. After obtaining and initializing a Mac object, specify the data for which the MAC is to be computed. If the data is contained in a single byte array, simply pass it to doFinal( ) . If the data is streaming or is stored in various locations, you can supply the data in multiple calls to update( ) . In Java 5.0, you can pass a ByteBuffer to update( ) which facilities use with the java.nio New I/O API. End the series of update( ) calls with a single call to doFinal( ) . Note that some versions of doFinal( ) return the MAC data as the function return value. Another version stores the MAC data in a byte array you supply. If you use this version of doFinal( ) , be sure to call getMacLength( ) to instantiate an array of the correct length. A call to doFinal( ) resets the internal state of a Mac object. If you want to compute a MAC for part of your data and then proceed to compute the MAC for the full data, you should clone( ) the Mac object before calling doFinal( ) . Note, however, that Mac implementations are not required to implement Cloneable . Figure 17-6. javax.crypto.Macpublic class Mac implements Cloneable { // Protected Constructors protected Mac (MacSpi macSpi , java.security.Provider provider , String algorithm ); // Public Class Methods public static final Mac getInstance (String algorithm ) throws java.security.NoSuchAlgorithmException; public static final Mac getInstance (String algorithm , String provider ) throws java.security.NoSuchAlgorithmException, java.security.NoSuchProviderException; public static final Mac getInstance (String algorithm , java.security.Provider provider ) throws java.security.NoSuchAlgorithmException; // Public Instance Methods public final byte[ ] doFinal ( ) throws IllegalStateException; public final byte[ ] doFinal (byte[ ] input ) throws IllegalStateException; public final void doFinal (byte[ ] output , int outOffset ) throws ShortBufferException, IllegalStateException; public final String getAlgorithm ( ); public final int getMacLength ( ); public final java.security.Provider getProvider ( ); public final void init (java.security.Key key ) throws java.security.InvalidKeyException; public final void init (java.security.Key key , java.security.spec .AlgorithmParameterSpec params ) throws java.security.InvalidKeyException, java.security.InvalidAlgorithmParameterException; public final void reset ( ); public final void update (byte input ) throws IllegalStateException; 5.0 public final void update (java.nio.ByteBuffer input ); public final void update (byte[ ] input ) throws IllegalStateException; public final void update (byte[ ] input , int offset , int len ) throws IllegalStateException; // Public Methods Overriding Object public final Object clone ( ) throws CloneNotSupportedException; } |