EVP_MAC-CMAC.7ossl - Man Page

The CMAC EVP_MAC implementation


Support for computing CMAC MACs through the EVP_MAC API.

This implementation uses EVP_CIPHER functions to get access to the underlying cipher.


This implementation is identified with this name and properties, to be used with EVP_MAC_fetch():

“CMAC”, “provider=default” or “provider=fips”

Supported parameters

The general description of these parameters can be found in “PARAMETERS” in EVP_MAC(3).

The following parameter can be set with EVP_MAC_CTX_set_params():

“key” (OSSL_MAC_PARAM_KEY) <octet string>

Sets the MAC key. Setting this parameter is identical to passing a key to EVP_MAC_init(3).

“cipher” (OSSL_MAC_PARAM_CIPHER) <UTF8 string>

Sets the name of the underlying cipher to be used.

“properties” (OSSL_MAC_PARAM_PROPERTIES) <UTF8 string>

Sets the properties to be queried when trying to fetch the underlying cipher. This must be given together with the cipher naming parameter to be considered valid.

The following parameters can be retrieved with EVP_MAC_CTX_get_params():

“size” (OSSL_MAC_PARAM_SIZE) <unsigned integer>

The “size” parameter can also be retrieved with with EVP_MAC_CTX_get_mac_size(). The length of the “size” parameter is equal to that of an unsigned int.

“block-size” (OSSL_MAC_PARAM_SIZE) <unsigned integer>

Gets the MAC block size.  The “block-size” parameter can also be retrieved with EVP_MAC_CTX_get_block_size().

See Also

EVP_MAC_CTX_get_params(3), EVP_MAC_CTX_set_params(3), “PARAMETERS” in EVP_MAC(3), OSSL_PARAM(3)

Referenced By

EVP_MAC.3ossl(3), EVP_SIGNATURE-HMAC.7ossl(7), migration_guide.7ossl(7), openssl-mac.1ossl(1), OSSL_PROVIDER-default.7ossl(7), OSSL_PROVIDER-FIPS.7ossl(7), provider-mac.7ossl(7).

2021-09-09 3.0.0 OpenSSL