[Defect]: CMAC missing key length

[jvdsn]

Describe the defect

In the cryptography registry, CMAC is defined as CMAC[-{cipherAlgorithm}][-{length}]. It does not explicitly list the key length (which could be 128, 192, or 256).

Additional context

Presumably length is supposed to be the MAC length, so I did not consider that to be the key length.

[jvdsn]

Considering that CMAC is an option for the AES family too, I'm wondering if it makes more sense to just remove the CMAC family. Seems like there's overlap.