Jeffrey Walton wrote:
> AuthenticatedEncryptionFilter takes a std::string mac channel
> parameter. I was able to get Crypto++ to toss many exceptions during
> testing; but I could never coax a separate channel for the tag. I
> believe I tried to send the mac in on the channel, and get the mac out
> on the channel. Is it needed?
You're right, the macChannel parameter wasn't working. I've fixed it in SVN.
Here's some sample code that shows usage of macChannel and ChannelSwitch.
byte key[16], iv[8];
GCM<AES>::Encryption e;
e.SetKeyWithIV(key, 16, iv, 8);
std::string ciphertext, mac;
StringSink ciphertextSink(ciphertext), macSink(mac);
ChannelSwitch *cs;
AuthenticatedEncryptionFilter ef( e, cs=new
ChannelSwitch(ciphertextSink), false, -1, "MAC");
cs->AddRoute("MAC", macSink, DEFAULT_CHANNEL);
ef.PutMessageEnd(key, 16);
> Defineing MAC_AT_END (=0) to compliment MAC_AT_BEGIN for
> AuthenticatedDecryptionFilter flags may help others and aid in source
> code readability.
Thanks for the suggestion. I've added it.
> I understand the default channel can be specified as NULL_CHANNEL. But
> using NULL_CHANNEL makes me feel like data is being discarded by
> sending it to the bit bucket.
Good point, I've added DEFAULT_CHANNEL and deprecated NULL_CHANNEL.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---
