public interface MacAADEngine extends MacEngine
This engine is used for authenticated content encryption (CMS content type
AuthEnvelopedData
) to set the additional data which shall be
authenticated only but not encrypted.
Modifier and Type | Method and Description |
---|---|
byte[] |
getAdditionalAuthData()
Gets the additional authenticated data which shall be authenticated
but not encrypted.
|
void |
setAdditionalAuthData(byte[] aad)
Sets the additional authenticated data which shall be authenticated
but not encrypted.
|
void |
setMac(byte[] mac)
Sets the MAC value transmitted in the mac field of the
AuthEnvelopedData type. |
void setAdditionalAuthData(byte[] aad)
aad
- the additional authenticated data (DER encoded authenticated
attributes from AuthEnvelopedData content type according to
RFC 5083), or null
if there are no authenticated
attributes)byte[] getAdditionalAuthData()
null
if there are no authenticated
attributes)void setMac(byte[] mac)
AuthEnvelopedData
type. An authenticated Cipher
engine may need this value for MAC verification (e.g. aes-gcm
authentication block).
The value set by this method is NOT the value that is returned
when calling method getMac
.
Method getMac
will be called by the library when encoding a
new AuthEnvelopedData
object to get the calculated Mac
(authentication tag) value from an authenticated Cipher engine to transmit it
within the mac
field of the AuthEnvelopedData
object.
Method setMac
will be called by the library when parsing an
AuthEnvelopedData
object to tell an authenticated Cipher engine
the mac value that has been transmitted within the mac
field of the
AuthEnvelopedData
object. The authenticated Cipher engine may need
this value for MAC verification.
mac
- the value of the AuthEnvelopedData mac field to be set