|
v6.1 (c) 2002 IAIK, (c) 2003 - 2025 SIC |
|
public interface MacAADEngine extends MacEngine
This engine is used for authenticated content encryption (CMS content type
AuthEnvelopedData) to set the additional data which shall be
authenticated only but not encrypted.
| Modifier and Type | Method and Description |
|---|---|
byte[] |
getAdditionalAuthData()
Gets the additional authenticated data which shall be authenticated
but not encrypted.
|
void |
setAdditionalAuthData(byte[] aad)
Sets the additional authenticated data which shall be authenticated
but not encrypted.
|
void |
setMac(byte[] mac)
Sets the MAC value transmitted in the mac field of the
AuthEnvelopedData type. |
void setAdditionalAuthData(byte[] aad)
aad - the additional authenticated data (DER encoded authenticated
attributes from AuthEnvelopedData content type according to
RFC 5083), or null if there are no authenticated
attributes)byte[] getAdditionalAuthData()
null if there are no authenticated
attributes)void setMac(byte[] mac)
AuthEnvelopedData type. An authenticated Cipher
engine may need this value for MAC verification (e.g. aes-gcm
authentication block).
The value set by this method is NOT the value that is returned
when calling method getMac.
Method getMac will be called by the library when encoding a
new AuthEnvelopedData object to get the calculated Mac
(authentication tag) value from an authenticated Cipher engine to transmit it
within the mac field of the AuthEnvelopedData object.
Method setMac will be called by the library when parsing an
AuthEnvelopedData object to tell an authenticated Cipher engine
the mac value that has been transmitted within the mac field of the
AuthEnvelopedData object. The authenticated Cipher engine may need
this value for MAC verification.
mac - the value of the AuthEnvelopedData mac field to be set