MacAADEngine (6.1 API Documentation)

Overview

Package

Class

Tree

Deprecated

Index

Help

IAIK CMS/SMIME Toolkit API Documentation
Version 6.1

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

iaik.cms
Interface MacAADEngine

All Superinterfaces:: MacEngine

All Known Subinterfaces:: AuthCipherEngine, ByteArrayAuthCipherEngine, InputStreamAuthCipherEngine

public interface MacAADEngine
extends MacEngine
extends MacEngine

Generic Message Authetication Code engine for used with additional authenticated data.

This engine is used for authenticated content encryption (CMS content type AuthEnvelopedData) to set the additional data which shall be authenticated only but not encrypted.

Method Summary
`byte[]`	`getAdditionalAuthData()` Gets the additional authenticated data which shall be authenticated but not encrypted.
`void`	`setAdditionalAuthData(byte[] aad)` Sets the additional authenticated data which shall be authenticated but not encrypted.
`void`	`setMac(byte[] mac)` Sets the MAC value transmitted in the mac field of the `AuthEnvelopedData` type.

Methods inherited from interface iaik.cms.MacEngine
`getMac`

Method Detail

setAdditionalAuthData

void setAdditionalAuthData(byte[] aad)

Sets the additional authenticated data which shall be authenticated but not encrypted.

Parameters:: aad - the additional authenticated data (DER encoded authenticated attributes from AuthEnvelopedData content type according to RFC 5083), or null if there are no authenticated attributes)

getAdditionalAuthData

byte[] getAdditionalAuthData()

Gets the additional authenticated data which shall be authenticated but not encrypted.

Returns:: the additional authenticated data (DER encoded authenticated attributes from AuthEnvelopedData content type according to RFC 5083), or null if there are no authenticated attributes)

setMac

void setMac(byte[] mac)

Sets the MAC value transmitted in the mac field of the AuthEnvelopedData type. An authenticated Cipher engine may need this value for MAC verification (e.g. aes-gcm authentication block).

The value set by this method is NOT the value that is returned when calling method getMac.

Method getMac will be called by the library when encoding a new AuthEnvelopedData object to get the calculated Mac (authentication tag) value from an authenticated Cipher engine to transmit it within the mac field of the AuthEnvelopedData object.

Method setMac will be called by the library when parsing an AuthEnvelopedData object to tell an authenticated Cipher engine the mac value that has been transmitted within the mac field of the AuthEnvelopedData object. The authenticated Cipher engine may need this value for MAC verification.

Parameters:: mac - the value of the AuthEnvelopedData mac field to be set