iaik.cms
Interface MacAADEngine

All Superinterfaces:
MacEngine
All Known Subinterfaces:
AuthCipherEngine, ByteArrayAuthCipherEngine, InputStreamAuthCipherEngine

public interface MacAADEngine
extends MacEngine

Generic Message Authetication Code engine for used with additional authenticated data.

This engine is used for authenticated content encryption (CMS content type AuthEnvelopedData) to set the additional data which shall be authenticated only but not encrypted.


Method Summary
 byte[] getAdditionalAuthData()
          Gets the additional authenticated data which shall be authenticated but not encrypted.
 void setAdditionalAuthData(byte[] aad)
          Sets the additional authenticated data which shall be authenticated but not encrypted.
 void setMac(byte[] mac)
          Sets the MAC value transmitted in the mac field of the AuthEnvelopedData type.
 
Methods inherited from interface iaik.cms.MacEngine
getMac
 

Method Detail

setAdditionalAuthData

void setAdditionalAuthData(byte[] aad)
Sets the additional authenticated data which shall be authenticated but not encrypted.

Parameters:
aad - the additional authenticated data (DER encoded authenticated attributes from AuthEnvelopedData content type according to RFC 5083), or null if there are no authenticated attributes)

getAdditionalAuthData

byte[] getAdditionalAuthData()
Gets the additional authenticated data which shall be authenticated but not encrypted.

Returns:
the additional authenticated data (DER encoded authenticated attributes from AuthEnvelopedData content type according to RFC 5083), or null if there are no authenticated attributes)

setMac

void setMac(byte[] mac)
Sets the MAC value transmitted in the mac field of the AuthEnvelopedData type. An authenticated Cipher engine may need this value for MAC verification (e.g. aes-gcm authentication block).

The value set by this method is NOT the value that is returned when calling method getMac.

Method getMac will be called by the library when encoding a new AuthEnvelopedData object to get the calculated Mac (authentication tag) value from an authenticated Cipher engine to transmit it within the mac field of the AuthEnvelopedData object.

Method setMac will be called by the library when parsing an AuthEnvelopedData object to tell an authenticated Cipher engine the mac value that has been transmitted within the mac field of the AuthEnvelopedData object. The authenticated Cipher engine may need this value for MAC verification.

Parameters:
mac - the value of the AuthEnvelopedData mac field to be set

This Javadoc may contain text parts from text parts from IETF Internet Standard specifications (see copyright note).

IAIK-CMS 5.1, (c) 2002 IAIK, (c) 2003 - 2010 SIC