Hi Wei,
> > Defineing MAC_AT_END (=0) to compliment MAC_AT_BEGIN for
> > AuthenticatedDecryptionFilter flags may help others and aid in source
> > code readability.
> Thanks for the suggestion. I've added it.
That flag really does make a difference in the examples on the wiki
(including hashes and signatures). It really makes the order jump out.
DSA::Verifier verifier( PublicKey );
StringSource( message+signature, true,
new SignatureVerificationFilter(
verifier, NULL, THROW_EXCEPTION
/* SIGNATURE_AT_END */
)
);
Jeff
On 3/9/09, Wei Dai <[email protected]> wrote:
> Jeffrey Walton wrote:
> > AuthenticatedEncryptionFilter takes a std::string mac channel
> > parameter. I was able to get Crypto++ to toss many exceptions during
> > testing; but I could never coax a separate channel for the tag. I
> > believe I tried to send the mac in on the channel, and get the mac out
> > on the channel. Is it needed?
> >
>
> You're right, the macChannel parameter wasn't working. I've fixed it in SVN.
> Here's some sample code that shows usage of macChannel and ChannelSwitch.
>
> byte key[16], iv[8];
> GCM<AES>::Encryption e;
> e.SetKeyWithIV(key, 16, iv, 8);
> std::string ciphertext, mac;
> StringSink ciphertextSink(ciphertext), macSink(mac);
> ChannelSwitch *cs;
> AuthenticatedEncryptionFilter ef( e, cs=new ChannelSwitch(ciphertextSink),
> false, -1, "MAC");
> cs->AddRoute("MAC", macSink, DEFAULT_CHANNEL);
> ef.PutMessageEnd(key, 16);
>
> > Defineing MAC_AT_END (=0) to compliment MAC_AT_BEGIN for
> > AuthenticatedDecryptionFilter flags may help others and aid in source
> > code readability.
> >
>
> Thanks for the suggestion. I've added it.
>
> > I understand the default channel can be specified as NULL_CHANNEL. But
> > using NULL_CHANNEL makes me feel like data is being discarded by
> > sending it to the bit bucket.
> >
>
> Good point, I've added DEFAULT_CHANNEL and deprecated NULL_CHANNEL.
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---
