Hey Ilya,
concerning your questions:
1) adata seems to be data that is only authenticated but not encrypted.
This is mainly data that you must authenticate because of your protocol. In
your case you might want to authenticate the salt with the header GCM
execution.
pdata is the plain data (=plaintext), that means this is the data that will
be encrypted and authenticated. The contents of your target file should be
in this category as should be the contents of your header.
2) channel "AAD" is authentication associated data (I hope), that's the
data you stored in adata. some goes for empty channel name with pdata.
3) If I'm interpreting the code snippet you showed here using SecByteBlock
shouldn't be a problem. F.ex. you can store your adata in a secbyteblock.
Normally there's an auto-conersion from SecByteBlock to byte* and const
byte* so can simply put "ef.ChannelPut("AAD",data,data.size());" and it
should work (again I do hope this).
I do think (but not know for sure) that StringSink does accept
SecByteBlocks as they are also "strings" (large blocks of chars). Please
test it and see if you get a compiler / testing error.
BR
JPM
Am Mittwoch, 25. Februar 2015 14:10:57 UTC+1 schrieb Ilya Bizyaev:
>
> Wow, the AES/GCM implemetation is super-complicated!
> 1) There are two such strings declared at the beginning:
> -------------------------------------------------
> string adata( 16, (char)0x00 );
> string pdata( 16, (char)0x00 );
> -------------------------------------------------
> What each of them is ment for?
> 2)
>
> ------------------------------------------------------------------------------------
> // AuthenticatedEncryptionFilter::ChannelPut
> // defines two channels: "" (empty) and "AAD"
> // channel "" is encrypted and authenticated
> // channel "AAD" is authenticated
> ef.ChannelPut( "AAD", (const byte*)adata.data(), adata.size() );
> ef.ChannelMessageEnd("AAD");
>
> // Authenticated data *must* be pushed before
> // Confidential/Authenticated data. Otherwise
> // we must catch the BadState exception
> ef.ChannelPut( "", (const byte*)pdata.data(), pdata.size() );
> ef.ChannelMessageEnd("");
>
> ------------------------------------------------------------------------------------
> The question is: which channel is ment for the data your need to encrypt,
> and which is for authentification data? They are both called "Authenticated
> data"... And again, adata and pdata are here without an explanation...
> 3) Is it possible to do without strings, using SecByteBlocks and arrays?
>
--
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
---
You received this message because you are subscribed to the Google Groups
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
