>> In Botan you do it with the Fork class. > > Crypto++ has a ChannelSwitch which allows you to take > data and send it to multiple sinks. But I don't think > that's what you want in the is case. > > If you were doing authenticated encryption using > Encrypt-And-Authenticate (like SSH), then you could use > the ChannelSwitch. The wiki documentation was updated for http://www.cryptopp.com/wiki/ChannelSwitch. It adds an SSH-style authenticated encryption example.
On Saturday, April 4, 2015 at 10:54:42 PM UTC-4, Jeffrey Walton wrote: > > > I need to encrypt a stream (with a symmetric algorithm) > > and compute its HMAC at the same time. > > You have to be careful here. Combining a confidentiality mode with an > authenticity mode can cause some trouble if you combine them incorrectly. > Its probably best to use a mode that does it for you, like EAX, CCM or GCM > mode. > > Getting authenticated encryption wrong is easy. SSL/TLS and SSH got them > wrong, and they've been dealing with the associated bugs for decades. IPSec > got it right with Encrypt-Then-Authenticate. > > To have a chance at getting it right, you have to encrypt the data first > and then MAC it. That's what IPSec does. See > http://www.cryptopp.com/wiki/Authenticated_Encryption - private > <http://www.cryptopp.com/wiki/Authenticated_Encryption> for more details. > > > In Botan you do it with the Fork class. > > Crypto++ has a ChannelSwitch which allows you to take data and send it to > multiple sinks. But I don't think that's what you want in the is case. > > If you were doing authenticated encryption using Encrypt-And-Authenticate > (like SSH), then you could use the ChannelSwitch. > > > Is there an easy way to do that in crypto++, without going through it > twice > > Yes, just pipeline the data. Have the output of the encryptor feed the > HMAC. > > You can read more about pipelining at > http://www.cryptopp.com/wiki/Pipeline - private > <http://www.cryptopp.com/wiki/Pipeline>. > > > without going through it twice > > You will *always* have to touch the data twice. The only mode that > supports touching the data once is CWC mode. Its patented, so everything > else touches the data twice. > > With that out of the way, below is a program that kind of does what you > want. It streams plaintext data through and encryptor and then a HMAC. > Unfortunately, it appears to have a bug. The unfortunate thing is the bug > appears to be in the Crypto++ library (modulo me doing something dumb). > ... > -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
