PDATA
From Crypto++ Wiki
PDATA is a generic term to indicate the default or plaint text which is usually encountered in discussions of cipher modes such as CCM and GCM. When operating a cipher in an authenticated encryption mode, the construction affords both encryption and authentication assurances over the PDATA. The 'P' in PDATA stems from plain text of NIST documents; and payload or payload data of IPSec. Both terms refer to the data which is receiveing encryption and authentication. The compliment to PDATA is ADATA.
In the Crypto++, objects which derive from AuthenticatedEncryptionFilter offer the construction of authenticated encryption. The PDATA is accessible through the default channel ("") or NULL_CHANNEL (defined in BufferedTransformation). In the later case, data destined for the NULL_CHANNEL is not discarded to the bit bucket. It is unfortunate that BufferedTransformation does not offer DEFAULT_CHANNEL also.
GCM< AES >::Encryption e;
e.SetKeyWithIV( key, sizeof(key), iv, sizeof(iv) );
...
AuthenticatedEncryptionFilter ef( e,
new StringSink( cipher )
); // AuthenticatedEncryptionFilter
// AuthenticatedEncryptionFilter::ChannelPut
// defines two channels: "" (empty) and "AAD"
// channel "" is encrypted and authenticated
// channel "AAD" is authenticated
...
ef.ChannelPut( "", pdata.data(), pdata.size() );
ef.ChannelMessageEnd("");
// Alternately, we could perform:
// ef.ChannelPut( NULL_CHANNEL, pdata.data(), pdata.size() );
// ef.ChannelMessageEnd(NULL_CHANNEL);
Since the data is being pushed to the default channel, the following is an equivalent example.
GCM< AES >::Encryption e;
e.SetKeyWithIV( key, sizeof(key), iv, sizeof(iv) );
...
AuthenticatedEncryptionFilter ef( e,
new StringSink( cipher )
); // AuthenticatedEncryptionFilter
...
ef.Put( pdata.data(), pdata.size() );
ef.MessageEnd();
Do not use a StreamTransformationFilter on a CCM or GCM object to recover the primary channel data (the plain text). The StreamTransformationFilter will throw an exception. An AuthenticatedDecryptionFilter must be used.
