From Crypto++ Wiki
PDATA is a generic term to indicate the default or plaint text which is usually encountered in discussions of cipher modes such as CCM and GCM. When operating a cipher in an authenticated encryption mode, the construction affords both encryption and authentication assurances over the PDATA. The 'P' in PDATA stems from plain text of NIST documents; and payload or payload data of IPSec. Both terms refer to the data which is receiveing encryption and authentication. The compliment to PDATA is ADATA.
In the Crypto++, objects which derive from
AuthenticatedEncryptionFilter offer the construction of authenticated encryption. The PDATA is accessible through the default channel ("") or
NULL_CHANNEL (defined in
BufferedTransformation). In the later case, data destined for the
NULL_CHANNEL is not discarded to the bit bucket. It is unfortunate that
BufferedTransformation does not offer
GCM< AES >::Encryption e; e.SetKeyWithIV( key, sizeof(key), iv, sizeof(iv) ); ... AuthenticatedEncryptionFilter ef( e, new StringSink( cipher ) ); // AuthenticatedEncryptionFilter // AuthenticatedEncryptionFilter::ChannelPut // defines two channels: "" (empty) and "AAD" // channel "" is encrypted and authenticated // channel "AAD" is authenticated ... ef.ChannelPut( "", pdata.data(), pdata.size() ); ef.ChannelMessageEnd(""); // Alternately, we could perform: // ef.ChannelPut( NULL_CHANNEL, pdata.data(), pdata.size() ); // ef.ChannelMessageEnd(NULL_CHANNEL);
Since the data is being pushed to the default channel, the following is an equivalent example.
GCM< AES >::Encryption e; e.SetKeyWithIV( key, sizeof(key), iv, sizeof(iv) ); ... AuthenticatedEncryptionFilter ef( e, new StringSink( cipher ) ); // AuthenticatedEncryptionFilter ... ef.Put( pdata.data(), pdata.size() ); ef.MessageEnd();
Do not use a
StreamTransformationFilter on a CCM or GCM object to recover the primary channel data (the plain text). The
StreamTransformationFilter will throw an exception. An
AuthenticatedDecryptionFilter must be used.