Generate and verify only MAC using AESCCM for authentication purpose only based on adata
Solution 1:
This type of data is commonly called "additional authenticated data" (AAD). It will be included in the calculation of the authentication tag, but not encrypted (resp. decrypted).
You can use the ProcessAadBytes
(also ProcessAadByte
) method to provide this type of input to CcmBlockCipher
. Note that there is no output buffer for these methods because the cipher doesn't consider AAD part of its "stream".
So in your case, for "encryption", with no actual data to encrypt, you just add all the plaintext using ProcessAadBytes
and then call DoFinal
to get the output, which will consist only of the authentication tag. If you need to send the plaintext also, you have to arrange that yourself.
Similarly for decryption, CcmBlockCipher
does not consider the AAD as part of its usual input; it should be added using ProcessAadBytes
, followed by a DoFinal
that consists of just the tag in your case.