Generate and verify only MAC using AESCCM for authentication purpose only based on adata

c# aes bouncycastle

Solution 1:

This type of data is commonly called "additional authenticated data" (AAD). It will be included in the calculation of the authentication tag, but not encrypted (resp. decrypted).

You can use the ProcessAadBytes (also ProcessAadByte) method to provide this type of input to CcmBlockCipher. Note that there is no output buffer for these methods because the cipher doesn't consider AAD part of its "stream".

So in your case, for "encryption", with no actual data to encrypt, you just add all the plaintext using ProcessAadBytes and then call DoFinal to get the output, which will consist only of the authentication tag. If you need to send the plaintext also, you have to arrange that yourself.

Similarly for decryption, CcmBlockCipher does not consider the AAD as part of its usual input; it should be added using ProcessAadBytes, followed by a DoFinal that consists of just the tag in your case.

Related

Why I can't do this: ${someValue} in JavaScript / Typescript? [duplicate]
Unique name requirement in Active Directory OUs?
How to encode url in haproxy [duplicate]
Port 80 vs 3000? How does it resolve? [duplicate]
Nginx does not open specified listen port
MongoDB 80,000+ insertions per second
How do I refer to the 'LXD host from an LXD container
authentication with gcloud not working
How do I create a user with a password in one line, in Bash, on Redhat?
Postfix archive preserving Bcc with X-Envelope-To - cleanup confidential X-Envelope-To with Lmtp
CGroup configuration in CentOS 7
Can't find Rancher instances in AWS EC2 dashboard