{
    "content": [
        {
            "type": "text",
            "text": "# Crypt::AuthEnc::CCM (perldoc)\n\n## NAME\n\nCrypt::AuthEnc::CCM - Authenticated encryption in CCM mode\n\n## SYNOPSIS\n\n### OO interface\nuse Crypt::AuthEnc::CCM;\n# encrypt and authenticate\nmy $ae = Crypt::AuthEnc::CCM->new(\"AES\", $key, $iv, $adata, $taglen, $ptlen);\nmy $ct = $ae->encryptadd('data1');\n$ct .= $ae->encryptadd('data2');\n$ct .= $ae->encryptadd('data3');\nmy $tag = $ae->encryptdone();\n# decrypt and verify\nmy $ae = Crypt::AuthEnc::CCM->new(\"AES\", $key, $iv, $adata, $taglen, $ptlen);\nmy $pt = $ae->decryptadd('ciphertext1');\n$pt .= $ae->decryptadd('ciphertext2');\n$pt .= $ae->decryptadd('ciphertext3');\nmy $tag = $ae->decryptdone();\ndie \"decrypt failed\" unless $tag eq $expectedtag;\n#or\nmy $result = $ae->decryptdone($expectedtag); # 0 or 1\n### functional interface\nuse Crypt::AuthEnc::CCM qw(ccmencryptauthenticate ccmdecryptverify);\n($ciphertext, $tag) = ccmencryptauthenticate('AES', $key, $nonce, $adata, $taglen, $plaintext);\n$plaintext = ccmdecryptverify('AES', $key, $nonce, $adata, $ciphertext, $tag);\n\n## DESCRIPTION\n\nCCM is a encrypt+authenticate mode that is centered around using AES (or any 16-byte cipher) as\na primitive. Unlike EAX and OCB mode, it is only meant for packet mode where the length of the\ninput is known in advance.\n\n## Sections\n\n- **NAME**\n- **SYNOPSIS**\n- **DESCRIPTION**\n- **EXPORT**\n- **FUNCTIONS**\n- **METHODS**\n- **SEE ALSO**\n\nUse structuredContent.sections for detailed options, examples, and full documentation.\n"
        }
    ],
    "structuredContent": {
        "command": "Crypt::AuthEnc::CCM",
        "section": "",
        "mode": "perldoc",
        "summary": "Crypt::AuthEnc::CCM - Authenticated encryption in CCM mode",
        "synopsis": "### OO interface\nuse Crypt::AuthEnc::CCM;\n# encrypt and authenticate\nmy $ae = Crypt::AuthEnc::CCM->new(\"AES\", $key, $iv, $adata, $taglen, $ptlen);\nmy $ct = $ae->encryptadd('data1');\n$ct .= $ae->encryptadd('data2');\n$ct .= $ae->encryptadd('data3');\nmy $tag = $ae->encryptdone();\n# decrypt and verify\nmy $ae = Crypt::AuthEnc::CCM->new(\"AES\", $key, $iv, $adata, $taglen, $ptlen);\nmy $pt = $ae->decryptadd('ciphertext1');\n$pt .= $ae->decryptadd('ciphertext2');\n$pt .= $ae->decryptadd('ciphertext3');\nmy $tag = $ae->decryptdone();\ndie \"decrypt failed\" unless $tag eq $expectedtag;\n#or\nmy $result = $ae->decryptdone($expectedtag); # 0 or 1\n### functional interface\nuse Crypt::AuthEnc::CCM qw(ccmencryptauthenticate ccmdecryptverify);\n($ciphertext, $tag) = ccmencryptauthenticate('AES', $key, $nonce, $adata, $taglen, $plaintext);\n$plaintext = ccmdecryptverify('AES', $key, $nonce, $adata, $ciphertext, $tag);",
        "tldr_summary": null,
        "tldr_examples": [],
        "tldr_source": null,
        "flags": [],
        "examples": [],
        "see_also": [],
        "section_outline": [
            {
                "name": "NAME",
                "lines": 2,
                "subsections": []
            },
            {
                "name": "SYNOPSIS",
                "lines": 27,
                "subsections": []
            },
            {
                "name": "DESCRIPTION",
                "lines": 4,
                "subsections": []
            },
            {
                "name": "EXPORT",
                "lines": 6,
                "subsections": []
            },
            {
                "name": "FUNCTIONS",
                "lines": 20,
                "subsections": []
            },
            {
                "name": "METHODS",
                "lines": 27,
                "subsections": []
            },
            {
                "name": "SEE ALSO",
                "lines": 4,
                "subsections": []
            }
        ],
        "sections": {
            "NAME": {
                "content": "Crypt::AuthEnc::CCM - Authenticated encryption in CCM mode\n",
                "subsections": []
            },
            "SYNOPSIS": {
                "content": "### OO interface\nuse Crypt::AuthEnc::CCM;\n\n# encrypt and authenticate\nmy $ae = Crypt::AuthEnc::CCM->new(\"AES\", $key, $iv, $adata, $taglen, $ptlen);\nmy $ct = $ae->encryptadd('data1');\n$ct .= $ae->encryptadd('data2');\n$ct .= $ae->encryptadd('data3');\nmy $tag = $ae->encryptdone();\n\n# decrypt and verify\nmy $ae = Crypt::AuthEnc::CCM->new(\"AES\", $key, $iv, $adata, $taglen, $ptlen);\nmy $pt = $ae->decryptadd('ciphertext1');\n$pt .= $ae->decryptadd('ciphertext2');\n$pt .= $ae->decryptadd('ciphertext3');\nmy $tag = $ae->decryptdone();\ndie \"decrypt failed\" unless $tag eq $expectedtag;\n\n#or\nmy $result = $ae->decryptdone($expectedtag); # 0 or 1\n\n### functional interface\nuse Crypt::AuthEnc::CCM qw(ccmencryptauthenticate ccmdecryptverify);\n\n($ciphertext, $tag) = ccmencryptauthenticate('AES', $key, $nonce, $adata, $taglen, $plaintext);\n$plaintext = ccmdecryptverify('AES', $key, $nonce, $adata, $ciphertext, $tag);\n",
                "subsections": []
            },
            "DESCRIPTION": {
                "content": "CCM is a encrypt+authenticate mode that is centered around using AES (or any 16-byte cipher) as\na primitive. Unlike EAX and OCB mode, it is only meant for packet mode where the length of the\ninput is known in advance.\n",
                "subsections": []
            },
            "EXPORT": {
                "content": "Nothing is exported by default.\n\nYou can export selected functions:\n\nuse Crypt::AuthEnc::CCM qw(ccmencryptauthenticate ccmdecryptverify);\n",
                "subsections": []
            },
            "FUNCTIONS": {
                "content": "ccmencryptauthenticate\nmy ($ciphertext, $tag) = ccmencryptauthenticate($cipher, $key, $nonce, $adata, $taglen, $plaintext);\n\n# $cipher .. 'AES' or name of any other cipher with 16-byte block len\n# $key ..... key of proper length (e.g. 128/192/256bits for AES)\n# $nonce ... unique nonce/salt (no need to keep it secret)\n# $adata ... additional authenticated data\n# $taglen . required length of output tag\n\nCCM parameters should follow\n<http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38c.pdf>\n\n# tag length:   4, 6, 8, 10, 12, 14, 16 (reasonable minimum is 8)\n# nonce length: 7, 8, 9, 10, 11, 12, 13 (if you are not sure, use 11)\n# BEWARE nonce length determines max. enc/dec data size: maxdatasize = 2^(8*(15-noncelen))\n\nccmdecryptverify\nmy $plaintext = ccmdecryptverify($cipher, $key, $nonce, $adata, $ciphertext, $tag);\n# on error returns undef\n",
                "subsections": []
            },
            "METHODS": {
                "content": "new\nmy $ae = Crypt::AuthEnc::CCM->new($cipher, $key, $nonce, $adata, $taglen, $ptlen);\n\n# $cipher .. 'AES' or name of any other cipher with 16-byte block len\n# $key ..... key of proper length (e.g. 128/192/256bits for AES)\n# $nonce ... unique nonce/salt (no need to keep it secret)\n# $adata ... additional authenticated data\n# $taglen . required length of output tag\n# $ptlen .. expected length of plaintext/ciphertext to encrypt/decrypt\n\nencryptadd\n$ciphertext = $ae->encryptadd($data);        # can be called multiple times\n\nencryptdone\nmy $tag = $ae->encryptdone;                  # returns $tag value\n\ndecryptadd\n$plaintext = $ae->decryptadd($ciphertext);   # can be called multiple times\n\ndecryptdone\nmy $tag = $ae->decryptdone;           # returns $tag value\n#or\nmy $result = $ae->decryptdone($tag);  # returns 1 (success) or 0 (failure)\n\nclone\nmy $aenew = $ae->clone;\n",
                "subsections": []
            },
            "SEE ALSO": {
                "content": "*   CryptX, Crypt::AuthEnc::EAX, Crypt::AuthEnc::GCM, Crypt::AuthEnc::OCB\n\n*   <https://en.wikipedia.org/wiki/CCMmode>\n",
                "subsections": []
            }
        }
    }
}