I am creating an internal messaging system.In the system users can communicate with each other and send messages internally. The functionality is working fine and I am using AES encryption for encrypting the message.I am also using SSL for sending the messages. Now I want to implement the message authentication code in the messaging system and I want to make sure that the message body is not tempered. My logic is that when the user clicks on the send message the message body is encrypted and I create a MAC and send the values while inserting it into database and before insertion into database I again create a Mac from the same posted message body and compare those Mac values. Can anyone tell me that is the logic correct or is there any other way I can implement MAC in my system. I really need to implement MAC in the messaging system.
Thanks in advance.