Class AesGcmSiv
AES-256-GCM-SIV nonce misuse-resistant authenticated encryption mode, defined in draft-irtf-cfrg-gcmsiv-08.
Inheritance
Implements
Inherited Members
Namespace: Cryptography
Assembly: Cryptography.dll
Syntax
public sealed class AesGcmSiv : IDisposableConstructors
| Improve this Doc View SourceAesGcmSiv(Byte[])
Initializes a new instance of the AesGcmSiv class.
Declaration
public AesGcmSiv(byte[] key)Parameters
| Type | Name | Description |
|---|---|---|
| System.Byte[] | key | The secret key for AES-256-GCM-SIV encryption. |
Exceptions
| Type | Condition |
|---|---|
| System.ArgumentNullException | Thrown if the |
| System.PlatformNotSupportedException | Thrown if the CPU doesn't implement AES and CLMUL instruction sets. |
| System.Security.Cryptography.CryptographicException | Thrown if the |
AesGcmSiv(ReadOnlySpan<Byte>)
Initializes a new instance of the AesGcmSiv class.
Declaration
public AesGcmSiv(ReadOnlySpan<byte> key)Parameters
| Type | Name | Description |
|---|---|---|
| System.ReadOnlySpan<System.Byte> | key | The secret key for AES-256-GCM-SIV encryption. |
Exceptions
| Type | Condition |
|---|---|
| System.PlatformNotSupportedException | Thrown if the CPU doesn't support AES and CLMUL instruction sets. |
| System.Security.Cryptography.CryptographicException | Thrown if the |
Properties
| Improve this Doc View SourceIsSupported
Returns true if the CPU supports AES and CLMUL instruction sets, false otherwise.
Declaration
public static bool IsSupported { get; }Property Value
| Type | Description |
|---|---|
| System.Boolean |
Methods
| Improve this Doc View SourceDecrypt(Byte[], Byte[], Byte[], Byte[], Byte[])
Decrypt decrypts the ciphertext, and authenticates the decrypted plaintext and the optional associated data.
Declaration
public void Decrypt(byte[] nonce, byte[] ciphertext, byte[] tag, byte[] plaintext, byte[] associatedData = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.Byte[] | nonce | The 12-byte nonce that was previously used for encryption. |
| System.Byte[] | ciphertext | The ciphertext to decrypt. |
| System.Byte[] | tag | The 16-byte authentication tag. |
| System.Byte[] | plaintext | The buffer for the plaintext. It must be the same length as the ciphertext. |
| System.Byte[] | associatedData | Associated data to authenticate. Can be null. |
Exceptions
| Type | Condition |
|---|---|
| System.ObjectDisposedException | Thrown if the current instance has already been disposed. |
| System.ArgumentNullException | Thrown if either |
| System.ArgumentException | Thrown if any of the following conditions is satisfied: - - - |
Decrypt(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, Span<Byte>, ReadOnlySpan<Byte>)
Decrypt decrypts the ciphertext, and authenticates the decrypted plaintext and the optional associated data.
Declaration
public void Decrypt(ReadOnlySpan<byte> nonce, ReadOnlySpan<byte> ciphertext, ReadOnlySpan<byte> tag, Span<byte> plaintext, ReadOnlySpan<byte> associatedData = default(ReadOnlySpan<byte>))Parameters
| Type | Name | Description |
|---|---|---|
| System.ReadOnlySpan<System.Byte> | nonce | The 12-byte nonce that was previously used for encryption. |
| System.ReadOnlySpan<System.Byte> | ciphertext | The ciphertext to decrypt. |
| System.ReadOnlySpan<System.Byte> | tag | The 16-byte authentication tag. |
| System.Span<System.Byte> | plaintext | The buffer for the plaintext. It must be the same length as the ciphertext. |
| System.ReadOnlySpan<System.Byte> | associatedData | Associated data to authenticate. |
Exceptions
| Type | Condition |
|---|---|
| System.ObjectDisposedException | Thrown if the current instance has already been disposed. |
| System.ArgumentException | Thrown if any of the following conditions is satisfied: - - - |
Dispose()
Disposes this object.
Declaration
public void Dispose()Encrypt(Byte[], Byte[], Byte[], Byte[], Byte[])
Encrypt encrypts and authenticates the plaintext, and authenticates the optional associated data.
Declaration
public void Encrypt(byte[] nonce, byte[] plaintext, byte[] ciphertext, byte[] tag, byte[] associatedData = null)Parameters
| Type | Name | Description |
|---|---|---|
| System.Byte[] | nonce | The 12-byte nonce. It is recommended to use randomnly chosen nonces. |
| System.Byte[] | plaintext | The plaintext to encrypt. |
| System.Byte[] | ciphertext | The buffer for the ciphertext. It must be the same length as the plaintext. |
| System.Byte[] | tag | The 16-byte buffer for the authentication tag. |
| System.Byte[] | associatedData | Associated data to authenticate. Can be null. |
Exceptions
| Type | Condition |
|---|---|
| System.ObjectDisposedException | Thrown if the current instance has already been disposed. |
| System.ArgumentNullException | Thrown if either |
| System.ArgumentException | Thrown if any of the following conditions is satisfied: - - - |
Encrypt(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, Span<Byte>, Span<Byte>, ReadOnlySpan<Byte>)
Encrypt encrypts and authenticates the plaintext, and authenticates the optional associated data.
Declaration
public void Encrypt(ReadOnlySpan<byte> nonce, ReadOnlySpan<byte> plaintext, Span<byte> ciphertext, Span<byte> tag, ReadOnlySpan<byte> associatedData = default(ReadOnlySpan<byte>))Parameters
| Type | Name | Description |
|---|---|---|
| System.ReadOnlySpan<System.Byte> | nonce | The 12-byte nonce. It is recommended to use randomnly chosen nonces. |
| System.ReadOnlySpan<System.Byte> | plaintext | The plaintext to encrypt. |
| System.Span<System.Byte> | ciphertext | The buffer for the ciphertext. It must be the same length as the plaintext. |
| System.Span<System.Byte> | tag | The 16-byte buffer for the authentication tag. |
| System.ReadOnlySpan<System.Byte> | associatedData | Associated data to authenticate. |
Exceptions
| Type | Condition |
|---|---|
| System.ObjectDisposedException | Thrown if the current instance has already been disposed. |
| System.ArgumentException | Thrown if any of the following conditions is satisfied: - - - |