Class AesSiv
AES-SIV authenticated encryption mode, defined in RFC 5297.
Implements
Inherited Members
Namespace: Confluent.SchemaRegistry.Encryption.Vendored.Miscreant
Assembly: Confluent.SchemaRegistry.Encryption.dll
Syntax
public sealed class AesSiv : IDisposableMethods
CreateAesCmacSiv(byte[])
Initializes a new instance of the AES-CMAC-SIV algorithm with the specified key.
Declaration
public static AesSiv CreateAesCmacSiv(byte[] key)Parameters
| Type | Name | Description |
|---|---|---|
| byte[] | key | The secret key for AES-CMAC-SIV encryption. |
Returns
| Type | Description |
|---|---|
| AesSiv | An AES-CMAC-SIV instance. |
CreateAesPmacSiv(byte[])
Initializes a new instance of the AES-PMAC-SIV algorithm with the specified key.
Declaration
public static AesSiv CreateAesPmacSiv(byte[] key)Parameters
| Type | Name | Description |
|---|---|---|
| byte[] | key | The secret key for AES-PMAC-SIV encryption. |
Returns
| Type | Description |
|---|---|
| AesSiv | An AES-PMAC-SIV instance. |
Dispose()
Disposes this object.
Declaration
public void Dispose()Open(byte[], params byte[][])
Open decrypts ciphertext, authenticates the decrypted plaintext and the given associated data items and, if successful, returns the result. For nonce-based encryption, the nonce should be the last associated data item. In case of failed decryption, this method throws CryptographicException.
Declaration
public byte[] Open(byte[] ciphertext, params byte[][] data)Parameters
| Type | Name | Description |
|---|---|---|
| byte[] | ciphertext | The ciphertext to decrypt. |
| byte[][] | data | Associated data items to authenticate. |
Returns
| Type | Description |
|---|---|
| byte[] | The decrypted plaintext. |
Exceptions
| Type | Condition |
|---|---|
| CryptographicException | Thrown when the ciphertext is invalid. |
Seal(byte[], params byte[][])
Seal encrypts and authenticates plaintext, authenticates the given associated data items, and returns the result. For nonce-based encryption, the nonce should be the last associated data item.
Declaration
public byte[] Seal(byte[] plaintext, params byte[][] data)Parameters
| Type | Name | Description |
|---|---|---|
| byte[] | plaintext | The plaintext to encrypt. |
| byte[][] | data | Associated data items to authenticate. |
Returns
| Type | Description |
|---|---|
| byte[] | Concatenation of the authentication tag and the encrypted data. |