Class StreamEncryptor

STREAM online authenticated encryption, defined in the paper Online Authenticated-Encryption and its Nonce-Reuse Misuse-Resistance .

Inheritance
object
StreamEncryptor
Implements
Inherited Members
Namespace: Confluent.SchemaRegistry.Encryption.Vendored.Miscreant
Assembly: Confluent.SchemaRegistry.Encryption.dll
Syntax
public sealed class StreamEncryptor : IDisposable

Methods

CreateAesCmacSivEncryptor(byte[], byte[])

Initializes a new instance of the STREAM encryptor using the AES-CMAC-SIV algorithm.

Declaration
public static StreamEncryptor CreateAesCmacSivEncryptor(byte[] key, byte[] nonce)
Parameters
TypeNameDescription
byte[]key

The secret key for encryption.

byte[]nonce

The nonce for encryption.

Returns
TypeDescription
StreamEncryptor

A STREAM encryptor instance.

CreateAesPmacSivEncryptor(byte[], byte[])

Initializes a new instance of the STREAM encryptor using the AES-PMAC-SIV algorithm.

Declaration
public static StreamEncryptor CreateAesPmacSivEncryptor(byte[] key, byte[] nonce)
Parameters
TypeNameDescription
byte[]key

The secret key for encryption.

byte[]nonce

The nonce for encryption.

Returns
TypeDescription
StreamEncryptor

A STREAM encryptor instance.

Dispose()

Disposes this object.

Declaration
public void Dispose()

GenerateNonce()

Generates a random 8-byte STREAM nonce.

Declaration
public static byte[] GenerateNonce()
Returns
TypeDescription
byte[]

Generated nonce.

Seal(byte[], byte[], bool)

Seal encrypts and authenticates the next message in the STREAM, authenticates the associated data, and returns the result.

Declaration
public byte[] Seal(byte[] plaintext, byte[] data = null, bool last = false)
Parameters
TypeNameDescription
byte[]plaintext

The plaintext to encrypt.

byte[]data

Associated data items to authenticate.

boollast

True if this is the last block in the STREAM.

Returns
TypeDescription
byte[]

Concatenation of the authentication tag and the encrypted data.

Implements