EncryptAndAuthenticate Method
EncryptAndAuthenticate(ReadOnlySpan<byte>, ReadOnlySpan<byte>, ReadOnlySpan<byte>, Span<byte>, Span<byte>, ReadOnlySpan<byte>)
Encrypt the plaintext using AES-GCM with the given
keyData, nonce, and associatedData. Place the
resulting encrypted data into the ciphertext Span and the
authentication tag into the tag Span.
void EncryptAndAuthenticate(ReadOnlySpan<byte> keyData, ReadOnlySpan<byte> nonce, ReadOnlySpan<byte> plaintext, Span<byte> ciphertext, Span<byte> tag, ReadOnlySpan<byte> associatedData)Parameters
| Type | Name | Description |
|---|---|---|
| ReadOnlySpan<byte> | keyData | The key data that will be used to encrypt, either 16, 24, or 32 bytes. |
| ReadOnlySpan<byte> | nonce | The 12-byte "IV". A GCM nonce should be random bytes and should be different for each key. |
| ReadOnlySpan<byte> | plaintext | The data to encrypt. |
| Span<byte> | ciphertext | Where the encrypted data will be placed. |
| Span<byte> | tag | Where the 16-byte authentication tag will be placed. |
| ReadOnlySpan<byte> | associatedData | The "extra" data used to compute the authentication tag. |
Exceptions
| Type | Condition |
|---|---|
| CryptographicException | The key data is not a valid length. |
| ArgumentException | One of the arguments was not valid (e.g. nonce is not exactly 12 bytes). |
Remarks
The key data must be either 128, 192, or 256 bits (16, 24, or 32 bytes).
The nonce must be exactly 12 bytes. The ciphertext will be the same
length as the plaintext and the authentication tag will be exactly 16
bytes. Note that this method will throw an exception if
ciphertext.Length is not exactly plaintext.Length and
tag.Length is not exactly 16.
Note also that the plaintext can be any length. That is, it is not necessary to to supply data that is a length which is a multiple of the AES block size.