Exemple #1
0
        /// <summary>
        /// Creates a symmetric decryptor object with the current Key property and one-time use state parameter.
        /// </summary>
        /// <param name="key">The secret that will be used during decryption.</param>
        /// <param name="nonce">The one-time use state parameter.</param>
        public override ICryptoTransform CreateDecryptor(byte[] key, byte[] nonce)
        {
            var ivLow  = m_iv;
            var ivHigh = BinaryPrimitives.ReadUInt32LittleEndian(nonce.AsSpan(0, WordLength));

            return(ChaChaTransform.New(Initialize(key, nonce, m_iv), Operations.ConcatBits(ivHigh, ivLow), 20U));
        }
Exemple #2
0
        private void Compress(ReadOnlySpan <byte> data, uint finalizer)
        {
            var dataAsUInt = MemoryMarshal.Cast <byte, uint>(data);
            var h0         = m_h0;
            var h1         = m_h1;
            var h2         = m_h2;
            var h3         = m_h3;
            var h4         = m_h4;
            var r0         = m_r0;
            var r1         = m_r1;
            var r2         = m_r2;
            var r3         = m_r3;
            var r4         = m_r4;
            var s0         = m_s0;
            var s1         = m_s1;
            var s2         = m_s2;
            var s3         = m_s3;
            var t0         = dataAsUInt[0];
            var t1         = dataAsUInt[1];
            var t2         = dataAsUInt[2];
            var t3         = dataAsUInt[3];

            h0 += (t0 & 0x3FFFFFFU);
            h1 += ((uint)((Operations.ConcatBits(t1, t0) >> 26) & 0x3FFFFFFU));
            h2 += ((uint)((Operations.ConcatBits(t2, t1) >> 20) & 0x3FFFFFFU));
            h3 += ((uint)((Operations.ConcatBits(t3, t2) >> 14) & 0x3FFFFFFU));
            h4 += ((uint)Operations.Add((t3 >> 8), finalizer));

            var d0 = (Operations.Multiply(h0, r0) + Operations.Multiply(h1, s3) + Operations.Multiply(h2, s2) + Operations.Multiply(h3, s1) + Operations.Multiply(h4, s0));
            var d1 = (Operations.Multiply(h0, r1) + Operations.Multiply(h1, r0) + Operations.Multiply(h2, s3) + Operations.Multiply(h3, s2) + Operations.Multiply(h4, s1));
            var d2 = (Operations.Multiply(h0, r2) + Operations.Multiply(h1, r1) + Operations.Multiply(h2, r0) + Operations.Multiply(h3, s3) + Operations.Multiply(h4, s2));
            var d3 = (Operations.Multiply(h0, r3) + Operations.Multiply(h1, r2) + Operations.Multiply(h2, r1) + Operations.Multiply(h3, r0) + Operations.Multiply(h4, s3));
            var d4 = (Operations.Multiply(h0, r4) + Operations.Multiply(h1, r3) + Operations.Multiply(h2, r2) + Operations.Multiply(h3, r1) + Operations.Multiply(h4, r0));
            var c  = (d0 >> 26);

            h0  = ((uint)(d0 & 0x3FFFFFFU));
            d1 += c;
            c   = (d1 >> 26);
            h1  = ((uint)(d1 & 0x3FFFFFFU));
            d2 += c;
            c   = (d2 >> 26);
            h2  = ((uint)(d2 & 0x3FFFFFFU));
            d3 += c;
            c   = (d3 >> 26);
            h3  = ((uint)(d3 & 0x3FFFFFFU));
            d4 += c;
            c   = (d4 >> 26);
            h4  = ((uint)(d4 & 0x3FFFFFFU));
            h0 += ((uint)(c * 5UL));
            c   = (h0 >> 26);
            h0  = (h0 & 0x3FFFFFFU);
            h1 += ((uint)c);

            m_h0 = h0;
            m_h1 = h1;
            m_h2 = h2;
            m_h3 = h3;
            m_h4 = h4;
        }
        /// <summary>
        /// Initializes a new instance of the <see cref="AeadChaCha20Poly1305"/> class.
        /// </summary>
        /// <param name="key">The secret that will be used during initialization.</param>
        /// <param name="nonce">The one-time use state parameter.</param>
        /// <param name="aad">The arbitrary length additional authenticated data parameter.</param>
        public AeadChaCha20Poly1305(ReadOnlySpan <byte> key, ReadOnlySpan <byte> nonce, ReadOnlySpan <byte> aad)
        {
            var ivLow      = 0U;
            var ivHigh     = BinaryPrimitives.ReadUInt32LittleEndian(nonce);
            var oneTimeKey = new byte[64];

            ChaCha.WriteKeyStreamBlock(ChaCha.Initialize(key, nonce, ivLow), Operations.ConcatBits(ivHigh, ivLow), 20U, oneTimeKey);

            m_aad      = aad.ToArray();
            m_chaCha20 = ChaCha20.New(key, nonce, 1U);
            m_poly1305 = Poly1305.New(oneTimeKey.AsSpan(0, 32).ToArray());
        }