C# Class Org.BouncyCastle.Crypto.Generators.Poly1305KeyGenerator

Generates keys for the Poly1305 MAC.
Poly1305 keys are 256 bit keys consisting of a 128 bit secret key used for the underlying block cipher followed by a 128 bit {@code r} value used for the polynomial portion of the Mac.
The {@code r} value has a specific format with some bits required to be cleared, resulting in an effective 106 bit key.
A separately generated 256 bit key can be modified to fit the Poly1305 key format by using the {@link #clamp(byte[])} method to clear the required bits.
Inheritance: Org.BouncyCastle.Crypto.CipherKeyGenerator
Show file Open project: gkardava/WinPass Class Usage Examples

Public Methods

Method Description
CheckKey ( byte key ) : void

Checks a 32 byte key for compliance with the Poly1305 key requirements, e.g. k[0] ... k[15], r[0] ... r[15] with the required bits in r cleared as per Clamp(byte[]).

Clamp ( byte key ) : void

Modifies an existing 32 byte key value to comply with the requirements of the Poly1305 key by clearing required bits in the r (second 16 bytes) portion of the key.
Specifically:

  • r[3], r[7], r[11], r[15] have top four bits clear (i.e., are {0, 1, . . . , 15})
  • r[4], r[8], r[12] have bottom two bits clear (i.e., are in {0, 4, 8, . . . , 252})

Protected Methods

Method Description
engineGenerateKey ( ) : byte[]

Generates a 256 bit key in the format required for Poly1305 - e.g. k[0] ... k[15], r[0] ... r[15] with the required bits in r cleared as per Clamp(byte[]).

engineInit ( KeyGenerationParameters param ) : void

Initialises the key generator.

Poly1305 keys are always 256 bits, so the key length in the provided parameters is ignored.

Private Methods

Method Description
CheckMask ( byte b, byte mask ) : void

Method Details

CheckKey() public static method

Checks a 32 byte key for compliance with the Poly1305 key requirements, e.g. k[0] ... k[15], r[0] ... r[15] with the required bits in r cleared as per Clamp(byte[]).
if the key is of the wrong length, or has invalid bits set /// in the r portion of the key.
public static CheckKey ( byte key ) : void
key byte Key.
return void

Clamp() public static method

Modifies an existing 32 byte key value to comply with the requirements of the Poly1305 key by clearing required bits in the r (second 16 bytes) portion of the key.
Specifically:
  • r[3], r[7], r[11], r[15] have top four bits clear (i.e., are {0, 1, . . . , 15})
  • r[4], r[8], r[12] have bottom two bits clear (i.e., are in {0, 4, 8, . . . , 252})
public static Clamp ( byte key ) : void
key byte a 32 byte key value k[0] ... k[15], r[0] ... r[15]
return void

engineGenerateKey() protected method

Generates a 256 bit key in the format required for Poly1305 - e.g. k[0] ... k[15], r[0] ... r[15] with the required bits in r cleared as per Clamp(byte[]).
protected engineGenerateKey ( ) : byte[]
return byte[]

engineInit() protected method

Initialises the key generator.
Poly1305 keys are always 256 bits, so the key length in the provided parameters is ignored.
protected engineInit ( KeyGenerationParameters param ) : void
param Org.BouncyCastle.Crypto.KeyGenerationParameters
return void