Provides RFC 8439 style chacha20poly1305.
More...
Provides RFC 8439 style chacha20poly1305.
This module provides the chacha20poly1305 AEAD symmetric cipher following rfc 8439.
Nonces must be unique per message for a single key. They are allowed to be predictable, e.g. a message counter and are allowed to be visible during transmission.
|
| void | chacha20poly1305_encrypt (uint8_t *cipher, const uint8_t *msg, size_t msglen, const uint8_t *aad, size_t aadlen, const uint8_t *key, const uint8_t *nonce) |
| | Encrypt a plaintext to ciphertext and append a tag to protect the ciphertext and additional data. More...
|
| |
| int | chacha20poly1305_decrypt (const uint8_t *cipher, size_t cipherlen, uint8_t *msg, size_t *msglen, const uint8_t *aad, size_t aadlen, const uint8_t *key, const uint8_t *nonce) |
| | Verify the tag and decrypt a ciphertext to plaintext. More...
|
| |
| void | chacha20_encrypt_decrypt (const uint8_t *input, uint8_t *output, const uint8_t *key, const uint8_t *nonce, size_t inputlen) |
| | Encrypt a plaintext to ciphertext with the ChaCha20 algorithm. More...
|
| |
◆ chacha20_encrypt_decrypt()
| void chacha20_encrypt_decrypt |
( |
const uint8_t * |
input, |
|
|
uint8_t * |
output, |
|
|
const uint8_t * |
key, |
|
|
const uint8_t * |
nonce, |
|
|
size_t |
inputlen |
|
) |
| |
Encrypt a plaintext to ciphertext with the ChaCha20 algorithm.
- Parameters
-
| [in] | input | Input for the encryption/decryption. |
| [out] | output | The resulting encrypted cipher/decrypted message. |
| [in] | key | Key to encrypt/decrypt with, must be CHACHA20POLY1305_KEY_BYTES long. |
| [in] | nonce | Nonce to use. Must be CHACHA20POLY1305_NONCE_BYTES long. |
| [in] | inputlen | Length of the input byte array. |
◆ chacha20poly1305_decrypt()
| int chacha20poly1305_decrypt |
( |
const uint8_t * |
cipher, |
|
|
size_t |
cipherlen, |
|
|
uint8_t * |
msg, |
|
|
size_t * |
msglen, |
|
|
const uint8_t * |
aad, |
|
|
size_t |
aadlen, |
|
|
const uint8_t * |
key, |
|
|
const uint8_t * |
nonce |
|
) |
| |
Verify the tag and decrypt a ciphertext to plaintext.
It is allowed to have cipher == msg
- Parameters
-
| [in] | cipher | resulting ciphertext, is CHACHA20POLY1305_TAG_BYTES longer than the message length |
| [in] | cipherlen | length of the ciphertext |
| [out] | msg | message to encrypt |
| [in] | msglen | resulting length in bytes of the message |
| [in] | aad | additional authenticated data to verify |
| [in] | aadlen | length of the additional authenticated data |
| [in] | key | key to decrypt with, must be CHACHA20POLY1305_KEY_BYTES long |
| [in] | nonce | Nonce to use. Must be CHACHA20POLY1305_NONCE_BYTES long |
◆ chacha20poly1305_encrypt()
| void chacha20poly1305_encrypt |
( |
uint8_t * |
cipher, |
|
|
const uint8_t * |
msg, |
|
|
size_t |
msglen, |
|
|
const uint8_t * |
aad, |
|
|
size_t |
aadlen, |
|
|
const uint8_t * |
key, |
|
|
const uint8_t * |
nonce |
|
) |
| |
Encrypt a plaintext to ciphertext and append a tag to protect the ciphertext and additional data.
It is allowed to have cipher == msg as long as there is CHACHA20POLY1305_TAG_BYTES space left to hold the authentication tag
- Parameters
-
| [out] | cipher | resulting ciphertext, is CHACHA20POLY1305_TAG_BYTES longer than the message length |
| [in] | msg | message to encrypt |
| [in] | msglen | length in bytes of the message |
| [in] | aad | additional authenticated data to protect |
| [in] | aadlen | length of the additional authenticated data |
| [in] | key | key to encrypt with, must be CHACHA20POLY1305_KEY_BYTES long |
| [in] | nonce | Nonce to use. Must be CHACHA20POLY1305_NONCE_BYTES long |
1.9.1