The friendly Operating System for the Internet of Things
chacha.h File Reference

ChaCha stream cipher. More...

Detailed Description

#include <stdint.h>
#include <stddef.h>
+ Include dependency graph for chacha.h:

Go to the source code of this file.

Data Structures

struct  chacha_ctx
 A ChaCha cipher stream context. More...
 

Functions

int chacha_init (chacha_ctx *ctx, unsigned rounds, const uint8_t *key, uint32_t keylen, const uint8_t nonce[8])
 Initialize a ChaCha context. More...
 
void chacha_keystream_bytes (chacha_ctx *ctx, void *x)
 Generate next block in the keystream. More...
 
void chacha_encrypt_bytes (chacha_ctx *ctx, const uint8_t *m, uint8_t *c)
 Encode or decode a block of data. More...
 
static void chacha_decrypt_bytes (chacha_ctx *ctx, const uint8_t *m, uint8_t *c)
 Encode or decode a block of data. More...
 
void chacha_prng_seed (const void *data, size_t bytes)
 Seed the pseudo-random number generator. More...
 
uint32_t chacha_prng_next (void)
 Extract a number from the pseudo-random number generator. More...
 

Function Documentation

static void chacha_decrypt_bytes ( chacha_ctx ctx,
const uint8_t *  m,
uint8_t *  c 
)
inlinestatic

m is always the input regardless if it is the plaintext or ciphertext, and c vice verse.

Warning
You need to re-initialized the context with a new nonce after 2^64 encrypted blocks, or the keystream will repeat!
Parameters
[in,out]ctxThe ChaCha context.
[in]mThe input.
[out]cThe output.

Definition at line 103 of file chacha.h.

void chacha_encrypt_bytes ( chacha_ctx ctx,
const uint8_t *  m,
uint8_t *  c 
)

m is always the input regardless if it is the plaintext or ciphertext, and c vice verse.

Warning
You need to re-initialized the context with a new nonce after 2^64 encrypted blocks, or the keystream will repeat!
Parameters
[in,out]ctxThe ChaCha context.
[in]mThe input.
[out]cThe output.
int chacha_init ( chacha_ctx ctx,
unsigned  rounds,
const uint8_t *  key,
uint32_t  keylen,
const uint8_t  nonce[8] 
)
Parameters
[out]ctxThe context to initialize
[in]roundsNumber of rounds. Recommended: 20. Also in use: 8 and 12.
[in]keyThe key to use.
[in]keylenLength (in bytes) of key. Must be 16 or 32.
[in]nonceIV / nonce to use.
Returns
== 0 on success.
< 0 if an illegal value for rounds or keylen was suppplied.
void chacha_keystream_bytes ( chacha_ctx ctx,
void *  x 
)

If you want to seek inside the cipher steam, then you have to update the clock in ctx->state[13]:ctx->state[12] manually.

Warning
You need to re-initialized the context with a new nonce after 2^64 encrypted blocks, or the keystream will repeat!
Parameters
[in,out]ctxThe ChaCha context
[out]xThe block of the keystream (sizeof(x) == 64).
uint32_t chacha_prng_next ( void  )
Warning
After you have read 2^68 numbers you have to re-seed the PRNG. Otherwise the sequence will repeat.
void chacha_prng_seed ( const void *  data,
size_t  bytes 
)

You can seed the random number generator with up to 64 bytes of data. If you feed less than 64 bytes of data, then the privous state gets only partially overwritten.

If you want to supply multiple information, then you have to concatenate them manually before invoking the function.

The PRNG gets a random seed in the build process. You can set a deterministic value by supplying a comma separated argument to make like RIOT_CHACHA_PRNG_DEFAULT="0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15".

Parameters
[in]dataSome random data.
[in]bytesLength of data in bytes where 0 < bytes <= 64.