Provides RFC 8439 style chacha20poly1305. More...
Provides RFC 8439 style chacha20poly1305.
This module provides the chacha20poly1305 AEAD symmetric cipher following rfc 8439.
Nonces must be unique per message for a single key. They are allowed to be predictable, e.g. a message counter and are allowed to be visible during transmission.
Files | |
file | chacha20poly1305.h |
Chacha20poly1305 functions. | |
Data Structures | |
union | chacha20poly1305_ctx_t |
Chacha20poly1305 state struct. More... | |
Macros | |
#define | CHACHA20POLY1305_KEY_BYTES (32U) |
Key length in bytes. | |
#define | CHACHA20POLY1305_NONCE_BYTES (12U) |
Nonce length in bytes. | |
#define | CHACHA20POLY1305_TAG_BYTES (16U) |
Tag length in bytes. | |
Functions | |
void | chacha20poly1305_encrypt (uint8_t *cipher, const uint8_t *msg, size_t msglen, const uint8_t *aad, size_t aadlen, const uint8_t *key, const uint8_t *nonce) |
Encrypt a plaintext to ciphertext and append a tag to protect the ciphertext and additional data. | |
int | chacha20poly1305_decrypt (const uint8_t *cipher, size_t cipherlen, uint8_t *msg, size_t *msglen, const uint8_t *aad, size_t aadlen, const uint8_t *key, const uint8_t *nonce) |
Verify the tag and decrypt a ciphertext to plaintext. | |
#define CHACHA20POLY1305_KEY_BYTES (32U) |
Key length in bytes.
Definition at line 37 of file chacha20poly1305.h.
#define CHACHA20POLY1305_NONCE_BYTES (12U) |
Nonce length in bytes.
Definition at line 38 of file chacha20poly1305.h.
#define CHACHA20POLY1305_TAG_BYTES (16U) |
Tag length in bytes.
Definition at line 39 of file chacha20poly1305.h.
int chacha20poly1305_decrypt | ( | const uint8_t * | cipher, |
size_t | cipherlen, | ||
uint8_t * | msg, | ||
size_t * | msglen, | ||
const uint8_t * | aad, | ||
size_t | aadlen, | ||
const uint8_t * | key, | ||
const uint8_t * | nonce | ||
) |
Verify the tag and decrypt a ciphertext to plaintext.
It is allowed to have cipher == msg
[in] | cipher | resulting ciphertext, is CHACHA20POLY1305_TAG_BYTES longer than the message length |
[in] | cipherlen | length of the ciphertext |
[out] | msg | message to encrypt |
[in] | msglen | resulting length in bytes of the message |
[in] | aad | additional authenticated data to verify |
[in] | aadlen | length of the additional authenticated data |
[in] | key | key to decrypt with, must be CHACHA20POLY1305_KEY_BYTES long |
[in] | nonce | Nonce to use. Must be CHACHA20POLY1305_NONCE_BYTES long |
void chacha20poly1305_encrypt | ( | uint8_t * | cipher, |
const uint8_t * | msg, | ||
size_t | msglen, | ||
const uint8_t * | aad, | ||
size_t | aadlen, | ||
const uint8_t * | key, | ||
const uint8_t * | nonce | ||
) |
Encrypt a plaintext to ciphertext and append a tag to protect the ciphertext and additional data.
It is allowed to have cipher == msg as long as there is CHACHA20POLY1305_TAG_BYTES space left to hold the authentication tag
[out] | cipher | resulting ciphertext, is CHACHA20POLY1305_TAG_BYTES longer than the message length |
[in] | msg | message to encrypt |
[in] | msglen | length in bytes of the message |
[in] | aad | additional authenticated data to protect |
[in] | aadlen | length of the additional authenticated data |
[in] | key | key to encrypt with, must be CHACHA20POLY1305_KEY_BYTES long |
[in] | nonce | Nonce to use. Must be CHACHA20POLY1305_NONCE_BYTES long |