chacha20poly1305 AEAD cipher

Provides RFC 8439 style chacha20poly1305. More...

Detailed Description

Provides RFC 8439 style chacha20poly1305.

This module provides the chacha20poly1305 AEAD symmetric cipher following rfc 8439.

Nonces must be unique per message for a single key. They are allowed to be predictable, e.g. a message counter and are allowed to be visible during transmission.

Files

file  chacha20poly1305.h
 Chacha20poly1305 functions.
 

Data Structures

union  chacha20poly1305_ctx_t
 Chacha20poly1305 state struct. More...
 

Macros

#define CHACHA20POLY1305_KEY_BYTES   (32U)
 Key length in bytes.
 
#define CHACHA20POLY1305_NONCE_BYTES   (12U)
 Nonce length in bytes.
 
#define CHACHA20POLY1305_TAG_BYTES   (16U)
 Tag length in bytes.
 

Functions

void chacha20poly1305_encrypt (uint8_t *cipher, const uint8_t *msg, size_t msglen, const uint8_t *aad, size_t aadlen, const uint8_t *key, const uint8_t *nonce)
 Encrypt a plaintext to ciphertext and append a tag to protect the ciphertext and additional data. More...
 
int chacha20poly1305_decrypt (const uint8_t *cipher, size_t cipherlen, uint8_t *msg, size_t *msglen, const uint8_t *aad, size_t aadlen, const uint8_t *key, const uint8_t *nonce)
 Verify the tag and decrypt a ciphertext to plaintext. More...
 

Function Documentation

◆ chacha20poly1305_decrypt()

int chacha20poly1305_decrypt ( const uint8_t *  cipher,
size_t  cipherlen,
uint8_t *  msg,
size_t *  msglen,
const uint8_t *  aad,
size_t  aadlen,
const uint8_t *  key,
const uint8_t *  nonce 
)

Verify the tag and decrypt a ciphertext to plaintext.

It is allowed to have cipher == msg

Parameters
[in]cipherresulting ciphertext, is CHACHA20POLY1305_TAG_BYTES longer than the message length
[in]cipherlenlength of the ciphertext
[out]msgmessage to encrypt
[in]msglenresulting length in bytes of the message
[in]aadadditional authenticated data to verify
[in]aadlenlength of the additional authenticated data
[in]keykey to decrypt with, must be CHACHA20POLY1305_KEY_BYTES long
[in]nonceNonce to use. Must be CHACHA20POLY1305_NONCE_BYTES long

◆ chacha20poly1305_encrypt()

void chacha20poly1305_encrypt ( uint8_t *  cipher,
const uint8_t *  msg,
size_t  msglen,
const uint8_t *  aad,
size_t  aadlen,
const uint8_t *  key,
const uint8_t *  nonce 
)

Encrypt a plaintext to ciphertext and append a tag to protect the ciphertext and additional data.

It is allowed to have cipher == msg as long as there is CHACHA20POLY1305_TAG_BYTES space left to hold the authentication tag

Parameters
[out]cipherresulting ciphertext, is CHACHA20POLY1305_TAG_BYTES longer than the message length
[in]msgmessage to encrypt
[in]msglenlength in bytes of the message
[in]aadadditional authenticated data to protect
[in]aadlenlength of the additional authenticated data
[in]keykey to encrypt with, must be CHACHA20POLY1305_KEY_BYTES long
[in]nonceNonce to use. Must be CHACHA20POLY1305_NONCE_BYTES long