crypto::chacha — Hare documentation

crypto::chacha+x86_64 +linux

crypto::chacha provides an implementation of the Chacha20 and XChacha20 stream ciphers.

Use chacha20 to create a crypto::cipher::xorstream and either chacha20_init or xchacha20_init to set the handle, key and nonce of the appropriate size, NONCESZ for chacha20 or XNONCESZ for XChacha20. After calling the appropriate init function, io::write may be used to encrypt blocks to the handle or io::read to decrypt blocks from the handle. The stream must be closed with io::close to wipe sensitive data from memory.

Writing blocks of length BLOCKSZ is not required. However, seeking the key stream with setctr only operates in units of BLOCKSZ.

This is a low-level module which implements cryptographic primitives. Direct use of cryptographic primitives is not recommended for non-experts, as incorrect use of these primitives can easily lead to the introduction of security vulnerabilities. Non-experts are advised to use the high-level operations available in the top-level crypto:: module.

Be advised that Hare's cryptography implementations have not been audited.

Index

Types

type stream = struct {
	cipher::xorstream,
	state: [16]u32,
	xorbuf: [BLOCKSZ]u8,
	xorused: size,
	rounds: size,
};

Constants

def BLOCKSZ: size = 64;
def KEYSZ: size = 32;
def NONCESZ: size = 12;
def XNONCESZ: size = 24;

Functions

fn chacha20() stream;
fn chacha20_init(s: *stream, h: io::handle, key: []u8, nonce: []u8) void;
fn hchacha20(out: []u8, key: []u8, nonce: []u8) void;
fn setctr(s: *stream, counter: u32) void;
fn xchacha20_init(s: *stream, h: io::handle, key: []u8, nonce: []u8) void;

Types

type stream[link]

type stream = struct {
	cipher::xorstream,
	state: [16]u32,
	xorbuf: [BLOCKSZ]u8,
	xorused: size,
	rounds: size,
};

A ChaCha20 or XChaCha20 crypto::cipher::xorstream depending on intialisation.

Constants

def BLOCKSZ[link]

def BLOCKSZ: size = 64;

The block size of the Chacha cipher in bytes.

def KEYSZ[link]

def KEYSZ: size = 32;

Size of a Chacha key, in bytes.

def NONCESZ[link]

def NONCESZ: size = 12;

Size of the Chacha20 nonce, in bytes.

def XNONCESZ[link]

def XNONCESZ: size = 24;

Size of the XChacha20 nonce, in bytes.

Functions

fn chacha20[link]

fn chacha20() stream;

Creates a ChaCha20 or XChaCha20 stream cipher. Must be initialized with chacha20_init or xchacha20_init prior to use, and must be closed with io::close after use to wipe sensitive data from memory.

fn chacha20_init[link]

fn chacha20_init(s: *stream, h: io::handle, key: []u8, nonce: []u8) void;

Initialize a Chacha20 stream.

fn hchacha20[link]

fn hchacha20(out: []u8, key: []u8, nonce: []u8) void;

Derives a new key from 'key' and 'nonce' as used during XChaCha20 initialization. This function may only be used for specific purposes such as X25519 key derivation. Do not use if in doubt.

fn setctr[link]

fn setctr(s: *stream, counter: u32) void;

Advances the key stream to "seek" to a future state by 'counter' times BLOCKSZ.

fn xchacha20_init[link]

fn xchacha20_init(s: *stream, h: io::handle, key: []u8, nonce: []u8) void;

Initialise a XChacha20 stream.