crypto::chacha
crypto::chacha provides an implementation of the Chacha20 and XChacha20 stream
ciphers.
Use chacha20 to create a crypto::cipher::xorstream and either
chacha20_init or xchacha20_init to set the handle, key and nonce of the
appropriate size, NONCESIZE for chacha20 or XNONCESIZE for XChacha20.
After calling the appropriate init function, io::write may be used to
encrypt blocks to the handle or io::read to decrypt blocks from the handle.
The stream must be closed with io::close to wipe sensitive data from
memory.
Writing blocks of length BLOCKSIZE is not required. However, seeking the
key stream with setctr only operates in units of BLOCKSIZE.
This is a low-level module which implements cryptographic primitives. Direct
use of cryptographic primitives is not recommended for non-experts, as
incorrect use of these primitives can easily lead to the introduction of
security vulnerabilities. Non-experts are advised to use the high-level
operations available in the top-level crypto module.
Be advised that Hare's cryptography implementations have not been audited.
Index
Types
type stream;
Constants
const BLOCKSIZE: size;
const KEYSIZE: size;
const NONCESIZE: size;
const XNONCESIZE: size;
Functions
fn chacha20() stream;
fn chacha20_init(*stream, io::handle, []u8, []u8) void;
fn hchacha20([]u8, []u8, []u8) void;
fn setctr(*stream, u32) void;
fn xchacha20_init(*stream, io::handle, []u8, []u8) void;
Types
type stream
type stream = struct {
cipher::xorstream,
state: [16]u32,
xorbuf: [BLOCKSIZE]u8,
xorused: size,
rounds: size,
};
A ChaCha20 or XChaCha20 crypto::cipher::xorstream depending on
intialisation.
Constants
def BLOCKSIZE
def BLOCKSIZE: size;
The block size of the Chacha cipher in bytes.
def KEYSIZE
def KEYSIZE: size;
Size of a Chacha key, in bytes.
def NONCESIZE
def NONCESIZE: size;
Size of the Chacha20 nonce, in bytes.
def XNONCESIZE
def XNONCESIZE: size;
Size of the XChacha20 nonce, in bytes.
Functions
fn chacha20
fn chacha20() stream;
Creates a ChaCha20 or XChaCha20 stream cipher. Must be initialized with
chacha20_init or xchacha20_init prior to use, and must be closed
with io::close after use to wipe sensitive data from memory.
fn chacha20_init
fn chacha20_init(s: *stream, h: io::handle, key: []u8, nonce: []u8) void;
Initialize a Chacha20 stream.
fn hchacha20
fn hchacha20(out: []u8, key: []u8, nonce: []u8) void;
Derives a new key from 'key' and 'nonce' as used during XChaCha20
initialization. This function may only be used for specific purposes
such as X25519 key derivation. Do not use if in doubt.
fn setctr
fn setctr(s: *stream, counter: u32) void;
Advances the key stream to "seek" to a future state by 'counter' times
BLOCKSIZE.
fn xchacha20_init
fn xchacha20_init(s: *stream, h: io::handle, key: []u8, nonce: []u8) void;
Initialise a XChacha20 stream.