CRYPTO_CHACHA20_ENCRYPT(3MONOCYPHER) | 3MONOCYPHER | CRYPTO_CHACHA20_ENCRYPT(3MONOCYPHER) |
crypto_chacha20_encrypt
,
crypto_chacha20_init
,
crypto_chacha20_x_init
,
crypto_chacha20_stream
,
crypto_chacha20_set_ctr
—
#include <monocypher.h>
void
crypto_chacha20_init
(crypto_chacha_ctx
*ctx, const uint8_t key[32],
const uint8_t nonce[8]);
void
crypto_chacha20_x_init
(crypto_chacha_ctx
*ctx, const uint8_t key[32],
const uint8_t nonce[24]);
void
crypto_chacha20_encrypt
(crypto_chacha_ctx
*ctx, uint8_t *cipher_text,
const uint8_t *plain_text, size_t
text_size);
void
crypto_chacha20_stream
(crypto_chacha_ctx
*ctx, uint8_t *stream, size_t
stream_size);
void
crypto_chacha20_set_ctr
(crypto_chacha_ctx
*ctx, uint64_t ctr);
For encryption, you can achieve an identical effect as the deprecated functions by using crypto_chacha20_ctr(3monocypher) or crypto_xchacha20_ctr(3monocypher). However, care needs to be taken with regards to handling the counter value when migrating old code to use the new functions. The new functions always return the next counter value. This means that input ciphertexts or plaintexts whose lengths are not exactly multiples of 64 bytes advance the counter, even though there is theoretically some space left in a ChaCha20 block. New applications should design their code so that either the protocol is not reliant on the counter covering the entire text (e.g. by cutting input into independent chunks) or inputs are always such that their lengths are multiples of 64 bytes (e.g. by buffering input until 64 bytes have been obtained).
To obtain the raw ChaCha20 stream previously provided by
crypto_chacha20_stream
(), pass
NULL
to
crypto_chacha20 as
plaintext.
crypto_chacha20_encrypt
() and
crypto_chacha20_init
() functions first appeared in
Monocypher 0.1. crypto_chacha20_stream
() was added in
Monocypher 0.2. crypto_chacha20_x_init
() and
crypto_chacha20_set_ctr
() were added in Monocypher
1.0. They were deprecated in Monocypher 3.0.0 and will be removed in
Monocypher 4.0.0.
June 11, 2021 | Debian |