NAME
chacha20_init, chacha20_crypt, chacha20_clear, chacha20 - encrypt/decrypt a message using ChaCha20 cipher
SYNOPSIS
#include <limb/chacha20.h>
void chacha20_init(const void *key, const void *nonce, void *ctx) void chacha20_crypt(void *dst, const void *msg, size_t mlen, void *ctx) void chacha20_clear(void *ctx) void chacha20(void *dst, const void *key, const void *nonce, const void *msg, size_t mlen)
DESCRIPTION
The chacha20_init() function initializes the given chacha20 context ctx to
encrypt/decrypt a message using the ChaCha20 cipher.
This implementation is conform to RFC 8439, as such the key pointed
to by key must be 256bit/32 bytes long, and the nonce pointed to by nonce
must be 96bit/12 bytes long.
However, it also conforms to the original description by Daniel J. Bernstein, as long as the given nonce has its first 32bit/4 bytes set to zero.
In the former case, the message length shall not be more than 2^38 bytes. In the later case, the message length shall not be more than 2^70 bytes.
The chacha20_crypt() function processed the mlen bytes pointed to by msg,
encrypting or decrypting them (it's the same operation : plain text will be
encrypted, encrypted data will be decrypted back into plain text, assuming the
same key and nonce are used of course.) into the memory pointed to by dst
(which must be at least mlen bytes long).
It is possible to use the same memory area for both msg and dst, and have it
processed in-place. The function can be called as many times as needed.
The chacha20_clear() function simply clears the memory behind the ctx
context. In order to process another message, one can simply call
chacha20_init() on a previously used context without the need to clear it
first.
The chacha20() function can be used as convenience if the entire message can
be stored in a continuous memory area, to encrypt/decrypt it in a single call.