chacha.h (1771B)
1 // Copyright 2014 The BoringSSL Authors 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // https://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 #ifndef OPENSSL_HEADER_CHACHA_H 16 #define OPENSSL_HEADER_CHACHA_H 17 18 #include <openssl/base.h> // IWYU pragma: export 19 20 #if defined(__cplusplus) 21 extern "C" { 22 #endif 23 24 // ChaCha20. 25 // 26 // ChaCha20 is a stream cipher. See https://tools.ietf.org/html/rfc8439. 27 28 29 // CRYPTO_chacha_20 encrypts |in_len| bytes from |in| with the given key and 30 // nonce and writes the result to |out|. If |in| and |out| alias, they must be 31 // equal. The initial block counter is specified by |counter|. 32 // 33 // This function implements a 32-bit block counter as in RFC 8439. On overflow, 34 // the counter wraps. Reusing a key, nonce, and block counter combination is not 35 // secure, so wrapping is usually a bug in the caller. While it is possible to 36 // wrap without reuse with a large initial block counter, this is not 37 // recommended and may not be portable to other ChaCha20 implementations. 38 OPENSSL_EXPORT void CRYPTO_chacha_20(uint8_t *out, const uint8_t *in, 39 size_t in_len, const uint8_t key[32], 40 const uint8_t nonce[12], uint32_t counter); 41 42 43 #if defined(__cplusplus) 44 } // extern C 45 #endif 46 47 #endif // OPENSSL_HEADER_CHACHA_H