Documentation ¶
Overview ¶
Package chacha implements some low-level functions of the ChaCha cipher family.
Index ¶
Constants ¶
const ( // NonceSize is the size of the ChaCha20 nonce in bytes. NonceSize = 8 // INonceSize is the size of the IETF-ChaCha20 nonce in bytes. INonceSize = 12 // XNonceSize is the size of the XChaCha20 nonce in bytes. XNonceSize = 24 // KeySize is the size of the key in bytes. KeySize = 32 )
Variables ¶
This section is empty.
Functions ¶
func HChaCha20 ¶
HChaCha20 generates 32 pseudo-random bytes from a 128 bit nonce and a 256 bit secret key. It can be used as a key-derivation-function (KDF).
func XORKeyStream ¶
XORKeyStream crypts bytes from src to dst using the given nonce and key. The length of the nonce determinds the version of ChaCha20: - NonceSize: ChaCha20/r with a 64 bit nonce and a 2^64 * 64 byte period. - INonceSize: ChaCha20/r as defined in RFC 7539 and a 2^32 * 64 byte period. - XNonceSize: XChaCha20/r with a 192 bit nonce and a 2^64 * 64 byte period. The rounds argument specifies the number of rounds performed for keystream generation - valid values are 8, 12 or 20. The src and dst may be the same slice but otherwise should not overlap. If len(dst) < len(src) this function panics. If the nonce is neither 64, 96 nor 192 bits long, this function panics.
Types ¶
type Cipher ¶
type Cipher struct {
// contains filtered or unexported fields
}
Cipher implements ChaCha20/r (XChaCha20/r) for a given number of rounds r.
func NewCipher ¶
NewCipher returns a new *chacha.Cipher implementing the ChaCha20/r or XChaCha20/r (r = 8, 12 or 20) stream cipher. The nonce must be unique for one key for all time. The length of the nonce determinds the version of ChaCha20: - NonceSize: ChaCha20/r with a 64 bit nonce and a 2^64 * 64 byte period. - INonceSize: ChaCha20/r as defined in RFC 7539 and a 2^32 * 64 byte period. - XNonceSize: XChaCha20/r with a 192 bit nonce and a 2^64 * 64 byte period. If the nonce is neither 64, 96 nor 192 bits long, a non-nil error is returned.
func (*Cipher) SetCounter ¶
SetCounter skips ctr * 64 byte blocks. SetCounter(0) resets the cipher. This function always skips the unused keystream of the current 64 byte block.
func (*Cipher) XORKeyStream ¶
XORKeyStream crypts bytes from src to dst. Src and dst may be the same slice but otherwise should not overlap. If len(dst) < len(src) the function panics.
Notes ¶
Bugs ¶
A "good" compiler will remove this (optimizations)
But using the provided key instead of tmpKey, will change the key (-> probably confuses users)