std.crypto.chacha.hchacha20
Show source codeHide source code
fn pub hchacha20(key: ref ByteArray, nonce: ref ByteArray) -> ByteArray {
if key.size != KEY_SIZE {
panic('HChaCha20 key sizes must be exactly ${KEY_SIZE} bytes')
}
if nonce.size != HCHACHA_NONCE_SIZE {
panic('HChaCha20 nonce sizes must be exactly ${HCHACHA_NONCE_SIZE} bytes')
}
let out = ByteArray.filled(with: 0, times: 32)
let matrix = Matrix(
[
0x61707865,
0x3320646E,
0x79622D32,
0x6B206574,
little.read_u32(from: key, at: 0),
little.read_u32(from: key, at: 4),
little.read_u32(from: key, at: 8),
little.read_u32(from: key, at: 12),
little.read_u32(from: key, at: 16),
little.read_u32(from: key, at: 20),
little.read_u32(from: key, at: 24),
little.read_u32(from: key, at: 28),
little.read_u32(from: nonce, at: 0),
little.read_u32(from: nonce, at: 4),
little.read_u32(from: nonce, at: 8),
little.read_u32(from: nonce, at: 12),
],
)
matrix.perform_rounds
little.write_u32(matrix.words.get(0), into: out, at: 0)
little.write_u32(matrix.words.get(1), into: out, at: 4)
little.write_u32(matrix.words.get(2), into: out, at: 8)
little.write_u32(matrix.words.get(3), into: out, at: 12)
little.write_u32(matrix.words.get(12), into: out, at: 16)
little.write_u32(matrix.words.get(13), into: out, at: 20)
little.write_u32(matrix.words.get(14), into: out, at: 24)
little.write_u32(matrix.words.get(15), into: out, at: 28)
out
}
fn pub static hchacha20(key: ref ByteArray, nonce: ref ByteArray) -> ByteArray
Derives a sub-key from a secret key and nonce, using the HChaCha20 algorithm.
HChaCha20 is a hasher used as part of XChaCha20, and may be used for other similar purposes such as X25519 key derivation. It's not a general-purpose cryptographic hasher, and direct use is best avoided unless you're certain you must use the HChaCha20 hasher.
The API is different from traditional cryptographic hashers, as HChaCha20 isn't meant to hash arbitrary input.
The return value is a ByteArray containing the 256-bit derived sub-key.
Panics
This method panics if key
isn't exactly 32 bytes, or if nonce
isn't
exactly 16 bytes.