iqr_chacha20.h File Reference

ISARA Radiate Security Solution Suite's ChaCha20 stream cipher. More...

Macros
#define	IQR_CHACHA20_KEY_SIZE   32
#define	IQR_CHACHA20_NONCE_SIZE   12

Functions
IQR_API iqr_retval	iqr_ChaCha20Encrypt (const uint8_t *key, size_t key_size, const uint8_t *nonce, size_t nonce_size, uint32_t counter, const uint8_t *plaintext, size_t plaintext_size, uint8_t *ciphertext, size_t ciphertext_size)
IQR_API iqr_retval	iqr_ChaCha20Decrypt (const uint8_t *key, size_t key_size, const uint8_t *nonce, size_t nonce_size, uint32_t counter, const uint8_t *ciphertext, size_t ciphertext_size, uint8_t *plaintext, size_t plaintext_size)

Macro Definition Documentation

IQR_CHACHA20_KEY_SIZE

#define IQR_CHACHA20_KEY_SIZE   32

The size of a ChaCha20 key in bytes (256 bits).

IQR_CHACHA20_NONCE_SIZE

#define IQR_CHACHA20_NONCE_SIZE   12

The size of a ChaCha20 nonce in bytes (96 bits).

Function Documentation

iqr_ChaCha20Decrypt()

IQR_API iqr_retval iqr_ChaCha20Decrypt	(	const uint8_t *	key,
		size_t	key_size,
		const uint8_t *	nonce,
		size_t	nonce_size,
		uint32_t	counter,
		const uint8_t *	ciphertext,
		size_t	ciphertext_size,
		uint8_t *	plaintext,
		size_t	plaintext_size
	)

Decrypt a ciphertext message using the ChaCha20 stream cipher, standardized in RFC 8439.

ChaCha20 is its own inverse so a second application of the decryption function with identical key, counter, and nonce is equivalent to calling the encryption function.

The plaintext and ciphertext buffers cannot overlap except if they are pointers to the same location with the same size. IQR_EPTROVERLAP will be returned if the buffers overlap and/or have different sizes.

All internal buffers used during iqr_ChaCha20Decrypt() are cleared and deallocated before the function returns.

Parameters

[in]	key	A buffer containing 256 bits of keying material.
[in]	key_size	The size of key in bytes. This value must be exactly IQR_CHACHA20_KEY_SIZE.
[in]	nonce	A buffer containing a 96 bit nonce.
[in]	nonce_size	The size of nonce in bytes. This value must be exactly IQR_CHACHA20_NONCE_SIZE.
[in]	counter	Initial value for block counter (ChaCha20 uses 64 byte blocks). Typically set to zero. It may be set to some other value if desired. For example it could be set to one if a protocol makes special use of the key-stream's zero block.
[in]	ciphertext	A buffer containing the ciphertext message to be decrypted.
[in]	ciphertext_size	The size of ciphertext in bytes.
[out]	plaintext	The buffer to which the decrypted message will be written.
[in]	plaintext_size	The size of plaintext in bytes. This must be at least ciphertext_size bytes.

Returns

IQR_OK on success, or a value from iqr_retval.h when an error occurs.

iqr_ChaCha20Encrypt()

IQR_API iqr_retval iqr_ChaCha20Encrypt	(	const uint8_t *	key,
		size_t	key_size,
		const uint8_t *	nonce,
		size_t	nonce_size,
		uint32_t	counter,
		const uint8_t *	plaintext,
		size_t	plaintext_size,
		uint8_t *	ciphertext,
		size_t	ciphertext_size
	)

Encrypt a plaintext message using the ChaCha20 stream cipher, standardized in RFC 8439.

ChaCha20 is its own inverse so a second application of the encryption function with identical key, counter, and nonce is equivalent to calling the decryption function.

The plaintext and ciphertext buffers cannot overlap except if they are pointers to the same location with the same size. IQR_EPTROVERLAP will be returned if the buffers overlap and/or have different sizes.

All internal buffers used during iqr_ChaCha20Encrypt() are cleared and deallocated before the function returns.

Parameters

[in]	key	A buffer containing 256 bits of keying material.
[in]	key_size	The size of key in bytes. This value must be exactly IQR_CHACHA20_KEY_SIZE.
[in]	nonce	A buffer containing a 96 bit nonce.
[in]	nonce_size	The size of nonce in bytes. This value must be exactly IQR_CHACHA20_NONCE_SIZE.
[in]	counter	Initial value for block counter (ChaCha20 uses 64 byte blocks). Typically set to zero. It may be set to some other value if desired. For example it could be set to one if a protocol makes special use of the key-stream's zero block.
[in]	plaintext	A buffer containing the plaintext message to be encrypted.
[in]	plaintext_size	The size of plaintext in bytes.
[out]	ciphertext	The buffer to which the encrypted message will be written.
[in]	ciphertext_size	The size of ciphertext in bytes. This must be at least plaintext_size bytes.

Returns

IQR_OK on success, or a value from iqr_retval.h when an error occurs.

Detailed Description

ISARA Radiate Security Solution Suite's ChaCha20 stream cipher.

ChaCha20 is a refinement of the Salsa20 stream cipher. It uses 256 bits of keying material, a 32-bit counter, and a 96-bit nonce to encrypt an arbitrary length plaintext. The output ciphertext is the same length as the plaintext.

The specification for ChaCha20 can be found in RFC 8439.

Copyright

Copyright 2015-2018, ISARA Corporation, All Rights Reserved.

License

The code and other content set out herein is not in the public domain, is considered a trade secret and is confidential to ISARA Corporation. Use, reproduction or distribution, in whole or in part, of such code or other content is strictly prohibited except by express written permission of ISARA Corporation. Please contact ISARA Corporation at info@.nosp@m.isar.nosp@m.a.com for more information.