X-Git-Url: http://tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fchacha-poly1305%2Fchachapoly.h;fp=src%2Fchacha-poly1305%2Fchachapoly.h;h=ffc9576d14496391f5123f85a7cea1b2df9a5d2a;hb=63df2139835bb532125562c73ec3efbc437a3634;hp=0000000000000000000000000000000000000000;hpb=9ce00234190baec0eaa608a5093bb3823487ef0c;p=tinc diff --git a/src/chacha-poly1305/chachapoly.h b/src/chacha-poly1305/chachapoly.h new file mode 100644 index 00000000..ffc9576d --- /dev/null +++ b/src/chacha-poly1305/chachapoly.h @@ -0,0 +1,82 @@ +/* + * The MIT License (MIT) + * + * Copyright (c) 2015 Grigori Goronzy + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to deal + * in the Software without restriction, including without limitation the rights + * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in all + * copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ + +#ifndef CHACHAPOLY_H +#define CHACHAPOLY_H + +#include "chacha.h" +#include "poly1305.h" + +#define CHACHAPOLY_OK 0 +#define CHACHAPOLY_INVALID_MAC -1 + +struct chachapoly_ctx { + struct chacha_ctx cha_ctx; +}; + +/** + * Initialize ChaCha20-Poly1305 AEAD. + * For RFC 7539 conformant AEAD, 256 bit keys must be used. + * + * \param ctx context data + * \param key 16 or 32 bytes of key material + * \param key_len key length, 256 or 512 bits + * \return success if 0 + */ +int chachapoly_init(struct chachapoly_ctx *ctx, const void *key, int key_len); + +/** + * Encrypt or decrypt with ChaCha20-Poly1305. The AEAD construction conforms + * to RFC 7539. + * + * \param ctx context data + * \param nonce nonce (12 bytes) + * \param ad associated data + * \param ad_len associated data length in bytes + * \param input plaintext/ciphertext input + * \param input_len input length in bytes; + * \param output plaintext/ciphertext output + * \param tag tag output + * \param tag_len tag length in bytes (0-16); + if 0, authentification is skipped + * \param encrypt decrypt if 0, else encrypt + * \return CHACHAPOLY_OK if no error, CHACHAPOLY_INVALID_MAC if auth + * failed when decrypting + */ +int chachapoly_crypt(struct chachapoly_ctx *ctx, const void *nonce, + const void *ad, int ad_len, void *input, int input_len, + void *output, void *tag, int tag_len, int encrypt); + +/** + * Encrypt or decrypt with Chacha20-Poly1305 for short messages. + * The AEAD construction is different from chachapoly_crypt, but more + * efficient for small messages. Up to 32 bytes can be encrypted. The size + * of associated data is not restricted. The interface is similar to + * chachapoly_crypt. + */ +int chachapoly_crypt_short(struct chachapoly_ctx *ctx, const void *nonce, + const void *ad, int ad_len, void *input, int input_len, + void *output, void *tag, int tag_len, int encrypt); + +#endif