crypto_chacha20_H —
HChacha20 special-purpose hashing
#include
<monocypher.h>
void
crypto_chacha20_H(
uint8_t
out[32],
const uint8_t key[32],
const uint8_t in[16]);
crypto_chacha20_H() provides a not-so-cryptographic
hash. It may be used for some specific purposes, such as X25519 key
derivation, or XChacha20 initialisation. If in doubt, do not use directly. Use
crypto_blake2b(3monocypher)
instead.
The arguments are:
-
-
- key
- A sufficiently random key, such as the output of
crypto_x25519(3monocypher).
-
-
- in
- The space reserved for the Chacha20 nonce and counter. It
does not have to be random.
-
-
- out
- A cryptographically secure random number
if there is enough entropy in
key. X25519 shared secrets have enough
entropy.
This function returns nothing.
Simple hash:
const uint8_t key[32]; /* Must have enough entropy */
const uint8_t in [16]; /* Does not have to be random */
uint8_t out[32]; /* Will be random iff the above holds */
crypto_chacha20_H(out, key, in);
/* Wipe secrets if they are no longer needed */
crypto_wipe(key, 32);
crypto_wipe(in , 16);
crypto_chacha20_encrypt(3monocypher),
crypto_key_exchange(3monocypher),
intro(3monocypher)
This function implements HChacha20. HChacha20 derives from Chacha20 the same way
HSalsa20 derives from Salsa20.
The
crypto_chacha20_H() function first appeared in
Monocypher 0.1.
This is not a general-purpose cryptographic hash
function.