HChacha20 special-purpose hashing.
#include <monocypher.h> void crypto_chacha20_H(uint8_t out, const uint8_t key, const uint8_t in );
provides a not-so-cryptographic hash.
It may be used for some specific purposes, such as X25519 key
derivation, or XChacha20 initialisation.
If in doubt, do not use directly.
Use Blake2b instead.
The arguments are:
key: A sufficiently random key, such as the output of
in: The space reserved for the Chacha20 nonce and counter. It does not have to be random.
out: A cryptographically secure random number if there is enough entropy in
key. X25519 shared secrets have enough entropy.
This function returns nothing.
const uint8_t key; /* Must have enough entropy */ const uint8_t in ; /* Does not have to be random */ uint8_t out; /* Will be random iff the above holds */ crypto_chacha20_H(out, key, in); /* Wipe secrets if they are no longer needed */ crypto_wipe(key, 32); crypto_wipe(in , 16);
This function implements HChacha20. HChacha20 derives from Chacha20 the same way HSalsa20 derives from Salsa20.
This is not a general-purpose cryptographic hash function.