CRYPTO_HCHACHA20(3MONOCYPHER) | 3MONOCYPHER | CRYPTO_HCHACHA20(3MONOCYPHER) |
NAME
HChaCha20 special-purpose hashing#include
<monocypher.h>
void
crypto_hchacha20
(uint8_t
out[32], const uint8_t key[32],
const uint8_t in[16]);
DESCRIPTION
crypto_hchacha20
()
provides a not-so-cryptographic hash. It may be used for some specific
purposes such as X25519 key derivation or XChaCha20 initialisation. If in
doubt, do not use directly. Use
crypto_blake2b()
instead.
The arguments are:
- key
- A sufficiently random key, such as the output of crypto_x25519().
- in
- The space reserved for the ChaCha20 nonce and counter. It does not have to be random.
- out
- A cryptographically secure random number if there is enough entropy in key. X25519 shared secrets have enough entropy.
RETURN VALUES
This function returns nothing.
EXAMPLES
The following example assumes the existence of
arc4random_buf
(), which fills the given buffer with
cryptographically secure random bytes. If
arc4random_buf
() does not exist on your system, see
intro() for advice about how to
generate cryptographically secure random bytes.
Simple hash:
uint8_t key[32]; /* Must have enough entropy */ uint8_t in [16]; /* Does not have to be random */ uint8_t out[32]; /* Will be random iff the above holds */ arc4random_buf(key, 32); crypto_hchacha20(out, key, in); /* Wipe secrets if they are no longer needed */ crypto_wipe(key, 32); crypto_wipe(in , 16);
SEE ALSO
STANDARDS
This function implements HChaCha20. HChaCha20 derives from ChaCha20 the same way HSalsa20 derives from Salsa20.
HISTORY
The crypto_hchacha20
() function first
appeared in Monocypher 0.1 as crypto_chacha20_H
().
It was renamed to crypto_hchacha20
() in Monocypher
3.0.0.
CAVEATS
February 13, 2022 | Debian |