/src/openssl/include/crypto/chacha.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #ifndef OSSL_CRYPTO_CHACHA_H |
11 | | #define OSSL_CRYPTO_CHACHA_H |
12 | | |
13 | | #include <stddef.h> |
14 | | |
15 | | /* |
16 | | * ChaCha20_ctr32 encrypts |len| bytes from |inp| with the given key and |
17 | | * nonce and writes the result to |out|, which may be equal to |inp|. |
18 | | * The |key| is not 32 bytes of verbatim key material though, but the |
19 | | * said material collected into 8 32-bit elements array in host byte |
20 | | * order. Same approach applies to nonce: the |counter| argument is |
21 | | * pointer to concatenated nonce and counter values collected into 4 |
22 | | * 32-bit elements. This, passing crypto material collected into 32-bit |
23 | | * elements as opposite to passing verbatim byte vectors, is chosen for |
24 | | * efficiency in multi-call scenarios. |
25 | | */ |
26 | | void ChaCha20_ctr32(unsigned char *out, const unsigned char *inp, |
27 | | size_t len, const unsigned int key[8], |
28 | | const unsigned int counter[4]); |
29 | | /* |
30 | | * You can notice that there is no key setup procedure. Because it's |
31 | | * as trivial as collecting bytes into 32-bit elements, it's reckoned |
32 | | * that below macro is sufficient. |
33 | | */ |
34 | 0 | #define CHACHA_U8TOU32(p) ( \ |
35 | 0 | ((unsigned int)(p)[0]) | ((unsigned int)(p)[1]<<8) | \ |
36 | 0 | ((unsigned int)(p)[2]<<16) | ((unsigned int)(p)[3]<<24) ) |
37 | | |
38 | 0 | #define CHACHA_KEY_SIZE 32 |
39 | 0 | #define CHACHA_CTR_SIZE 16 |
40 | 0 | #define CHACHA_BLK_SIZE 64 |
41 | | |
42 | | #endif |