(key, nonce)
tuple, for example by taking the first bytes generated by a stream cipher.crypto_onetimeauth()
function authenticates a message in
whose length is inlen
using a secret key k
(crypto_onetimeauth_KEYBYTES
bytes) and puts the authenticator into out
(crypto_onetimeauth_BYTES
bytes).crypto_onetimeauth_verify()
function verifies, in constant time, that h
is a correct authenticator for the message in
whose length is inlen
bytes, using the secret key k
.-1
if the verification fails, or 0
on success.crypto_onetimeauth_init()
function initializes a structure pointed by state
using a key key
.state
. The size of this value can be obtained using sizeof(crypto_onetimeauth_state)
, or crypto_onetimeauth_statebytes()
.crypto_onetimeauth_update()
can then be called more than one in order to compute the authenticator from sequential chunks of the message.crypto_onetimeauth_final()
puts the authenticator into out
.crypto_onetimeauth_init()
before updating or finalizing it.crypto_onetimeauth_final()
returns, the state should not be used any more, unless it is reinitialized using crypto_onetimeauth_init()
.crypto_onetimeauth_keygen()
function fills k
with a random key. This convenience function was introduced in libsodium 1.0.12.crypto_onetimeauth_BYTES
crypto_onetimeauth_KEYBYTES
crypto_onetimeauth_state