(key, nonce)
pair.(key, nonce)
pair.crypto_stream
API (XSalsa20) or the ChaCha20-based construction with an extended nonce, XChaCha20 (crypto_stream_xchacha20
).crypto_stream_chacha20()
function stores clen
pseudo random bytes into c
using a nonce n
(crypto_stream_chacha20_NONCEBYTES
bytes) and a secret key k
(crypto_stream_chacha20_KEYBYTES
bytes).crypto_stream_chacha20_xor()
function encrypts a message m
of length mlen
using a nonce n
(crypto_stream_chacha20_NONCEBYTES
bytes) and a secret key k
(crypto_stream_chacha20_KEYBYTES
bytes).c
. The ciphertext is the message combined with the output of the stream cipher using the XOR operation, and doesn't include any authentication tag.m
and c
can point to the same address (in-place encryption/decryption). If they don't, the regions should not overlap.crypto_stream_chacha20_xor_ic()
function is similar to crypto_stream_chacha20_xor()
but adds the ability to set the initial value of the block counter to a non-zero value, ic
.m
and c
can point to the same address (in-place encryption/decryption). If they don't, the regions should not overlap.crypto_stream_chacha20_ietf()
function stores clen
pseudo random bytes into c
using a nonce n
(crypto_stream_chacha20_ietf_NONCEBYTES
bytes) and a secret key k
(crypto_stream_chacha20_ietf_KEYBYTES
bytes).crypto_stream_chacha20_ietf_xor()
function encrypts a message m
of length mlen
using a nonce n
(crypto_stream_chacha20_ietf_NONCEBYTES
bytes) and a secret key k
(crypto_stream_chacha20_ietf_KEYBYTES
bytes).c
. The ciphertext is the message combined with the output of the stream cipher using the XOR operation, and doesn't include any authentication tag.m
and c
can point to the same address (in-place encryption/decryption). If they don't, the regions should not overlap.crypto_stream_chacha20_ietf_xor_ic()
function is similar to crypto_stream_chacha20_ietf_xor()
but adds the ability to set the initial value of the block counter to a non-zero value, ic
.m
and c
can point to the same address (in-place encryption/decryption). If they don't, the regions should not overlap.crypto_stream_chacha20_KEYBYTES
crypto_stream_chacha20_NONCEBYTES
crypto_stream_chacha20_ietf_KEYBYTES
crypto_stream_chacha20_ietf_NONCEBYTES
key
, nonce
) pair. The original design doesn't have this limitation.