Functions
Algorithms - ChaCha20_Poly1305

Functions

WOLFSSL_API int wc_ChaCha20Poly1305_Encrypt (const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE], const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE], const byte *inAAD, const word32 inAADLen, const byte *inPlaintext, const word32 inPlaintextLen, byte *outCiphertext, byte outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE])
 This function encrypts an input message, inPlaintext, using the ChaCha20 stream cipher, into the output buffer, outCiphertext. It also performs Poly-1305 authentication (on the cipher text), and stores the generated authentication tag in the output buffer, outAuthTag. More...
 
WOLFSSL_API int wc_ChaCha20Poly1305_Decrypt (const byte inKey[CHACHA20_POLY1305_AEAD_KEYSIZE], const byte inIV[CHACHA20_POLY1305_AEAD_IV_SIZE], const byte *inAAD, const word32 inAADLen, const byte *inCiphertext, const word32 inCiphertextLen, const byte inAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE], byte *outPlaintext)
 This function decrypts input ciphertext, inCiphertext, using the ChaCha20 stream cipher, into the output buffer, outPlaintext. It also performs Poly-1305 authentication, comparing the given inAuthTag to an authentication generated with the inAAD (arbitrary length additional authentication data). Note: If the generated authentication tag does not match the supplied authentication tag, the text is not decrypted. More...
 

Detailed Description

Function Documentation

◆ wc_ChaCha20Poly1305_Decrypt()

WOLFSSL_API int wc_ChaCha20Poly1305_Decrypt ( const byte  inKey[CHACHA20_POLY1305_AEAD_KEYSIZE],
const byte  inIV[CHACHA20_POLY1305_AEAD_IV_SIZE],
const byte *  inAAD,
const word32  inAADLen,
const byte *  inCiphertext,
const word32  inCiphertextLen,
const byte  inAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE],
byte *  outPlaintext 
)

This function decrypts input ciphertext, inCiphertext, using the ChaCha20 stream cipher, into the output buffer, outPlaintext. It also performs Poly-1305 authentication, comparing the given inAuthTag to an authentication generated with the inAAD (arbitrary length additional authentication data). Note: If the generated authentication tag does not match the supplied authentication tag, the text is not decrypted.

Returns
0 Returned upon successfully decrypting the message
BAD_FUNC_ARG Returned if any of the function arguments do not match what is expected
MAC_CMP_FAILED_E Returned if the generated authentication tag does not match the supplied inAuthTag.
Parameters
inKeypointer to a buffer containing the 32 byte key to use for decryption
inIvpointer to a buffer containing the 12 byte iv to use for decryption
inAADpointer to the buffer containing arbitrary length additional authenticated data (AAD)
inAADLenlength of the input AAD
inCiphertextpointer to the buffer containing the ciphertext to decrypt
outCiphertextLenthe length of the ciphertext to decrypt
inAuthTagpointer to the buffer containing the 16 byte digest for authentication
outPlaintextpointer to the buffer in which to store the plaintext

Example

byte key[] = { // initialize 32 byte key };
byte iv[] = { // initialize 12 byte key };
byte inAAD[] = { // initialize AAD };
byte cipher[] = { // initialize with received ciphertext };
byte authTag[16] = { // initialize with received authentication tag };
byte plain[sizeof(cipher)];
int ret = wc_ChaCha20Poly1305_Decrypt(key, iv, inAAD, sizeof(inAAD),
cipher, sizeof(cipher), plain, authTag);
if(ret == MAC_CMP_FAILED_E) {
// error during authentication
} else if( ret != 0) {
// error with function arguments
}
See also
wc_ChaCha20Poly1305_Encrypt
wc_ChaCha_*
wc_Poly1305*

◆ wc_ChaCha20Poly1305_Encrypt()

WOLFSSL_API int wc_ChaCha20Poly1305_Encrypt ( const byte  inKey[CHACHA20_POLY1305_AEAD_KEYSIZE],
const byte  inIV[CHACHA20_POLY1305_AEAD_IV_SIZE],
const byte *  inAAD,
const word32  inAADLen,
const byte *  inPlaintext,
const word32  inPlaintextLen,
byte *  outCiphertext,
byte  outAuthTag[CHACHA20_POLY1305_AEAD_AUTHTAG_SIZE] 
)

This function encrypts an input message, inPlaintext, using the ChaCha20 stream cipher, into the output buffer, outCiphertext. It also performs Poly-1305 authentication (on the cipher text), and stores the generated authentication tag in the output buffer, outAuthTag.

Returns
0 Returned upon successfully encrypting the message
BAD_FUNC_ARG returned if there is an error during the encryption process
Parameters
inKeypointer to a buffer containing the 32 byte key to use for encryption
inIvpointer to a buffer containing the 12 byte iv to use for encryption
inAADpointer to the buffer containing arbitrary length additional authenticated data (AAD)
inAADLenlength of the input AAD
inPlaintextpointer to the buffer containing the plaintext to encrypt
inPlaintextLenthe length of the plain text to encrypt
outCiphertextpointer to the buffer in which to store the ciphertext
outAuthTagpointer to a 16 byte wide buffer in which to store the authentication tag

Example

byte key[] = { // initialize 32 byte key };
byte iv[] = { // initialize 12 byte key };
byte inAAD[] = { // initialize AAD };
byte plain[] = { // initialize message to encrypt };
byte cipher[sizeof(plain)];
byte authTag[16];
int ret = wc_ChaCha20Poly1305_Encrypt(key, iv, inAAD, sizeof(inAAD),
plain, sizeof(plain), cipher, authTag);
if(ret != 0) {
// error running encrypt
}
See also
wc_ChaCha20Poly1305_Decrypt
wc_ChaCha_*
wc_Poly1305*