Add XChaCha20 and XChaCha20-Poly1305 (IETF draft-irtf-cfrg-xchacha) #1011
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
zssz
changed the title
krzyzanowskim
approved these changes
Sep 4, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Checklist:
Changes proposed in this pull request:
This PR introduces support for the XChaCha20 and XChaCha20-Poly1305 encryption algorithms, as specified in the IETF draft-irtf-cfrg-xchacha. The implementation leverages the existing ChaCha20 implementation by extending its functionality to support XChaCha20 and AEADXChaCha20Poly1305. New classes, XChaCha20 and AEADXChaCha20Poly1305, along with their respective test classes, XChaCha20Tests and XChaCha20Poly1305Tests, have been added. The test cases cover the HChaCha20 block function and encryption-decryption operations with the specified test vectors from the IETF draft documentation.
To accommodate the XChaCha20 variant, the ChaCha20 initializer has been updated with an optional blockCounter parameter and a new convenience initializer. The convenience initializer accepts key and nonce parameters and internally calls the main initializer with a default blockCounter value of
0. This allows for proper handling of the block counter, which is necessary for XChaCha20's extended nonce size, ensuring correct encryption and decryption behavior.These changes provide users with access to the XChaCha20 and XChaCha20-Poly1305 encryption algorithms for enhanced security and performance, broadening the library's cryptographic capabilities.