deps/cifra/src/chacha20poly1305.h - third_party/github/h2o/picotls - Git at Google

 /*
  * cifra - embedded cryptography library
  * Written in 2014 by Joseph Birr-Pixton <jpixton@gmail.com>
  *
  * To the extent possible under law, the author(s) have dedicated all
  * copyright and related and neighboring rights to this software to the
  * public domain worldwide. This software is distributed without any
  * warranty.
  *
  * You should have received a copy of the CC0 Public Domain Dedication
  * along with this software. If not, see
  * <http://creativecommons.org/publicdomain/zero/1.0/>.
  */

 #ifndef CHACHA20POLY1305_H
 #define CHACHA20POLY1305_H

 #include <stdint.h>
 #include <stddef.h>

 /**
  * The ChaCha20-Poly1305 AEAD construction
  * =======================================
  * This is a composition of the ChaCha20 stream cipher and
  * the Poly1305 polynomial MAC to form an AEAD.
  * It's specified for use in TLS in the form of RFC7539.
  *
  * It uses a 256-bit key and a 96-bit nonce.
  *
  * This is a one-shot interface.
  */

 /* .. c:function:: $DECL
  * ChaCha20-Poly1305 authenticated encryption.
  *
  * :param key: key material.
  * :param nonce: per-message nonce.
  * :param header: header buffer.
  * :param nheader: number of header bytes.
  * :param plaintext: plaintext bytes to be encrypted.
  * :param nbytes: number of plaintext/ciphertext bytes.
  * :param ciphertext: ciphertext output buffer, nbytes in length.
  * :param tag: authentication tag output buffer.
  */
 void cf_chacha20poly1305_encrypt(const uint8_t key[32],
                                  const uint8_t nonce[12],
                                  const uint8_t *header, size_t nheader,
                                  const uint8_t *plaintext, size_t nbytes,
                                  uint8_t *ciphertext,
                                  uint8_t tag[16]);

 /* .. c:function:: $DECL
  * ChaCha20-Poly1305 authenticated decryption.
  *
  * :return: 0 on success, non-zero on error.  Plaintext is zeroed on error.
  *
  * :param key: key material.
  * :param nonce: per-message nonce.
  * :param header: header buffer.
  * :param nheader: number of header bytes.
  * :param ciphertext: ciphertext bytes to be decrypted.
  * :param nbytes: number of plaintext/ciphertext bytes.
  * :param plaintext: plaintext output buffer, nbytes in length.
  * :param tag: authentication tag output buffer.
  */
 int cf_chacha20poly1305_decrypt(const uint8_t key[32],
                                 const uint8_t nonce[12],
                                 const uint8_t *header, size_t nheader,
                                 const uint8_t *ciphertext, size_t nbytes,
                                 const uint8_t tag[16],
                                 uint8_t *plaintext);

 #endif
	/*
	* cifra - embedded cryptography library
	* Written in 2014 by Joseph Birr-Pixton <jpixton@gmail.com>
	*
	* To the extent possible under law, the author(s) have dedicated all
	* copyright and related and neighboring rights to this software to the
	* public domain worldwide. This software is distributed without any
	* warranty.
	*
	* You should have received a copy of the CC0 Public Domain Dedication
	* along with this software. If not, see
	* <http://creativecommons.org/publicdomain/zero/1.0/>.
	*/

	#ifndef CHACHA20POLY1305_H
	#define CHACHA20POLY1305_H

	#include <stdint.h>
	#include <stddef.h>

	/**
	* The ChaCha20-Poly1305 AEAD construction
	* =======================================
	* This is a composition of the ChaCha20 stream cipher and
	* the Poly1305 polynomial MAC to form an AEAD.
	* It's specified for use in TLS in the form of RFC7539.
	*
	* It uses a 256-bit key and a 96-bit nonce.
	*
	* This is a one-shot interface.
	*/

	/* .. c:function:: $DECL
	* ChaCha20-Poly1305 authenticated encryption.
	*
	* :param key: key material.
	* :param nonce: per-message nonce.
	* :param header: header buffer.
	* :param nheader: number of header bytes.
	* :param plaintext: plaintext bytes to be encrypted.
	* :param nbytes: number of plaintext/ciphertext bytes.
	* :param ciphertext: ciphertext output buffer, nbytes in length.
	* :param tag: authentication tag output buffer.
	*/
	void cf_chacha20poly1305_encrypt(const uint8_t key[32],
	const uint8_t nonce[12],
	const uint8_t *header, size_t nheader,
	const uint8_t *plaintext, size_t nbytes,
	uint8_t *ciphertext,
	uint8_t tag[16]);

	/* .. c:function:: $DECL
	* ChaCha20-Poly1305 authenticated decryption.
	*
	* :return: 0 on success, non-zero on error. Plaintext is zeroed on error.
	*
	* :param key: key material.
	* :param nonce: per-message nonce.
	* :param header: header buffer.
	* :param nheader: number of header bytes.
	* :param ciphertext: ciphertext bytes to be decrypted.
	* :param nbytes: number of plaintext/ciphertext bytes.
	* :param plaintext: plaintext output buffer, nbytes in length.
	* :param tag: authentication tag output buffer.
	*/
	int cf_chacha20poly1305_decrypt(const uint8_t key[32],
	const uint8_t nonce[12],
	const uint8_t *header, size_t nheader,
	const uint8_t *ciphertext, size_t nbytes,
	const uint8_t tag[16],
	uint8_t *plaintext);

	#endif