| Copyright | (c) 2025 Jared Tobin |
|---|---|
| License | MIT |
| Maintainer | Jared Tobin <jared@ppad.tech> |
| Safe Haskell | None |
| Language | Haskell2010 |
Crypto.Cipher.ChaCha20
Description
A pure ChaCha20 implementation, as specified by RFC 8439.
Synopsis
- cipher :: ByteString -> Word32 -> ByteString -> ByteString -> Either Error ByteString
- block :: ByteString -> Word32 -> ByteString -> Either Error ByteString
ChaCha20 stream cipher
Arguments
| :: ByteString | 256-bit key |
| -> Word32 | 32-bit counter |
| -> ByteString | 96-bit nonce |
| -> ByteString | arbitrary-length plaintext |
| -> Either Error ByteString | ciphertext |
The ChaCha20 stream cipher. Generates a keystream and then XOR's the supplied input with it; use it both to encrypt plaintext and decrypt ciphertext.
Per RFC8439, the key must be exactly 256 bits, and the nonce exactly 96 bits.
>>>let key = "don't tell anyone my secret key!">>>let non = "or my nonce!">>>let cip = cipher key 1 non "but you can share the plaintext">>>cip"\192*c\248A\204\211n\130y8\197\146k\245\178Y\197=\180_\223\138\146:^\206\&0\v[\201">>>cipher key 1 non cipRight "but you can share the plaintext"
ChaCha20 block function
Arguments
| :: ByteString | 256-bit key |
| -> Word32 | 32-bit counter |
| -> ByteString | 96-bit nonce |
| -> Either Error ByteString | 512-bit keystream |
The ChaCha20 block function. Useful for generating a keystream.
Per RFC8439, the key must be exactly 256 bits, and the nonce exactly 96 bits.