crypto_hchacha20 —
HChacha20 special-purpose hashing
#include
<monocypher.h>
void
crypto_hchacha20(
uint8_t
out[32],
const uint8_t key[32],
const uint8_t in[16]);
crypto_hchacha20() provides a not-so-cryptographic
hash. It may be used for some specific purposes, such as X25519 key
derivation, or XChacha20 initialisation. If in doubt, do not use directly. Use
crypto_blake2b(3monocypher)
instead.
The arguments are:
-
-
- key
- A sufficiently random key, such as the output of
crypto_x25519(3monocypher).
-
-
- in
- The space reserved for the Chacha20 nonce and counter. It
does not have to be random.
-
-
- out
- A cryptographically secure random number
if there is enough entropy in
key. X25519 shared secrets have enough
entropy.
This function returns nothing.
The following example assumes the existence of
arc4random_buf(), which fills the given buffer
with cryptographically secure random bytes. If
arc4random_buf() does not exist on your system,
see
intro(3monocypher) for
advice about how to generate cryptographically secure random bytes.
Simple hash:
uint8_t key[32]; /* Must have enough entropy */
uint8_t in [16]; /* Does not have to be random */
uint8_t out[32]; /* Will be random iff the above holds */
arc4random_buf(key, 32);
crypto_hchacha20(out, key, in);
/* Wipe secrets if they are no longer needed */
crypto_wipe(key, 32);
crypto_wipe(in , 16);
crypto_chacha20_encrypt(3monocypher),
crypto_key_exchange(3monocypher),
intro(3monocypher)
This function implements HChacha20. HChacha20 derives from Chacha20 the same way
HSalsa20 derives from Salsa20.
The
crypto_hchacha20() function first appeared in
Monocypher 0.1 as
crypto_chacha20_H(). It was
renamed to
crypto_hchacha20() in Monocypher
3.0.0.
This is not a general-purpose cryptographic hash
function.