xref: /dflybsd-src/sys/crypto/chachapoly.h (revision 03517d4e1314f46a8bc390aa6bcb929361ee0569) 
1  /*
2   * Copyright (c) 2015 Mike Belopuhov
3   * Copyright (c) 2023 Aaron LI <aly@aaronly.me>
4   *
5   * Permission to use, copy, modify, and distribute this software for any
6   * purpose with or without fee is hereby granted, provided that the above
7   * copyright notice and this permission notice appear in all copies.
8   *
9   * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10   * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11   * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12   * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13   * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14   * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15   * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16   */
17  
18  #ifndef _CHACHAPOLY_H_
19  #define _CHACHAPOLY_H_
20  
21  #define CHACHA20POLY1305_KEY_SIZE	32
22  #define CHACHA20POLY1305_AUTHTAG_SIZE	16
23  #define CHACHA20POLY1305_NONCE_SIZE	12
24  #define XCHACHA20POLY1305_NONCE_SIZE	24
25  
26  /*
27   * ChaCha20-Poly1305 AEAD cipher (RFC 8439)
28   *
29   * NOTE: Support in-place encryption/decryption; i.e., the output buffer
30   *       points to the same location as the input.
31   *
32   * NOTE: The output buffer may be NULL when to decrypt a message of empty
33   *       plaintext.  This is used by WireGuard.
34   */
35  void chacha20poly1305_encrypt(uint8_t *, const uint8_t *, size_t,
36  			      const uint8_t *, size_t,
37  			      const uint8_t[CHACHA20POLY1305_NONCE_SIZE],
38  			      const uint8_t[CHACHA20POLY1305_KEY_SIZE]);
39  bool chacha20poly1305_decrypt(uint8_t *, const uint8_t *, size_t,
40  			      const uint8_t *, size_t,
41  			      const uint8_t[CHACHA20POLY1305_NONCE_SIZE],
42  			      const uint8_t[CHACHA20POLY1305_KEY_SIZE]);
43  
44  /*
45   * XChaCha20-Poly1305 AEAD cipher
46   * (extended nonce size from 96 bits to 192 bits)
47   *
48   * NOTE: Support in-place encryption/decryption, as above.
49   */
50  void xchacha20poly1305_encrypt(uint8_t *, const uint8_t *, size_t,
51  			       const uint8_t *, size_t,
52  			       const uint8_t[XCHACHA20POLY1305_NONCE_SIZE],
53  			       const uint8_t[CHACHA20POLY1305_KEY_SIZE]);
54  bool xchacha20poly1305_decrypt(uint8_t *, const uint8_t *, size_t,
55  			       const uint8_t *, size_t,
56  			       const uint8_t[XCHACHA20POLY1305_NONCE_SIZE],
57  			       const uint8_t[CHACHA20POLY1305_KEY_SIZE]);
58  
59  /*
60   * Perform in-place encryption/decryption for data in an mbuf chain.
61   */
62  struct mbuf;
63  int chacha20poly1305_encrypt_mbuf(struct mbuf *, const uint8_t *, size_t,
64  				  const uint8_t[CHACHA20POLY1305_NONCE_SIZE],
65  				  const uint8_t[CHACHA20POLY1305_KEY_SIZE]);
66  int chacha20poly1305_decrypt_mbuf(struct mbuf *, const uint8_t *, size_t,
67  				  const uint8_t[CHACHA20POLY1305_NONCE_SIZE],
68  				  const uint8_t[CHACHA20POLY1305_KEY_SIZE]);
69  
70  #endif	/* _CHACHAPOLY_H_ */
71