[][src]Struct chacha20poly1305::XChaCha20Poly1305

pub struct XChaCha20Poly1305 { /* fields omitted */ }

XChaCha20Poly1305 is a ChaCha20Poly1305 variant with an extended 192-bit (24-byte) nonce. The xchacha20poly1305 Cargo feature must be enabled in order to use this (which it is by default).

The construction is an adaptation of the same techniques used by XSalsa20 as described in the paper "Extending the Salsa20 Nonce" to the 96-bit nonce variant of ChaCha20, which derive a separate subkey/nonce for each extended nonce:

https://cr.yp.to/snuffle/xsalsa-20081128.pdf

No authoritative specification exists for XChaCha20Poly1305, however the construction has "rough consensus and running code" in the form of several interoperable libraries and protocols (e.g. libsodium, WireGuard) and is documented in an (expired) IETF draft, which also applies the proof from the XSalsa20 paper to the construction in order to demonstrate that XChaCha20 is secure if ChaCha20 is secure (see Section 3.1):

https://tools.ietf.org/html/draft-arciszewski-xchacha-03

It is worth noting that NaCl/libsodium's default "secretbox" algorithm is XSalsa20Poly1305, not XChaCha20Poly1305, and thus not compatible with this library. If you are interested in that construction, please see the xsalsa20poly1305 crate:

https://docs.rs/xsalsa20poly1305/

Usage

use chacha20poly1305::XChaCha20Poly1305;
use aead::{Aead, NewAead, generic_array::GenericArray};

let key = GenericArray::clone_from_slice(b"an example very very secret key."); // 32-bytes
let aead = XChaCha20Poly1305::new(key);

let nonce = GenericArray::from_slice(b"extra long unique nonce!"); // 24-bytes; unique
let ciphertext = aead.encrypt(nonce, b"plaintext message".as_ref()).expect("encryption failure!");
let plaintext = aead.decrypt(nonce, ciphertext.as_ref()).expect("decryption failure!");
assert_eq!(&plaintext, b"plaintext message");

Trait Implementations

impl Drop for XChaCha20Poly1305[src]

impl Clone for XChaCha20Poly1305[src]

impl NewAead for XChaCha20Poly1305[src]

type KeySize = U32

The size of the key array required by this algorithm.

impl Aead for XChaCha20Poly1305[src]

type NonceSize = U24

The length of a nonce.

type TagSize = U16

The maximum length of the nonce.

type CiphertextOverhead = U0

The upper bound amount of additional space required to support a ciphertext vs. a plaintext. Read more

Auto Trait Implementations

Blanket Implementations

impl<T> From<T> for T[src]

impl<T, U> TryFrom<U> for T where
    U: Into<T>, [src]

type Error = Infallible

The type returned in the event of a conversion error.

impl<T, U> Into<U> for T where
    U: From<T>, [src]

impl<T, U> TryInto<U> for T where
    U: TryFrom<T>, [src]

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

impl<T> Borrow<T> for T where
    T: ?Sized[src]

impl<T> BorrowMut<T> for T where
    T: ?Sized[src]

impl<T> Any for T where
    T: 'static + ?Sized[src]

impl<Algo> AeadMut for Algo where
    Algo: Aead[src]

type NonceSize = <Algo as Aead>::NonceSize

The length of a nonce.

type TagSize = <Algo as Aead>::TagSize

The maximum length of the nonce.

type CiphertextOverhead = <Algo as Aead>::CiphertextOverhead

The upper bound amount of additional space required to support a ciphertext vs. a plaintext. Read more

fn encrypt<'msg, 'aad>(
    &mut self,
    nonce: &GenericArray<u8, <Algo as AeadMut>::NonceSize>,
    plaintext: impl Into<Payload<'msg, 'aad>>
) -> Result<Vec<u8>, Error>[src]

Encrypt the given plaintext slice, and return the resulting ciphertext as a vector of bytes.

fn encrypt_in_place(
    &mut self,
    nonce: &GenericArray<u8, <Algo as AeadMut>::NonceSize>,
    associated_data: &[u8],
    buffer: &mut impl Buffer
) -> Result<(), Error>[src]

Encrypt the given buffer containing a plaintext message in-place.

fn encrypt_in_place_detached(
    &mut self,
    nonce: &GenericArray<u8, <Algo as AeadMut>::NonceSize>,
    associated_data: &[u8],
    buffer: &mut [u8]
) -> Result<GenericArray<u8, <Algo as AeadMut>::TagSize>, Error>[src]

Encrypt the data in-place, returning the authentication tag

fn decrypt<'msg, 'aad>(
    &mut self,
    nonce: &GenericArray<u8, <Algo as AeadMut>::NonceSize>,
    ciphertext: impl Into<Payload<'msg, 'aad>>
) -> Result<Vec<u8>, Error>[src]

Decrypt the given ciphertext slice, and return the resulting plaintext as a vector of bytes.

fn decrypt_in_place(
    &mut self,
    nonce: &GenericArray<u8, <Algo as AeadMut>::NonceSize>,
    associated_data: &[u8],
    buffer: &mut impl Buffer
) -> Result<(), Error>[src]

Decrypt the message in-place, returning an error in the event the provided authentication tag does not match the given ciphertext.

fn decrypt_in_place_detached(
    &mut self,
    nonce: &GenericArray<u8, <Algo as AeadMut>::NonceSize>,
    associated_data: &[u8],
    buffer: &mut [u8],
    tag: &GenericArray<u8, <Algo as AeadMut>::TagSize>
) -> Result<(), Error>[src]

Decrypt the data in-place, returning an error in the event the provided authentication tag does not match the given ciphertext (i.e. ciphertext is modified/unauthentic)

impl<T> ToOwned for T where
    T: Clone[src]

type Owned = T

The resulting type after obtaining ownership.

impl<T> Same<T> for T

type Output = T

Should always be Self