A constant specifying the size in bytes that the hash function uses internally to divide its input for iterative processing.
This is needed to use the hash function with HMAC (BLOCKLEN is B in [3]).
Decrypts ciphertext using a cipher key k of 32 bytes, an 8-byte unsigned integer nonce n,
and associated data ad. Returns the plaintext, unless authentication fails,
in which case an error is signaled to the caller.
Performs a Diffie-Hellman calculation between the private key in key_pair and the public_key
and returns an output sequence of bytes of length DHLEN.
For security, the Gap-DH problem based on this function must be unsolvable by any practical cryptanalytic adversary [2].
The public_key either encodes some value which is a generator in a large prime-order group
(which value may have multiple equivalent encodings), or is an invalid value.
Implementations must handle invalid public keys either by returning some output which is purely a function of the public key
and does not depend on the private key, or by signaling an error to the caller.
The DH function may define more specific rules for handling invalid values.
Encrypts plaintext using the cipher key k of 32 bytes and an 8-byte unsigned integer nonce n which must be unique for the key k.
Returns the ciphertext. Encryption must be done with an “AEAD” encryption mode with the associated data ad
(using the terminology from [1]) and returns a ciphertext that is the same size as the plaintext plus 16 bytes for authentication data.
The entire ciphertext must be indistinguishable from random if the key is secret
(note that this is an additional requirement that isn’t necessarily met by all AEAD schemes).
Generates a new Diffie-Hellman key pair. A DH key pair consists of public_key and private_key elements.
A public_key represents an encoding of a DH public key into a byte sequence of length DHLEN.
The public_key encoding details are specific to each set of DH functions.
Takes a chaining_key byte sequence of length HASHLEN, and an input_key_material byte sequence with length either zero bytes,
32 bytes, or DHLEN bytes. Returns a pair or triple of byte sequences each of length HASHLEN, depending on whether num_outputs is two or three:
Returns a new 32-byte cipher key as a pseudorandom function of k. If this function is not specifically defined for some set of cipher functions,
then it defaults to returning the first 32 bytes from ENCRYPT(k, maxnonce, zerolen, zeros),
where maxnonce equals 264-1, zerolen is a zero-length byte sequence, and zeros is a sequence of 32 bytes filled with zeros.