xref: /dragonfly/sys/crypto/chachapoly.h (revision 03517d4e) 
1 /*
2  * Copyright (c) 2015 Mike Belopuhov
3  * Copyright (c) 2023 Aaron LI <aly@aaronly.me>
4  *
5  * Permission to use, copy, modify, and distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16  */
17 
18 #ifndef _CHACHAPOLY_H_
19 #define _CHACHAPOLY_H_
20 
21 #define CHACHA20POLY1305_KEY_SIZE	32
22 #define CHACHA20POLY1305_AUTHTAG_SIZE	16
23 #define CHACHA20POLY1305_NONCE_SIZE	12
24 #define XCHACHA20POLY1305_NONCE_SIZE	24
25 
26 /*
27  * ChaCha20-Poly1305 AEAD cipher (RFC 8439)
28  *
29  * NOTE: Support in-place encryption/decryption; i.e., the output buffer
30  *       points to the same location as the input.
31  *
32  * NOTE: The output buffer may be NULL when to decrypt a message of empty
33  *       plaintext.  This is used by WireGuard.
34  */
35 void chacha20poly1305_encrypt(uint8_t *, const uint8_t *, size_t,
36 			      const uint8_t *, size_t,
37 			      const uint8_t[CHACHA20POLY1305_NONCE_SIZE],
38 			      const uint8_t[CHACHA20POLY1305_KEY_SIZE]);
39 bool chacha20poly1305_decrypt(uint8_t *, const uint8_t *, size_t,
40 			      const uint8_t *, size_t,
41 			      const uint8_t[CHACHA20POLY1305_NONCE_SIZE],
42 			      const uint8_t[CHACHA20POLY1305_KEY_SIZE]);
43 
44 /*
45  * XChaCha20-Poly1305 AEAD cipher
46  * (extended nonce size from 96 bits to 192 bits)
47  *
48  * NOTE: Support in-place encryption/decryption, as above.
49  */
50 void xchacha20poly1305_encrypt(uint8_t *, const uint8_t *, size_t,
51 			       const uint8_t *, size_t,
52 			       const uint8_t[XCHACHA20POLY1305_NONCE_SIZE],
53 			       const uint8_t[CHACHA20POLY1305_KEY_SIZE]);
54 bool xchacha20poly1305_decrypt(uint8_t *, const uint8_t *, size_t,
55 			       const uint8_t *, size_t,
56 			       const uint8_t[XCHACHA20POLY1305_NONCE_SIZE],
57 			       const uint8_t[CHACHA20POLY1305_KEY_SIZE]);
58 
59 /*
60  * Perform in-place encryption/decryption for data in an mbuf chain.
61  */
62 struct mbuf;
63 int chacha20poly1305_encrypt_mbuf(struct mbuf *, const uint8_t *, size_t,
64 				  const uint8_t[CHACHA20POLY1305_NONCE_SIZE],
65 				  const uint8_t[CHACHA20POLY1305_KEY_SIZE]);
66 int chacha20poly1305_decrypt_mbuf(struct mbuf *, const uint8_t *, size_t,
67 				  const uint8_t[CHACHA20POLY1305_NONCE_SIZE],
68 				  const uint8_t[CHACHA20POLY1305_KEY_SIZE]);
69 
70 #endif	/* _CHACHAPOLY_H_ */
71