Skip to main content

Module xchacha20

Module xchacha20 

Source
Expand description

ยงXChaCha20-Poly1305 operations

Contains low level XChaCha20-Poly1305 operations used by the rest of the crate.

In most cases you should use the EncString with KeyEncryptable & KeyDecryptable instead.

Note: XChaCha20-Poly1305 encrypts data, and authenticates both the cipher text and associated data. This does not provide key-commitment, and assumes there can only be one key. It has a large (192-bit) nonce, so a fresh random nonce can be safely generated per message without a nonce-reuse concern.

If multiple keys are possible, a key-committing cipher such as XChaCha20Poly1305Blake3CTX should be used (https://github.com/bitwarden/sdk-internal/pull/41) to prevent invisible-salamander style attacks. https://eprint.iacr.org/2019/016.pdf https://soatok.blog/2024/09/10/invisible-salamanders-are-not-what-you-think/

Modulesยง

tests ๐Ÿ”’

Structsยง

XChaCha20Poly1305 ๐Ÿ”’
XChaCha20-Poly1305 authenticated encryption with associated data.
XChaCha20Poly1305Ciphertext ๐Ÿ”’
XChaCha20Poly1305Nonce ๐Ÿ”’
A 192-bit XChaCha20-Poly1305 nonce.

Constantsยง

KEY_SIZE ๐Ÿ”’
NONCE_SIZE ๐Ÿ”’