Expand description
ยงXChaCha20-Poly1305 operations
Contains low level XChaCha20-Poly1305 operations used by the rest of the crate.
In most cases you should use the EncString with KeyEncryptable & KeyDecryptable instead.
Note: XChaCha20-Poly1305 encrypts data, and authenticates both the cipher text and associated data. This does not provide key-commitment, and assumes there can only be one key. It has a large (192-bit) nonce, so a fresh random nonce can be safely generated per message without a nonce-reuse concern.
If multiple keys are possible, a key-committing cipher such as XChaCha20Poly1305Blake3CTX should
be used (https://github.com/bitwarden/sdk-internal/pull/41) to prevent invisible-salamander
style attacks.
https://eprint.iacr.org/2019/016.pdf
https://soatok.blog/2024/09/10/invisible-salamanders-are-not-what-you-think/
Modulesยง
- tests ๐
Structsยง
- XCha
Cha20 ๐Poly1305 - XChaCha20-Poly1305 authenticated encryption with associated data.
- XCha
Cha20 ๐Poly1305 Ciphertext - XCha
Cha20 ๐Poly1305 Nonce - A 192-bit XChaCha20-Poly1305 nonce.
Constantsยง
- KEY_
SIZE ๐ - NONCE_
SIZE ๐