HChaCha20

Last updated 1 year ago

HChaCha20

Purpose

is a pseudorandom function (PRF) based on and . It takes a 512-bit input and produces a 256-bit output. This makes it suitable for fast key derivation from high-entropy input keying material, as done for .

You probably want instead because it is much more flexible. MUST be used for password-based key derivation.

Usage

DeriveKey

Fills a span with output keying material derived from high-entropy input keying material, a nonce, and an optional personalization constant for domain separation.

HChaCha20.DeriveKey(Span<byte> outputKeyingMaterial, ReadOnlySpan<byte> inputKeyingMaterial, ReadOnlySpan<byte> nonce, ReadOnlySpan<byte> personalization = default)

Exceptions

outputKeyingMaterial has a length not equal to OutputSize.

inputKeyingMaterial has a length not equal to KeySize.

nonce has a length not equal to NonceSize.

personalization has a length greater than 0 but not equal to PersonalSize.

Constants

These are used for validation and/or save you defining your own constants.

public const int OutputSize = 32;
public const int KeySize = 32;
public const int NonceSize = 16;
public const int PersonalSize = 16;

Notes

The input keying material MUST be a uniformly random key, NOT a password, public key, or X25519 shared secret.

Last updated 1 year ago