HChaCha20
Last updated
Last updated
is a pseudorandom function (PRF) based on and . It takes a 512-bit input and produces a 256-bit output. This makes it suitable for fast key derivation from high-entropy input keying material, as done for .
You probably want instead because it is much more flexible. MUST be used for password-based key derivation.
Fills a span with output keying material derived from high-entropy input keying material, a nonce, and an optional personalization constant for domain separation.
outputKeyingMaterial
has a length not equal to OutputSize
.
inputKeyingMaterial
has a length not equal to KeySize
.
nonce
has a length not equal to NonceSize
.
personalization
has a length greater than 0 but not equal to PersonalSize
.
These are used for validation and/or save you defining your own constants.
The input keying material MUST be a uniformly random key, NOT a password, public key, or X25519 shared secret.
HChaCha20 is NOT a general-purpose hash function. Use .