--- /dev/null
+/* -*-c-*-
+ *
+ * AEAD schemes based on Salsa20/ChaCha and Poly1305
+ *
+ * (c) 2018 Straylight/Edgeware
+ */
+
+/*----- Licensing notice --------------------------------------------------*
+ *
+ * This file is part of Catacomb.
+ *
+ * Catacomb is free software: you can redistribute it and/or modify it
+ * under the terms of the GNU Library General Public License as published
+ * by the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * Catacomb is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Library General Public License for more details.
+ *
+ * You should have received a copy of the GNU Library General Public
+ * License along with Catacomb. If not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
+ * USA.
+ */
+
+/*----- Notes on this construction ----------------------------------------*
+ *
+ * The AEAD class @chacha20_poly1305@ with a 96-bit nonce is exactly the
+ * scheme specified in RFC7539. This implementation extends that
+ * specification in two ways:
+ *
+ * * It permits ciphers other than ChaCha20: specifically ChaCha%$r$% and
+ * Salsa20/%$r$% with %$r \in \{ 8, 12, 20 \}$%.
+ *
+ * * It allows nonces of 64, 96, and 192 bits. A 64-bit nonce matches
+ * Bernstein's original specification of Salsa20 and ChaCha; the 96-bit
+ * nonce matches RFC7539; and the 192-bit nonce matches Bernstein's
+ * XSalsa20. The implementation uses XSalsa20 or XChaCha as appropriate
+ * automatically based on the provided nonce length.
+ *
+ * These extensions do not significantly affect Procter's security analysis
+ * except that an application should not mix nonce sizes with the same key.
+ * (It is possible to do this safely, but it requires detailed understanding
+ * of how everything fits together and isn't worth the effort.)
+ */
+
+#ifndef CATACOMB_LATINPOLY_H
+#define CATACOMB_LATINPOLY_H
+
+#ifdef __cplusplus
+ extern "C" {
+#endif
+
+/*----- Header files ------------------------------------------------------*/
+
+#ifndef CATACOMB_GAEAD_H
+# include "gaead.h"
+#endif
+
+/*----- Definitions -------------------------------------------------------*/
+
+extern const gcaead
+ chacha20_poly1305, chacha12_poly1305, chacha8_poly1305,
+ salsa20_poly1305, salsa2012_poly1305, salsa208_poly1305;
+
+/*----- That's all, folks -------------------------------------------------*/
+
+#ifdef __cplusplus
+ }
+#endif
+
+#endif
~mdw / catacomb / blobdiff