mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-26 03:40:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ChaCha20 (PSA): Document that we only support 12-byte nonces

Browse Source 
Support for 8-byte nonces may be added in the future:
https://github.com/ARMmbed/mbedtls/issues/5615

Support for a 16-byte IV for ChaCha20 consisting of a 12-byte nonce and a
4-byte initial counter value may be added in the future:
https://github.com/ARMmbed/mbedtls/issues/5616

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2022-03-10 18:36:37 +01:00
parent 44311f5c98
commit 14d3554ff5
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
include/psa/crypto_values.h
View File

@ -489,8 +489,12 @@
* *
* ChaCha20 and the ChaCha20_Poly1305 construction are defined in RFC 7539. * ChaCha20 and the ChaCha20_Poly1305 construction are defined in RFC 7539.
* *
* Implementations must support 12-byte nonces, may support 8-byte nonces, * \note For ChaCha20 and ChaCha20_Poly1305, Mbed TLS only supports
* and should reject other sizes. * 12-byte nonces.
*
* \note For ChaCha20, the initial counter value is 0. To encrypt or decrypt
* with the initial counter value 1, you can process and discard a
* 64-byte block before the real data.
*/ */
#define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x2004) #define PSA_KEY_TYPE_CHACHA20 ((psa_key_type_t)0x2004)