AEADs icon indicating copy to clipboard operation
AEADs copied to clipboard
verified publisher icon RustCrypto

implement djb legacy ChaCha20Poly1305 construction

Open kamulos opened this issue 6 months ago • 3 comments

This is a continuation of #304 : I rebased my changes and refactored most of it for better readability. I tried to do it in the most concrete way, without abstractions like the Cipher type in the crate. I don't think there is a big chance of code sharing with other algorithms.

Please have a look anytime for feedback. There is definitely some polishing to do, but in general I am happy with the state it is in and I also did some randomized testing with the libsodium. Encryption and decryption between the two libraries seem to work.

kamulos avatar Aug 03 '25 16:08 kamulos

We have a crate for the libsodium-compatible ChaCha20Poly1305 secretbox construction here: https://github.com/RustCrypto/nacl-compat/tree/master/crypto_secretbox

Notably this construction doesn't support AAD, so it isn't actually an AEAD

tarcieri avatar Aug 03 '25 16:08 tarcieri

Sorry, I can't entirely follow. Are you saying that what I did is already implemented? Are you saying that what I implemented is not an AEAD? Or is the link you provided something that I should have used to build what I did?

So what I implemented should use the associated data correctly. And it claims to be an AEAD. There should be compatibility with the following libsodium functions: crypto_aead_chacha20poly1305_encrypt, crypto_aead_chacha20poly1305_decrypt, crypto_aead_chacha20poly1305_encrypt_detached, crypto_aead_chacha20poly1305_decrypt_detached

kamulos avatar Aug 03 '25 17:08 kamulos

TIL there's a third construction that calls itself ChaCha20Poly1305. Sigh.

tarcieri avatar Aug 03 '25 18:08 tarcieri