crypto: Implement RFC8439-compatible variant of ChaCha20

There are two variants of ChaCha20 in use. The original one uses a 64-bit nonce and a 64-bit block counter, while the one used in RFC8439 uses a 96-bit nonce and 32-bit block counter. This commit changes the interface to use the 96/32 split (but automatically incrementing the first 32-bit part of the nonce when the 32-bit block counter overflows, so to retain compatibility with >256 GiB output). Simultaneously, also merge the SetIV and Seek64 functions, as we almost always call both anyway. Co-authored-by: dhruv <856960+dhruv@users.noreply.github.com>
author: Pieter Wuille <pieter@wuille.net> 2023-06-27 16:24:02 -0400
committer: Pieter Wuille <pieter@wuille.net> 2023-07-07 17:16:27 -0400
commit: 511a8d406e3115b97c6d35e2c603af53b3f9da13 (patch)
tree: ac07eef627e584972f4f24f2ef426a9234421cd7 /src/bench/chacha20.cpp
parent: cf4da5ec29f9e8cd6cc6577e5ecbd87174edba62 (diff)
download: bitcoin-511a8d406e3115b97c6d35e2c603af53b3f9da13.tar.xz
1 files changed, 1 insertions, 2 deletions
diff --git a/src/bench/chacha20.cpp b/src/bench/chacha20.cpp
index 115cd064bd..3b57e29f39 100644
--- a/src/bench/chacha20.cpp
+++ b/src/bench/chacha20.cpp
@@ -15,8 +15,7 @@ static void CHACHA20(benchmark::Bench& bench, size_t buffersize)
 {
     std::vector<uint8_t> key(32,0);
     ChaCha20 ctx(key.data());
-    ctx.SetIV(0);
-    ctx.Seek64(0);
+    ctx.Seek64({0, 0}, 0);
     std::vector<uint8_t> in(buffersize,0);
     std::vector<uint8_t> out(buffersize,0);
     bench.batch(in.size()).unit("byte").run([&] {
author	Pieter Wuille <pieter@wuille.net>	2023-06-27 16:24:02 -0400
committer	Pieter Wuille <pieter@wuille.net>	2023-07-07 17:16:27 -0400
commit	511a8d406e3115b97c6d35e2c603af53b3f9da13 (patch)
tree	ac07eef627e584972f4f24f2ef426a9234421cd7 /src/bench/chacha20.cpp
parent	cf4da5ec29f9e8cd6cc6577e5ecbd87174edba62 (diff)
download	bitcoin-511a8d406e3115b97c6d35e2c603af53b3f9da13.tar.xz