Crypto++ 8.9
Free C++ class library of cryptographic schemes
naclite.h
Go to the documentation of this file.
1// naclite.h - written and placed in the public domain by Jeffrey Walton
2// based on public domain NaCl source code written by
3// Daniel J. Bernstein, Bernard van Gastel, Wesley Janssen,
4// Tanja Lange, Peter Schwabe and Sjaak Smetsers.
5
6// The Tweet API was added to the Crypto++ library to cross-validate results.
7// We debated over putting it in the Test namespace, but settled for the NaCl
8// namespace to segregate it from other parts of the library.
9
10/// \file naclite.h
11/// \brief Crypto++ interface to TweetNaCl library (20140917)
12/// \details TweetNaCl is a compact reimplementation of the NaCl library
13/// by Daniel J. Bernstein, Bernard van Gastel, Wesley Janssen, Tanja
14/// Lange, Peter Schwabe and Sjaak Smetsers. The library is less than
15/// 20 KB in size and provides 25 of the NaCl library functions.
16/// \details The compact library uses curve25519, XSalsa20, Poly1305 and
17/// SHA-512 as default primitives, and includes both x25519 key exchange
18/// and ed25519 signatures. The complete list of functions can be found
19/// in <A
20/// HREF="https://tweetnacl.cr.yp.to/tweetnacl-20140917.pdf">TweetNaCl:
21/// A crypto library in 100 tweets</A> (20140917), Table 1, page 5.
22/// \details Crypto++ rejects small order elements using libsodium's
23/// blacklist. The TweetNaCl library allowed them but the library predated
24/// the attack. If you wish to allow small elements then use the "unchecked"
25/// versions of crypto_box_unchecked, crypto_box_open_unchecked and
26/// crypto_box_beforenm_unchecked.
27/// \details TweetNaCl is well written but not well optimzed. It runs about
28/// 10x slower than optimized routines from libsodium. However, the library
29/// is still 2x to 4x faster than the algorithms NaCl was designed to replace
30/// and allows cross-checking results from an independent implementation.
31/// \details The Crypto++ wrapper for TweetNaCl requires OS features. That is,
32/// <tt>NO_OS_DEPENDENCE</tt> cannot be defined. It is due to TweetNaCl's
33/// internal function <tt>randombytes</tt>. Crypto++ used
34/// <tt>DefaultAutoSeededRNG</tt> within <tt>randombytes</tt>, so OS
35/// integration must be enabled. You can use another generator like
36/// <tt>RDRAND</tt> to avoid the restriction.
37/// \sa <A HREF="https://cr.yp.to/highspeed/coolnacl-20120725.pdf">The security
38/// impact of a new cryptographic library</A>, <A
39/// HREF="https://tweetnacl.cr.yp.to/tweetnacl-20140917.pdf">TweetNaCl:
40/// A crypto library in 100 tweets</A> (20140917), <A
41/// HREF="https://eprint.iacr.org/2017/806.pdf">May the Fourth Be With You:
42/// A Microarchitectural Side Channel Attack on Several Real-World
43/// Applications of Curve25519</A>, <A
44/// HREF="https://github.com/jedisct1/libsodium/commit/afabd7e7386e1194">libsodium
45/// commit afabd7e7386e1194</A> and <A
46/// HREF="https://tools.ietf.org/html/rfc7748">RFC 7748, Elliptic Curves for
47/// Security</A>, Section 6.
48/// \since Crypto++ 6.0
49
50#ifndef CRYPTOPP_NACL_H
51#define CRYPTOPP_NACL_H
52
53#include "config.h"
54#include "stdcpp.h"
55
56#if defined(NO_OS_DEPENDENCE) || !defined(OS_RNG_AVAILABLE)
57# define CRYPTOPP_DISABLE_NACL 1
58#endif
59
60#ifndef CRYPTOPP_DISABLE_NACL
61
62NAMESPACE_BEGIN(CryptoPP)
63NAMESPACE_BEGIN(NaCl)
64
65/// \brief Hash size in bytes
66/// \sa <A HREF="https://nacl.cr.yp.to/hash.html">NaCl crypto_hash documentation</A>
67CRYPTOPP_CONSTANT(crypto_hash_BYTES = 64);
68
69/// \brief Key size in bytes
70/// \sa <A HREF="https://nacl.cr.yp.to/stream.html">NaCl crypto_stream documentation</A>
71CRYPTOPP_CONSTANT(crypto_stream_KEYBYTES = 32);
72/// \brief Nonce size in bytes
73/// \sa <A HREF="https://nacl.cr.yp.to/stream.html">NaCl crypto_stream documentation</A>
74CRYPTOPP_CONSTANT(crypto_stream_NONCEBYTES = 24);
75
76/// \brief Key size in bytes
77/// \sa <A HREF="https://nacl.cr.yp.to/auth.html">NaCl crypto_auth documentation</A>
78CRYPTOPP_CONSTANT(crypto_auth_KEYBYTES = 32);
79/// \brief Tag size in bytes
80/// \sa <A HREF="https://nacl.cr.yp.to/auth.html">NaCl crypto_auth documentation</A>
81CRYPTOPP_CONSTANT(crypto_auth_BYTES = 16);
82
83/// \brief Key size in bytes
84/// \sa <A HREF="https://nacl.cr.yp.to/onetimeauth.html">NaCl crypto_onetimeauth documentation</A>
85CRYPTOPP_CONSTANT(crypto_onetimeauth_KEYBYTES = 32);
86/// \brief Tag size in bytes
87/// \sa <A HREF="https://nacl.cr.yp.to/onetimeauth.html">NaCl crypto_onetimeauth documentation</A>
88CRYPTOPP_CONSTANT(crypto_onetimeauth_BYTES = 16);
89
90/// \brief Key size in bytes
91/// \sa <A HREF="https://nacl.cr.yp.to/secretbox.html">NaCl crypto_secretbox documentation</A>
92CRYPTOPP_CONSTANT(crypto_secretbox_KEYBYTES = 32);
93/// \brief Nonce size in bytes
94/// \sa <A HREF="https://nacl.cr.yp.to/secretbox.html">NaCl crypto_secretbox documentation</A>
95CRYPTOPP_CONSTANT(crypto_secretbox_NONCEBYTES = 24);
96/// \brief Zero-padded message prefix in bytes
97/// \sa <A HREF="https://nacl.cr.yp.to/secretbox.html">NaCl crypto_secretbox documentation</A>
98CRYPTOPP_CONSTANT(crypto_secretbox_ZEROBYTES = 32);
99/// \brief Zero-padded message prefix in bytes
100/// \sa <A HREF="https://nacl.cr.yp.to/secretbox.html">NaCl crypto_secretbox documentation</A>
101CRYPTOPP_CONSTANT(crypto_secretbox_BOXZEROBYTES = 16);
102
103/// \brief Private key size in bytes
104/// \sa <A HREF="https://nacl.cr.yp.to/box.html">NaCl crypto_box documentation</A>
105CRYPTOPP_CONSTANT(crypto_box_SECRETKEYBYTES = 32);
106/// \brief Public key size in bytes
107/// \sa <A HREF="https://nacl.cr.yp.to/box.html">NaCl crypto_box documentation</A>
108CRYPTOPP_CONSTANT(crypto_box_PUBLICKEYBYTES = 32);
109/// \brief Nonce size in bytes
110/// \sa <A HREF="https://nacl.cr.yp.to/box.html">NaCl crypto_box documentation</A>
111CRYPTOPP_CONSTANT(crypto_box_NONCEBYTES = 24);
112/// \brief Message 0-byte prefix in bytes
113/// \sa <A HREF="https://nacl.cr.yp.to/box.html">NaCl crypto_box documentation</A>
114CRYPTOPP_CONSTANT(crypto_box_ZEROBYTES = 32);
115/// \brief Open box 0-byte prefix in bytes
116/// \sa <A HREF="https://nacl.cr.yp.to/box.html">NaCl crypto_box documentation</A>
117CRYPTOPP_CONSTANT(crypto_box_BOXZEROBYTES = 16);
118/// \brief Precomputation 0-byte prefix in bytes in bytes
119/// \sa <A HREF="https://nacl.cr.yp.to/box.html">NaCl crypto_box documentation</A>
120CRYPTOPP_CONSTANT(crypto_box_BEFORENMBYTES = 32);
121/// \brief MAC size in bytes
122/// \details crypto_box_MACBYTES was missing from tweetnacl.h. Its is defined as
123/// crypto_box_curve25519xsalsa20poly1305_MACBYTES, which is defined as 16U.
124/// \sa <A HREF="https://nacl.cr.yp.to/hash.html">NaCl crypto_box documentation</A>
125CRYPTOPP_CONSTANT(crypto_box_MACBYTES = 16);
126
127/// \brief Private key size in bytes
128/// \sa <A HREF="https://nacl.cr.yp.to/sign.html">NaCl crypto_sign documentation</A>
129CRYPTOPP_CONSTANT(crypto_sign_SECRETKEYBYTES = 64);
130/// \brief Public key size in bytes
131/// \sa <A HREF="https://nacl.cr.yp.to/sign.html">NaCl crypto_sign documentation</A>
132CRYPTOPP_CONSTANT(crypto_sign_PUBLICKEYBYTES = 32);
133/// \brief Seed size in bytes
134/// \sa <A HREF="https://nacl.cr.yp.to/sign.html">NaCl crypto_sign documentation</A>
135CRYPTOPP_CONSTANT(crypto_sign_SEEDBYTES = 32);
136/// \brief Signature size in bytes
137/// \sa <A HREF="https://nacl.cr.yp.to/sign.html">NaCl crypto_sign documentation</A>
138CRYPTOPP_CONSTANT(crypto_sign_BYTES = 64);
139
140/// \brief Group element size in bytes
141/// \sa <A HREF="https://nacl.cr.yp.to/scalarmult.html">NaCl crypto_scalarmult documentation</A>
142CRYPTOPP_CONSTANT(crypto_scalarmult_BYTES = 32);
143/// \brief Integer size in bytes
144/// \sa <A HREF="https://nacl.cr.yp.to/scalarmult.html">NaCl crypto_scalarmult documentation</A>
145CRYPTOPP_CONSTANT(crypto_scalarmult_SCALARBYTES = 32);
146
147/// \brief Encrypt and authenticate a message
148/// \param c output byte buffer
149/// \param m input byte buffer
150/// \param d size of the input byte buffer
151/// \param n nonce byte buffer
152/// \param y other's public key
153/// \param x private key
154/// \details crypto_box() uses crypto_box_curve25519xsalsa20poly1305
155/// \return 0 on success, non-0 otherwise
156/// \sa <A HREF="https://nacl.cr.yp.to/box.html">NaCl crypto_box documentation</A>
157/// \since Crypto++ 6.0
158int crypto_box(byte *c,const byte *m,word64 d,const byte *n,const byte *y,const byte *x);
159
160/// \brief Verify and decrypt a message
161/// \param m output byte buffer
162/// \param c input byte buffer
163/// \param d size of the input byte buffer
164/// \param n nonce byte buffer
165/// \param y other's public key
166/// \param x private key
167/// \details crypto_box_open() uses crypto_box_curve25519xsalsa20poly1305
168/// \return 0 on success, non-0 otherwise
169/// \sa <A HREF="https://nacl.cr.yp.to/box.html">NaCl crypto_box documentation</A>
170/// \since Crypto++ 6.0
171int crypto_box_open(byte *m,const byte *c,word64 d,const byte *n,const byte *y,const byte *x);
172
173/// \brief Generate a keypair for encryption
174/// \param y public key byte buffer
175/// \param x private key byte buffer
176/// \return 0 on success, non-0 otherwise
177/// \sa <A HREF="https://nacl.cr.yp.to/box.html">NaCl crypto_box documentation</A>
178/// \since Crypto++ 6.0
179int crypto_box_keypair(byte *y,byte *x);
180
181/// \brief Encrypt and authenticate a message
182/// \param k shared secret byte buffer
183/// \param y other's public key
184/// \param x private key
185/// \details crypto_box_beforenm() performs message-independent precomputation to derive the key.
186/// Once the key is derived multiple calls to crypto_box_afternm() can be made to process the message.
187/// \return 0 on success, non-0 otherwise
188/// \sa <A HREF="https://nacl.cr.yp.to/box.html">NaCl crypto_box documentation</A>
189/// \since Crypto++ 6.0
190int crypto_box_beforenm(byte *k,const byte *y,const byte *x);
191
192/// \brief Encrypt and authenticate a message
193/// \param m output byte buffer
194/// \param c input byte buffer
195/// \param d size of the input byte buffer
196/// \param n nonce byte buffer
197/// \param k shared secret byte buffer
198/// \details crypto_box_afternm() performs message-dependent computation using the derived the key.
199/// Once the key is derived using crypto_box_beforenm() multiple calls to crypto_box_afternm()
200/// can be made to process the message.
201/// \return 0 on success, non-0 otherwise
202/// \sa <A HREF="https://nacl.cr.yp.to/box.html">NaCl crypto_box documentation</A>
203/// \since Crypto++ 6.0
204int crypto_box_afternm(byte *c,const byte *m,word64 d,const byte *n,const byte *k);
205
206/// \brief Verify and decrypt a message
207/// \param m output byte buffer
208/// \param c input byte buffer
209/// \param d size of the input byte buffer
210/// \param n nonce byte buffer
211/// \param k shared secret byte buffer
212/// \details crypto_box_afternm() performs message-dependent computation using the derived the key.
213/// Once the key is derived using crypto_box_beforenm() multiple calls to crypto_box_open_afternm()
214/// can be made to process the message.
215/// \return 0 on success, non-0 otherwise
216/// \sa <A HREF="https://nacl.cr.yp.to/box.html">NaCl crypto_box documentation</A>
217/// \since Crypto++ 6.0
218int crypto_box_open_afternm(byte *m,const byte *c,word64 d,const byte *n,const byte *k);
219
220/// \brief Encrypt and authenticate a message
221/// \param c output byte buffer
222/// \param m input byte buffer
223/// \param d size of the input byte buffer
224/// \param n nonce byte buffer
225/// \param y other's public key
226/// \param x private key
227/// \details crypto_box() uses crypto_box_curve25519xsalsa20poly1305.
228/// \details This version of crypto_box() does not check for small order elements. It can be unsafe
229/// but it exists for backwards compatibility with downlevel clients. Without the compatibility
230/// interop with early versions of NaCl, libsodium and other libraries does not exist. The
231/// downlevel interop may also be needed of cryptocurrencies like Bitcoin, Ethereum, Monero
232/// and Zcash.
233/// \return 0 on success, non-0 otherwise
234/// \warning This version of crypto_box() does not check for small order elements. It should not
235/// be used in new software.
236/// \sa <A HREF="https://nacl.cr.yp.to/box.html">NaCl crypto_box documentation</A>,
237/// <A HREF="https://eprint.iacr.org/2017/806.pdf">May the Fourth Be With You: A Microarchitectural
238/// Side Channel Attack on Several Real-World Applications of Curve25519</A>,
239/// <A HREF="https://github.com/jedisct1/libsodium/commit/afabd7e7386e1194">libsodium commit
240/// afabd7e7386e1194</A>.
241/// \since Crypto++ 6.0
242int crypto_box_unchecked(byte *c,const byte *m,word64 d,const byte *n,const byte *y,const byte *x);
243
244/// \brief Verify and decrypt a message
245/// \param m output byte buffer
246/// \param c input byte buffer
247/// \param d size of the input byte buffer
248/// \param n nonce byte buffer
249/// \param y other's public key
250/// \param x private key
251/// \details crypto_box_open() uses crypto_box_curve25519xsalsa20poly1305.
252/// \details This version of crypto_box_open() does not check for small order elements. It can be unsafe
253/// but it exists for backwards compatibility with downlevel clients. Without the compatibility
254/// interop with early versions of NaCl, libsodium and other libraries does not exist. The
255/// downlevel interop may also be needed of cryptocurrencies like Bitcoin, Ethereum, Monero
256/// and Zcash.
257/// \return 0 on success, non-0 otherwise
258/// \warning This version of crypto_box_open() does not check for small order elements. It should not
259/// be used in new software.
260/// \sa <A HREF="https://nacl.cr.yp.to/box.html">NaCl crypto_box documentation</A>,
261/// <A HREF="https://eprint.iacr.org/2017/806.pdf">May the Fourth Be With You: A Microarchitectural
262/// Side Channel Attack on Several Real-World Applications of Curve25519</A>,
263/// <A HREF="https://github.com/jedisct1/libsodium/commit/afabd7e7386e1194">libsodium commit
264/// afabd7e7386e1194</A>.
265/// \since Crypto++ 6.0
266int crypto_box_open_unchecked(byte *m,const byte *c,word64 d,const byte *n,const byte *y,const byte *x);
267
268/// \brief Encrypt and authenticate a message
269/// \param k shared secret byte buffer
270/// \param y other's public key
271/// \param x private key
272/// \details crypto_box_beforenm() performs message-independent precomputation to derive the key.
273/// Once the key is derived multiple calls to crypto_box_afternm() can be made to process the message.
274/// \details This version of crypto_box_beforenm() does not check for small order elements. It can be unsafe
275/// but it exists for backwards compatibility with downlevel clients. Without the compatibility
276/// interop with early versions of NaCl, libsodium and other libraries does not exist. The
277/// downlevel interop may also be needed of cryptocurrencies like Bitcoin, Ethereum, Monero
278/// and Zcash.
279/// \return 0 on success, non-0 otherwise
280/// \warning This version of crypto_box_beforenm() does not check for small order elements. It should not
281/// be used in new software.
282/// \sa <A HREF="https://nacl.cr.yp.to/box.html">NaCl crypto_box documentation</A>,
283/// <A HREF="https://eprint.iacr.org/2017/806.pdf">May the Fourth Be With You: A Microarchitectural
284/// Side Channel Attack on Several Real-World Applications of Curve25519</A>,
285/// <A HREF="https://github.com/jedisct1/libsodium/commit/afabd7e7386e1194">libsodium commit
286/// afabd7e7386e1194</A>.
287/// \since Crypto++ 6.0
288int crypto_box_beforenm_unchecked(byte *k,const byte *y,const byte *x);
289
290/// \brief TODO
291int crypto_core_salsa20(byte *out,const byte *in,const byte *k,const byte *c);
292
293/// \brief TODO
294/// \return 0 on success, non-0 otherwise
295/// \since Crypto++ 6.0
296int crypto_core_hsalsa20(byte *out,const byte *in,const byte *k,const byte *c);
297
298/// \brief Hash multiple blocks
299/// \details crypto_hashblocks() uses crypto_hashblocks_sha512.
300/// \return 0 on success, non-0 otherwise
301/// \sa <A HREF="https://nacl.cr.yp.to/hash.html">NaCl crypto_hash documentation</A>
302/// \since Crypto++ 6.0
303int crypto_hashblocks(byte *x,const byte *m,word64 n);
304
305/// \brief Hash a message
306/// \details crypto_hash() uses crypto_hash_sha512.
307/// \return 0 on success, non-0 otherwise
308/// \sa <A HREF="https://nacl.cr.yp.to/hash.html">NaCl crypto_hash documentation</A>
309/// \since Crypto++ 6.0
310int crypto_hash(byte *out,const byte *m,word64 n);
311
312/// \brief Create an authentication tag for a message
313/// \details crypto_onetimeauth() uses crypto_onetimeauth_poly1305.
314/// \return 0 on success, non-0 otherwise
315/// \sa <A HREF="https://nacl.cr.yp.to/onetimeauth.html">NaCl crypto_onetimeauth documentation</A>
316/// \since Crypto++ 6.0
317int crypto_onetimeauth(byte *out,const byte *m,word64 n,const byte *k);
318
319/// \brief Verify an authentication tag on a message
320/// \return 0 on success, non-0 otherwise
321/// \sa <A HREF="https://nacl.cr.yp.to/onetimeauth.html">NaCl crypto_onetimeauth documentation</A>
322/// \since Crypto++ 6.0
323int crypto_onetimeauth_verify(const byte *h,const byte *m,word64 n,const byte *k);
324
325/// \brief Scalar multiplication of a point
326/// \details crypto_scalarmult() uses crypto_scalarmult_curve25519
327/// \return 0 on success, non-0 otherwise
328/// \sa <A HREF="https://nacl.cr.yp.to/scalarmult.html">NaCl crypto_scalarmult documentation</A>
329/// \since Crypto++ 6.0
330int crypto_scalarmult(byte *q,const byte *n,const byte *p);
331
332/// \brief Scalar multiplication of base point
333/// \details crypto_scalarmult_base() uses crypto_scalarmult_curve25519
334/// \return 0 on success, non-0 otherwise
335/// \sa <A HREF="https://nacl.cr.yp.to/scalarmult.html">NaCl crypto_scalarmult documentation</A>
336/// \since Crypto++ 6.0
337int crypto_scalarmult_base(byte *q,const byte *n);
338
339/// \brief Encrypt and authenticate a message
340/// \details crypto_secretbox() uses a symmetric key to encrypt and authenticate a message.
341/// \return 0 on success, non-0 otherwise
342/// \sa <A HREF="https://nacl.cr.yp.to/secretbox.html">NaCl crypto_secretbox documentation</A>
343/// \since Crypto++ 6.0
344int crypto_secretbox(byte *c,const byte *m,word64 d,const byte *n,const byte *k);
345
346/// \brief Verify and decrypt a message
347/// \return 0 on success, non-0 otherwise
348/// \sa <A HREF="https://nacl.cr.yp.to/secretbox.html">NaCl crypto_secretbox documentation</A>
349/// \since Crypto++ 6.0
350int crypto_secretbox_open(byte *m,const byte *c,word64 d,const byte *n,const byte *k);
351
352/// \brief Sign a message
353/// \param sm output byte buffer
354/// \param smlen size of the output byte buffer
355/// \param m input byte buffer
356/// \param n size of the input byte buffer
357/// \param sk private key
358/// \details crypto_sign() uses crypto_sign_ed25519.
359/// \return 0 on success, non-0 otherwise
360/// \sa <A HREF="https://nacl.cr.yp.to/sign.html">NaCl crypto_sign documentation</A>
361/// \since Crypto++ 6.0
362int crypto_sign(byte *sm,word64 *smlen,const byte *m,word64 n,const byte *sk);
363
364/// \brief Verify a message
365/// \param m output byte buffer
366/// \param mlen size of the output byte buffer
367/// \param sm input byte buffer
368/// \param n size of the input byte buffer
369/// \param pk public key
370/// \return 0 on success, non-0 otherwise
371/// \sa <A HREF="https://nacl.cr.yp.to/sign.html">NaCl crypto_sign documentation</A>
372/// \since Crypto++ 6.0
373int crypto_sign_open(byte *m,word64 *mlen,const byte *sm,word64 n,const byte *pk);
374
375/// \brief Generate a keypair for signing
376/// \param pk public key byte buffer
377/// \param sk private key byte buffer
378/// \details crypto_sign_keypair() creates an ed25519 keypair.
379/// \return 0 on success, non-0 otherwise
380/// \sa <A HREF="https://nacl.cr.yp.to/sign.html">NaCl crypto_sign documentation</A>
381/// \since Crypto++ 6.0
382int crypto_sign_keypair(byte *pk, byte *sk);
383
384/// \brief Calculate a public key from a secret key
385/// \param pk public key byte buffer
386/// \param sk private key byte buffer
387/// \details crypto_sign_sk2pk() creates an ed25519 public key from an existing
388/// 32-byte secret key. The function does not backfill the tail bytes of the
389/// secret key with the calculated public key.
390/// \details crypto_sign_sk2pk() is not part of libsodium or Tweet API. It was
391/// added for interop with some anonymous routing protocols.
392/// \return 0 on success, non-0 otherwise
393/// \sa <A HREF="https://nacl.cr.yp.to/sign.html">NaCl crypto_sign documentation</A>
394/// \since Crypto++ 8.0
395int crypto_sign_sk2pk(byte *pk, const byte *sk);
396
397/// \brief Produce a keystream using XSalsa20
398/// \details crypto_stream() uses crypto_stream_xsalsa20
399/// \return 0 on success, non-0 otherwise
400/// \sa <A HREF="https://nacl.cr.yp.to/stream.html">NaCl crypto_stream documentation</A>
401/// \since Crypto++ 6.0
402int crypto_stream(byte *c,word64 d,const byte *n,const byte *k);
403
404/// \brief Encrypt a message using XSalsa20
405/// \return 0 on success, non-0 otherwise
406/// \sa <A HREF="https://nacl.cr.yp.to/stream.html">NaCl crypto_stream documentation</A>
407/// \since Crypto++ 6.0
408int crypto_stream_xor(byte *c,const byte *m,word64 d,const byte *n,const byte *k);
409
410/// \brief Produce a keystream using Salsa20
411/// \return 0 on success, non-0 otherwise
412/// \sa <A HREF="https://nacl.cr.yp.to/stream.html">NaCl crypto_stream documentation</A>
413/// \since Crypto++ 6.0
414int crypto_stream_salsa20(byte *c,word64 d,const byte *n,const byte *k);
415
416/// \brief Encrypt a message using Salsa20
417/// \return 0 on success, non-0 otherwise
418/// \sa <A HREF="https://nacl.cr.yp.to/stream.html">NaCl crypto_stream documentation</A>
419/// \since Crypto++ 6.0
420int crypto_stream_salsa20_xor(byte *c,const byte *m,word64 b,const byte *n,const byte *k);
421
422/// \brief Compare 16-byte buffers
423/// \return 0 on success, non-0 otherwise
424/// \sa <A HREF="https://nacl.cr.yp.to/verify.html">NaCl crypto_verify documentation</A>
425/// \since Crypto++ 6.0
426int crypto_verify_16(const byte *x,const byte *y);
427
428/// \brief Compare 32-byte buffers
429/// \return 0 on success, non-0 otherwise
430/// \sa <A HREF="https://nacl.cr.yp.to/verify.html">NaCl crypto_verify documentation</A>
431/// \since Crypto++ 6.0
432int crypto_verify_32(const byte *x,const byte *y);
433
434NAMESPACE_END // CryptoPP
435NAMESPACE_END // NaCl
436
437#endif // CRYPTOPP_DISABLE_NACL
438#endif // CRYPTOPP_NACL_H
Library configuration file.
unsigned long long word64
64-bit unsigned datatype
Definition config_int.h:101
int crypto_box_beforenm_unchecked(byte *k, const byte *y, const byte *x)
Encrypt and authenticate a message.
int crypto_box_unchecked(byte *c, const byte *m, word64 d, const byte *n, const byte *y, const byte *x)
Encrypt and authenticate a message.
int crypto_box_open_unchecked(byte *m, const byte *c, word64 d, const byte *n, const byte *y, const byte *x)
Verify and decrypt a message.
int crypto_sign_sk2pk(byte *pk, const byte *sk)
Calculate a public key from a secret key.
Crypto++ library namespace.
Namespace containing NaCl library functions.
Definition cryptlib.h:573
Common C++ header files.