summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/cipher-chachapoly.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* make Chacha20-POLY1305 context struct opaque; ok tb@ as part of a largerdjm2020-04-031-6/+19
| | | | diff at a2k20
* small refactor of cipher.c: make ciphercontext opaque to callersdjm2016-08-031-2/+3
| | | | feedback and ok markus@
* remove unneeded includes, sync my copyright across files & whitespace; ok djm@markus2015-01-141-2/+1
|
* Call chacha_ivsetup() immediately before chacha_encrypt_bytes() - thisjsing2014-07-031-3/+5
| | | | | | | makes it easier to verify that chacha_encrypt_bytes() is only called once per chacha_ivsetup() call. ok djm@
* New key API: refactor key-related functions to be more library-like,djm2014-06-241-11/+14
| | | | | | | | | existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago.
* replace most bzero with explicit_bzero, except a few that cna be memsettedu2014-01-311-5/+5
| | | | ok djm dtucker
* add some comments and constify a constantdjm2013-12-151-10/+10
|
* RCSID markersdjm2013-11-211-0/+2
|
* Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com"djm2013-11-211-0/+110
that combines Daniel Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an authenticated encryption mode. Inspired by and similar to Adam Langley's proposal for TLS: http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 but differs in layout used for the MAC calculation and the use of a second ChaCha20 instance to separately encrypt packet lengths. Details are in the PROTOCOL.chacha20poly1305 file. Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC ok markus@ naddy@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.