ORANGE authenticated encryption algorithm. More...

#include "aead-common.h"

Macros
#define	ORANGE_ZEST_KEY_SIZE 16
	Size of the key for ORANGE-Zest.

#define	ORANGE_ZEST_TAG_SIZE 16
	Size of the authentication tag for ORANGE-Zest.

#define	ORANGE_ZEST_NONCE_SIZE 16
	Size of the nonce for ORANGE-Zest.

#define	ORANGISH_HASH_SIZE 32
	Size of the hash output for the ORANGISH hash algorithm.

Functions
int	orange_zest_aead_encrypt (unsigned char c, unsigned long long clen, const unsigned char m, unsigned long long mlen, const unsigned char ad, unsigned long long adlen, const unsigned char nsec, const unsigned char npub, const unsigned char *k)
	Encrypts and authenticates a packet with ORANGE-Zest. More...

int	orange_zest_aead_decrypt (unsigned char m, unsigned long long mlen, unsigned char nsec, const unsigned char c, unsigned long long clen, const unsigned char ad, unsigned long long adlen, const unsigned char npub, const unsigned char *k)
	Decrypts and authenticates a packet with ORANGE-Zest. More...

int	orangish_hash (unsigned char out, const unsigned char in, unsigned long long inlen)
	Hashes a block of input data with ORANGISH to generate a hash value. More...

Variables
aead_cipher_t const	orange_zest_cipher
	Meta-information block for the ORANGE-Zest cipher.

aead_hash_algorithm_t const	orangish_hash_algorithm
	Meta-information block for the ORANGISH hash algorithm.

Detailed Description

ORANGE authenticated encryption algorithm.

ORANGE is a family of algorithms built around the PHOTON-256 permutation. There are two members of the family at present:

ORANGE-Zest is an authenticated encryption algorithm with a 128-bit key, a 128-bit nonce, and a 128-bit tag.
ORANGISH is a hash algorithm with a 256-bit output.

Function Documentation

Decrypts and authenticates a packet with ORANGE-Zest.

Parameters

m	Buffer to receive the plaintext message on output.
mlen	Receives the length of the plaintext message on output.
nsec	Secret nonce - not used by this algorithm.
c	Buffer that contains the ciphertext and authentication tag to decrypt.
clen	Length of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag.
ad	Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlen	Length of the associated data in bytes.
npub	Points to the public nonce for the packet which must be 16 bytes in length.
k	Points to the 16 bytes of the key to use to decrypt the packet.

Returns: 0 on success, -1 if the authentication tag was incorrect, or some other negative number if there was an error in the parameters.

Encrypts and authenticates a packet with ORANGE-Zest.

Parameters

c	Buffer to receive the output.
clen	On exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag.
m	Buffer that contains the plaintext message to encrypt.
mlen	Length of the plaintext message in bytes.
ad	Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlen	Length of the associated data in bytes.
nsec	Secret nonce - not used by this algorithm.
npub	Points to the public nonce for the packet which must be 16 bytes in length.
k	Points to the 16 bytes of the key to use to encrypt the packet.

Returns: 0 on success, or a negative value if there was an error in the parameters.

Hashes a block of input data with ORANGISH to generate a hash value.

Parameters

out	Buffer to receive the hash output which must be at least ORANGISH_HASH_SIZE bytes in length.
in	Points to the input data to be hashed.
inlen	Length of the input data in bytes.

Returns: Returns zero on success or -1 if there was an error in the parameters.