Encryption and hash algorithms based on the SPARKLE permutation. More...

#include "aead-common.h"

Data Structures
union	esch_256_hash_state_t
	State information for the Esch256 incremental hash mode. More...

union	esch_384_hash_state_t
	State information for the Esch384 incremental hash mode. More...

Macros
#define	SCHWAEMM_256_128_KEY_SIZE 16
	Size of the key for Schwaemm256-128.

#define	SCHWAEMM_256_128_TAG_SIZE 16
	Size of the authentication tag for Schwaemm256-128.

#define	SCHWAEMM_256_128_NONCE_SIZE 32
	Size of the nonce for Schwaemm256-128.

#define	SCHWAEMM_192_192_KEY_SIZE 24
	Size of the key for Schwaemm192-192.

#define	SCHWAEMM_192_192_TAG_SIZE 24
	Size of the authentication tag for Schwaemm192-192.

#define	SCHWAEMM_192_192_NONCE_SIZE 24
	Size of the nonce for Schwaemm192-192.

#define	SCHWAEMM_128_128_KEY_SIZE 16
	Size of the key for Schwaemm128-128.

#define	SCHWAEMM_128_128_TAG_SIZE 16
	Size of the authentication tag for Schwaemm128-128.

#define	SCHWAEMM_128_128_NONCE_SIZE 16
	Size of the nonce for Schwaemm128-128.

#define	SCHWAEMM_256_256_KEY_SIZE 32
	Size of the key for Schwaemm256-256.

#define	SCHWAEMM_256_256_TAG_SIZE 32
	Size of the authentication tag for Schwaemm256-256.

#define	SCHWAEMM_256_256_NONCE_SIZE 32
	Size of the nonce for Schwaemm256-256.

#define	ESCH_256_HASH_SIZE 32
	Size of the hash output for Esch256.

#define	ESCH_384_HASH_SIZE 48
	Size of the hash output for Esch384.

Functions
int	schwaemm_256_128_aead_encrypt (unsigned char c, unsigned long long clen, const unsigned char m, unsigned long long mlen, const unsigned char ad, unsigned long long adlen, const unsigned char nsec, const unsigned char npub, const unsigned char *k)
	Encrypts and authenticates a packet with Schwaemm256-128. More...

int	schwaemm_256_128_aead_decrypt (unsigned char m, unsigned long long mlen, unsigned char nsec, const unsigned char c, unsigned long long clen, const unsigned char ad, unsigned long long adlen, const unsigned char npub, const unsigned char *k)
	Decrypts and authenticates a packet with Schwaemm256-128. More...

int	schwaemm_192_192_aead_encrypt (unsigned char c, unsigned long long clen, const unsigned char m, unsigned long long mlen, const unsigned char ad, unsigned long long adlen, const unsigned char nsec, const unsigned char npub, const unsigned char *k)
	Encrypts and authenticates a packet with Schwaemm192-192. More...

int	schwaemm_192_192_aead_decrypt (unsigned char m, unsigned long long mlen, unsigned char nsec, const unsigned char c, unsigned long long clen, const unsigned char ad, unsigned long long adlen, const unsigned char npub, const unsigned char *k)
	Decrypts and authenticates a packet with Schwaemm192-192. More...

int	schwaemm_128_128_aead_encrypt (unsigned char c, unsigned long long clen, const unsigned char m, unsigned long long mlen, const unsigned char ad, unsigned long long adlen, const unsigned char nsec, const unsigned char npub, const unsigned char *k)
	Encrypts and authenticates a packet with Schwaemm128-128. More...

int	schwaemm_128_128_aead_decrypt (unsigned char m, unsigned long long mlen, unsigned char nsec, const unsigned char c, unsigned long long clen, const unsigned char ad, unsigned long long adlen, const unsigned char npub, const unsigned char *k)
	Decrypts and authenticates a packet with Schwaemm128-128. More...

int	schwaemm_256_256_aead_encrypt (unsigned char c, unsigned long long clen, const unsigned char m, unsigned long long mlen, const unsigned char ad, unsigned long long adlen, const unsigned char nsec, const unsigned char npub, const unsigned char *k)
	Encrypts and authenticates a packet with Schwaemm256-256. More...

int	schwaemm_256_256_aead_decrypt (unsigned char m, unsigned long long mlen, unsigned char nsec, const unsigned char c, unsigned long long clen, const unsigned char ad, unsigned long long adlen, const unsigned char npub, const unsigned char *k)
	Decrypts and authenticates a packet with Schwaemm256-256. More...

int	esch_256_hash (unsigned char out, const unsigned char in, unsigned long long inlen)
	Hashes a block of input data with Esch256 to generate a hash value. More...

void	esch_256_hash_init (esch_256_hash_state_t *state)
	Initializes the state for an Esch256 hashing operation. More...

void	esch_256_hash_update (esch_256_hash_state_t state, const unsigned char in, unsigned long long inlen)
	Updates an Esch256 state with more input data. More...

void	esch_256_hash_finalize (esch_256_hash_state_t state, unsigned char out)
	Returns the final hash value from an Esch256 hashing operation. More...

int	esch_384_hash (unsigned char out, const unsigned char in, unsigned long long inlen)
	Hashes a block of input data with Esch384 to generate a hash value. More...

void	esch_384_hash_init (esch_384_hash_state_t *state)
	Initializes the state for an Esch384 hashing operation. More...

void	esch_384_hash_update (esch_384_hash_state_t state, const unsigned char in, unsigned long long inlen)
	Updates an Esch384 state with more input data. More...

void	esch_384_hash_finalize (esch_384_hash_state_t state, unsigned char out)
	Returns the final hash value from an Esch384 hashing operation. More...

Variables
aead_cipher_t const	schwaemm_256_128_cipher
	Meta-information block for the Schwaemm256-128 cipher.

aead_cipher_t const	schwaemm_192_192_cipher
	Meta-information block for the Schwaemm192-192 cipher.

aead_cipher_t const	schwaemm_128_128_cipher
	Meta-information block for the Schwaemm128-128 cipher.

aead_cipher_t const	schwaemm_256_256_cipher
	Meta-information block for the Schwaemm256-256 cipher.

aead_hash_algorithm_t const	esch_256_hash_algorithm
	Meta-information block for the Esch256 hash algorithm.

aead_hash_algorithm_t const	esch_384_hash_algorithm
	Meta-information block for the Esch384 hash algorithm.

Detailed Description

Encryption and hash algorithms based on the SPARKLE permutation.

SPARKLE is a family of encryption and hash algorithms that are based around the SPARKLE permutation. There are three versions of the permutation with 256-bit, 384-bit, and 512-bit state sizes. The algorithms in the family are:

Schwaemm256-128 with a 128-bit key, a 256-bit nonce, and a 128-bit tag. This is the primary encryption algorithm in the family.
Schwaemm192-192 with a 192-bit key, a 192-bit nonce, and a 192-bit tag.
Schwaemm128-128 with a 128-bit key, a 128-bit nonce, and a 128-bit tag.
Schwaemm256-256 with a 256-bit key, a 256-bit nonce, and a 256-bit tag.
Esch256 hash algorithm with a 256-bit digest output. This is the primary hash algorithm in the family.
Esch384 hash algorithm with a 384-bit digest output.

References: https://www.cryptolux.org/index.php/Sparkle

Function Documentation

int esch_256_hash	(	unsigned char *	out,
		const unsigned char *	in,
		unsigned long long	inlen
	)

Hashes a block of input data with Esch256 to generate a hash value.

Parameters

out	Buffer to receive the hash output which must be at least ESCH_256_HASH_SIZE bytes in length.
in	Points to the input data to be hashed.
inlen	Length of the input data in bytes.

Returns: Returns zero on success or -1 if there was an error in the parameters.

void esch_256_hash_finalize	(	esch_256_hash_state_t *	state,
		unsigned char *	out
	)

Returns the final hash value from an Esch256 hashing operation.

Parameters

state	Hash state to be finalized.
out	Points to the output buffer to receive the 32-byte hash value.

See Also: esch_256_hash_init(), esch_256_hash_update()

void esch_256_hash_init ( esch_256_hash_state_t * state )

Initializes the state for an Esch256 hashing operation.

Parameters

state Hash state to be initialized.

See Also: esch_256_hash_update(), esch_256_hash_finalize(), esch_256_hash()

void esch_256_hash_update	(	esch_256_hash_state_t *	state,
		const unsigned char *	in,
		unsigned long long	inlen
	)

Updates an Esch256 state with more input data.

Parameters

state	Hash state to be updated.
in	Points to the input data to be incorporated into the state.
inlen	Length of the input data to be incorporated into the state.

See Also: esch_256_hash_init(), esch_256_hash_finalize()

int esch_384_hash	(	unsigned char *	out,
		const unsigned char *	in,
		unsigned long long	inlen
	)

Hashes a block of input data with Esch384 to generate a hash value.

Parameters

out	Buffer to receive the hash output which must be at least ESCH_384_HASH_SIZE bytes in length.
in	Points to the input data to be hashed.
inlen	Length of the input data in bytes.

Returns: Returns zero on success or -1 if there was an error in the parameters.

void esch_384_hash_finalize	(	esch_384_hash_state_t *	state,
		unsigned char *	out
	)

Returns the final hash value from an Esch384 hashing operation.

Parameters

state	Hash state to be finalized.
out	Points to the output buffer to receive the 48-byte hash value.

See Also: esch_384_hash_init(), esch_384_hash_update()

void esch_384_hash_init ( esch_384_hash_state_t * state )

Initializes the state for an Esch384 hashing operation.

Parameters

state Hash state to be initialized.

See Also: esch_384_hash_update(), esch_384_hash_finalize(), esch_384_hash()

void esch_384_hash_update	(	esch_384_hash_state_t *	state,
		const unsigned char *	in,
		unsigned long long	inlen
	)

Updates an Esch384 state with more input data.

Parameters

state	Hash state to be updated.
in	Points to the input data to be incorporated into the state.
inlen	Length of the input data to be incorporated into the state.

See Also: esch_384_hash_init(), esch_384_hash_finalize()

int schwaemm_128_128_aead_decrypt	(	unsigned char *	m,
		unsigned long long *	mlen,
		unsigned char *	nsec,
		const unsigned char *	c,
		unsigned long long	clen,
		const unsigned char *	ad,
		unsigned long long	adlen,
		const unsigned char *	npub,
		const unsigned char *	k
	)

Decrypts and authenticates a packet with Schwaemm128-128.

Parameters

m	Buffer to receive the plaintext message on output.
mlen	Receives the length of the plaintext message on output.
nsec	Secret nonce - not used by this algorithm.
c	Buffer that contains the ciphertext and authentication tag to decrypt.
clen	Length of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag.
ad	Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlen	Length of the associated data in bytes.
npub	Points to the public nonce for the packet which must be 16 bytes in length.
k	Points to the 16 bytes of the key to use to decrypt the packet.

Returns: 0 on success, -1 if the authentication tag was incorrect, or some other negative number if there was an error in the parameters.

See Also: schwaemm_128_128_aead_encrypt()

int schwaemm_128_128_aead_encrypt	(	unsigned char *	c,
		unsigned long long *	clen,
		const unsigned char *	m,
		unsigned long long	mlen,
		const unsigned char *	ad,
		unsigned long long	adlen,
		const unsigned char *	nsec,
		const unsigned char *	npub,
		const unsigned char *	k
	)

Encrypts and authenticates a packet with Schwaemm128-128.

Parameters

c	Buffer to receive the output.
clen	On exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag.
m	Buffer that contains the plaintext message to encrypt.
mlen	Length of the plaintext message in bytes.
ad	Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlen	Length of the associated data in bytes.
nsec	Secret nonce - not used by this algorithm.
npub	Points to the public nonce for the packet which must be 16 bytes in length.
k	Points to the 16 bytes of the key to use to encrypt the packet.

Returns: 0 on success, or a negative value if there was an error in the parameters.

See Also: schwaemm_128_128_aead_decrypt()

int schwaemm_192_192_aead_decrypt	(	unsigned char *	m,
		unsigned long long *	mlen,
		unsigned char *	nsec,
		const unsigned char *	c,
		unsigned long long	clen,
		const unsigned char *	ad,
		unsigned long long	adlen,
		const unsigned char *	npub,
		const unsigned char *	k
	)

Decrypts and authenticates a packet with Schwaemm192-192.

Parameters

m	Buffer to receive the plaintext message on output.
mlen	Receives the length of the plaintext message on output.
nsec	Secret nonce - not used by this algorithm.
c	Buffer that contains the ciphertext and authentication tag to decrypt.
clen	Length of the input data in bytes, which includes the ciphertext and the 24 byte authentication tag.
ad	Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlen	Length of the associated data in bytes.
npub	Points to the public nonce for the packet which must be 24 bytes in length.
k	Points to the 24 bytes of the key to use to decrypt the packet.

Returns: 0 on success, -1 if the authentication tag was incorrect, or some other negative number if there was an error in the parameters.

See Also: schwaemm_192_192_aead_encrypt()

int schwaemm_192_192_aead_encrypt	(	unsigned char *	c,
		unsigned long long *	clen,
		const unsigned char *	m,
		unsigned long long	mlen,
		const unsigned char *	ad,
		unsigned long long	adlen,
		const unsigned char *	nsec,
		const unsigned char *	npub,
		const unsigned char *	k
	)

Encrypts and authenticates a packet with Schwaemm192-192.

Parameters

c	Buffer to receive the output.
clen	On exit, set to the length of the output which includes the ciphertext and the 24 byte authentication tag.
m	Buffer that contains the plaintext message to encrypt.
mlen	Length of the plaintext message in bytes.
ad	Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlen	Length of the associated data in bytes.
nsec	Secret nonce - not used by this algorithm.
npub	Points to the public nonce for the packet which must be 24 bytes in length.
k	Points to the 24 bytes of the key to use to encrypt the packet.

Returns: 0 on success, or a negative value if there was an error in the parameters.

See Also: schwaemm_192_192_aead_decrypt()

int schwaemm_256_128_aead_decrypt	(	unsigned char *	m,
		unsigned long long *	mlen,
		unsigned char *	nsec,
		const unsigned char *	c,
		unsigned long long	clen,
		const unsigned char *	ad,
		unsigned long long	adlen,
		const unsigned char *	npub,
		const unsigned char *	k
	)

Decrypts and authenticates a packet with Schwaemm256-128.

Parameters

m	Buffer to receive the plaintext message on output.
mlen	Receives the length of the plaintext message on output.
nsec	Secret nonce - not used by this algorithm.
c	Buffer that contains the ciphertext and authentication tag to decrypt.
clen	Length of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag.
ad	Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlen	Length of the associated data in bytes.
npub	Points to the public nonce for the packet which must be 32 bytes in length.
k	Points to the 16 bytes of the key to use to decrypt the packet.

Returns: 0 on success, -1 if the authentication tag was incorrect, or some other negative number if there was an error in the parameters.

See Also: schwaemm_256_128_aead_encrypt()

int schwaemm_256_128_aead_encrypt	(	unsigned char *	c,
		unsigned long long *	clen,
		const unsigned char *	m,
		unsigned long long	mlen,
		const unsigned char *	ad,
		unsigned long long	adlen,
		const unsigned char *	nsec,
		const unsigned char *	npub,
		const unsigned char *	k
	)

Encrypts and authenticates a packet with Schwaemm256-128.

Parameters

c	Buffer to receive the output.
clen	On exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag.
m	Buffer that contains the plaintext message to encrypt.
mlen	Length of the plaintext message in bytes.
ad	Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlen	Length of the associated data in bytes.
nsec	Secret nonce - not used by this algorithm.
npub	Points to the public nonce for the packet which must be 32 bytes in length.
k	Points to the 16 bytes of the key to use to encrypt the packet.

Returns: 0 on success, or a negative value if there was an error in the parameters.

See Also: schwaemm_256_128_aead_decrypt()

int schwaemm_256_256_aead_decrypt	(	unsigned char *	m,
		unsigned long long *	mlen,
		unsigned char *	nsec,
		const unsigned char *	c,
		unsigned long long	clen,
		const unsigned char *	ad,
		unsigned long long	adlen,
		const unsigned char *	npub,
		const unsigned char *	k
	)

Decrypts and authenticates a packet with Schwaemm256-256.

Parameters

m	Buffer to receive the plaintext message on output.
mlen	Receives the length of the plaintext message on output.
nsec	Secret nonce - not used by this algorithm.
c	Buffer that contains the ciphertext and authentication tag to decrypt.
clen	Length of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag.
ad	Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlen	Length of the associated data in bytes.
npub	Points to the public nonce for the packet which must be 16 bytes in length.
k	Points to the 16 bytes of the key to use to decrypt the packet.

Returns: 0 on success, -1 if the authentication tag was incorrect, or some other negative number if there was an error in the parameters.

See Also: schwaemm_256_256_aead_encrypt()

int schwaemm_256_256_aead_encrypt	(	unsigned char *	c,
		unsigned long long *	clen,
		const unsigned char *	m,
		unsigned long long	mlen,
		const unsigned char *	ad,
		unsigned long long	adlen,
		const unsigned char *	nsec,
		const unsigned char *	npub,
		const unsigned char *	k
	)

Encrypts and authenticates a packet with Schwaemm256-256.

Parameters

c	Buffer to receive the output.
clen	On exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag.
m	Buffer that contains the plaintext message to encrypt.
mlen	Length of the plaintext message in bytes.
ad	Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlen	Length of the associated data in bytes.
nsec	Secret nonce - not used by this algorithm.
npub	Points to the public nonce for the packet which must be 16 bytes in length.
k	Points to the 16 bytes of the key to use to encrypt the packet.

Returns: 0 on success, or a negative value if there was an error in the parameters.

See Also: schwaemm_256_256_aead_decrypt()

Data Structures

Macros

Functions

Variables

Detailed Description

Function Documentation