@eryx/crypto/hazmat/chacha20 ModuleChaCha20 stream cipher and ChaCha20-Poly1305 AEAD.
ChaCha20 is a fast, secure stream cipher designed by Daniel J. Bernstein. It is widely used in TLS 1.3 and WireGuard as an alternative to AES when hardware AES acceleration is unavailable.
Key: 32 bytes. Nonce: 12 bytes. Counter starts at 0.
local chacha20 = require("@eryx/crypto/hazmat/chacha20")
local key = buffer.create(32) -- 32 zero bytes (use a real key!)
local nonce = buffer.create(12) -- 12 zero bytes
-- Authenticated encryption
local enc = chacha20.new(key, "poly1305", "encrypt", nonce)
local ct = enc:update(buffer.fromstring("secret"))
local tail = enc:final()
local tag = enc:getTag()
local dec = chacha20.new(key, "poly1305", "decrypt", nonce)
dec:setTag(tag)
local pt = dec:update(ct)
local ptTail = dec:final()
Creates a streaming ChaCha20 context.
For stream, the nonce must be 12 bytes and the context behaves like a
raw stream cipher with no authentication.
For poly1305, the nonce must also be 12 bytes and you can use
Context.updateAAD, Context.setTag, and Context.getTag for
AEAD operation.
32-byte ChaCha20 key.
"stream" or "poly1305".
"encrypt" or "decrypt".
12-byte nonce.
Streaming ChaCha20 context.