Skip to contents

ChaCha20-Poly1305 IETF authenticated encryption

Source: R/crypto_sym.R
morie_crypto_chacha20_poly1305_encrypt.Rd

Phase 3JJJ1. Wraps libsodium's crypto_aead_chacha20poly1305_ietf_encrypt (RFC 8439 IETF variant: 32-byte key, 12-byte nonce, 16-byte authentication tag).

Usage

morie_crypto_chacha20_poly1305_encrypt(key, nonce, plaintext, aad = raw(0))

Arguments

key

32-byte raw vector.

nonce

12-byte raw vector (single-use per key; reuse is catastrophic).

plaintext

Raw vector to encrypt (may be empty).

aad

Optional raw vector of additional authenticated data (default empty).

Value

List with ct (raw vector, length = length(plaintext)) and tag (raw vector, 16 bytes).

Details

Byte-compatible with the Python morie chacha20_poly1305_encrypt(key, nonce, plaintext, aad). The C transport returns ciphertext || tag as a single buffer; this R wrapper splits it into list(ct = ..., tag = ...) to match the Python tuple return shape.

Examples

if (morie_crypto_sodium_available()) {
  k <- morie_crypto_random_bytes(32)
  n <- morie_crypto_random_bytes(12)
  r <- morie_crypto_chacha20_poly1305_encrypt(k, n, charToRaw("hello"))
  p <- morie_crypto_chacha20_poly1305_decrypt(k, n, c(r$ct, r$tag))
  rawToChar(p)
}
#> [1] "hello"