pierrelf.com / we

we (web engine): Experimental web browser project to understand the limits of Claude

ChaCha20-Poly1305 AEAD (RFC 8439) #50

open opened by

pierrelf.com 1 week ago

Phase 5: Pure Rust Crypto#

Implement ChaCha20-Poly1305 authenticated encryption in the crypto crate per RFC 8439.

Requirements#

ChaCha20 stream cipher (RFC 8439 §2.3-2.4):

Quarter round function
ChaCha20 block function (20 rounds)
Counter-mode encryption/decryption
256-bit key, 96-bit nonce, 32-bit counter

Poly1305 MAC (RFC 8439 §2.5):

One-time authenticator over GF(2^130 - 5)
256-bit key (r, s pair)

AEAD construction (RFC 8439 §2.8):

Poly1305 key generation from ChaCha20
Encrypt: (key, nonce, plaintext, AAD) -> (ciphertext, tag)
Decrypt: (key, nonce, ciphertext, AAD, tag) -> plaintext or error
Padding and length encoding per RFC 8439 §2.8

Acceptance Criteria#

ChaCha20 stream cipher
Poly1305 MAC
ChaCha20-Poly1305 AEAD encrypt/decrypt
Pass RFC 8439 test vectors (§2.3.2, §2.4.2, §2.5.2, §2.6.2, §2.8.2)
Tag verification fails on tampered data
cargo test -p we-crypto passes
cargo clippy -p we-crypto -- -D warnings clean

sign up or login to add to the discussion

Labels

None yet.

assignee

None yet.

Participants 1

AT URI

at://did:plc:meotu43t6usg4qdwzenk4s2t/sh.tangled.repo.issue/3mgemtguejt2x