c

chacha20.h

@@ -1,16 +1,100 @@
-/* define SLOWGRAPH_IMPL */
+/*
+ * Copyright (c) 2025 Alexander Nutz
+ * MIT licensed, see below documentation
+ *
+ *
+ * ======== ChaCha20 stream chiper ========
+ *
+ * Security considerations:
+ * - manually zeroize memory (depending on your application)
+ * - length extension attack:
+ *   ChaCha20 is only a stream chiper, and, like AES,
+ *   does NOT prevent against length extension attacks.
+ *   Consider using ChaCha20-Poly1305 instead.
+ *
+ *
+ * Configuration options:
+ * - SLOWCRYPT_CHACHA20_IMPL
+ * - SLOWCRYPT_CHACHA20_FUNC
+ *     will be used in front of every function definition / declaration
+ * - SLOWCRYPT_CHACHA20_UINT32
+ *     if this is not set, will include <stdint.h>, and use `uint32_t`
+ *
+ *
+ * Compatibility:
+ *   requires only a C89 compiler.
+ *
+ *
+ * Usage example 1: en-/de- crypt blocks of data
+ *     slowcrypt_chacha20 state[2];
+ *     uint32_t ctr = 1;
+ *     char buf[64];
+ *
+ *     iterate over blocks {
+ *       copy block into buf (can pad with zeros)
+ *       slowcrypt_chacha20_block(state, key, ctr, nonce, buf);
+ *       ctr += 1;
+ *     }
+ *
+ *     # optionally zeroize memory
+ *     slowcrypt_chacha20_deinit(&state[0]);
+ *     slowcrypt_chacha20_deinit(&state[1]);
+ *     bzero(buf, 64);
+ *
+ *
+ * Usage example 2: CSPRNG (cryptographically secure pseudo random number generator)
+ *     slowcrypt_chacha20 state[2];
+ *     uint32_t ctr = 1;
+ *     char buf[64];
+ *
+ *     while need random numbers {
+ *       slowcrypt_chacha20_init(state, key, block_ctr, nonce);
+ *       slowcrypt_chacha20_run(state, &state[1], 20);
+ *       slowcrypt_chacha20_serialize(buf, state);
+ *       yield buf
+ *       ctr += 1;
+ *     }
+ *
+ *     # optionally zeroize memory
+ *     slowcrypt_chacha20_deinit(&state[0]);
+ *     slowcrypt_chacha20_deinit(&state[1]);
+ *     bzero(buf, 64);
+ *
+ */
+
+/*
+ * Copyright (c) 2025 Alexander Nutz
+ * Permission is hereby granted, free of charge, to any person obtaining a copy of
+ * this software and associated documentation files (the "Software"), to deal in
+ * the Software without restriction, including without limitation the rights to
+ * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+ * of the Software, and to permit persons to whom the Software is furnished to do
+ * so, subject to the following conditions:
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
 
 #ifndef SLOWCRYPT_CHACHA20_H
 #define SLOWCRYPT_CHACHA20_H
 
+#ifndef SLOWCRYPT_CHACHA20_UINT32
 #include <stdint.h>
+#define SLOWCRYPT_CHACHA20_UINT32 uint32_t
+#endif
 
 #ifndef SLOWCRYPT_CHACHA20_FUNC
 #define SLOWCRYPT_CHACHA20_FUNC /**/
 #endif
 
 typedef struct {
-  uint32_t state[16];
+  SLOWCRYPT_CHACHA20_UINT32 state[16];
 } slowcrypt_chacha20;
 
 /*
@@ -20,7 +104,7 @@ typedef struct {
  */
 SLOWCRYPT_CHACHA20_FUNC void
 slowcrypt_chacha20_block(slowcrypt_chacha20 state[2], char const key[32],
-                         uint32_t block_ctr, char const nonce[12],
+                         SLOWCRYPT_CHACHA20_UINT32 block_ctr, char const nonce[12],
                          char data[64]);
 
 /* call this to zero out memory */
@@ -29,7 +113,7 @@ slowcrypt_chacha20_deinit(slowcrypt_chacha20 *state);
 
 SLOWCRYPT_CHACHA20_FUNC void slowcrypt_chacha20_init(slowcrypt_chacha20 *state,
                                                      char const key[32],
-                                                     uint32_t block_ctr,
+                                                     SLOWCRYPT_CHACHA20_UINT32 block_ctr,
                                                      char const nonce[12]);
 
 SLOWCRYPT_CHACHA20_FUNC void
@@ -42,15 +126,15 @@ SLOWCRYPT_CHACHA20_FUNC void slowcrypt_chacha20_run(slowcrypt_chacha20 *state,
                                                     slowcrypt_chacha20 *swap,
                                                     int num_rounds);
 
-SLOWCRYPT_CHACHA20_FUNC uint32_t slowcrypt_chacha20_read_ul32(char const *buf);
+SLOWCRYPT_CHACHA20_FUNC SLOWCRYPT_CHACHA20_UINT32 slowcrypt_chacha20_read_ul32(char const *buf);
 
 SLOWCRYPT_CHACHA20_FUNC void slowcrypt_chacha20_write_ul32(char *buf,
-                                                           uint32_t val);
+                                                           SLOWCRYPT_CHACHA20_UINT32 val);
 
-#define SLOWCRYPT_CHACHA20_LAST32(n, bits) (((uint32_t)(n)) >> (32 - (bits)))
+#define SLOWCRYPT_CHACHA20_LAST32(n, bits) (((SLOWCRYPT_CHACHA20_UINT32)(n)) >> (32 - (bits)))
 
 #define SLOWCRYPT_CHACHA20_ROL32(n, by)                                        \
-  ((((uint32_t)(n)) << (by)) | SLOWCRYPT_CHACHA20_LAST32((n), (by)))
+  ((((SLOWCRYPT_CHACHA20_UINT32)(n)) << (by)) | SLOWCRYPT_CHACHA20_LAST32((n), (by)))
 
 #define SLOWCRYPT_CHACHA20_QROUND(state, a, b, c, d)                           \
   do {                                                                         \
@@ -80,16 +164,16 @@ slowcrypt_chacha20_deinit(slowcrypt_chacha20 *state) {
     *(volatile int *)&state->state[i] = 0;
 }
 
-SLOWCRYPT_CHACHA20_FUNC uint32_t slowcrypt_chacha20_read_ul32(char const *buf) {
-  uint32_t o = (uint32_t)((uint8_t const *)buf)[0];
-  o |= (uint32_t)((uint8_t const *)buf)[1] << 8;
-  o |= (uint32_t)((uint8_t const *)buf)[2] << 16;
-  o |= (uint32_t)((uint8_t const *)buf)[3] << 24;
+SLOWCRYPT_CHACHA20_FUNC SLOWCRYPT_CHACHA20_UINT32 slowcrypt_chacha20_read_ul32(char const *buf) {
+  SLOWCRYPT_CHACHA20_UINT32 o = (SLOWCRYPT_CHACHA20_UINT32)((uint8_t const *)buf)[0];
+  o |= (SLOWCRYPT_CHACHA20_UINT32)((uint8_t const *)buf)[1] << 8;
+  o |= (SLOWCRYPT_CHACHA20_UINT32)((uint8_t const *)buf)[2] << 16;
+  o |= (SLOWCRYPT_CHACHA20_UINT32)((uint8_t const *)buf)[3] << 24;
   return o;
 }
 
 SLOWCRYPT_CHACHA20_FUNC void slowcrypt_chacha20_write_ul32(char *buf,
-                                                           uint32_t val) {
+                                                           SLOWCRYPT_CHACHA20_UINT32 val) {
   ((uint8_t *)buf)[0] = (uint8_t)(val & 0xFF);
   ((uint8_t *)buf)[1] = (uint8_t)((val >> 8) & 0xFF);
   ((uint8_t *)buf)[2] = (uint8_t)((val >> 16) & 0xFF);
@@ -98,7 +182,7 @@ SLOWCRYPT_CHACHA20_FUNC void slowcrypt_chacha20_write_ul32(char *buf,
 
 SLOWCRYPT_CHACHA20_FUNC void slowcrypt_chacha20_init(slowcrypt_chacha20 *state,
                                                      char const key[32],
-                                                     uint32_t block_ctr,
+                                                     SLOWCRYPT_CHACHA20_UINT32 block_ctr,
                                                      char const nonce[12]) {
   int i;
   state->state[0] = 0x61707865;
@@ -162,7 +246,7 @@ SLOWCRYPT_CHACHA20_FUNC void slowcrypt_chacha20_run(slowcrypt_chacha20 *state,
 
 SLOWCRYPT_CHACHA20_FUNC void
 slowcrypt_chacha20_block(slowcrypt_chacha20 state[2], char const key[32],
-                         uint32_t block_ctr, char const nonce[12],
+                         SLOWCRYPT_CHACHA20_UINT32 block_ctr, char const nonce[12],
                          char data[64]) {
   slowcrypt_chacha20_init(state, key, block_ctr, nonce);
   slowcrypt_chacha20_run(state, &state[1], 20);