IPWorks Encrypt 2020 JavaScript Edition

Questions / Feedback?

ChaCha Class

Properties   Methods   Events   Configuration Settings   Errors  

The ChaCha class can be used to encrypt and decrypt data with the ChaCha20 algorithm.

Syntax

ipworksencrypt.chacha()

Remarks

The class implements ChaCha20 as defined in RFC 7539. This may be used to both encrypt and decrypt data. The class also support Authenticated Encryption with Additional Data (AEAD) via AEAD_CHACHA20_POLY1305. To enable the use of AEAD set UseAEAD to True.

Data may be encrypted and decrypted in its entirety by calling Encrypt and Decrypt or chunk by chunk by calling EncryptBlock and DecryptBlock.

In all operations a Key and IV must be used. If IV is not set one is automatically generated. KeyPassword may be set in order to automatically generate both a Key and IV when a method is called. The same KeyPassword, or Key and IV pair are used on both sides of the operation data can be encrypted and decrypted.

Encrypt Notes

Encrypt will encrypt the specified data. The following properties are applicable:

Input and Output Properties

The class will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

When a valid source is found the search stops. The order in which the output properties are checked is as follows:

Additional Notes

The Key property must be set to a 256 bit (32 byte) value. This is the only allowed value for ChaCha20. If KeyPassword is set both Key and IV will be automatically generated when Encrypt is called.

The IV should typically be set to a 96 bit (12 byte) value. See the IV property for details on using a 64 bit (8 byte) value. If IV is not set a 96 bit (12 byte) value will automatically be generated by the class when Encrypt is called.

InitialCounter may be set for specific cases where an initial counter of 1 is needed. The default value is 0 and is recommended.

During encryption the Progress event will fire as data is encrypted.

Encrypt Example


Chacha chacha = new Chacha();
chacha.KeyB = new byte[]{ 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.InputMessage = "hello chacha!";
chacha.Encrypt();

//chacha.OutputMessageB contains the byte[] of the encrypted data. The above code produces the following encrypted bytes.
// {0x35, 0xBA, 0x31, 0x60, 0x02, 0x77, 0x57, 0x06, 0x5F, 0x6E, 0xE0, 0xD4, 0x76}

AEAD Notes

When encrypting and UseAEAD is True AdditionalAuthData optionally holds data that is authenticated but not encrypted.

After encrypting the message the AuthTag property will be populated. To include the AuthTag in the output set IncludeAuthTag to True.

Encrypt with AEAD Example


Chacha chacha = new Chacha();
chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };

chacha.UseAEAD = true;
chacha.AdditionalAuthData = "my auth data.";
chacha.InputMessage = "hello chacha!";
chacha.Encrypt();

//chacha.OutputMessageB contains the byte[] of the encrypted data. The above code produces the following encrypted bytes:
// {0x67, 0xF5, 0xC7, 0xE4, 0xE6, 0xD6, 0xC2, 0xF4, 0x09, 0xE3, 0x90, 0xF2, 0x65}

//chacha.AuthTagB contains the byte[] of the AuthTag. The above code produces the following authentication tag:
// {0x46, 0x35, 0xFD, 0x33, 0x30, 0x52, 0xAA, 0x6B, 0xBA, 0x32, 0x16, 0xA6, 0x48, 0x12, 0x52, 0x78}

Encrypt Block Notes

EncryptBlock will encrypt the input data and return the encrypted block. The encrypted block will always be the same length as the decrypted data. The following properties are applicable:

  • IV (required)
  • Key (required)

InputBuffer specifies the input data to encrypt.

LastBlock specifies whether the block is the last block. Required when UseAEAD is True. When LastBlock is True the class will calculate the AuthTag value. If UseAEAD is False the value of LastBlock is not used.

EncryptBlock Example


Chacha chacha = new Chacha();
chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.UseAEAD = true;

byte[] tempEncryptedBlock;

//Encrypt any number of blocks of any size
tempEncryptedBlock = chacha.EncryptBlock(part1, false);
tempEncryptedBlock = chacha.EncryptBlock(part2, false);

//Pass true for the last block
tempEncryptedBlock = chacha.EncryptBlock(part3, true);

//Save AuthTag for use when decrypting
byte[] authTab = chacha.AuthTagB;

Decrypt Notes

Decrypt will decrypt the specified data. The following properties are applicable:

Input and Output Properties

The class will determine the source and destination of the input and output based on which properties are set.

The order in which the input properties are checked is as follows:

When a valid source is found the search stops. The order in which the output properties are checked is as follows:

Additional Notes

The Key property must be set to the 256 bit (32 byte) value originally used to encrypt the data. IV must be set to the original IV value used to encrypt the data.

If using a password, KeyPassword must be set to the same KeyPassword used when encrypting the data. This will automatically generate both Key and IV when Decrypt is called.

InitialCounter may be set for specific cases where an initial counter of 1 is needed. The default value is 0 and is recommended.

During decryption the Progress event will fire as data is decrypted.

Decrypt Example


Chacha chacha = new Chacha();
chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.InputMessageB = new byte[] { 0x35, 0xBA, 0x31, 0x60, 0x02, 0x77, 0x57, 0x06, 0x5F, 0x6E, 0xE0, 0xD4, 0x76 };
chacha.Decrypt();

Console.WriteLine(chacha.OutputMessage); //outputs "hello chacha!"

AEAD Notes

When decrypting AdditionalAuthData must be set to the same value that was specified when encrypting. AuthTag must be set to the AuthTag value produced when encrypting.

Note: IncludeAuthTag may be set to True if the AuthTag value was included in the encrypted message.

Decrypt with AEAD Example


Chacha chacha = new Chacha();
chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.AuthTagB = new byte[] { 0x46, 0x35, 0xFD, 0x33, 0x30, 0x52, 0xAA, 0x6B, 0xBA, 0x32, 0x16, 0xA6, 0x48, 0x12, 0x52, 0x78 };
chacha.InputMessageB = new byte[] { 0x67, 0xF5, 0xC7, 0xE4, 0xE6, 0xD6, 0xC2, 0xF4, 0x09, 0xE3, 0x90, 0xF2, 0x65 };

chacha.UseAEAD = true;
chacha.AdditionalAuthData = "my auth data.";
chacha.Decrypt();

Console.WriteLine(chacha.OutputMessage); //outputs "hello chacha!"

Decrypt Block Notes

DecryptBlock will decrypt the input data and return the decrypted block. The decrypted block will always be the same length as the encrypted data. The following properties are applicable:

  • IV (required)
  • Key (required)

InputBuffer specifies the input data to decrypt.

LastBlock specifies whether the block is the last block. Required when UseAEAD is True. When LastBlock is True the class will validate the AuthTag value. If UseAEAD is False the value of LastBlock is not used.

DecryptBlock Example


Chacha chacha = new Chacha();
chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.UseAEAD = true;
cahcha.AuthTagB = authTag; //Value calculated during encryption.

byte[] tempDecryptedBlock;

//Decrypt any number of blocks of any size
tempDecryptedBlock = chacha.DecryptBlock(part1, false);
tempDecryptedBlock = chacha.DecryptBlock(part2, false);

//Pass true for the last block
tempDecryptedBlock = chacha.DecryptBlock(part3, true);

Property List


The following is the full list of the properties of the class with short descriptions. Click on the links for further details.

AdditionalAuthDataAdditional Authentication Data (AAD) used when UseAEAD is True.
AuthTagThe authentication tag used when UseAEAD is set to True.
InputFileThe file to process.
InputMessageThe message to process.
IVThe initialization vector (IV).
KeyThe secret key for the symmetric algorithm.
KeyPasswordA password to generate the Key and IV .
OutputFileThe output file when encrypting or decrypting.
OutputMessageThe output message after processing.
OverwriteIndicates whether or not the class should overwrite files.
UseAEADWhether to use AEAD (Authenticated Encryption with Additional Data).
UseHexWhether input or output is hex encoded.

Method List


The following is the full list of the methods of the class with short descriptions. Click on the links for further details.

ConfigSets or retrieves a configuration setting.
DecryptDecrypts the data.
DecryptBlockDecrypts a block and returns the decrypted data.
EncryptEncrypts the data.
EncryptBlockEncrypts data and returns the encrypted block.
ResetResets the class.

Event List


The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.

ErrorInformation about errors during data delivery.
ProgressFired as progress is made.

Configuration Settings


The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.

IncludeAuthTagWhether to append the authentication tag to the cipher text when UseAEAD is True.
IncludeIVWhether to prepend the IV to the output data and read the IV from the input data.
InitialCounterThe initial counter value.
IVLengthThe IV length in bytes.
KeyPasswordAlgorithmThe hash algorithm used to derive the Key and IV from the KeyPassword property.
KeyPasswordIterationsThe number of iterations performed when using KeyPassword to derive the Key and IV.
KeyPasswordSaltThe salt value used in conjunction with the KeyPassword to derive the Key and IV.
BuildInfoInformation about the product's build.
CodePageThe system code page used for Unicode to Multibyte translations.
LicenseInfoInformation about the current license.
UseInternalSecurityAPITells the class whether or not to use the system security libraries or an internal implementation.

Copyright (c) 2022 /n software inc. - All rights reserved.
IPWorks Encrypt 2020 JavaScript Edition - Version 20.0 [Build 8262]