ChaCha Class
Properties Methods Events Config Settings Errors
The ChaCha class can be used to encrypt and decrypt data with the ChaCha20 algorithm.
Syntax
ChaCha
Remarks
The class implements ChaCha20 as defined in RFC 7539. This may be used to both encrypt and decrypt data. The class also support Authenticated Encryption with Additional Data (AEAD) via AEAD_CHACHA20_POLY1305. To enable the use of AEAD set UseAEAD to True.
Data may be encrypted and decrypted in its entirety by calling Encrypt and Decrypt or chunk by chunk by calling EncryptBlock and DecryptBlock.
In all operations a Key and IV must be used. If IV is not set one is automatically generated. KeyPassword may be set in order to automatically generate both a Key and IV when a method is called. The same KeyPassword, or Key and IV pair are used on both sides of the operation data can be encrypted and decrypted.
Encrypt Notes
Encrypt will encrypt the specified data. The following properties are applicable:
- IV (required)
- Key (required)
- UseAEAD (optional)
- AdditionalAuthData (optional - applicable if UseAEAD is True);
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
When a valid source is found, the search stops. The order in which the output properties are checked is as follows:
- SetOutputStream
- OutputFile
- OutputMessage: The output data is written to this property if no other destination is specified.
When using streams, you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.
Additional Notes
The Key property must be set to a 256 bit (32 byte) value. This is the only allowed value for ChaCha20. If KeyPassword is set both Key and IV will be automatically generated when Encrypt is called.
The IV should typically be set to a 96 bit (12 byte) value. See the IV property for details on using a 64 bit (8 byte) value. If IV is not set a 96 bit (12 byte) value will automatically be generated by the class when Encrypt is called.
InitialCounter may be set for specific cases where an initial counter of 1 is needed. The default value is 0 and is recommended.
During encryption the Progress event will fire as data is encrypted.
Encrypt Example
Chacha chacha = new Chacha();
chacha.KeyB = new byte[]{ 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.InputMessage = "hello chacha!";
chacha.Encrypt();
//chacha.OutputMessageB contains the byte[] of the encrypted data. The above code produces the following encrypted bytes.
// {0x35, 0xBA, 0x31, 0x60, 0x02, 0x77, 0x57, 0x06, 0x5F, 0x6E, 0xE0, 0xD4, 0x76}
AEAD Notes
When encrypting and UseAEAD is True AdditionalAuthData optionally holds data that is authenticated but not encrypted.
After encrypting the message the AuthTag property will be populated. To include the AuthTag in the output set IncludeAuthTag to True.
Encrypt with AEAD Example
Chacha chacha = new Chacha();
chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.UseAEAD = true;
chacha.AdditionalAuthData = "my auth data.";
chacha.InputMessage = "hello chacha!";
chacha.Encrypt();
//chacha.OutputMessageB contains the byte[] of the encrypted data. The above code produces the following encrypted bytes:
// {0x67, 0xF5, 0xC7, 0xE4, 0xE6, 0xD6, 0xC2, 0xF4, 0x09, 0xE3, 0x90, 0xF2, 0x65}
//chacha.AuthTagB contains the byte[] of the AuthTag. The above code produces the following authentication tag:
// {0x46, 0x35, 0xFD, 0x33, 0x30, 0x52, 0xAA, 0x6B, 0xBA, 0x32, 0x16, 0xA6, 0x48, 0x12, 0x52, 0x78}
Encrypt Block Notes
EncryptBlock will encrypt the input data and return the encrypted block. The encrypted block will always be the same length as the decrypted data. The following properties are applicable:
InputBuffer specifies the input data to encrypt.
LastBlock specifies whether the block is the last block. Required when UseAEAD is True. When LastBlock is True the class will calculate the AuthTag value. If UseAEAD is False the value of LastBlock is not used.
EncryptBlock Example
Chacha chacha = new Chacha();
chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.UseAEAD = true;
byte[] tempEncryptedBlock;
//Encrypt any number of blocks of any size
tempEncryptedBlock = chacha.EncryptBlock(part1, false);
tempEncryptedBlock = chacha.EncryptBlock(part2, false);
//Pass true for the last block
tempEncryptedBlock = chacha.EncryptBlock(part3, true);
//Save AuthTag for use when decrypting
byte[] authTag = chacha.AuthTagB;
Decrypt Notes
Decrypt will decrypt the specified data. The following properties are applicable:
- IV (required)
- Key (required)
- UseAEAD (optional)
- AuthTag (conditional - required if UseAEAD is True)
- AdditionalAuthData (optional - applicable if UseAEAD is True);
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
When a valid source is found, the search stops. The order in which the output properties are checked is as follows:
- SetOutputStream
- OutputFile
- OutputMessage: The output data is written to this property if no other destination is specified.
When using streams, you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.
Additional Notes
The Key property must be set to the 256 bit (32 byte) value originally used to encrypt the data. IV must be set to the original IV value used to encrypt the data.
If using a password, KeyPassword must be set to the same KeyPassword used when encrypting the data. This will automatically generate both Key and IV when Decrypt is called.
InitialCounter may be set for specific cases where an initial counter of 1 is needed. The default value is 0 and is recommended.
During decryption the Progress event will fire as data is decrypted.
Decrypt Example
Chacha chacha = new Chacha();
chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.InputMessageB = new byte[] { 0x35, 0xBA, 0x31, 0x60, 0x02, 0x77, 0x57, 0x06, 0x5F, 0x6E, 0xE0, 0xD4, 0x76 };
chacha.Decrypt();
Console.WriteLine(chacha.OutputMessage); //outputs "hello chacha!"
AEAD Notes
When decrypting AdditionalAuthData must be set to the same value that was specified when encrypting. AuthTag must be set to the AuthTag value produced when encrypting.
Note: IncludeAuthTag may be set to True if the AuthTag value was included in the encrypted message.
Decrypt with AEAD Example
Chacha chacha = new Chacha();
chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.AuthTagB = new byte[] { 0x46, 0x35, 0xFD, 0x33, 0x30, 0x52, 0xAA, 0x6B, 0xBA, 0x32, 0x16, 0xA6, 0x48, 0x12, 0x52, 0x78 };
chacha.InputMessageB = new byte[] { 0x67, 0xF5, 0xC7, 0xE4, 0xE6, 0xD6, 0xC2, 0xF4, 0x09, 0xE3, 0x90, 0xF2, 0x65 };
chacha.UseAEAD = true;
chacha.AdditionalAuthData = "my auth data.";
chacha.Decrypt();
Console.WriteLine(chacha.OutputMessage); //outputs "hello chacha!"
Decrypt Block Notes
DecryptBlock will decrypt the input data and return the decrypted block. The decrypted block will always be the same length as the encrypted data. The following properties are applicable:
InputBuffer specifies the input data to decrypt.
LastBlock specifies whether the block is the last block. Required when UseAEAD is True. When LastBlock is True the class will validate the AuthTag value. If UseAEAD is False the value of LastBlock is not used.
DecryptBlock Example
Chacha chacha = new Chacha();
chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.UseAEAD = true;
chacha.AuthTagB = authTag; //Value calculated during encryption.
byte[] tempDecryptedBlock;
//Decrypt any number of blocks of any size
tempDecryptedBlock = chacha.DecryptBlock(part1, false);
tempDecryptedBlock = chacha.DecryptBlock(part2, false);
//Pass true for the last block
tempDecryptedBlock = chacha.DecryptBlock(part3, true);
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
| AdditionalAuthData | Additional Authentication Data (AAD) used when UseAEAD is True. |
| AuthTag | The authentication tag used when UseAEAD is set to True. |
| InputFile | The file to process. |
| InputMessage | The message to process. |
| IV | The initialization vector (IV). |
| Key | The secret key for the symmetric algorithm. |
| KeyPassword | A password to generate the Key and IV . |
| OutputFile | The output file when encrypting or decrypting. |
| OutputMessage | The output message after processing. |
| Overwrite | Indicates whether or not the class should overwrite files. |
| UseAEAD | Whether to use AEAD (Authenticated Encryption with Additional Data). |
| UseHex | Whether input or output is hex encoded. |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
| Config | Sets or retrieves a configuration setting. |
| Decrypt | Decrypts the data. |
| DecryptBlock | Decrypts a block and returns the decrypted data. |
| Encrypt | Encrypts the data. |
| EncryptBlock | Encrypts data and returns the encrypted block. |
| Reset | Resets the class. |
| SetInputStream | Sets the stream from which the class will read data to encrypt or decrypt. |
| SetOutputStream | Sets the stream to which the class will write encrypted or decrypted data. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
| Error | Fired when information is available about errors during data delivery. |
| Progress | Fired as progress is made. |
Config Settings
The following is a list of config settings for the class with short descriptions. Click on the links for further details.
| EncryptedDataEncoding | The encoding of the encrypted input or output data. |
| IncludeAuthTag | Whether to append the authentication tag to the cipher text when UseAEAD is True. |
| IncludeIV | Whether to prepend the IV to the output data and read the IV from the input data. |
| InitialCounter | The initial counter value. |
| IVLength | The IV length in bytes. |
| KeyPasswordAlgorithm | The hash algorithm used to derive the Key and IV from the KeyPassword property. |
| KeyPasswordIterations | The number of iterations performed when using KeyPassword to derive the Key and IV. |
| KeyPasswordSalt | The salt value used in conjunction with the KeyPassword to derive the Key and IV. |
| BuildInfo | Information about the product's build. |
| CodePage | The system code page used for Unicode to Multibyte translations. |
| LicenseInfo | Information about the current license. |
| MaskSensitiveData | Whether sensitive data is masked in log messages. |
| ProcessIdleEvents | Whether the class uses its internal event loop to process events when the main thread is idle. |
| SelectWaitMillis | The length of time in milliseconds the class will wait when DoEvents is called if there are no events to process. |
| UseFIPSCompliantAPI | Tells the class whether or not to use FIPS certified APIs. |
| UseInternalSecurityAPI | Whether or not to use the system security libraries or an internal implementation. |
AdditionalAuthData Property (ChaCha Class)
Additional Authentication Data (AAD) used when UseAEAD is True.
Syntax
ANSI (Cross Platform) int GetAdditionalAuthData(char* &lpAdditionalAuthData, int &lenAdditionalAuthData);
int SetAdditionalAuthData(const char* lpAdditionalAuthData, int lenAdditionalAuthData); Unicode (Windows) INT GetAdditionalAuthData(LPSTR &lpAdditionalAuthData, INT &lenAdditionalAuthData);
INT SetAdditionalAuthData(LPCSTR lpAdditionalAuthData, INT lenAdditionalAuthData);
int ipworksencrypt_chacha_getadditionalauthdata(void* lpObj, char** lpAdditionalAuthData, int* lenAdditionalAuthData);
int ipworksencrypt_chacha_setadditionalauthdata(void* lpObj, const char* lpAdditionalAuthData, int lenAdditionalAuthData);
QByteArray GetAdditionalAuthData();
int SetAdditionalAuthData(QByteArray qbaAdditionalAuthData);
Default Value
""
Remarks
This property specifies data that is authentication but not encrypted. This is only applicable when UseAEAD is True.
Note that AAD data is authenticated but not encrypted, so it is not included in the output.
Data Type
Binary String
AuthTag Property (ChaCha Class)
The authentication tag used when UseAEAD is set to True.
Syntax
ANSI (Cross Platform) int GetAuthTag(char* &lpAuthTag, int &lenAuthTag);
int SetAuthTag(const char* lpAuthTag, int lenAuthTag); Unicode (Windows) INT GetAuthTag(LPSTR &lpAuthTag, INT &lenAuthTag);
INT SetAuthTag(LPCSTR lpAuthTag, INT lenAuthTag);
int ipworksencrypt_chacha_getauthtag(void* lpObj, char** lpAuthTag, int* lenAuthTag);
int ipworksencrypt_chacha_setauthtag(void* lpObj, const char* lpAuthTag, int lenAuthTag);
QByteArray GetAuthTag();
int SetAuthTag(QByteArray qbaAuthTag);
Default Value
""
Remarks
This property holds the 128 bit authentication tag used when UseAEAD is set to True. It is only applicable when UseAEAD is True.
This is populated after calling Encrypt. To also include the value in the output set IncludeAuthTag to True.
This must be set before calling Decrypt. If the auth tag is included in the encrypted data set IncludeAuthTag to True before calling Decrypt.
Data Type
Binary String
InputFile Property (ChaCha Class)
The file to process.
Syntax
ANSI (Cross Platform) char* GetInputFile();
int SetInputFile(const char* lpszInputFile); Unicode (Windows) LPWSTR GetInputFile();
INT SetInputFile(LPCWSTR lpszInputFile);
char* ipworksencrypt_chacha_getinputfile(void* lpObj);
int ipworksencrypt_chacha_setinputfile(void* lpObj, const char* lpszInputFile);
QString GetInputFile();
int SetInputFile(QString qsInputFile);
Default Value
""
Remarks
This property specifies the file to be processed. Set this property to the full or relative path to the file which will be processed.
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
- SetInputStream
- InputFile
- InputMessage
When a valid source is found, the search stops. The order in which the output properties are checked is as follows:
- SetOutputStream
- OutputFile
- OutputMessage: The output data is written to this property if no other destination is specified.
When using streams, you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.
Data Type
String
InputMessage Property (ChaCha Class)
The message to process.
Syntax
ANSI (Cross Platform) int GetInputMessage(char* &lpInputMessage, int &lenInputMessage);
int SetInputMessage(const char* lpInputMessage, int lenInputMessage); Unicode (Windows) INT GetInputMessage(LPSTR &lpInputMessage, INT &lenInputMessage);
INT SetInputMessage(LPCSTR lpInputMessage, INT lenInputMessage);
int ipworksencrypt_chacha_getinputmessage(void* lpObj, char** lpInputMessage, int* lenInputMessage);
int ipworksencrypt_chacha_setinputmessage(void* lpObj, const char* lpInputMessage, int lenInputMessage);
QByteArray GetInputMessage();
int SetInputMessage(QByteArray qbaInputMessage);
Default Value
""
Remarks
This property specifies the message to be processed.
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
- SetInputStream
- InputFile
- InputMessage
When a valid source is found, the search stops. The order in which the output properties are checked is as follows:
- SetOutputStream
- OutputFile
- OutputMessage: The output data is written to this property if no other destination is specified.
When using streams, you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.
Data Type
Binary String
IV Property (ChaCha Class)
The initialization vector (IV).
Syntax
ANSI (Cross Platform) int GetIV(char* &lpIV, int &lenIV);
int SetIV(const char* lpIV, int lenIV); Unicode (Windows) INT GetIV(LPSTR &lpIV, INT &lenIV);
INT SetIV(LPCSTR lpIV, INT lenIV);
int ipworksencrypt_chacha_getiv(void* lpObj, char** lpIV, int* lenIV);
int ipworksencrypt_chacha_setiv(void* lpObj, const char* lpIV, int lenIV);
QByteArray GetIV();
int SetIV(QByteArray qbaIV);
Default Value
""
Remarks
This property specifies the initialization vector (IV). This is also referred to as the nonce. By default this property is empty and the class will automatically generate a new IV value if KeyPassword or Key is set before Encrypt or EncryptBlock is called.
The size of the IV may be either 96 bits in length (12 bytes) or 64 bits in length (8 bytes).
Compatibility Notes
A 96 bit length value is used for implementations implementing RFC 7539. A 64 bit length value may be used by implementations that follow the original draft of ChaCha. When using a 96 bit length value the maximum file size of data is 256 GB.
If another entity is performing the decryption and it is not known whether it supports 64 bit length values, choose a 96 bit length value by default. This follows the RFC and should be the most widely implemented value.
The class supports both lengths.
Note: If Key is specified but IV is not, an IV will be automatically generated. To control the length of the IV that is generated set IVLength.
Data Type
Binary String
Key Property (ChaCha Class)
The secret key for the symmetric algorithm.
Syntax
ANSI (Cross Platform) int GetKey(char* &lpKey, int &lenKey);
int SetKey(const char* lpKey, int lenKey); Unicode (Windows) INT GetKey(LPSTR &lpKey, INT &lenKey);
INT SetKey(LPCSTR lpKey, INT lenKey);
int ipworksencrypt_chacha_getkey(void* lpObj, char** lpKey, int* lenKey);
int ipworksencrypt_chacha_setkey(void* lpObj, const char* lpKey, int lenKey);
QByteArray GetKey();
int SetKey(QByteArray qbaKey);
Default Value
""
Remarks
This secret key is used both for encryption and decryption. The secret key should be known only to the sender and the receiver. This key must be 256 bits in length (32 bytes).
If this property is left empty and KeyPassword is specified, a Key value will be generated by the class as necessary.
Data Type
Binary String
KeyPassword Property (ChaCha Class)
A password to generate the Key and IV .
Syntax
ANSI (Cross Platform) char* GetKeyPassword();
int SetKeyPassword(const char* lpszKeyPassword); Unicode (Windows) LPWSTR GetKeyPassword();
INT SetKeyPassword(LPCWSTR lpszKeyPassword);
char* ipworksencrypt_chacha_getkeypassword(void* lpObj);
int ipworksencrypt_chacha_setkeypassword(void* lpObj, const char* lpszKeyPassword);
QString GetKeyPassword();
int SetKeyPassword(QString qsKeyPassword);
Default Value
""
Remarks
When this property is set the class will calculate values for Key and IV using the PKCS5 password digest algorithm. This provides a simpler alternative to creating and managing Key and IV values directly.
Data Type
String
OutputFile Property (ChaCha Class)
The output file when encrypting or decrypting.
Syntax
ANSI (Cross Platform) char* GetOutputFile();
int SetOutputFile(const char* lpszOutputFile); Unicode (Windows) LPWSTR GetOutputFile();
INT SetOutputFile(LPCWSTR lpszOutputFile);
char* ipworksencrypt_chacha_getoutputfile(void* lpObj);
int ipworksencrypt_chacha_setoutputfile(void* lpObj, const char* lpszOutputFile);
QString GetOutputFile();
int SetOutputFile(QString qsOutputFile);
Default Value
""
Remarks
This property specifies the file to which the output will be written when Encrypt or Decrypt is called. This may be set to an absolute or relative path.
This property is only applicable to Encrypt and Decrypt.
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
When a valid source is found, the search stops. The order in which the output properties are checked is as follows:
- SetOutputStream
- OutputFile
- OutputMessage: The output data is written to this property if no other destination is specified.
When using streams, you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.
Data Type
String
OutputMessage Property (ChaCha Class)
The output message after processing.
Syntax
ANSI (Cross Platform) int GetOutputMessage(char* &lpOutputMessage, int &lenOutputMessage); Unicode (Windows) INT GetOutputMessage(LPSTR &lpOutputMessage, INT &lenOutputMessage);
int ipworksencrypt_chacha_getoutputmessage(void* lpObj, char** lpOutputMessage, int* lenOutputMessage);
QByteArray GetOutputMessage();
Default Value
""
Remarks
This property will be populated with the output from the operation if OutputFile is not set.
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
When a valid source is found, the search stops. The order in which the output properties are checked is as follows:
- SetOutputStream
- OutputFile
- OutputMessage: The output data is written to this property if no other destination is specified.
When using streams, you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.
This property is read-only and not available at design time.
Data Type
Binary String
Overwrite Property (ChaCha Class)
Indicates whether or not the class should overwrite files.
Syntax
ANSI (Cross Platform) int GetOverwrite();
int SetOverwrite(int bOverwrite); Unicode (Windows) BOOL GetOverwrite();
INT SetOverwrite(BOOL bOverwrite);
int ipworksencrypt_chacha_getoverwrite(void* lpObj);
int ipworksencrypt_chacha_setoverwrite(void* lpObj, int bOverwrite);
bool GetOverwrite();
int SetOverwrite(bool bOverwrite);
Default Value
FALSE
Remarks
This property indicates whether or not the class will overwrite OutputFile. If Overwrite is False, an error will be thrown whenever OutputFile exists before an operation. The default value is False.
Data Type
Boolean
UseAEAD Property (ChaCha Class)
Whether to use AEAD (Authenticated Encryption with Additional Data).
Syntax
ANSI (Cross Platform) int GetUseAEAD();
int SetUseAEAD(int bUseAEAD); Unicode (Windows) BOOL GetUseAEAD();
INT SetUseAEAD(BOOL bUseAEAD);
int ipworksencrypt_chacha_getuseaead(void* lpObj);
int ipworksencrypt_chacha_setuseaead(void* lpObj, int bUseAEAD);
bool GetUseAEAD();
int SetUseAEAD(bool bUseAEAD);
Default Value
FALSE
Remarks
If this property is set to True the class uses the algorithm AEAD_CHACHA20_POLY1305 as defined in RFC 7539 to construct a message using AEAD. See Encrypt and Decrypt for details.
Data Type
Boolean
UseHex Property (ChaCha Class)
Whether input or output is hex encoded.
Syntax
ANSI (Cross Platform) int GetUseHex();
int SetUseHex(int bUseHex); Unicode (Windows) BOOL GetUseHex();
INT SetUseHex(BOOL bUseHex);
int ipworksencrypt_chacha_getusehex(void* lpObj);
int ipworksencrypt_chacha_setusehex(void* lpObj, int bUseHex);
bool GetUseHex();
int SetUseHex(bool bUseHex);
Default Value
FALSE
Remarks
This property specifies whether the encrypted data is hex encoded.
If set to True, when Encrypt is called the class will perform the encryption as normal and then hex encode the output. OutputMessage or OutputFile will hold hex encoded data.
If set to True, when Decrypt is called the class will expect InputMessage or InputFile to hold hex encoded data. The class will then hex decode the data and perform decryption as normal.
AEAD Notes
When UseAEAD is set to True this property also applies to AuthTag. After calling Encrypt AuthTag will hold a hex encoded value. Before calling Decrypt AuthTag must be set to a hex encoded value.
Data Type
Boolean
Config Method (ChaCha Class)
Sets or retrieves a configuration setting.
Syntax
ANSI (Cross Platform) char* Config(const char* lpszConfigurationString); Unicode (Windows) LPWSTR Config(LPCWSTR lpszConfigurationString);
char* ipworksencrypt_chacha_config(void* lpObj, const char* lpszConfigurationString);
QString Config(const QString& qsConfigurationString);
Remarks
Config is a generic method available in every class. It is used to set and retrieve configuration settings for the class.
These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.
To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).
To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.
Error Handling (C++)
This method returns a String value; after it returns, call the GetLastErrorCode() method to obtain its result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message.
Decrypt Method (ChaCha Class)
Decrypts the data.
Syntax
ANSI (Cross Platform) int Decrypt(); Unicode (Windows) INT Decrypt();
int ipworksencrypt_chacha_decrypt(void* lpObj);
int Decrypt();
Remarks
Decrypt will decrypt the specified data. The following properties are applicable:
- IV (required)
- Key (required)
- UseAEAD (optional)
- AuthTag (conditional - required if UseAEAD is True)
- AdditionalAuthData (optional - applicable if UseAEAD is True);
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
When a valid source is found, the search stops. The order in which the output properties are checked is as follows:
- SetOutputStream
- OutputFile
- OutputMessage: The output data is written to this property if no other destination is specified.
When using streams, you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.
Additional Notes
The Key property must be set to the 256 bit (32 byte) value originally used to encrypt the data. IV must be set to the original IV value used to encrypt the data.
If using a password, KeyPassword must be set to the same KeyPassword used when encrypting the data. This will automatically generate both Key and IV when Decrypt is called.
InitialCounter may be set for specific cases where an initial counter of 1 is needed. The default value is 0 and is recommended.
During decryption the Progress event will fire as data is decrypted.
Decrypt Example
Chacha chacha = new Chacha();
chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.InputMessageB = new byte[] { 0x35, 0xBA, 0x31, 0x60, 0x02, 0x77, 0x57, 0x06, 0x5F, 0x6E, 0xE0, 0xD4, 0x76 };
chacha.Decrypt();
Console.WriteLine(chacha.OutputMessage); //outputs "hello chacha!"
AEAD Notes
When decrypting AdditionalAuthData must be set to the same value that was specified when encrypting. AuthTag must be set to the AuthTag value produced when encrypting.
Note: IncludeAuthTag may be set to True if the AuthTag value was included in the encrypted message.
Decrypt with AEAD Example
Chacha chacha = new Chacha();
chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.AuthTagB = new byte[] { 0x46, 0x35, 0xFD, 0x33, 0x30, 0x52, 0xAA, 0x6B, 0xBA, 0x32, 0x16, 0xA6, 0x48, 0x12, 0x52, 0x78 };
chacha.InputMessageB = new byte[] { 0x67, 0xF5, 0xC7, 0xE4, 0xE6, 0xD6, 0xC2, 0xF4, 0x09, 0xE3, 0x90, 0xF2, 0x65 };
chacha.UseAEAD = true;
chacha.AdditionalAuthData = "my auth data.";
chacha.Decrypt();
Console.WriteLine(chacha.OutputMessage); //outputs "hello chacha!"
Error Handling (C++)
This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)
DecryptBlock Method (ChaCha Class)
Decrypts a block and returns the decrypted data.
Syntax
ANSI (Cross Platform) char* DecryptBlock(const char* lpInputBuffer, int lenInputBuffer, int bLastBlock, int *lpSize = NULL); Unicode (Windows) LPSTR DecryptBlock(LPCSTR lpInputBuffer, INT lenInputBuffer, BOOL bLastBlock, LPINT lpSize = NULL);
char* ipworksencrypt_chacha_decryptblock(void* lpObj, const char* lpInputBuffer, int lenInputBuffer, int bLastBlock, int *lpSize);
QByteArray DecryptBlock(QByteArray qbaInputBuffer, bool bLastBlock);
Remarks
DecryptBlock will decrypt the input data and return the decrypted block. The decrypted block will always be the same length as the encrypted data. The following properties are applicable:
InputBuffer specifies the input data to decrypt.
LastBlock specifies whether the block is the last block. Required when UseAEAD is True. When LastBlock is True the class will validate the AuthTag value. If UseAEAD is False the value of LastBlock is not used.
DecryptBlock Example
Chacha chacha = new Chacha();
chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.UseAEAD = true;
chacha.AuthTagB = authTag; //Value calculated during encryption.
byte[] tempDecryptedBlock;
//Decrypt any number of blocks of any size
tempDecryptedBlock = chacha.DecryptBlock(part1, false);
tempDecryptedBlock = chacha.DecryptBlock(part2, false);
//Pass true for the last block
tempDecryptedBlock = chacha.DecryptBlock(part3, true);
Error Handling (C++)
This method returns a Binary String value (with length lpSize); after it returns, call the GetLastErrorCode() method to obtain its result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message.
Encrypt Method (ChaCha Class)
Encrypts the data.
Syntax
ANSI (Cross Platform) int Encrypt(); Unicode (Windows) INT Encrypt();
int ipworksencrypt_chacha_encrypt(void* lpObj);
int Encrypt();
Remarks
Encrypt will encrypt the specified data. The following properties are applicable:
- IV (required)
- Key (required)
- UseAEAD (optional)
- AdditionalAuthData (optional - applicable if UseAEAD is True);
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
When a valid source is found, the search stops. The order in which the output properties are checked is as follows:
- SetOutputStream
- OutputFile
- OutputMessage: The output data is written to this property if no other destination is specified.
When using streams, you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.
Additional Notes
The Key property must be set to a 256 bit (32 byte) value. This is the only allowed value for ChaCha20. If KeyPassword is set both Key and IV will be automatically generated when Encrypt is called.
The IV should typically be set to a 96 bit (12 byte) value. See the IV property for details on using a 64 bit (8 byte) value. If IV is not set a 96 bit (12 byte) value will automatically be generated by the class when Encrypt is called.
InitialCounter may be set for specific cases where an initial counter of 1 is needed. The default value is 0 and is recommended.
During encryption the Progress event will fire as data is encrypted.
Encrypt Example
Chacha chacha = new Chacha();
chacha.KeyB = new byte[]{ 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.InputMessage = "hello chacha!";
chacha.Encrypt();
//chacha.OutputMessageB contains the byte[] of the encrypted data. The above code produces the following encrypted bytes.
// {0x35, 0xBA, 0x31, 0x60, 0x02, 0x77, 0x57, 0x06, 0x5F, 0x6E, 0xE0, 0xD4, 0x76}
AEAD Notes
When encrypting and UseAEAD is True AdditionalAuthData optionally holds data that is authenticated but not encrypted.
After encrypting the message the AuthTag property will be populated. To include the AuthTag in the output set IncludeAuthTag to True.
Encrypt with AEAD Example
Chacha chacha = new Chacha();
chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.UseAEAD = true;
chacha.AdditionalAuthData = "my auth data.";
chacha.InputMessage = "hello chacha!";
chacha.Encrypt();
//chacha.OutputMessageB contains the byte[] of the encrypted data. The above code produces the following encrypted bytes:
// {0x67, 0xF5, 0xC7, 0xE4, 0xE6, 0xD6, 0xC2, 0xF4, 0x09, 0xE3, 0x90, 0xF2, 0x65}
//chacha.AuthTagB contains the byte[] of the AuthTag. The above code produces the following authentication tag:
// {0x46, 0x35, 0xFD, 0x33, 0x30, 0x52, 0xAA, 0x6B, 0xBA, 0x32, 0x16, 0xA6, 0x48, 0x12, 0x52, 0x78}
Error Handling (C++)
This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)
EncryptBlock Method (ChaCha Class)
Encrypts data and returns the encrypted block.
Syntax
ANSI (Cross Platform) char* EncryptBlock(const char* lpInputBuffer, int lenInputBuffer, int bLastBlock, int *lpSize = NULL); Unicode (Windows) LPSTR EncryptBlock(LPCSTR lpInputBuffer, INT lenInputBuffer, BOOL bLastBlock, LPINT lpSize = NULL);
char* ipworksencrypt_chacha_encryptblock(void* lpObj, const char* lpInputBuffer, int lenInputBuffer, int bLastBlock, int *lpSize);
QByteArray EncryptBlock(QByteArray qbaInputBuffer, bool bLastBlock);
Remarks
EncryptBlock will encrypt the input data and return the encrypted block. The encrypted block will always be the same length as the decrypted data. The following properties are applicable:
InputBuffer specifies the input data to encrypt.
LastBlock specifies whether the block is the last block. Required when UseAEAD is True. When LastBlock is True the class will calculate the AuthTag value. If UseAEAD is False the value of LastBlock is not used.
EncryptBlock Example
Chacha chacha = new Chacha();
chacha.KeyB = new byte[] { 0xBB, 0x76, 0x17, 0xC9, 0x05, 0x73, 0x4A, 0x8D, 0x59, 0x9D, 0x7B, 0x0D, 0x86, 0x2A, 0x03, 0x82, 0x50, 0x6A, 0x70, 0xFB, 0xA8, 0x56, 0x47, 0x1B, 0x1E, 0x68, 0x0B, 0x2B, 0x34, 0x18, 0x0F, 0xE2 };
chacha.IVB = new byte[] { 0x0D, 0xE4, 0x43, 0x40, 0x29, 0xAD, 0x70, 0x7D, 0x7B, 0x32, 0xB5, 0xC7 };
chacha.UseAEAD = true;
byte[] tempEncryptedBlock;
//Encrypt any number of blocks of any size
tempEncryptedBlock = chacha.EncryptBlock(part1, false);
tempEncryptedBlock = chacha.EncryptBlock(part2, false);
//Pass true for the last block
tempEncryptedBlock = chacha.EncryptBlock(part3, true);
//Save AuthTag for use when decrypting
byte[] authTag = chacha.AuthTagB;
Error Handling (C++)
This method returns a Binary String value (with length lpSize); after it returns, call the GetLastErrorCode() method to obtain its result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message.
Reset Method (ChaCha Class)
Resets the class.
Syntax
ANSI (Cross Platform) int Reset(); Unicode (Windows) INT Reset();
int ipworksencrypt_chacha_reset(void* lpObj);
int Reset();
Remarks
When called, the class will reset all of its properties to their default values.
Error Handling (C++)
This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)
SetInputStream Method (ChaCha Class)
Sets the stream from which the class will read data to encrypt or decrypt.
Syntax
ANSI (Cross Platform) int SetInputStream(IPWorksEncryptStream* sInputStream); Unicode (Windows) INT SetInputStream(IPWorksEncryptStream* sInputStream);
int ipworksencrypt_chacha_setinputstream(void* lpObj, IPWorksEncryptStream* sInputStream);
int SetInputStream(IPWorksEncryptStream* sInputStream);
Remarks
This method sets the stream from which the class will read data to encrypt or decrypt.
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
- SetInputStream
- InputFile
- InputMessage
When a valid source is found, the search stops. The order in which the output properties are checked is as follows:
- SetOutputStream
- OutputFile
- OutputMessage: The output data is written to this property if no other destination is specified.
When using streams, you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.
Error Handling (C++)
This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)
SetOutputStream Method (ChaCha Class)
Sets the stream to which the class will write encrypted or decrypted data.
Syntax
ANSI (Cross Platform) int SetOutputStream(IPWorksEncryptStream* sOutputStream); Unicode (Windows) INT SetOutputStream(IPWorksEncryptStream* sOutputStream);
int ipworksencrypt_chacha_setoutputstream(void* lpObj, IPWorksEncryptStream* sOutputStream);
int SetOutputStream(IPWorksEncryptStream* sOutputStream);
Remarks
This method sets the stream to which the class will write encrypted or decrypted data.
Input and Output Properties
The class will determine the source and destination of the input and output based on which properties are set.
The order in which the input properties are checked is as follows:
When a valid source is found, the search stops. The order in which the output properties are checked is as follows:
- SetOutputStream
- OutputFile
- OutputMessage: The output data is written to this property if no other destination is specified.
When using streams, you may need to additionally set CloseInputStreamAfterProcessing or CloseOutputStreamAfterProcessing.
Error Handling (C++)
This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)
Error Event (ChaCha Class)
Fired when information is available about errors during data delivery.
Syntax
ANSI (Cross Platform) virtual int FireError(ChaChaErrorEventParams *e);
typedef struct {
int ErrorCode;
const char *Description; int reserved; } ChaChaErrorEventParams;
Unicode (Windows) virtual INT FireError(ChaChaErrorEventParams *e);
typedef struct {
INT ErrorCode;
LPCWSTR Description; INT reserved; } ChaChaErrorEventParams;
#define EID_CHACHA_ERROR 1 virtual INT IPWORKSENCRYPT_CALL FireError(INT &iErrorCode, LPSTR &lpszDescription);
class ChaChaErrorEventParams {
public:
int ErrorCode();
const QString &Description();
int EventRetVal();
void SetEventRetVal(int iRetVal);
};
// To handle, connect one or more slots to this signal.
void Error(ChaChaErrorEventParams *e);
// Or, subclass ChaCha and override this emitter function.
virtual int FireError(ChaChaErrorEventParams *e) {...}
Remarks
The Error event is fired in case of exceptional conditions during message processing. Normally the class fails with an error.
The ErrorCode parameter contains an error code, and the Description parameter contains a textual description of the error. For a list of valid error codes and their descriptions, please refer to the Error Codes section.
Progress Event (ChaCha Class)
Fired as progress is made.
Syntax
ANSI (Cross Platform) virtual int FireProgress(ChaChaProgressEventParams *e);
typedef struct {
int64 BytesProcessed;
int PercentProcessed; int reserved; } ChaChaProgressEventParams;
Unicode (Windows) virtual INT FireProgress(ChaChaProgressEventParams *e);
typedef struct {
LONG64 BytesProcessed;
INT PercentProcessed; INT reserved; } ChaChaProgressEventParams;
#define EID_CHACHA_PROGRESS 2 virtual INT IPWORKSENCRYPT_CALL FireProgress(LONG64 &lBytesProcessed, INT &iPercentProcessed);
class ChaChaProgressEventParams {
public:
qint64 BytesProcessed();
int PercentProcessed();
int EventRetVal();
void SetEventRetVal(int iRetVal);
};
// To handle, connect one or more slots to this signal.
void Progress(ChaChaProgressEventParams *e);
// Or, subclass ChaCha and override this emitter function.
virtual int FireProgress(ChaChaProgressEventParams *e) {...}
Remarks
This event is fired automatically as data is processed by the class.
The PercentProcessed parameter indicates the current status of the operation.
The BytesProcessed parameter holds the total number of bytes processed so far.
IPWorksEncryptStream Type
Syntax
IPWorksEncryptStream (declared in ipworksencrypt.h)
Remarks
The ChaCha class includes one or more API members that take a stream object as a parameter. To use such API members, create a concrete class that implements the IPWorksEncryptStream interface and pass the ChaCha class an instance of that concrete class.
When implementing the IPWorksEncryptStream interface's properties and methods, they must behave as described below. If the concrete class's implementation does not behave as expected, undefined behavior may occur.
Properties | |
| CanRead |
Whether the stream supports reading.
bool CanRead() { return true; }
|
| CanSeek |
Whether the stream supports seeking.
bool CanSeek() { return true; }
|
| CanWrite |
Whether the stream supports writing.
bool CanWrite() { return true; }
|
| Length |
Gets the length of the stream, in bytes.
int64 GetLength() = 0; |
Methods | |
| Close |
Closes the stream, releasing all resources currently allocated for it.
void Close() {}
This method is called automatically when an IPWorksEncryptStream object is deleted. |
| Flush |
Forces all data held by the stream's buffers to be written out to storage.
int Flush() { return 0; }
Must return 0 if flushing is successful; or -1 if an error occurs or the stream is closed. If the stream does not support writing, this method must do nothing and return 0. |
| Read |
Reads a sequence of bytes from the stream and advances the current position within the stream by the number of bytes read.
int Read(void* buffer, int count) = 0; Buffer specifies the buffer to populate with data from the stream. Count specifies the number of bytes that should be read from the stream. Must return the total number of bytes read into Buffer; this may be less than Count if that many bytes are not currently available, or 0 if the end of the stream has been reached. Must return -1 if an error occurs, if reading is not supported, or if the stream is closed. |
| Seek |
Sets the current position within the stream based on a particular point of origin.
int64 Seek(int64 offset, int seekOrigin) = 0; Offset specifies the offset in the stream to seek to, relative to SeekOrigin. Valid values for SeekOrigin are:
Must return the new position within the stream; or -1 if an error occurs, if seeking is not supported, or if the stream is closed (however, see note below). If -1 is returned, the current position within the stream must remain unchanged. Note: If the stream is not closed, it must always be possible to call this method with an Offset of 0 and a SeekOrigin of 1 to obtain the current position within the stream, even if seeking is not otherwise supported. |
| Write |
Writes a sequence of bytes to the stream and advances the current position within the stream by the number of bytes written.
int Write(const void* buffer, int count) = 0; Buffer specifies the buffer with data to write to the stream. Count specifies the number of bytes that should be written to the stream. Must return the total number of bytes written to the stream; this may be less than Count if that many bytes could not be written. Must return -1 if an error occurs, if writing is not supported, or if the stream is closed. |
Config Settings (ChaCha Class)
The class accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the class, access to these internal properties is provided through the Config method.ChaCha Config Settings
When Encrypt is called the class will perform the encryption as normal and then encode the output as specified here. OutputMessage or OutputFile will hold the encoded data.
When Decrypt is called the class will expect InputMessage or InputFile to hold the encoded data as specified here. The class will then decode the data and perform decryption as normal.
Possible values are:
- 0 (none - default)
- 1 (Base64)
- 2 (Hex)
- 3 (Base64URL)
Note: This setting cannot be used in conjunction with DecryptBlock. When calling DecryptBlock AuthTag must be set explicitly and the cipher text being decrypted must not include the auth tag.
Note: When decrypting, if IncludeIV is set to True and the IV length was NOT 12 bytes when originally encrypting the data, this setting must be set to the appropriate value before calling Decrypt or DecryptBlock.
- "SHA1"
- "MD2"
- "MD5" (default)
- "HMAC-SHA1"
- "HMAC-SHA224"
- "HMAC-SHA256"
- "HMAC-SHA384"
- "HMAC-SHA512"
- "HMAC-MD5"
- "HMAC-RIPEMD160"
When using any HMAC algorithm the PBKDF#2 method from RFC 2898 is used. Any other algorithm uses PBKDF#1 from the same RFC.
Base Config Settings
The following is a list of valid code page identifiers:
| Identifier | Name |
| 037 | IBM EBCDIC - U.S./Canada |
| 437 | OEM - United States |
| 500 | IBM EBCDIC - International |
| 708 | Arabic - ASMO 708 |
| 709 | Arabic - ASMO 449+, BCON V4 |
| 710 | Arabic - Transparent Arabic |
| 720 | Arabic - Transparent ASMO |
| 737 | OEM - Greek (formerly 437G) |
| 775 | OEM - Baltic |
| 850 | OEM - Multilingual Latin I |
| 852 | OEM - Latin II |
| 855 | OEM - Cyrillic (primarily Russian) |
| 857 | OEM - Turkish |
| 858 | OEM - Multilingual Latin I + Euro symbol |
| 860 | OEM - Portuguese |
| 861 | OEM - Icelandic |
| 862 | OEM - Hebrew |
| 863 | OEM - Canadian-French |
| 864 | OEM - Arabic |
| 865 | OEM - Nordic |
| 866 | OEM - Russian |
| 869 | OEM - Modern Greek |
| 870 | IBM EBCDIC - Multilingual/ROECE (Latin-2) |
| 874 | ANSI/OEM - Thai (same as 28605, ISO 8859-15) |
| 875 | IBM EBCDIC - Modern Greek |
| 932 | ANSI/OEM - Japanese, Shift-JIS |
| 936 | ANSI/OEM - Simplified Chinese (PRC, Singapore) |
| 949 | ANSI/OEM - Korean (Unified Hangul Code) |
| 950 | ANSI/OEM - Traditional Chinese (Taiwan; Hong Kong SAR, PRC) |
| 1026 | IBM EBCDIC - Turkish (Latin-5) |
| 1047 | IBM EBCDIC - Latin 1/Open System |
| 1140 | IBM EBCDIC - U.S./Canada (037 + Euro symbol) |
| 1141 | IBM EBCDIC - Germany (20273 + Euro symbol) |
| 1142 | IBM EBCDIC - Denmark/Norway (20277 + Euro symbol) |
| 1143 | IBM EBCDIC - Finland/Sweden (20278 + Euro symbol) |
| 1144 | IBM EBCDIC - Italy (20280 + Euro symbol) |
| 1145 | IBM EBCDIC - Latin America/Spain (20284 + Euro symbol) |
| 1146 | IBM EBCDIC - United Kingdom (20285 + Euro symbol) |
| 1147 | IBM EBCDIC - France (20297 + Euro symbol) |
| 1148 | IBM EBCDIC - International (500 + Euro symbol) |
| 1149 | IBM EBCDIC - Icelandic (20871 + Euro symbol) |
| 1200 | Unicode UCS-2 Little-Endian (BMP of ISO 10646) |
| 1201 | Unicode UCS-2 Big-Endian |
| 1250 | ANSI - Central European |
| 1251 | ANSI - Cyrillic |
| 1252 | ANSI - Latin I |
| 1253 | ANSI - Greek |
| 1254 | ANSI - Turkish |
| 1255 | ANSI - Hebrew |
| 1256 | ANSI - Arabic |
| 1257 | ANSI - Baltic |
| 1258 | ANSI/OEM - Vietnamese |
| 1361 | Korean (Johab) |
| 10000 | MAC - Roman |
| 10001 | MAC - Japanese |
| 10002 | MAC - Traditional Chinese (Big5) |
| 10003 | MAC - Korean |
| 10004 | MAC - Arabic |
| 10005 | MAC - Hebrew |
| 10006 | MAC - Greek I |
| 10007 | MAC - Cyrillic |
| 10008 | MAC - Simplified Chinese (GB 2312) |
| 10010 | MAC - Romania |
| 10017 | MAC - Ukraine |
| 10021 | MAC - Thai |
| 10029 | MAC - Latin II |
| 10079 | MAC - Icelandic |
| 10081 | MAC - Turkish |
| 10082 | MAC - Croatia |
| 12000 | Unicode UCS-4 Little-Endian |
| 12001 | Unicode UCS-4 Big-Endian |
| 20000 | CNS - Taiwan |
| 20001 | TCA - Taiwan |
| 20002 | Eten - Taiwan |
| 20003 | IBM5550 - Taiwan |
| 20004 | TeleText - Taiwan |
| 20005 | Wang - Taiwan |
| 20105 | IA5 IRV International Alphabet No. 5 (7-bit) |
| 20106 | IA5 German (7-bit) |
| 20107 | IA5 Swedish (7-bit) |
| 20108 | IA5 Norwegian (7-bit) |
| 20127 | US-ASCII (7-bit) |
| 20261 | T.61 |
| 20269 | ISO 6937 Non-Spacing Accent |
| 20273 | IBM EBCDIC - Germany |
| 20277 | IBM EBCDIC - Denmark/Norway |
| 20278 | IBM EBCDIC - Finland/Sweden |
| 20280 | IBM EBCDIC - Italy |
| 20284 | IBM EBCDIC - Latin America/Spain |
| 20285 | IBM EBCDIC - United Kingdom |
| 20290 | IBM EBCDIC - Japanese Katakana Extended |
| 20297 | IBM EBCDIC - France |
| 20420 | IBM EBCDIC - Arabic |
| 20423 | IBM EBCDIC - Greek |
| 20424 | IBM EBCDIC - Hebrew |
| 20833 | IBM EBCDIC - Korean Extended |
| 20838 | IBM EBCDIC - Thai |
| 20866 | Russian - KOI8-R |
| 20871 | IBM EBCDIC - Icelandic |
| 20880 | IBM EBCDIC - Cyrillic (Russian) |
| 20905 | IBM EBCDIC - Turkish |
| 20924 | IBM EBCDIC - Latin-1/Open System (1047 + Euro symbol) |
| 20932 | JIS X 0208-1990 & 0121-1990 |
| 20936 | Simplified Chinese (GB2312) |
| 21025 | IBM EBCDIC - Cyrillic (Serbian, Bulgarian) |
| 21027 | Extended Alpha Lowercase |
| 21866 | Ukrainian (KOI8-U) |
| 28591 | ISO 8859-1 Latin I |
| 28592 | ISO 8859-2 Central Europe |
| 28593 | ISO 8859-3 Latin 3 |
| 28594 | ISO 8859-4 Baltic |
| 28595 | ISO 8859-5 Cyrillic |
| 28596 | ISO 8859-6 Arabic |
| 28597 | ISO 8859-7 Greek |
| 28598 | ISO 8859-8 Hebrew |
| 28599 | ISO 8859-9 Latin 5 |
| 28605 | ISO 8859-15 Latin 9 |
| 29001 | Europa 3 |
| 38598 | ISO 8859-8 Hebrew |
| 50220 | ISO 2022 Japanese with no halfwidth Katakana |
| 50221 | ISO 2022 Japanese with halfwidth Katakana |
| 50222 | ISO 2022 Japanese JIS X 0201-1989 |
| 50225 | ISO 2022 Korean |
| 50227 | ISO 2022 Simplified Chinese |
| 50229 | ISO 2022 Traditional Chinese |
| 50930 | Japanese (Katakana) Extended |
| 50931 | US/Canada and Japanese |
| 50933 | Korean Extended and Korean |
| 50935 | Simplified Chinese Extended and Simplified Chinese |
| 50936 | Simplified Chinese |
| 50937 | US/Canada and Traditional Chinese |
| 50939 | Japanese (Latin) Extended and Japanese |
| 51932 | EUC - Japanese |
| 51936 | EUC - Simplified Chinese |
| 51949 | EUC - Korean |
| 51950 | EUC - Traditional Chinese |
| 52936 | HZ-GB2312 Simplified Chinese |
| 54936 | Windows XP: GB18030 Simplified Chinese (4 Byte) |
| 57002 | ISCII Devanagari |
| 57003 | ISCII Bengali |
| 57004 | ISCII Tamil |
| 57005 | ISCII Telugu |
| 57006 | ISCII Assamese |
| 57007 | ISCII Oriya |
| 57008 | ISCII Kannada |
| 57009 | ISCII Malayalam |
| 57010 | ISCII Gujarati |
| 57011 | ISCII Punjabi |
| 65000 | Unicode UTF-7 |
| 65001 | Unicode UTF-8 |
| Identifier | Name |
| 1 | ASCII |
| 2 | NEXTSTEP |
| 3 | JapaneseEUC |
| 4 | UTF8 |
| 5 | ISOLatin1 |
| 6 | Symbol |
| 7 | NonLossyASCII |
| 8 | ShiftJIS |
| 9 | ISOLatin2 |
| 10 | Unicode |
| 11 | WindowsCP1251 |
| 12 | WindowsCP1252 |
| 13 | WindowsCP1253 |
| 14 | WindowsCP1254 |
| 15 | WindowsCP1250 |
| 21 | ISO2022JP |
| 30 | MacOSRoman |
| 10 | UTF16String |
| 0x90000100 | UTF16BigEndian |
| 0x94000100 | UTF16LittleEndian |
| 0x8c000100 | UTF32String |
| 0x98000100 | UTF32BigEndian |
| 0x9c000100 | UTF32LittleEndian |
| 65536 | Proprietary |
- Product: The product the license is for.
- Product Key: The key the license was generated from.
- License Source: Where the license was found (e.g., RuntimeLicense, License File).
- License Type: The type of license installed (e.g., Royalty Free, Single Server).
- Last Valid Build: The last valid build number for which the license will work.
This setting only works on these classes: AS3Receiver, AS3Sender, Atom, Client(3DS), FTP, FTPServer, IMAP, OFTPClient, SSHClient, SCP, Server(3DS), Sexec, SFTP, SFTPServer, SSHServer, TCPClient, TCPServer.
On Linux, the C++ edition requires installation of the FIPS-enabled OpenSSL library. The OpenSSL FIPS provider version must be at least 3.0.0. For additional information and instructions regarding the installation and activation of the FIPS-enabled OpenSSL library, please refer to the following link: https://github.com/openssl/openssl/blob/master/README-FIPS.md
To ensure the class utilizes the FIPS-enabled OpenSSL library, the obfuscated source code should first be compiled with OpenSSL enabled, as described in the Supported Platforms section. Additionally, the FIPS module should be enabled and active. If the obfuscated source code is not compiled as mentioned, or the FIPS module is inactive, the class will throw an appropriate error assuming FIPS mode is enabled.
FIPS mode can be enabled by setting the UseFIPSCompliantAPI configuration setting to true. This is a static setting that applies to all instances of all classes of the toolkit within the process. It is recommended to enable or disable this setting once before the component has been used to establish a connection. Enabling FIPS while an instance of the component is active and connected may result in unexpected behavior.
For more details, please see the FIPS 140-2 Compliance article.
Note: This setting is applicable only on Windows.
Note: Enabling FIPS compliance requires a special license; please contact sales@nsoftware.com for details.
Setting this configuration setting to true tells the class to use the internal implementation instead of using the system security libraries.
On Windows, this setting is set to false by default. On Linux/macOS, this setting is set to true by default.
To use the system security libraries for Linux, OpenSSL support must be enabled. For more information on how to enable OpenSSL, please refer to the OpenSSL Notes section.
Trappable Errors (ChaCha Class)
Error Handling (C++)
Call the GetLastErrorCode() method to obtain the last called method's result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. Known error codes are listed below. If an error occurs, the GetLastError() method can be called to retrieve the associated error message.
ChaCha Errors
| 101 | Unsupported algorithm. |
| 102 | No Key specified. |
| 103 | No IV specified. |
| 104 | Cannot read or write file. |
| 107 | Block size is not valid for this algorithm. |
| 108 | Key size is not valid for this algorithm. |
| 111 | OutputFile already exists and Overwrite is False. |
| 121 | The specified key is invalid. |
| 123 | IV size is not valid for this algorithm. |
| 304 | Cannot write file. |
| 305 | Cannot read file. |
| 306 | Cannot create file. |
| 2004 | Invalid padding. This may be an indication that the key is incorrect. |