Stefan Bühler nettle-bugs@stbuehler.de writes:
What about:
chacha20_crypt (20 rounds) chacha12_crypt (12 rounds) chacha_set_key128 (128 key bits) chacha_set_key256 (256 key bits) salsa20_set_key128 (128 key bits) salsa20_set_key256 (256 key bits)
My gut feeling is that think putting the number of bits last is too inconsistent with aes128_set_*_key and similar functions.
Opinions?
Imho moving Salsa20/R functions to the ChachaR naming would work too :)
That's one option. What do others think? (We could keep aliases for backwards compatibility, whenever practical).
And don't forget XSalsa20/r (using HSalsa20/r and an additional 128-bit nonce, defined only for 256-bit keys afaik, but theoretically should work with 128-bit keys too)... xsalsa20r12_set_key256? :D
I'm not familier with those variants. But I think they should have a different name space (e.g., xsalsa*), so at least they shouldn't collide with plain salsa20 functions.
Regards, /Niels