chacha

The ChaCha20 stream cipher (docs.ppad.tech/chacha).
git clone git://git.ppad.tech/chacha.git
Log | Files | Refs | README | LICENSE
commit 172c086ac9519af61b9ca87b4a8789bbbbdb0f38
parent 01917a647ba57a5f3c5f992443c4561a6af3376a
Author: Jared Tobin <jared@jtobin.io>
Date:   Tue, 11 Mar 2025 10:33:59 +0400

meta: wycheproof note

Diffstat:

MREADME.md | 7++++++-


1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
@@ -58,7 +58,11 @@ This library aims at the maximum security achievable in a
 garbage-collected language under an optimizing compiler such as GHC, in
 which strict constant-timeness can be [challenging to achieve][const].
 
-The ChaCha20 cipher within passes all test vectors from RFC8439.
+The ChaCha20 cipher within passes all test vectors from RFC8439,
+and the downstream AEAD-ChaCha20-Poly1305 implementation in
+[ppad-aead](https://github.com/ppad-tech/aead) passes all the [Project
+Wycheproof vectors][wyche].
+
 
 If you discover any vulnerabilities, please disclose them via
 security@ppad.tech.
@@ -85,3 +89,4 @@ to get a REPL for the main library.
 [flake]: https://nixos.org/manual/nix/unstable/command-ref/new-cli/nix3-flake.html
 [hadoc]: https://docs.ppad.tech/chacha
 [const]: https://www.chosenplaintext.ca/articles/beginners-guide-constant-time-cryptography.html
+[wyche]: https://github.com/C2SP/wycheproof