Good day! Could someone please clarify if the XChaCha key derivation function in Crypto++ is consistent with the functionality outlined in “XChaCha: eXtended-nonce ChaCha and AEAD_XChaCha20_Poly1305 draft-irtf-cfrg-xchacha-03”? Implementing just the HChaCha_OperateKeystream function using the test vectors outlined in the document produces results consistent with the document. However, executing HChaCha_OperateKeystream using the ChaCha values from the initial XChaCha20 setup does not produce an XChaCha key consistent with the final result. Could someone please clarify the input to HChaCha_OperateKeystream in the Crypto++ implementation as using the ChaCha key and block counter with 64-bit nonce as the 128-bit input does not produce the same values as the XChaCha20 key? Thank you.
-- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/cryptopp-users/1c6f135c-2f33-4276-a5fb-a454d8e34871n%40googlegroups.com.
