Your company here — click to reach over 10,000 unique daily visitors

EVP_chacha20.3ossl - Man Page

EVP ChaCha20 stream cipher


 #include <openssl/evp.h>

 const EVP_CIPHER *EVP_chacha20(void);
 const EVP_CIPHER *EVP_chacha20_poly1305(void);


The ChaCha20 stream cipher for EVP.


The ChaCha20 stream cipher. The key length is 256 bits, the IV is 128 bits long. The first 64 bits consists of a counter in little-endian order followed by a 64 bit nonce. For example a nonce of:


With an initial counter of 42 (2a in hex) would be expressed as:



Authenticated encryption with ChaCha20-Poly1305. Like EVP_chacha20(), the key is 256 bits and the IV is 96 bits. This supports additional authenticated data (AAD) and produces a 128-bit authentication tag. See the "AEAD Interface" in EVP_EncryptInit(3) section for more information.


Developers should be aware of the negative performance implications of calling these functions multiple times and should consider using EVP_CIPHER_fetch(3) with EVP_CIPHER-CHACHA(7) instead. See "Performance" in crypto(7) for further information.

RFC 7539 <https://www.rfc-editor.org/rfc/rfc7539.html#section-2.4> uses a 32 bit counter and a 96 bit nonce for the IV.

Return Values

These functions return an EVP_CIPHER structure that contains the implementation of the symmetric cipher. See EVP_CIPHER_meth_new(3) for details of the EVP_CIPHER structure.

See Also

evp(7), EVP_EncryptInit(3), EVP_CIPHER_meth_new(3)

Referenced By


The man page EVP_chacha20_poly1305.3ossl(3) is an alias of EVP_chacha20.3ossl(3).

2024-07-09 3.2.2 OpenSSL