# HChaCha20

## Purpose

HChaCha20 is a pseudorandom function (PRF) based on ChaCha20 and HSalsa20. It takes a 512-bit input and produces a 256-bit output. This makes it suitable for fast key derivation from **high-entropy** input keying material, as done for XChaCha20.

## Usage

### DeriveKey

Fills a span with output keying material derived from **high-entropy** input keying material, a nonce, and an optional personalization constant for domain separation.

#### Exceptions

`outputKeyingMaterial`

has a length not equal to `OutputSize`

.

`inputKeyingMaterial`

has a length not equal to `KeySize`

.

`nonce`

has a length not equal to `NonceSize`

.

`personalization`

has a length greater than 0 but not equal to `PersonalSize`

.

## Constants

These are used for validation and/or save you defining your own constants.

## Notes

HChaCha20 is **NOT** a general-purpose hash function. Use BLAKE2b.

The input keying material **MUST** be a uniformly random key, **NOT** a password, public key, or X25519 shared secret.

Last updated