New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add examples in doctests for ring::aead
API
#418
Comments
Proper nonce generation should be explained somewhere. Especially if random nonces aren't secure, as that would be surprising to most users. |
[wrongly-added comment removed] |
Are you sure you closed the right issue? |
Thanks @Philipp91. Reopened. |
If possible, I would like to take this issue. 😄 |
My understanding is that there is at least one PR and maybe two different PRs that attempt to fix this issue. Additionally, there are some other patches that completely change the API. So basically I need to decide which direction to go. I imagine I'll just replace the API with a better one. I'll be discussing this with some users of the API soon and I'll update this issue when I've made a decision. |
Ok. Thanks for your quick reply! Do you have any good suggestions on which issues are ready to be tackled by a beginner like me? |
See #805 where the beginning of the refactoring of the AEAD API has started. Feedback appreciated. |
Any news on this issue? I am having problems using the AEAD API and it would be super nice to have some working examples which show correct nonce use and so on. |
Any update? |
Btw i found this |
FWIW, zerostash uses the AEAD API from ring, although the nonces are not following standard practice. |
I'm playing around with the AEAD's API and created this It's a meaningless example, but maybe it helps someone. |
Another example could be found in Elichai's Lorenz project Actually I just finished my example because Elichai pointed me out the link above and gave some hints. |
ring::aead
API
The AEAD API is one of the few that doesn't have example code. Let's add the example code, in a similar style as the existing examples for other features.
We're likely to remove the
in_prefix_len
parameter, so if we only have resources to write two examples, one within_prefix_len
zero and one where it is non-zero, it's best to write one wherein_prefix_len
is zero.A good example would be TLS records, which have a 5 byte AAD prefix of
{ type: u8, ProtocolVersion: u16, length: u16 }
.It would also be good to have an example where there's no ciphertext, and there's only AAD.
The text was updated successfully, but these errors were encountered: