Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
x/crypto/nacl/secretbox: document how small is "small" #21139
The documentation for secretbox states:
However, it is unclear to a casual reader how small "small" is.
With a link to more explanation here: https://groups.google.com/forum/#!original/boring-crypto/BpUmNMXKMYQ/EEwAIeQdjacJ
We may want to provide the same advice to callers of this package, and advise them that "small" means "4096 bytes or fewer."
But that's not what it means. Wording like this would give the impression that secretbox doesn't work at all for messages of 8k or 16k size which is obviously wrong. Putting numbers there without any explanation how to arrive at these seems like a bad idea.
DJB's mail to boring-crypto gives the rationale for "small" messages. Link to that, if you must. Also note agl's comments in #17673 and the previous CL addressing this.