New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/crypto/nacl/secretbox: document how small is "small" #21139

Closed
kevinburke opened this Issue Jul 24, 2017 · 3 comments

Comments

Projects
None yet
4 participants
@kevinburke
Copy link
Contributor

kevinburke commented Jul 24, 2017

The documentation for secretbox states:

Package secretbox encrypts and authenticates small messages.

However, it is unclear to a casual reader how small "small" is.

"Validation and Verification" says:

Tests are currently limited to 4096-byte messages. This is one of several reasons that callers should (1) split all data into packets sent through the network; (2) put a small global limit on packet length; and (3) separately encrypt and authenticate each packet.

With a link to more explanation here: https://groups.google.com/forum/#!original/boring-crypto/BpUmNMXKMYQ/EEwAIeQdjacJ

We may want to provide the same advice to callers of this package, and advise them that "small" means "4096 bytes or fewer."

@gopherbot gopherbot added this to the Unreleased milestone Jul 24, 2017

@aead

This comment has been minimized.

Copy link
Contributor

aead commented Jul 24, 2017

Dup of #17673

@slrz

This comment has been minimized.

Copy link

slrz commented Jul 25, 2017

We may want to provide the same advice to callers of this package, and advise them that "small" means "4096 bytes or fewer."

But that's not what it means. Wording like this would give the impression that secretbox doesn't work at all for messages of 8k or 16k size which is obviously wrong. Putting numbers there without any explanation how to arrive at these seems like a bad idea.

DJB's mail to boring-crypto gives the rationale for "small" messages. Link to that, if you must. Also note agl's comments in #17673 and the previous CL addressing this.

@gopherbot

This comment has been minimized.

Copy link

gopherbot commented Aug 3, 2017

Change https://golang.org/cl/35910 mentions this issue: nacl/[secret]box: clarify message size comment.

@kevinburke kevinburke closed this Jan 18, 2018

lparth pushed a commit to lparth/crypto that referenced this issue Oct 1, 2018

nacl/[secret]box: clarify message size comment.
While package comments shouldn't be novels, this throwaway word was not
sufficient (and wasn't mirrored in the `box` package).

This change attempts to include more reasoning without using too many
words.

Fixes golang/go#17673,golang/go#21139

Change-Id: I7fa11e2cd5b8e2010420cc14d784f9b0c65db6d2
Reviewed-on: https://go-review.googlesource.com/35910
Reviewed-by: Russ Cox <rsc@golang.org>

@golang golang locked and limited conversation to collaborators Jan 18, 2019

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.