Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

proposal: crypto/cipher: Specify nonce and tag sizes for GCM #34594

Open
defund opened this issue Sep 29, 2019 · 3 comments
Open

proposal: crypto/cipher: Specify nonce and tag sizes for GCM #34594

defund opened this issue Sep 29, 2019 · 3 comments

Comments

@defund
Copy link

@defund defund commented Sep 29, 2019

Is there any reason for why NewGCM, NewGCMWithNonceSize, and NewGCMWithTagSize are public while newGCMWithNonceAndTagSize isn't? Unless I'm missing something, creating an AEAD with custom sizes for both nonce and tag seems impossible.

So the proposal would be to transform newGCMWithNonceAndTagSize -> NewGCMWithNonceAndTagSize.

@gopherbot gopherbot added this to the Proposal milestone Sep 29, 2019
@gopherbot gopherbot added the Proposal label Sep 29, 2019
@ALTree

This comment has been minimized.

Copy link
Member

@ALTree ALTree commented Sep 29, 2019

It appears that this was done on purpose. Look at 33f1768: it renamed NewGCMWithNonceAndTagSize to NewGCMWithTagSize and removed the nonceSize parameter.

Neither the commit message nor the issue it fixes (#24977) seem to give a rationale for the change, except for a small comment by @rsc on the issue, which says:

the name is a mouthful, and the nonce size may not be necessary to specify anyway.

Moreover, in #24171 (comment), rsc wrote:

The ability to change the nonce was a workaround for one special protocol, not a typical general need.

Overall, it seems that the limitation of not being able to set the nonce size is intentional.

cc @FiloSottile

@defund

This comment has been minimized.

Copy link
Author

@defund defund commented Sep 30, 2019

I guess it feels weird to offer two different options but not the composition of both, especially since they're only there for compatibility reasons. It would make sense if both helpers had a major use case for development, but they're meant to be used reluctantly.

@FiloSottile

This comment has been minimized.

Copy link
Member

@FiloSottile FiloSottile commented Dec 2, 2019

Is there any protocol that requires a custom tag and nonce size?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.