You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is a proposal for the high-level interface, providing stream-based encryption based on the hazardous implementation in #99. I find the interface provided by sodiumoxide quite nice and my proposal borrows a fair amount from there for that reason.
The streaming encryption will be a part of the orion::aead module, defining two types. One for handling stream encryption (StreamSealer) and one to handle stream decryption (StreamOpener). Nonce generation will be done automatically. Providing separate types for encryption/decryption is to make misuse harder and is also a concern @snsmac has brought up. Here is a rough implementation of what this interface may look like:
I specifically try to move away from calling the encryption/decryption operations push or pull, as I find these to be bad names as they don't clearly communicate the purpose or functionality behind IMO. Including "seal" and "open" was to be consistent with naming of AEAD-related functions throughout the rest of orion.
Once #88 is finalised, there will be a high-level type called Tag as well as all other Tags used in hazardous. That is the reasoning behind importing the stream Tag as ChunkTag, though I don't know if there's something better to call it.
Another remaining question is whether the nonce used should be called a Header as libsodium does it, or if we should stick with Nonce. I personally find Nonce to be a more fitting name, because I find it to convey it's use more clearly.
Any feedback/input is greatly appreciated!
The text was updated successfully, but these errors were encountered:
Instead of pub fn header(&self) i would name this function get_nonce.
Good catch, I've updated the example. After some more consideration, I thought naming the ChunkTag as InfoTag instead would be more appropriate, to convey its functionality better. What do you think? Let's rename Tag -> StreamTag.
This is a proposal for the high-level interface, providing stream-based encryption based on the hazardous implementation in #99. I find the interface provided by sodiumoxide quite nice and my proposal borrows a fair amount from there for that reason.
The streaming encryption will be a part of the
orion::aead
module, defining two types. One for handling stream encryption (StreamSealer
) and one to handle stream decryption (StreamOpener
). Nonce generation will be done automatically. Providing separate types for encryption/decryption is to make misuse harder and is also a concern @snsmac has brought up. Here is a rough implementation of what this interface may look like:I specifically try to move away from calling the encryption/decryption operations
push
orpull
, as I find these to be bad names as they don't clearly communicate the purpose or functionality behind IMO. Including "seal" and "open" was to be consistent with naming of AEAD-related functions throughout the rest of orion.Once #88 is finalised, there will be a high-level type called
Tag
as well as all otherTag
s used in hazardous. That is the reasoning behind importing the streamTag
asChunkTag
, though I don't know if there's something better to call it.Another remaining question is whether the nonce used should be called a
Header
as libsodium does it, or if we should stick withNonce
. I personally findNonce
to be a more fitting name, because I find it to convey it's use more clearly.Any feedback/input is greatly appreciated!
The text was updated successfully, but these errors were encountered: