Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

proposal: crypto/cipher: Specify nonce and tag sizes for GCM #34594

Closed
defund opened this issue Sep 29, 2019 · 6 comments
Closed

proposal: crypto/cipher: Specify nonce and tag sizes for GCM #34594

defund opened this issue Sep 29, 2019 · 6 comments
Labels
FrozenDueToAge Proposal Proposal-Crypto Proposal related to crypto packages or other security issues
Milestone
Proposal

Comments

@defund
Copy link

defund commented Sep 29, 2019
edited
Loading

Is there any reason for why NewGCM, NewGCMWithNonceSize, and NewGCMWithTagSize are public while newGCMWithNonceAndTagSize isn't? Unless I'm missing something, creating an AEAD with custom sizes for both nonce and tag seems impossible.

So the proposal would be to transform newGCMWithNonceAndTagSize -> NewGCMWithNonceAndTagSize.
@gopherbot gopherbot added this to the Proposal milestone Sep 29, 2019
@ALTree
Copy link
Member

ALTree commented Sep 29, 2019

It appears that this was done on purpose. Look at 33f1768: it renamed NewGCMWithNonceAndTagSize to NewGCMWithTagSize and removed the nonceSize parameter.

Neither the commit message nor the issue it fixes (#24977) seem to give a rationale for the change, except for a small comment by @rsc on the issue, which says:

the name is a mouthful, and the nonce size may not be necessary to specify anyway.

Moreover, in #24171 (comment), rsc wrote:

The ability to change the nonce was a workaround for one special protocol, not a typical general need.

Overall, it seems that the limitation of not being able to set the nonce size is intentional.

cc @FiloSottile

@ALTree ALTree added the Proposal-Crypto Proposal related to crypto packages or other security issues label Sep 29, 2019
@defund
Copy link
Author

defund commented Sep 30, 2019

I guess it feels weird to offer two different options but not the composition of both, especially since they're only there for compatibility reasons. It would make sense if both helpers had a major use case for development, but they're meant to be used reluctantly.

@FiloSottile
Copy link
Contributor

Is there any protocol that requires a custom tag and nonce size?

@rsc
Copy link
Contributor

rsc commented Feb 12, 2020

Adding to proposal minutes, seems headed for likely decline.

@rsc rsc mentioned this issue Feb 12, 2020
Open
@rsc
Copy link
Contributor

rsc commented Feb 26, 2020

Based on the discussion above, this is a likely decline.

@rsc
Copy link
Contributor

rsc commented Mar 4, 2020

No change in consensus, so declined.

@rsc rsc closed this as completed Mar 4, 2020
@tmthrgd tmthrgd mentioned this issue Nov 10, 2020
Open
@golang golang locked and limited conversation to collaborators Mar 4, 2021
@rsc rsc moved this to Declined in Proposals Aug 10, 2022
@rsc rsc added this to Proposals Aug 10, 2022
@rsc rsc removed this from Proposals Oct 19, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge Proposal Proposal-Crypto Proposal related to crypto packages or other security issues
Projects
None yet
Milestone
Proposal
Development

No branches or pull requests
5 participants
@rsc @FiloSottile @ALTree @gopherbot @defund