Tony Arcieri
Tony Arcieri
It sounds like they are buffering and perhaps incrementally encrypting/authenticating the data. We only have one-shot APIs at the moment, though you could largely achieve the same effect by buffering...
It's not possible to safely decrypt individual AEAD messages incrementally. At the very least, the tag needs to be checked before decryption can begin.
My guess would be: unsafely
Operating on unauthenticated data can be a source of chosen ciphertext attacks which completely undermine AEAD security. These sorts of streaming decryption APIs are "hazmat" which is difficult to use...
We could add an API for it, but it would require a special decryptor object which caps the max message size and number of decryptions allowed under a given key
Do you have a particular use case for dynamic tag lengths which isn't limited to a small number of possibilities?
That wasn’t what I was asking. What is the use case for dynamic tag sizes? What are you doing that demands them?
Sorry, that's not what I'm asking. Why are you working with arbitrary tag sizes in the first place? Who is choosing them? Why are they arbitrary? Why aren't they some...
I'm afraid that still doesn't answer my question. I am asking for specific examples of scenarios where being able to dynamically select the IV size using a runtime parameter would...
So your use case is you're implementing a Node.js interpreter and need to support this kind of dynamic selection? If so, please file a new issue specific to that request.