“Misuse resistant”? Here, hold my beer.
Here’s the Go API:
// Plaintext to be encrypted
pt := byte("Hello, world!")
// Nonce to encrypt it under
n := miscreant.GenerateNonce(c)
// Associated data to authenticate along with the message
// (or nil if we don't care)
ad := nil
// Create a destination buffer to hold the ciphertext. We need it to be the
// length of the plaintext plus `c.Overhead()` to hold the IV/tag
ct := make(byte, len(pt) + c.Overhead())
// Perform encryption by calling 'Seal'. The encrypted ciphertext will be
// written into the `ct` buffer
c.Seal(ct, n, pt, ad)
That… still seems too complicated, I guess? I wouldn’t expect to have to compute the overhead myself, or wonder what the “associated data” is or should be.
If you don’t compute the overhead you can’t provide the output slice and the function would have to allocate. Additional data can just be nil. Also, this matches cipher.AEAD.