1. 15

  2. 5

    “Misuse resistant”? Here, hold my beer.

    1. 2

      Here’s the Go API:

      // Plaintext to be encrypted
      pt := []byte("Hello, world!")
      // Nonce to encrypt it under
      n := miscreant.GenerateNonce(c)
      // Associated data to authenticate along with the message
      // (or nil if we don't care)
      ad := nil
      // Create a destination buffer to hold the ciphertext. We need it to be the
      // length of the plaintext plus `c.Overhead()` to hold the IV/tag
      ct := make([]byte, len(pt) + c.Overhead())
      // Perform encryption by calling 'Seal'. The encrypted ciphertext will be
      // written into the `ct` buffer
      c.Seal(ct, n, pt, ad)

      That… still seems too complicated, I guess? I wouldn’t expect to have to compute the overhead myself, or wonder what the “associated data” is or should be.

      1. 2

        If you don’t compute the overhead you can’t provide the output slice and the function would have to allocate. Additional data can just be nil. Also, this matches cipher.AEAD.