aead: rework traits API#2427
Conversation
newpavlov
changed the title
This comment was marked as outdated.
This comment was marked as outdated.
newpavlov
changed the title
| &self, | ||
| nonce: &[u8], | ||
| aad: &[u8], | ||
| ciphertext: &[u8], |
There was a problem hiding this comment.
Using 3 arguments with the same type may cause bugs, so it may be worth to use Payload here as well.
|
Overall this doesn't feel like an improvement to me. Several things have changed but I don't think they've changed in ways that make more sense. |
|
IMO variable nonce support, merging |
| }; | ||
|
|
||
| let buf = InOutBuf::new(plaintext, ct_dst) | ||
| .expect("`plaintext` and `ct_dst` always have the same length"); |
There was a problem hiding this comment.
Replace it with .map_err(|_| Error) to remove #[allow(clippy::unwrap_in_result)]?
| /// | ||
| /// # Errors | ||
| /// AEAD algorithm implementations may return an error if the plaintext or AAD are too long. | ||
| fn encrypt_into_vec(&self, nonce: &[u8], aad: &[u8], plaintext: &[u8]) -> Result<Vec<u8>>; |
There was a problem hiding this comment.
I removed the Payload type for now. I think we either need a more general solution which would help with other methods as well (e.g. Nonce, Aad, Plaintext, etc. wrappers), or we could just tolerate the potential incorrect reordering of arguments, which hopefully is somewhat unlikely in modern conditions (IDEs and stuff).
| ) -> Result<()>; | ||
| aad: &[u8], | ||
| plaintext: &[u8], | ||
| allocate: impl FnOnce(usize) -> B, |
There was a problem hiding this comment.
Should we handle potential fallibility here and in extend/truncate?
2 participants
TODO:
Unresolved questions:
nonce,aad,plaintext/ciphertext) with the same type (&[u8]).