rodolphe/coffio
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Document the reason for the AES-GCM noce size

Browse source
This commit is contained in:
Rodolphe Bréard 2024-03-29 22:11:39 +01:00
parent 360917adb8
commit b41772c045
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/scheme/aes.rs
View file

@ -4,6 +4,10 @@ use aes_gcm::aead::{Aead, KeyInit, Payload};
use aes_gcm::{Aes128Gcm, Key, Nonce};
// 96 bits (12 bytes)
// Reason: NIST Special Publication 800-38D
// https://csrc.nist.gov/pubs/sp/800/38/d/final
// Section 5.2.1.1 recommends that implementations restrict support to 96 bit.
// Section 8.2 states that nonces of 96 bits and higher may be randomly generated.
const NONCE_SIZE: usize = 12;
pub(crate) fn aes128gcm_gen_nonce() -> Result<Vec<u8>> {