diff options
author | Christopher Speller <crspeller@gmail.com> | 2017-09-29 12:46:30 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-09-29 12:46:30 -0700 |
commit | b84736e9b6401df0c6eeab9950bef09458a6aefd (patch) | |
tree | d9175208de3236db75a33879750a57b3000ba096 /vendor/golang.org/x/crypto/nacl/secretbox | |
parent | 8b9dbb86133ff0fd6002a391268383d1593918ca (diff) | |
download | chat-b84736e9b6401df0c6eeab9950bef09458a6aefd.tar.gz chat-b84736e9b6401df0c6eeab9950bef09458a6aefd.tar.bz2 chat-b84736e9b6401df0c6eeab9950bef09458a6aefd.zip |
Updating server dependancies. (#7538)
Diffstat (limited to 'vendor/golang.org/x/crypto/nacl/secretbox')
-rw-r--r-- | vendor/golang.org/x/crypto/nacl/secretbox/secretbox.go | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/vendor/golang.org/x/crypto/nacl/secretbox/secretbox.go b/vendor/golang.org/x/crypto/nacl/secretbox/secretbox.go index 1e1dff506..53ee83cfb 100644 --- a/vendor/golang.org/x/crypto/nacl/secretbox/secretbox.go +++ b/vendor/golang.org/x/crypto/nacl/secretbox/secretbox.go @@ -13,6 +13,23 @@ example, by using nonce 1 for the first message, nonce 2 for the second message, etc. Nonces are long enough that randomly generated nonces have negligible risk of collision. +Messages should be small because: + +1. The whole message needs to be held in memory to be processed. + +2. Using large messages pressures implementations on small machines to decrypt +and process plaintext before authenticating it. This is very dangerous, and +this API does not allow it, but a protocol that uses excessive message sizes +might present some implementations with no other choice. + +3. Fixed overheads will be sufficiently amortised by messages as small as 8KB. + +4. Performance may be improved by working with messages that fit into data caches. + +Thus large amounts of data should be chunked so that each message is small. +(Each message still needs a unique nonce.) If in doubt, 16KB is a reasonable +chunk size. + This package is interoperable with NaCl: https://nacl.cr.yp.to/secretbox.html. */ package secretbox // import "golang.org/x/crypto/nacl/secretbox" |