ircmaxell
commented
9 years ago Well, I would suggest having the version dictate the rest of the layout. There may be algorithms that need more than 2 components prior to the MAC.
Closed paragonie-scott closed 9 years ago
ircmaxell
commented
9 years ago Well, I would suggest having the version dictate the rest of the layout. There may be algorithms that need more than 2 components prior to the MAC.
paragonie-scott
commented
9 years ago Right, that makes sense. The idea I wanted to establish was whether or not the first 8 bytes should be reserved for the header. (Is 8 bytes enough?)
paragonie-scott
commented
9 years ago Actually, if we just make the first 4 bytes the header then let each driver prepend its own "driver-specific" header after that, we can eschew the 3-7 detail.
ircmaxell
commented
9 years ago 8 bytes is plenty. If more is needed the version can identify that and parse it explicitly (like an extension)
ircmaxell
commented
9 years ago Yeah, in that case, I'd do 4 bytes: VVDC
where C is a checksum (computed as V ^ V ^ D) to validate that the ciphertext is infact a valid ciphertext.
paragonie-scott
commented
9 years ago Alright, I'll put a formal definition in the docs directory. :+1:
We should encode some "basic" information in a header: Library, version, etc.
For example, the message format might seem like this (assume hex):
A- 8 bytes - is metadata about the version of the library (and, possibly, the driver used?), whether it's asymmetric or symmetric, an identifier for other configuration information, etc.B- any number of bytes- nonce or IV, public key, etc.C- any number of bytes - ciphertextD- fixed number of bytes - MAC or authentication tag (Poly1305, etc.) -- must authenticate nonces and ciphertext.Proposed Header Format
We should reserve 8 bytes (64 bits)
[00][01]=> alpha 0.1[00][FF]=> final beta before stable 1.0 release[01][00]=> stable 1.0[01]=> OpenSSL, symmetric[02]=> Libsodium, symmetric[81]=> OpenSSL, asymmetric[82]=> Libsodium, asymmetric