diff options
author | juerg <juerg@google.com> | 2023-04-27 00:02:20 -0700 |
---|---|---|
committer | Copybara-Service <copybara-worker@google.com> | 2023-04-27 00:03:45 -0700 |
commit | 39ecc214ccb8276fc1f770a9e9a90ad3a35aede7 (patch) | |
tree | b64fbb246ed2d69e66162b7edfb097611beea515 /java_src/proto | |
parent | 78c5b6225c7b160b9f3d244d18fcd644b2f3a57c (diff) | |
download | tink-39ecc214ccb8276fc1f770a9e9a90ad3a35aede7.tar.gz |
Document how Tink handles associatedData='' in AES SIV.
AES SIV allows the user to import a list of associated datas, but Tink only uses a single associated data in its interface. When the user inputs an empty associated data byte sequence, Tink will handle this as a list of one empty byte sequence, and not as an empty list.
PiperOrigin-RevId: 527491521
Diffstat (limited to 'java_src/proto')
-rw-r--r-- | java_src/proto/aes_siv.proto | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/java_src/proto/aes_siv.proto b/java_src/proto/aes_siv.proto index d7ebedf24..ccb8d3cb9 100644 --- a/java_src/proto/aes_siv.proto +++ b/java_src/proto/aes_siv.proto @@ -22,6 +22,14 @@ option java_package = "com.google.crypto.tink.proto"; option java_multiple_files = true; option go_package = "github.com/google/tink/go/proto/aes_siv_go_proto"; +// Tink implements RFC 5297 (https://www.rfc-editor.org/rfc/rfc5297) for +// AES-SIV, putting the SIV/Tag at the beginning of the ciphertext. +// +// While the RFC 5297 supports a list of associated datas, Tink only supports +// exactly one associated data, which corresponds to a list with one element in +// RFC 5297. An empty associated data is a list with one empty element, and not +// an empty list. + message AesSivKeyFormat { // Only valid value is: 64. uint32 key_size = 1; |