gergely/taskwarrior-2.x
1
0
Fork 0
Code Issues Actions Packages Projects Releases 1 Wiki Activity

use CHACHA20_POLY1305 instead of AES_256_GCM

Browse Source
This commit is contained in:
Dustin J. Mitchell
2021-10-17 17:36:30 -04:00
parent 97d1366b66
commit 4300f7bdda
2 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/src/sync-protocol.md
View File

@@ -52,7 +52,7 @@ The salt is the SHA256 hash of the 16-byte form of the client key.
#### Encryption
The client uses [AEAD](https://commondatastorage.googleapis.com/chromium-boringssl-docs/aead.h.html), with algorithm AES_256_GCM.
The client uses [AEAD](https://commondatastorage.googleapis.com/chromium-boringssl-docs/aead.h.html), with algorithm CHACHA20_POLY1305.
Each encrypted payload has an associated version ID.
The 16-byte form of this UUID is used as the associated data (AAD) with the AEAD algorithm.
The client should generate a random nonce, noting that AEAD is _not secure_ if a nonce is used repeatedly for the same key.