# HG changeset patch
# User Goffi <goffi@goffi.org>
# Date 1582046238 -3600
# Node ID 98b32123406861fb9123d122439065801f5f3b69
# Parent  f4914ce9d47d9ee9195ce6866a7dbf06cd02f4ee
plugin aesgcm: use 12 bytes Initialisation Vector:

SàT was using 16 bytes IV when sending files withr AES-GCM, due to ChatSecure being only
compatible with that. Monal, an other iOS client is only compatible with 12 bytes IV, and
ChatSecure has fixed its code to also handle 12 bytes IV, so there is not reason anymore
to use 16 bytes, and SàT now uses 12 bytes.

diff -r f4914ce9d47d -r 98b321234068 sat/plugins/plugin_sec_aesgcm.py
--- a/sat/plugins/plugin_sec_aesgcm.py	Tue Feb 18 18:17:18 2020 +0100
+++ b/sat/plugins/plugin_sec_aesgcm.py	Tue Feb 18 18:17:18 2020 +0100
@@ -170,13 +170,7 @@
         if options.get('encryption') != C.ENC_AES_GCM:
             return True
         log.debug("encrypting file with AES-GCM")
-        # specification talks about 12 bytes IV, but in practice and for legacy reasons
-        # 16 bytes are used by most clients (and also in the specification example).
-        # It seems that some clients don't handle 12 bytes IV (apparently,
-        # that's the case for ChatSecure).
-        # So we have to follow the de-facto standard and use 16 bytes to be sure
-        # to be compatible with a maximum of clients.
-        iv = secrets.token_bytes(16)
+        iv = secrets.token_bytes(12)
         key = secrets.token_bytes(32)
         fragment = f'{iv.hex()}{key.hex()}'
         ori_url = parse.urlparse(slot.get)