changeset 3178:98b321234068

plugin aesgcm: use 12 bytes Initialisation Vector: SàT was using 16 bytes IV when sending files withr AES-GCM, due to ChatSecure being only compatible with that. Monal, an other iOS client is only compatible with 12 bytes IV, and ChatSecure has fixed its code to also handle 12 bytes IV, so there is not reason anymore to use 16 bytes, and SàT now uses 12 bytes.
author Goffi <goffi@goffi.org>
date Tue, 18 Feb 2020 18:17:18 +0100
parents f4914ce9d47d
children 84a94b385760
files sat/plugins/plugin_sec_aesgcm.py
diffstat 1 files changed, 1 insertions(+), 7 deletions(-) [+]
line wrap: on
line diff
--- a/sat/plugins/plugin_sec_aesgcm.py	Tue Feb 18 18:17:18 2020 +0100
+++ b/sat/plugins/plugin_sec_aesgcm.py	Tue Feb 18 18:17:18 2020 +0100
@@ -170,13 +170,7 @@
         if options.get('encryption') != C.ENC_AES_GCM:
             return True
         log.debug("encrypting file with AES-GCM")
-        # specification talks about 12 bytes IV, but in practice and for legacy reasons
-        # 16 bytes are used by most clients (and also in the specification example).
-        # It seems that some clients don't handle 12 bytes IV (apparently,
-        # that's the case for ChatSecure).
-        # So we have to follow the de-facto standard and use 16 bytes to be sure
-        # to be compatible with a maximum of clients.
-        iv = secrets.token_bytes(16)
+        iv = secrets.token_bytes(12)
         key = secrets.token_bytes(32)
         fragment = f'{iv.hex()}{key.hex()}'
         ori_url = parse.urlparse(slot.get)