Document source of the AES GCM size limit

author Thomas Jarosch <thomas.jarosch@intra2net.com>

Mon, 27 Jan 2020 17:21:50 +0000 (18:21 +0100)

committer Thomas Jarosch <thomas.jarosch@intra2net.com>

Mon, 27 Jan 2020 17:23:24 +0000 (18:23 +0100)
author Thomas Jarosch <thomas.jarosch@intra2net.com>
Mon, 27 Jan 2020 17:21:50 +0000 (18:21 +0100)
committer Thomas Jarosch <thomas.jarosch@intra2net.com>
Mon, 27 Jan 2020 17:23:24 +0000 (18:23 +0100)
diff --git a/deltatar/crypto.py b/deltatar/crypto.py

index 2567c29..8928737 100755 (executable)
--- a/deltatar/crypto.py
+++ b/deltatar/crypto.py
@@ -315,7 +315,11 @@ FMT_I2N_HDR   = ("<"     # host byte order
 # aes+gcm
 AES_KEY_SIZE                  = 16 # b"0123456789abcdef"
 AES_KEY_SIZE_B64              = 24 # b'MDEyMzQ1Njc4OWFiY2RlZg=='
-AES_GCM_MAX_SIZE              = (1 << 36) - (1 << 5) # 2^39 - 2^8 b ≅ 64 GB
+
+AES_GCM_MAX_SIZE              = (1 << 36) - (1 << 5) # 2^39 - 2^8 b ≅ 64 GB.
+                                # Source: NIST SP 800-38D section 5.2.1.1
+# https://crypto.stackexchange.com/questions/31793/plain-text-size-limits-for-aes-gcm-mode-just-64gb
+
 PDTCRYPT_MAX_OBJ_SIZE_DEFAULT = 63 * (1 << 30)       #                63 GB
 PDTCRYPT_MAX_OBJ_SIZE         = PDTCRYPT_MAX_OBJ_SIZE_DEFAULT
author	Thomas Jarosch <thomas.jarosch@intra2net.com>
	Mon, 27 Jan 2020 17:21:50 +0000 (18:21 +0100)
committer	Thomas Jarosch <thomas.jarosch@intra2net.com>
	Mon, 27 Jan 2020 17:23:24 +0000 (18:23 +0100)