Add option to use other encryption algorithm (i.e., AES-256-GCM)

Question

Add option to use other encryption algorithm (i.e., AES-256-GCM)

Mrtenz opened this issue 2 years ago · 1 comments

Right now, AES-256-CBC is hardcoded as encryption algorithm. Other AES-256 modes, such as GCM, offer some benefits over CBC (like authentication). Changing this would be a breaking change, so a possibility would be to introduce an option to specify the encryption algorithm used.

I haven't looked too much into the encryption implementation, but using other AES-256 modes may require some other changes, like making sure the auth tag is added to the ciphertext.

Answer 1 · 2024-03-04T06:41:15.000Z

I need aes-256-ctr as well, since it suits web transmission better, such as incremental backup.
An encryptionAlgorithm param is indeed needed.