Re: [go-nuts] The docs for secretbox seem very wrong

For what it's worth, here is an example that demonstrates a typical encryption/decryption roundtrip, perhaps more clearly: https://go.dev/play/p/ZZry8IgTJQ_- The `out` parameter can be used to make this more efficient by using pre-allocated buffers (depending on use case) and there are cases where

Re: [go-nuts] The docs for secretbox seem very wrong

oh I forgot to emphasize: I don't believe the output is *really* ``. That is, I don't believe you can really treat the first N bytes as the encrypted text and decrypt it (say, if you didn't care about the authentication). It's just that you ultimately need to add 16 bytes of extra information to

Re: [go-nuts] The docs for secretbox seem very wrong

I don't really understand your issue. You call encrypted := secretbox.Seal(nonce[:], []byte(s), , ) That means you pass `nonce[:]` as the `out` argument, `s` as the `message` argument, and the nonce and key and assign the result to `encrypted`. According to the docs of `secretbox`, `Seal` will

[go-nuts] The docs for secretbox seem very wrong

The docs for secretbox.Seal say: func Seal(out, message []byte, nonce *[24]byte, key *[32]byte) []byte Seal appends an encrypted and authenticated copy of message to out, which must not overlap message. The key and nonce pair must be