AES256-GCM could be implemented in go as https://gist.github.com/cannium/c167a19030f2a3c6adbb5a5174bea3ff
Seal method of interface
cipher.AEAD has signature:
Seal(dst, nonce, plaintext, additionalData byte) byte
So for very large files, one must read all file contents into memory, which is unacceptable.
A possible way is to implement
Writer interfaces on
Open, but shouldn't that be solved by those block cipher "modes" of AEAD? So I wonder if this is a design mistake of golang cipher lib, or I missed something important with GCM?