Allow custom AAD to be provided to message encryptor

[josevalim]

@voltone @GriffinMB do you see any concerns with allowing a custom AAD when additional content needs to be added to the integrity?

RFC 7518 specifies empty and we already defaulted to A128GCM, which is preserved, but I wonder if you have any concerns.

Thank you!

[houllette]

I think it makes sense to allow this flexibility! Worth noting for posterity that while customizing the AAD doesn't provide any greater sense of cryptographic strength, it does provide another avenue of authenticating the decryption request and this change exposes that ability to the user.

[josevalim]

Thank you @houllette, precisely that. We want to encrypt metadata into Livebooks, and we were planning to pass the notebook itself as AAD.

[houllette]

Awesome! You shouldn't have a problem with doing that provided the entire Livebook your passing in is smaller than 2.31 exabytes 🙂 (since AAD has a 2⁶⁴ bit maximum)

[GriffinMB]

+1, no concerns with supporting custom AAD!

[josevalim]

💚 💙 💜 💛 ❤️