Switch to AES-256

AES-256 seems to be becoming the industry standard. While AES-128 is good enough for tens of years to come, let's follow suit and be extra safe.
author: Jakob Unterwurzacher 2015-10-06 20:51:35 +0200
committer: Jakob Unterwurzacher 2015-10-06 20:51:35 +0200
commit: 5c6df490678e7dc1aa7a09425d2fdf14fb13f7be (patch)
tree: da8605df2afc139fbdf4d82a9ebbfd61593af01d /cryptfs/cryptfs.go
parent: 39ea272e233504a710ce6885434984b2f45fb398 (diff)
1 files changed, 2 insertions, 4 deletions
diff --git a/cryptfs/cryptfs.go b/cryptfs/cryptfs.go
index 214ea10..d7d1516 100644
--- a/cryptfs/cryptfs.go
+++ b/cryptfs/cryptfs.go
@@ -10,7 +10,7 @@ import (
 
 const (
 	DEFAULT_PLAINBS = 4096
-	KEY_LEN         = 16
+	KEY_LEN         = 32 // AES-256
 	NONCE_LEN       = 12
 	AUTH_TAG_LEN    = 16
 	FILEID_LEN      = 16
@@ -38,9 +38,7 @@ func NewCryptFS(key []byte, useOpenssl bool) *CryptFS {
 
 	var gcm cipher.AEAD
 	if useOpenssl {
-		var k16 [16]byte
-		copy(k16[:], key)
-		gcm = opensslGCM{k16}
+		gcm = opensslGCM{key}
 	} else {
 		gcm, err = cipher.NewGCM(b)
 		if err != nil {
author	Jakob Unterwurzacher	2015-10-06 20:51:35 +0200
committer	Jakob Unterwurzacher	2015-10-06 20:51:35 +0200
commit	5c6df490678e7dc1aa7a09425d2fdf14fb13f7be (patch)
tree	da8605df2afc139fbdf4d82a9ebbfd61593af01d /cryptfs/cryptfs.go
parent	39ea272e233504a710ce6885434984b2f45fb398 (diff)