diff options
| author | Jakob Unterwurzacher | 2015-12-19 14:41:39 +0100 |
|---|---|---|
| committer | Jakob Unterwurzacher | 2015-12-19 15:02:29 +0100 |
| commit | 1caa9258685fa5fad8935d3bfcd0eac7d7f84f1e (patch) | |
| tree | abc1e46f269f9ef8f05d812e13fcdf2bae68d298 /cryptfs/nonce.go | |
| parent | 88826dc51d7919ef8b190c079955230e653323e2 (diff) | |
Increase GCM IV size from 96 to 128 bits
This pushes back the birthday bound for collisions to make it virtually
irrelevant.
Diffstat (limited to 'cryptfs/nonce.go')
| -rw-r--r-- | cryptfs/nonce.go | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/cryptfs/nonce.go b/cryptfs/nonce.go index 3abfefa..be777fc 100644 --- a/cryptfs/nonce.go +++ b/cryptfs/nonce.go @@ -24,16 +24,15 @@ func RandUint64() uint64 { return binary.BigEndian.Uint64(b) } -var gcmNonce nonce96 - -type nonce96 struct { +type nonceGenerator struct { lastNonce []byte + nonceLen int // bytes } // Get a random 96 bit nonce -func (n *nonce96) Get() []byte { - nonce := RandBytes(12) - Debug.Printf("nonce96.Get(): %s\n", hex.EncodeToString(nonce)) +func (n *nonceGenerator) Get() []byte { + nonce := RandBytes(n.nonceLen) + Debug.Printf("nonceGenerator.Get(): %s\n", hex.EncodeToString(nonce)) if bytes.Equal(nonce, n.lastNonce) { m := fmt.Sprintf("Got the same nonce twice: %s. This should never happen!", hex.EncodeToString(nonce)) panic(m) |