summaryrefslogtreecommitdiff
path: root/cryptfs/nonce.go
diff options
context:
space:
mode:
authorJakob Unterwurzacher2015-12-19 14:41:39 +0100
committerJakob Unterwurzacher2015-12-19 15:02:29 +0100
commit1caa9258685fa5fad8935d3bfcd0eac7d7f84f1e (patch)
treeabc1e46f269f9ef8f05d812e13fcdf2bae68d298 /cryptfs/nonce.go
parent88826dc51d7919ef8b190c079955230e653323e2 (diff)
Increase GCM IV size from 96 to 128 bits
This pushes back the birthday bound for collisions to make it virtually irrelevant.
Diffstat (limited to 'cryptfs/nonce.go')
-rw-r--r--cryptfs/nonce.go11
1 files changed, 5 insertions, 6 deletions
diff --git a/cryptfs/nonce.go b/cryptfs/nonce.go
index 3abfefa..be777fc 100644
--- a/cryptfs/nonce.go
+++ b/cryptfs/nonce.go
@@ -24,16 +24,15 @@ func RandUint64() uint64 {
return binary.BigEndian.Uint64(b)
}
-var gcmNonce nonce96
-
-type nonce96 struct {
+type nonceGenerator struct {
lastNonce []byte
+ nonceLen int // bytes
}
// Get a random 96 bit nonce
-func (n *nonce96) Get() []byte {
- nonce := RandBytes(12)
- Debug.Printf("nonce96.Get(): %s\n", hex.EncodeToString(nonce))
+func (n *nonceGenerator) Get() []byte {
+ nonce := RandBytes(n.nonceLen)
+ Debug.Printf("nonceGenerator.Get(): %s\n", hex.EncodeToString(nonce))
if bytes.Equal(nonce, n.lastNonce) {
m := fmt.Sprintf("Got the same nonce twice: %s. This should never happen!", hex.EncodeToString(nonce))
panic(m)