diff options
| author | Jakob Unterwurzacher | 2015-12-19 14:41:39 +0100 |
|---|---|---|
| committer | Jakob Unterwurzacher | 2015-12-19 15:02:29 +0100 |
| commit | 1caa9258685fa5fad8935d3bfcd0eac7d7f84f1e (patch) | |
| tree | abc1e46f269f9ef8f05d812e13fcdf2bae68d298 /cryptfs/openssl_aead.go | |
| parent | 88826dc51d7919ef8b190c079955230e653323e2 (diff) | |
Increase GCM IV size from 96 to 128 bits
This pushes back the birthday bound for collisions to make it virtually
irrelevant.
Diffstat (limited to 'cryptfs/openssl_aead.go')
| -rw-r--r-- | cryptfs/openssl_aead.go | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/cryptfs/openssl_aead.go b/cryptfs/openssl_aead.go index c70bd1f..5d38d38 100644 --- a/cryptfs/openssl_aead.go +++ b/cryptfs/openssl_aead.go @@ -7,6 +7,7 @@ import ( "github.com/spacemonkeygo/openssl" ) +// Supports all nonce sizes type opensslGCM struct { key []byte } @@ -16,13 +17,13 @@ func (be opensslGCM) Overhead() int { } func (be opensslGCM) NonceSize() int { - return NONCE_LEN + // We support any nonce size + return -1 } // Seal encrypts and authenticates plaintext, authenticates the // additional data and appends the result to dst, returning the updated -// slice. The nonce must be NonceSize() bytes long and unique for all -// time, for a given key. +// slice. opensslGCM supports any nonce size. func (be opensslGCM) Seal(dst, nonce, plaintext, data []byte) []byte { // Preallocate output buffer |