aboutsummaryrefslogtreecommitdiff
path: root/internal/cryptocore/cryptocore.go
diff options
context:
space:
mode:
authorJakob Unterwurzacher2017-03-05 18:03:03 +0100
committerJakob Unterwurzacher2017-03-05 18:03:03 +0100
commitb7328815183b7a4ff37156085fb78e8e86aff165 (patch)
tree650e24e8767ede99c76a5d78804de72f993eaf1a /internal/cryptocore/cryptocore.go
parenta8d154765ab1cea4f21cd9f7dd0b4d6ba7183cca (diff)
configfile: switch to 128-bit IVs for master key encryption
There is no security reason for doing this, but it will allow to consolidate the code once we drop compatibility with gocryptfs v1.2 (and earlier) filesystems.
Diffstat (limited to 'internal/cryptocore/cryptocore.go')
-rw-r--r--internal/cryptocore/cryptocore.go4
1 files changed, 2 insertions, 2 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go
index 735c409..7e1d238 100644
--- a/internal/cryptocore/cryptocore.go
+++ b/internal/cryptocore/cryptocore.go
@@ -49,8 +49,8 @@ type CryptoCore struct {
// New returns a new CryptoCore object or panics.
//
// Even though the "GCMIV128" feature flag is now mandatory, we must still
-// support 96-bit IVs here because they are used for encrypting the master
-// key in gocryptfs.conf.
+// support 96-bit IVs here because they were used for encrypting the master
+// key in gocryptfs.conf up to gocryptfs v1.2. v1.3 switched to 128 bits.
func New(key []byte, aeadType AEADTypeEnum, IVBitLen int) *CryptoCore {
if len(key) != KeyLen {
log.Panic(fmt.Sprintf("Unsupported key length %d", len(key)))