summaryrefslogtreecommitdiff
path: root/internal/cryptocore
diff options
context:
space:
mode:
authorJakob Unterwurzacher2016-10-09 17:05:12 +0200
committerJakob Unterwurzacher2016-10-09 17:05:12 +0200
commitd3b78fea959dfb0e1c1f5079ae516303bdb9a0f8 (patch)
tree53f88365d48a881cfd3ebb36a5dd35e4e5788e52 /internal/cryptocore
parentf754c8a2007c7a8d3e1358257035dd0fad5633ba (diff)
reverse: add panics against API abuse
These should help prevent later programming errors.
Diffstat (limited to 'internal/cryptocore')
-rw-r--r--internal/cryptocore/cryptocore.go4
1 files changed, 4 insertions, 0 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go
index 7cb5c95..db82f56 100644
--- a/internal/cryptocore/cryptocore.go
+++ b/internal/cryptocore/cryptocore.go
@@ -72,6 +72,10 @@ func New(key []byte, backend BackendTypeEnum, IVBitLen int) *CryptoCore {
case BackendGoGCM:
aeadCipher, err = goGCMWrapper(blockCipher, IVLen)
case BackendAESSIV:
+ if IVLen != 16 {
+ // SIV supports any nonce size, but we only use 16.
+ panic("AES-SIV must use 16-byte nonces")
+ }
// AES-SIV uses 1/2 of the key for authentication, 1/2 for
// encryption, so we need a 64-bytes key for AES-256. Derive it from
// the master key by hashing it with SHA-512.