configfile: switch to 128-bit IVs for master key encryption

There is no security reason for doing this, but it will allow to consolidate the code once we drop compatibility with gocryptfs v1.2 (and earlier) filesystems.
author: Jakob Unterwurzacher 2017-03-05 18:03:03 +0100
committer: Jakob Unterwurzacher 2017-03-05 18:03:03 +0100
commit: b7328815183b7a4ff37156085fb78e8e86aff165 (patch)
tree: 650e24e8767ede99c76a5d78804de72f993eaf1a /internal/cryptocore
parent: a8d154765ab1cea4f21cd9f7dd0b4d6ba7183cca (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go
index 735c409..7e1d238 100644
--- a/internal/cryptocore/cryptocore.go
+++ b/internal/cryptocore/cryptocore.go
@@ -49,8 +49,8 @@ type CryptoCore struct {
 // New returns a new CryptoCore object or panics.
 //
 // Even though the "GCMIV128" feature flag is now mandatory, we must still
-// support 96-bit IVs here because they are used for encrypting the master
-// key in gocryptfs.conf.
+// support 96-bit IVs here because they were used for encrypting the master
+// key in gocryptfs.conf up to gocryptfs v1.2. v1.3 switched to 128 bits.
 func New(key []byte, aeadType AEADTypeEnum, IVBitLen int) *CryptoCore {
 	if len(key) != KeyLen {
 		log.Panic(fmt.Sprintf("Unsupported key length %d", len(key)))
author	Jakob Unterwurzacher	2017-03-05 18:03:03 +0100
committer	Jakob Unterwurzacher	2017-03-05 18:03:03 +0100
commit	b7328815183b7a4ff37156085fb78e8e86aff165 (patch)
tree	650e24e8767ede99c76a5d78804de72f993eaf1a /internal/cryptocore
parent	a8d154765ab1cea4f21cd9f7dd0b4d6ba7183cca (diff)