diff options
Diffstat (limited to 'internal/cryptocore')
| -rw-r--r-- | internal/cryptocore/cryptocore.go | 4 | 
1 files changed, 4 insertions, 0 deletions
| diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go index 7cb5c95..db82f56 100644 --- a/internal/cryptocore/cryptocore.go +++ b/internal/cryptocore/cryptocore.go @@ -72,6 +72,10 @@ func New(key []byte, backend BackendTypeEnum, IVBitLen int) *CryptoCore {  	case BackendGoGCM:  		aeadCipher, err = goGCMWrapper(blockCipher, IVLen)  	case BackendAESSIV: +		if IVLen != 16 { +			// SIV supports any nonce size, but we only use 16. +			panic("AES-SIV must use 16-byte nonces") +		}  		// AES-SIV uses 1/2 of the key for authentication, 1/2 for  		// encryption, so we need a 64-bytes key for AES-256. Derive it from  		// the master key by hashing it with SHA-512. | 
