diff options
Diffstat (limited to 'internal')
| -rw-r--r-- | internal/cryptocore/cryptocore.go | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go index 23dc26e..a65ad39 100644 --- a/internal/cryptocore/cryptocore.go +++ b/internal/cryptocore/cryptocore.go @@ -5,6 +5,7 @@ package cryptocore import ( "crypto/aes" "crypto/cipher" + "crypto/sha512" "fmt" "github.com/rfjakob/gocryptfs/internal/siv_aead" @@ -64,7 +65,11 @@ func New(key []byte, backend BackendTypeEnum, IVBitLen int) *CryptoCore { case BackendGoGCM: gcm, err = goGCMWrapper(blockCipher, IVLen) case BackendAESSIV: - gcm = siv_aead.New(key) + // AES-SIV uses 1/2 of the key for authentication, 1/2 for + // encryption, so we need a 64-bytes key for AES-256. Derive it from + // the master key by hashing it with SHA-512. + key64 := sha512.Sum512(key) + gcm = siv_aead.New(key64[:]) default: panic("unknown backend cipher") } |