From 1caa9258685fa5fad8935d3bfcd0eac7d7f84f1e Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Sat, 19 Dec 2015 14:41:39 +0100
Subject: Increase GCM IV size from 96 to 128 bits

This pushes back the birthday bound for collisions to make it virtually
irrelevant.
---
 cryptfs/cryptfs_content.go | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'cryptfs/cryptfs_content.go')

diff --git a/cryptfs/cryptfs_content.go b/cryptfs/cryptfs_content.go
index 25293a7..9a79db4 100644
--- a/cryptfs/cryptfs_content.go
+++ b/cryptfs/cryptfs_content.go
@@ -59,15 +59,15 @@ func (be *CryptFS) DecryptBlock(ciphertext []byte, blockNo uint64, fileId []byte
 		return make([]byte, be.plainBS), nil
 	}
 
-	if len(ciphertext) < NONCE_LEN {
+	if len(ciphertext) < be.gcmIVLen {
 		Warn.Printf("DecryptBlock: Block is too short: %d bytes\n", len(ciphertext))
 		return nil, errors.New("Block is too short")
 	}
 
 	// Extract nonce
-	nonce := ciphertext[:NONCE_LEN]
+	nonce := ciphertext[:be.gcmIVLen]
 	ciphertextOrig := ciphertext
-	ciphertext = ciphertext[NONCE_LEN:]
+	ciphertext = ciphertext[be.gcmIVLen:]
 
 	// Decrypt
 	var plaintext []byte
@@ -94,7 +94,7 @@ func (be *CryptFS) EncryptBlock(plaintext []byte, blockNo uint64, fileID []byte)
 	}
 
 	// Get fresh nonce
-	nonce := gcmNonce.Get()
+	nonce := be.gcmIVGen.Get()
 
 	// Authenticate block with block number and file ID
 	aData := make([]byte, 8)
-- 
cgit v1.2.3