From 1caa9258685fa5fad8935d3bfcd0eac7d7f84f1e Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Sat, 19 Dec 2015 14:41:39 +0100
Subject: Increase GCM IV size from 96 to 128 bits

This pushes back the birthday bound for collisions to make it virtually
irrelevant.
---
 cryptfs/openssl_aead.go | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'cryptfs/openssl_aead.go')

diff --git a/cryptfs/openssl_aead.go b/cryptfs/openssl_aead.go
index c70bd1f..5d38d38 100644
--- a/cryptfs/openssl_aead.go
+++ b/cryptfs/openssl_aead.go
@@ -7,6 +7,7 @@ import (
 	"github.com/spacemonkeygo/openssl"
 )
 
+// Supports all nonce sizes
 type opensslGCM struct {
 	key []byte
 }
@@ -16,13 +17,13 @@ func (be opensslGCM) Overhead() int {
 }
 
 func (be opensslGCM) NonceSize() int {
-	return NONCE_LEN
+	// We support any nonce size
+	return -1
 }
 
 // Seal encrypts and authenticates plaintext, authenticates the
 // additional data and appends the result to dst, returning the updated
-// slice. The nonce must be NonceSize() bytes long and unique for all
-// time, for a given key.
+// slice. opensslGCM supports any nonce size.
 func (be opensslGCM) Seal(dst, nonce, plaintext, data []byte) []byte {
 
 	// Preallocate output buffer
-- 
cgit v1.2.3