From b7328815183b7a4ff37156085fb78e8e86aff165 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Sun, 5 Mar 2017 18:03:03 +0100
Subject: configfile: switch to 128-bit IVs for master key encryption

There is no security reason for doing this, but it will allow
to consolidate the code once we drop compatibility with gocryptfs v1.2
(and earlier) filesystems.
---
 internal/contentenc/content.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'internal/contentenc')

diff --git a/internal/contentenc/content.go b/internal/contentenc/content.go
index 322163a..a2a263c 100644
--- a/internal/contentenc/content.go
+++ b/internal/contentenc/content.go
@@ -20,7 +20,8 @@ const (
 	DefaultBS = 4096
 	// DefaultIVBits is the default length of IV, in bits.
 	// We always use 128-bit IVs for file content, but the
-	// key in the config file is encrypted with a 96-bit IV.
+	// master key in the config file is encrypted with a 96-bit IV for
+	// gocryptfs v1.2 and earlier. v1.3 switched to 128 bit.
 	DefaultIVBits = 128
 
 	_ = iota // skip zero
-- 
cgit v1.2.3