From d3b78fea959dfb0e1c1f5079ae516303bdb9a0f8 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Sun, 9 Oct 2016 17:05:12 +0200
Subject: reverse: add panics against API abuse

These should help prevent later programming errors.
---
 internal/cryptocore/cryptocore.go | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'internal/cryptocore/cryptocore.go')

diff --git a/internal/cryptocore/cryptocore.go b/internal/cryptocore/cryptocore.go
index 7cb5c95..db82f56 100644
--- a/internal/cryptocore/cryptocore.go
+++ b/internal/cryptocore/cryptocore.go
@@ -72,6 +72,10 @@ func New(key []byte, backend BackendTypeEnum, IVBitLen int) *CryptoCore {
 	case BackendGoGCM:
 		aeadCipher, err = goGCMWrapper(blockCipher, IVLen)
 	case BackendAESSIV:
+		if IVLen != 16 {
+			// SIV supports any nonce size, but we only use 16.
+			panic("AES-SIV must use 16-byte nonces")
+		}
 		// AES-SIV uses 1/2 of the key for authentication, 1/2 for
 		// encryption, so we need a 64-bytes key for AES-256. Derive it from
 		// the master key by hashing it with SHA-512.
-- 
cgit v1.2.3