Switch to AES-256
AES-256 seems to be becoming the industry standard. While AES-128 is good enough for tens of years to come, let's follow suit and be extra safe.
This commit is contained in:
Jakob Unterwurzacher
parent
39ea272e23
commit
5c6df49067
|
|
@ -10,7 +10,7 @@ import (
|
||||||
|
|
||||||
const (
|
const (
|
||||||
DEFAULT_PLAINBS = 4096
|
DEFAULT_PLAINBS = 4096
|
||||||
KEY_LEN = 16
|
KEY_LEN = 32 // AES-256
|
||||||
NONCE_LEN = 12
|
NONCE_LEN = 12
|
||||||
AUTH_TAG_LEN = 16
|
AUTH_TAG_LEN = 16
|
||||||
FILEID_LEN = 16
|
FILEID_LEN = 16
|
||||||
|
|
@ -38,9 +38,7 @@ func NewCryptFS(key []byte, useOpenssl bool) *CryptFS {
|
||||||
|
|
||||||
var gcm cipher.AEAD
|
var gcm cipher.AEAD
|
||||||
if useOpenssl {
|
if useOpenssl {
|
||||||
var k16 [16]byte
|
gcm = opensslGCM{key}
|
||||||
copy(k16[:], key)
|
|
||||||
gcm = opensslGCM{k16}
|
|
||||||
} else {
|
} else {
|
||||||
gcm, err = cipher.NewGCM(b)
|
gcm, err = cipher.NewGCM(b)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
|
||||||
|
|
@ -8,7 +8,7 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
type opensslGCM struct {
|
type opensslGCM struct {
|
||||||
key [16]byte
|
key []byte
|
||||||
}
|
}
|
||||||
|
|
||||||
func (be opensslGCM) Overhead() int {
|
func (be opensslGCM) Overhead() int {
|
||||||
|
|
@ -27,7 +27,7 @@ func (be opensslGCM) Seal(dst, nonce, plaintext, data []byte) []byte {
|
||||||
|
|
||||||
cipherBuf := bytes.NewBuffer(dst)
|
cipherBuf := bytes.NewBuffer(dst)
|
||||||
|
|
||||||
ectx, err := openssl.NewGCMEncryptionCipherCtx(128, nil, be.key[:], nonce[:])
|
ectx, err := openssl.NewGCMEncryptionCipherCtx(KEY_LEN*8, nil, be.key, nonce)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
|
|
@ -72,7 +72,7 @@ func (be opensslGCM) Open(dst, nonce, ciphertext, data []byte) ([]byte, error) {
|
||||||
ciphertext = ciphertext[0 : l-AUTH_TAG_LEN]
|
ciphertext = ciphertext[0 : l-AUTH_TAG_LEN]
|
||||||
plainBuf := bytes.NewBuffer(dst)
|
plainBuf := bytes.NewBuffer(dst)
|
||||||
|
|
||||||
dctx, err := openssl.NewGCMDecryptionCipherCtx(128, nil, be.key[:], nonce[:])
|
dctx, err := openssl.NewGCMDecryptionCipherCtx(KEY_LEN*8, nil, be.key, nonce)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -151,8 +151,18 @@ func main() {
|
||||||
// a safe place
|
// a safe place
|
||||||
func printMasterKey(key []byte) {
|
func printMasterKey(key []byte) {
|
||||||
h := hex.EncodeToString(key)
|
h := hex.EncodeToString(key)
|
||||||
// Make it less scary by splitting it up in chunks
|
var hChunked string
|
||||||
h = h[0:8] + "-" + h[8:16] + "-" + h[16:24] + "-" + h[24:32]
|
|
||||||
|
// Try to make it less scary by splitting it up in chunks
|
||||||
|
for i := 0; i < len(h); i+=8 {
|
||||||
|
hChunked += h[i:i+8]
|
||||||
|
if i < 52 {
|
||||||
|
hChunked += "-"
|
||||||
|
}
|
||||||
|
if i == 24 {
|
||||||
|
hChunked += "\n "
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
fmt.Printf(`
|
fmt.Printf(`
|
||||||
ATTENTION:
|
ATTENTION:
|
||||||
|
|
@ -163,7 +173,7 @@ If the gocryptfs.conf file becomes corrupted or you ever forget your password,
|
||||||
there is only one hope for recovery: The master key. Print it to a piece of
|
there is only one hope for recovery: The master key. Print it to a piece of
|
||||||
paper and store it in a drawer.
|
paper and store it in a drawer.
|
||||||
|
|
||||||
`, h)
|
`, hChunked)
|
||||||
}
|
}
|
||||||
|
|
||||||
func readPasswordTwice() string {
|
func readPasswordTwice() string {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue