Skip to content

lib/utils/crypto: use 32 byte key size instead of 16 #78

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
iurjscsi1101500 wants to merge 1 commit into
base: main
Choose a base branch
from
+5 −5
Open

lib/utils/crypto: use 32 byte key size instead of 16 #78

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions libs/utils/src/utils/crypto/AesEncryptor.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,21 +12,21 @@ namespace snap::utils::crypto {
constexpr auto kTag = "[utils][AesEncryptor]";

AesEncryptor::AesEncryptor(const AesEncryptor::Key& key, const AesEncryptor::Iv& iv)
: _cipher(EVP_aead_aes_128_gcm()), _key(key), _iv(iv) {
: _cipher(EVP_aead_aes_256_gcm()), _key(key), _iv(iv) {
SC_ASSERT(_key.size() == EVP_AEAD_key_length(_cipher));
SC_ASSERT(_iv.size() == EVP_AEAD_nonce_length(_cipher));
}

AesEncryptor::AesEncryptor(const bssl::Span<uint8_t>& key, const bssl::Span<uint8_t>& iv)
: _cipher(EVP_aead_aes_128_gcm()) {
: _cipher(EVP_aead_aes_256_gcm()) {
SC_ASSERT(_key.size() == EVP_AEAD_key_length(_cipher));
SC_ASSERT(_iv.size() == EVP_AEAD_nonce_length(_cipher));
std::copy(key.begin(), key.end(), _key.begin());
std::copy(iv.begin(), iv.end(), _iv.begin());
}

AesEncryptor::AesEncryptor(const std::vector<uint8_t>& key, const std::vector<uint8_t>& iv)
: _cipher(EVP_aead_aes_128_gcm()) {
: _cipher(EVP_aead_aes_256_gcm()) {
SC_ASSERT(_key.size() == EVP_AEAD_key_length(_cipher));
SC_ASSERT(_iv.size() == EVP_AEAD_nonce_length(_cipher));
std::copy(key.begin(), key.end(), _key.begin());
Expand Down
4 changes: 2 additions & 2 deletions libs/utils/src/utils/crypto/AesEncryptor.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ class Span;
namespace snap::utils::crypto {

/**
* Convenience class for encrypting/decrypting bytes using AES-128-GCM (128-bit keys and 96-bit nonce/iv).
* Convenience class for encrypting/decrypting bytes using AES-256-GCM (256-bit keys and 96-bit nonce/iv).
* Once initialized with a key, this class should only be used for one round of encryption.
* Keys and IVs MUST be generated with secure randomness. See utils::generateSecureRandomBytes.
* DO NOT encrypt more than once with the same key and IV.
Expand All @@ -32,7 +32,7 @@ namespace snap::utils::crypto {
*/
class AesEncryptor {
public:
using Key = std::array<uint8_t, 16>;
using Key = std::array<uint8_t, 32>;
using Iv = std::array<uint8_t, 12>;

// TODO: Allow re-use of keys and setting the IV.
Expand Down