Skip to content

Commit

Permalink
Merge pull request #11 from abedra/barrier_updates
Browse files Browse the repository at this point in the history
Clarify Barrier encryption defaults.
  • Loading branch information
armon committed Apr 15, 2015
2 parents 59073cf + 037e7dc commit 160eccf
Showing 1 changed file with 5 additions and 4 deletions.
9 changes: 5 additions & 4 deletions vault/barrier_aes_gcm.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,9 +26,10 @@ type barrierInit struct {
Key []byte // Key is the primary encryption key
}

// AESGCMBarrier is a SecurityBarrier implementation that
// uses a 128bit AES encryption cipher with the Galois Counter Mode.
// AES-GCM is high performance, and provides both confidentiality
// AESGCMBarrier is a SecurityBarrier implementation that uses the AES
// cipher core and the Galois Counter Mode block mode. It defaults to
// the golang NONCE default value of 12 and a key size of 256
// bit. AES-GCM is high performance, and provides both confidentiality
// and integrity.
type AESGCMBarrier struct {
backend physical.Backend
Expand Down Expand Up @@ -70,7 +71,7 @@ func (b *AESGCMBarrier) Initialize(key []byte) error {
// Verify the key size
min, max := b.KeyLength()
if len(key) < min || len(key) > max {
return fmt.Errorf("Key size must be between [%d, %d]", min, max)
return fmt.Errorf("Key size must be %d or %d", min, max)
}

// Check if already initialized
Expand Down

0 comments on commit 160eccf

Please sign in to comment.