Skip to content

Commit

Permalink
Sizes in constants
Browse files Browse the repository at this point in the history
  • Loading branch information
angelsolaorbaiceta committed Sep 5, 2024
1 parent 489845f commit 237393e
Showing 1 changed file with 10 additions and 4 deletions.
14 changes: 10 additions & 4 deletions archive/encryption.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,11 @@ import (
"golang.org/x/crypto/pbkdf2"
)

const (
saltSize = 16
nonceSize = 12
)

// An EncryptedArchive represents an encrypted archive.
type EncryptedArchive struct {
bytes []byte
Expand Down Expand Up @@ -56,13 +61,13 @@ func ReadEncryptedArchive(r io.Reader) (*EncryptedArchive, error) {
}

// Read the salt (16 bytes)
salt := make([]byte, 16)
salt := make([]byte, saltSize)
if _, err := io.ReadFull(r, salt); err != nil {
return nil, err
}

// Read the nonce
nonce := make([]byte, 12)
nonce := make([]byte, nonceSize)
if _, err := io.ReadFull(r, nonce); err != nil {
return nil, err
}
Expand All @@ -83,7 +88,7 @@ func ReadEncryptedArchive(r io.Reader) (*EncryptedArchive, error) {
// Encrypt encrypts the archive using AES-GCM with the provided password.
func (a *Archive) Encrypt(password string) (*EncryptedArchive, error) {
// Generate a salt for key derivation (PBKDF2)
salt := make([]byte, 16)
salt := make([]byte, saltSize)
if _, err := rand.Read(salt); err != nil {
return nil, err
}
Expand All @@ -94,7 +99,8 @@ func (a *Archive) Encrypt(password string) (*EncryptedArchive, error) {
}

// Generate a nonce for AES-GCM (random IV)
nonce := make([]byte, aesGCM.NonceSize())
// aesGCM.NonceSize() returns 12 bytes
nonce := make([]byte, nonceSize)
if _, err := rand.Read(nonce); err != nil {
return nil, err
}
Expand Down

0 comments on commit 237393e

Please sign in to comment.