diff --git a/internal/crypto/crypto.go b/internal/crypto/crypto.go index 789bbe8..0adf923 100644 --- a/internal/crypto/crypto.go +++ b/internal/crypto/crypto.go @@ -39,6 +39,9 @@ func Decrypt(key []byte, enc string) ([]byte, error) { } func newGCM(key []byte) (cipher.AEAD, error) { + if len(key) != 32 { + return nil, errors.New("key must be 32 bytes (AES-256)") + } block, err := aes.NewCipher(key) if err != nil { return nil, err diff --git a/internal/crypto/crypto_test.go b/internal/crypto/crypto_test.go index f94a6e4..ca95e75 100644 --- a/internal/crypto/crypto_test.go +++ b/internal/crypto/crypto_test.go @@ -31,3 +31,9 @@ func TestEncryptNonDeterministic(t *testing.T) { t.Fatal("two encryptions must differ (random nonce)") } } + +func TestEncryptRejectsWrongKeySize(t *testing.T) { + if _, err := Encrypt(make([]byte, 16), []byte("x")); err == nil { + t.Fatal("16-byte key must be rejected (AES-256 requires 32)") + } +}