Reduce the default IKM duration to 10 years and document it
This commit is contained in:
Rodolphe Bréard
parent
bdfaf8adff
commit
4e40314c67
1 changed files with 7 additions and 1 deletions
|
|
@ -23,8 +23,14 @@ pub use kdf::KeyContext;
|
|||
#[cfg(any(feature = "encryption", feature = "ikm-management"))]
|
||||
pub use scheme::Scheme;
|
||||
|
||||
/// Default amount of time during which the input key material will be considered valid once it has been generated.
|
||||
/// This value is expressed in seconds.
|
||||
///
|
||||
/// Considering that a day is composed of 86400 seconds (60×60×24) and a year is 365.24219 days (approximate value of the [mean tropical year][tropical_year]), this value is equivalent to 10 years.
|
||||
///
|
||||
/// [tropical_year]: https://en.wikipedia.org/wiki/Tropical_year
|
||||
#[cfg(feature = "ikm-management")]
|
||||
const DEFAULT_IKM_DURATION: u64 = 60 * 60 * 24 * 7305; // In seconds, set to 7305 days (aprox. 20 years)
|
||||
pub const DEFAULT_IKM_DURATION: u64 = 315_569_252;
|
||||
#[cfg(feature = "ikm-management")]
|
||||
const DEFAULT_SCHEME: Scheme = Scheme::XChaCha20Poly1305WithBlake3;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue