Merge pull request #42 from atomx/keylength

Fix key length checking

config.go

@@ -111,8 +111,8 @@ type Config struct {
 	// the first key used while attempting to decrypt messages. Providing a
 	// value for this primary key will enable message-level encryption and
 	// verification, and automatically install the key onto the keyring.
-	// The value should be either 16, 24, or 32 bytes to select AES-128, 
-	// AES-192, or AES-256. 
+	// The value should be either 16, 24, or 32 bytes to select AES-128,
+	// AES-192, or AES-256.
 	SecretKey []byte
 
 	// The keyring holds all of the encryption keys used internally. It is

keyring.go

@@ -35,8 +35,8 @@ func (k *Keyring) init() {
 // primary by passing it as the primaryKey. If the primaryKey does not exist in
 // the list of secondary keys, it will be automatically added at position 0.
 //
-// A key should be either 16, 24, or 32 bytes to select AES-128, 
-// AES-192, or AES-256. 
+// A key should be either 16, 24, or 32 bytes to select AES-128,
+// AES-192, or AES-256.
 func NewKeyring(keys [][]byte, primaryKey []byte) (*Keyring, error) {
 	keyring := &Keyring{}
 	keyring.init()
@@ -62,12 +62,11 @@ func NewKeyring(keys [][]byte, primaryKey []byte) (*Keyring, error) {
 // it available for use in decryption. If the key already exists on the ring,
 // this function will just return noop.
 //
-// key should be either 16, 24, or 32 bytes to select AES-128, 
-// AES-192, or AES-256. 
+// key should be either 16, 24, or 32 bytes to select AES-128,
+// AES-192, or AES-256.
 func (k *Keyring) AddKey(key []byte) error {
-	// Encorce 16-byte key size
-	if len(key) != 16 {
-		return fmt.Errorf("key size must be 16 bytes")
+	if l := len(key); l != 16 && l != 24 && l != 32 {
+		return fmt.Errorf("key size must be 16, 24 or 32 bytes")
 	}
 
 	// No-op if key is already installed