Enhance cryptographic options #31
Description
First of all, thank you very much for this outstanding piece of software!
- In file weron/internal/encryption/aes.go, in function deriveKey, please do not padd with zeros. https://pkg.go.dev/golang.org/x/crypto/hkdf provides a safe method to generate the required number of key bits for a cipher (salt and info may be nil). Not sure if this is needed if you consider my next proposal.
- Please make the cipher suite configurable (e.g., --cipher aes-256-gcm-sha384, see https://docs.openssl.org/3.3/man1/openssl-ciphers/#tls-v13-cipher-suites), as the security of a cipher suite decreases over time and new cryptographic algorithms can be added without breaking compatibility.
Thank you for considering my proposals.