Increases default master key size to 256 bits

[andrewabest]

Prerequisites

• [x] I have searched open and closed issues to make sure it isn't already requested
• [x] My team has started working on this issue
• [x] I have written a descriptive issue title

The enhancement

The Need

Octopus uses AES encryption to store sensitive information within its database.

It uses the Octopus Server master key for encryption and decryption operations.

The existing default key length was 128 bits. We want to strengthen this to 256 bits, in line with many industry recommendations (example reference).

Solution

The solution will be to:

• Increase the default master key length to 256 bits
• Ensure existing Octopus instances with 128 bit keys continue to function happily and healthily
• Allow existing Octopus instances with 128 bit keys to rotate to 256 bit keys using the rotate master key command.

[andrewabest]

Release note: Increased default master key size to 256 bits, also allow 128 bit keys to be rotated to 256 bit keys

[Octobob]

:tada: The fix for this issue has been released in:

Release stream	Release
2024.4	2024.4.6381
2025.1+	all releases