diff options
Diffstat (limited to 'src/crypto/cipher/cipher.go')
-rw-r--r-- | src/crypto/cipher/cipher.go | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/src/crypto/cipher/cipher.go b/src/crypto/cipher/cipher.go new file mode 100644 index 0000000..7e1a4de --- /dev/null +++ b/src/crypto/cipher/cipher.go @@ -0,0 +1,69 @@ +// Copyright 2010 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package cipher implements standard block cipher modes that can be wrapped +// around low-level block cipher implementations. +// See https://csrc.nist.gov/groups/ST/toolkit/BCM/current_modes.html +// and NIST Special Publication 800-38A. +package cipher + +// A Block represents an implementation of block cipher +// using a given key. It provides the capability to encrypt +// or decrypt individual blocks. The mode implementations +// extend that capability to streams of blocks. +type Block interface { + // BlockSize returns the cipher's block size. + BlockSize() int + + // Encrypt encrypts the first block in src into dst. + // Dst and src must overlap entirely or not at all. + Encrypt(dst, src []byte) + + // Decrypt decrypts the first block in src into dst. + // Dst and src must overlap entirely or not at all. + Decrypt(dst, src []byte) +} + +// A Stream represents a stream cipher. +type Stream interface { + // XORKeyStream XORs each byte in the given slice with a byte from the + // cipher's key stream. Dst and src must overlap entirely or not at all. + // + // If len(dst) < len(src), XORKeyStream should panic. It is acceptable + // to pass a dst bigger than src, and in that case, XORKeyStream will + // only update dst[:len(src)] and will not touch the rest of dst. + // + // Multiple calls to XORKeyStream behave as if the concatenation of + // the src buffers was passed in a single run. That is, Stream + // maintains state and does not reset at each XORKeyStream call. + XORKeyStream(dst, src []byte) +} + +// A BlockMode represents a block cipher running in a block-based mode (CBC, +// ECB etc). +type BlockMode interface { + // BlockSize returns the mode's block size. + BlockSize() int + + // CryptBlocks encrypts or decrypts a number of blocks. The length of + // src must be a multiple of the block size. Dst and src must overlap + // entirely or not at all. + // + // If len(dst) < len(src), CryptBlocks should panic. It is acceptable + // to pass a dst bigger than src, and in that case, CryptBlocks will + // only update dst[:len(src)] and will not touch the rest of dst. + // + // Multiple calls to CryptBlocks behave as if the concatenation of + // the src buffers was passed in a single run. That is, BlockMode + // maintains state and does not reset at each CryptBlocks call. + CryptBlocks(dst, src []byte) +} + +// Utility routines + +func dup(p []byte) []byte { + q := make([]byte, len(p)) + copy(q, p) + return q +} |