cipher

package
v0.17.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 7, 2023 License: MIT Imports: 8 Imported by: 2

Documentation

Overview

Package cipher provides several extra chipher modes.

Please do NOT use this mode alone.

Index

Examples

Constants

View Source 
const GF128_FDBK byte = 0x87

Variables

This section is empty.

Functions

func NewCCM 

func NewCCM(cipher goCipher.Block) (goCipher.AEAD, error)

NewCCM returns the given 128-bit, block cipher wrapped in CCM with the standard nonce length.

func NewCCMWithNonceAndTagSize 

func NewCCMWithNonceAndTagSize(cipher goCipher.Block, nonceSize, tagSize int) (goCipher.AEAD, error)

https://tools.ietf.org/html/rfc3610

func NewCCMWithNonceSize 

func NewCCMWithNonceSize(cipher goCipher.Block, size int) (goCipher.AEAD, error)

NewCCMWithNonceSize returns the given 128-bit, block cipher wrapped in CCM, which accepts nonces of the given length. The length must not be zero.

func NewCCMWithTagSize 

func NewCCMWithTagSize(cipher goCipher.Block, tagSize int) (goCipher.AEAD, error)

NewCCMWithTagSize returns the given 128-bit, block cipher wrapped in CCM, which generates tags with the given length.

Tag sizes between 8 and 16 bytes are allowed.

func NewECBDecrypter added in v0.15.7 

func NewECBDecrypter(b goCipher.Block) goCipher.BlockMode

NewECBDecrypter returns a BlockMode which decrypts in electronic code book mode, using the given Block.

Example 
package main

import (
	"crypto/aes"
	"encoding/hex"
	"fmt"

	"github.com/emmansun/gmsm/cipher"
)

func main() {
	// Load your secret key from a safe place and reuse it across multiple
	// NewCipher calls. (Obviously don't use this example key for anything
	// real.) If you want to convert a passphrase to a key, use a suitable
	// package like bcrypt or scrypt.
	key, _ := hex.DecodeString("6368616e676520746869732070617373")
	ciphertext, _ := hex.DecodeString("f42512e1e4039213bd449ba47faa1b74f42512e1e4039213bd449ba47faa1b74")

	block, err := aes.NewCipher(key)
	if err != nil {
		panic(err)
	}

	// ECB mode always works in whole blocks.
	if len(ciphertext)%aes.BlockSize != 0 {
		panic("ciphertext is not a multiple of the block size")
	}

	mode := cipher.NewECBDecrypter(block)

	// CryptBlocks can work in-place if the two arguments are the same.
	mode.CryptBlocks(ciphertext, ciphertext)

	// If the original plaintext lengths are not a multiple of the block
	// size, padding would have to be added when encrypting, which would be
	// removed at this point. For an example, see
	// https://tools.ietf.org/html/rfc5246#section-6.2.3.2. However, it's
	// critical to note that ciphertexts must be authenticated (i.e. by
	// using crypto/hmac) before being decrypted in order to avoid creating
	// a padding oracle.

	fmt.Printf("%s\n", ciphertext)
}

Output:

exampleplaintextexampleplaintext

func NewECBEncrypter added in v0.15.7 

func NewECBEncrypter(b goCipher.Block) goCipher.BlockMode

NewECBEncrypter returns a BlockMode which encrypts in electronic code book mode, using the given Block.

Example 
package main

import (
	"crypto/aes"
	"encoding/hex"
	"fmt"

	"github.com/emmansun/gmsm/cipher"
)

func main() {
	// Load your secret key from a safe place and reuse it across multiple
	// NewCipher calls. (Obviously don't use this example key for anything
	// real.) If you want to convert a passphrase to a key, use a suitable
	// package like bcrypt or scrypt.
	key, _ := hex.DecodeString("6368616e676520746869732070617373")
	plaintext := []byte("exampleplaintextexampleplaintext")

	// ECB mode works on blocks so plaintexts may need to be padded to the
	// next whole block. For an example of such padding, see
	// https://tools.ietf.org/html/rfc5246#section-6.2.3.2. Here we'll
	// assume that the plaintext is already of the correct length.
	if len(plaintext)%aes.BlockSize != 0 {
		panic("plaintext is not a multiple of the block size")
	}

	block, err := aes.NewCipher(key)
	if err != nil {
		panic(err)
	}

	ciphertext := make([]byte, len(plaintext))
	mode := cipher.NewECBEncrypter(block)
	mode.CryptBlocks(ciphertext, plaintext)

	// It's important to remember that ciphertexts must be authenticated
	// (i.e. by using crypto/hmac) as well as being encrypted in order to
	// be secure.

	fmt.Printf("%x\n", ciphertext)
}

Output:

Types

type CipherCreator added in v0.4.6 

type CipherCreator func([]byte) (_cipher.Block, error)

type XTSBlockMode added in v0.4.6 

type XTSBlockMode interface {
	// BlockSize returns the mode's block size.
	BlockSize() int

	// Encrypt encrypts or decrypts a number of blocks. The length of
	// src must be a multiple of the block size. Dst and src must overlap
	// entirely or not at all.
	//
	Encrypt(dst, src []byte, sectorNum uint64)

	// Decrypt decrypts a number of blocks. The length of
	// src must be a multiple of the block size. Dst and src must overlap
	// entirely or not at all.
	//
	Decrypt(dst, src []byte, sectorNum uint64)
}

A XTSBlockMode represents a block cipher running in a XTS mode

func NewXTS added in v0.4.6 

func NewXTS(cipherFunc CipherCreator, key []byte) (XTSBlockMode, error)

NewXTS creates a Cipher given a function for creating the underlying block cipher (which must have a block size of 16 bytes). The key must be twice the length of the underlying cipher's key.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.