cipher

package
v0.26.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 6, 2024 License: MIT Imports: 7 Imported by: 2

Documentation

Overview

Block Chaining operation mode (BC mode) in Chinese national standard GB/T 17964-2021. See GB/T 17964-2021 Chapter 12.

Package cipher provides several extra chipher modes.

Please do NOT use this mode alone.

Index

Examples

Constants

View Source 
const GF128_FDBK byte = 0x87

Variables

This section is empty.

Functions

func NewBCDecrypter added in v0.24.0 

func NewBCDecrypter(b _cipher.Block, iv []byte) _cipher.BlockMode

NewBCDecrypter returns a BlockMode which decrypts in block chaining mode, using the given Block. The length of iv must be the same as the Block's block size and must match the iv used to encrypt the data.

func NewBCEncrypter added in v0.24.0 

func NewBCEncrypter(b _cipher.Block, iv []byte) _cipher.BlockMode

NewBCEncrypter returns a BlockMode which encrypts in block chaining mode, using the given Block. The length of iv must be the same as the Block's block size.

func NewCCM 

func NewCCM(cipher goCipher.Block) (goCipher.AEAD, error)

NewCCM returns the given 128-bit, block cipher wrapped in CCM with the standard nonce length.

func NewCCMWithNonceAndTagSize 

func NewCCMWithNonceAndTagSize(cipher goCipher.Block, nonceSize, tagSize int) (goCipher.AEAD, error)

https://tools.ietf.org/html/rfc3610

func NewCCMWithNonceSize 

func NewCCMWithNonceSize(cipher goCipher.Block, size int) (goCipher.AEAD, error)

NewCCMWithNonceSize returns the given 128-bit, block cipher wrapped in CCM, which accepts nonces of the given length. The length must not be zero.

func NewCCMWithTagSize 

func NewCCMWithTagSize(cipher goCipher.Block, tagSize int) (goCipher.AEAD, error)

NewCCMWithTagSize returns the given 128-bit, block cipher wrapped in CCM, which generates tags with the given length.

Tag sizes between 8 and 16 bytes are allowed.

func NewECBDecrypter added in v0.15.7 

func NewECBDecrypter(b goCipher.Block) goCipher.BlockMode

NewECBDecrypter returns a BlockMode which decrypts in electronic code book mode, using the given Block.

Example 
package main

import (
	"crypto/aes"
	"encoding/hex"
	"fmt"

	"github.com/emmansun/gmsm/cipher"
)

func main() {
	// Load your secret key from a safe place and reuse it across multiple
	// NewCipher calls. (Obviously don't use this example key for anything
	// real.) If you want to convert a passphrase to a key, use a suitable
	// package like bcrypt or scrypt.
	key, _ := hex.DecodeString("6368616e676520746869732070617373")
	ciphertext, _ := hex.DecodeString("f42512e1e4039213bd449ba47faa1b74f42512e1e4039213bd449ba47faa1b74")

	block, err := aes.NewCipher(key)
	if err != nil {
		panic(err)
	}

	// ECB mode always works in whole blocks.
	if len(ciphertext)%aes.BlockSize != 0 {
		panic("ciphertext is not a multiple of the block size")
	}

	mode := cipher.NewECBDecrypter(block)

	// CryptBlocks can work in-place if the two arguments are the same.
	mode.CryptBlocks(ciphertext, ciphertext)

	// If the original plaintext lengths are not a multiple of the block
	// size, padding would have to be added when encrypting, which would be
	// removed at this point. For an example, see
	// https://tools.ietf.org/html/rfc5246#section-6.2.3.2. However, it's
	// critical to note that ciphertexts must be authenticated (i.e. by
	// using crypto/hmac) before being decrypted in order to avoid creating
	// a padding oracle.

	fmt.Printf("%s\n", ciphertext)
}

Output:

exampleplaintextexampleplaintext

func NewECBEncrypter added in v0.15.7 

func NewECBEncrypter(b goCipher.Block) goCipher.BlockMode

NewECBEncrypter returns a BlockMode which encrypts in electronic code book mode, using the given Block.

Example 
package main

import (
	"crypto/aes"
	"encoding/hex"
	"fmt"

	"github.com/emmansun/gmsm/cipher"
)

func main() {
	// Load your secret key from a safe place and reuse it across multiple
	// NewCipher calls. (Obviously don't use this example key for anything
	// real.) If you want to convert a passphrase to a key, use a suitable
	// package like bcrypt or scrypt.
	key, _ := hex.DecodeString("6368616e676520746869732070617373")
	plaintext := []byte("exampleplaintextexampleplaintext")

	// ECB mode works on blocks so plaintexts may need to be padded to the
	// next whole block. For an example of such padding, see
	// https://tools.ietf.org/html/rfc5246#section-6.2.3.2. Here we'll
	// assume that the plaintext is already of the correct length.
	if len(plaintext)%aes.BlockSize != 0 {
		panic("plaintext is not a multiple of the block size")
	}

	block, err := aes.NewCipher(key)
	if err != nil {
		panic(err)
	}

	ciphertext := make([]byte, len(plaintext))
	mode := cipher.NewECBEncrypter(block)
	mode.CryptBlocks(ciphertext, plaintext)

	// It's important to remember that ciphertexts must be authenticated
	// (i.e. by using crypto/hmac) as well as being encrypted in order to
	// be secure.

	fmt.Printf("%x\n", ciphertext)
}

Output:

func NewGBXTSDecrypter added in v0.20.0 

func NewGBXTSDecrypter(cipherFunc CipherCreator, key, tweakKey, tweak []byte) (_cipher.BlockMode, error)

NewGBXTSDecrypter creates a Cipher given a function for creating the underlying block cipher (which must have a block size of 16 bytes) for decryption. It follows GB/T 17964-2021.

func NewGBXTSDecrypterWithSector added in v0.20.0 

func NewGBXTSDecrypterWithSector(cipherFunc CipherCreator, key, tweakKey []byte, sectorNum uint64) (_cipher.BlockMode, error)

NewGBXTSDecrypterWithSector creates a Cipher given a function for creating the underlying block cipher (which must have a block size of 16 bytes) with sector number for decryption. It follows GB/T 17964-2021.

func NewGBXTSEncrypter added in v0.20.0 

func NewGBXTSEncrypter(cipherFunc CipherCreator, key, tweakKey, tweak []byte) (_cipher.BlockMode, error)

NewGBXTSEncrypter creates a Cipher given a function for creating the underlying block cipher (which must have a block size of 16 bytes). It follows GB/T 17964-2021.

func NewGBXTSEncrypterWithSector added in v0.20.0 

func NewGBXTSEncrypterWithSector(cipherFunc CipherCreator, key, tweakKey []byte, sectorNum uint64) (_cipher.BlockMode, error)

NewGBXTSEncrypterWithSector creates a Cipher given a function for creating the underlying block cipher (which must have a block size of 16 bytes) with sector number. It follows GB/T 17964-2021.

func NewOFBNLFDecrypter added in v0.24.0 

func NewOFBNLFDecrypter(cipherFunc CipherCreator, key, iv []byte) (_cipher.BlockMode, error)

NewOFBNLFDecrypter returns a BlockMode which decrypts in Output feedback with a nonlinear function operation mode, using the given Block. The length of iv must be the same as the Block's block size and must match the iv used to encrypt the data.

func NewOFBNLFEncrypter added in v0.24.0 

func NewOFBNLFEncrypter(cipherFunc CipherCreator, key, iv []byte) (_cipher.BlockMode, error)

NewOFBNLFEncrypter returns a BlockMode which encrypts in Output feedback with a nonlinear function operation mode, using the given Block. The length of iv must be the same as the Block's block size.

func NewXTSDecrypter added in v0.20.0 

func NewXTSDecrypter(cipherFunc CipherCreator, key, tweakKey, tweak []byte) (_cipher.BlockMode, error)

NewXTSDecrypter creates a Cipher given a function for creating the underlying block cipher (which must have a block size of 16 bytes) for decryption.

func NewXTSDecrypterWithSector added in v0.20.0 

func NewXTSDecrypterWithSector(cipherFunc CipherCreator, key, tweakKey []byte, sectorNum uint64) (_cipher.BlockMode, error)

NewXTSDecrypterWithSector creates a Cipher given a function for creating the underlying block cipher (which must have a block size of 16 bytes) with sector number for decryption.

func NewXTSEncrypter added in v0.20.0 

func NewXTSEncrypter(cipherFunc CipherCreator, key, tweakKey, tweak []byte) (_cipher.BlockMode, error)

NewXTSEncrypter creates a Cipher given a function for creating the underlying block cipher (which must have a block size of 16 bytes).

func NewXTSEncrypterWithSector added in v0.20.0 

func NewXTSEncrypterWithSector(cipherFunc CipherCreator, key, tweakKey []byte, sectorNum uint64) (_cipher.BlockMode, error)

NewXTSEncrypterWithSector creates a Cipher given a function for creating the underlying block cipher (which must have a block size of 16 bytes) with sector number.

Types

type CipherCreator added in v0.4.6 

type CipherCreator func([]byte) (_cipher.Block, error)

type LengthPreservingMode added in v0.24.0 

type LengthPreservingMode interface {
	// EncryptBytes encrypts a number of plaintext bytes. The length of
	// src must be NOT smaller than block size. Dst and src must overlap
	// entirely or not at all.
	//
	// If len(dst) < len(src), EncryptBytes should panic. It is acceptable
	// to pass a dst bigger than src, and in that case, Encrypt will
	// only update dst[:len(src)] and will not touch the rest of dst.
	//
	// Multiple calls to EncryptBytes behave NOT same as if the concatenation of
	// the src buffers was passed in a single run.
	EncryptBytes(dst, src []byte)

	// DecryptBytes decrypts a number of ciphertext bytes. The length of
	// src must be NOT smaller than block size. Dst and src must overlap
	// entirely or not at all.
	//
	// If len(dst) < len(src), DecryptBytes should panic. It is acceptable
	// to pass a dst bigger than src, and in that case, DecryptBytes will
	// only update dst[:len(src)] and will not touch the rest of dst.
	//
	// Multiple calls to DecryptBytes behave NOT same as if the concatenation of
	// the src buffers was passed in a single run.
	DecryptBytes(dst, src []byte)

	// BlockSize returns the mode's block size.
	BlockSize() int
}

A LengthPreservingMode represents a block cipher running in a length preserving mode (HCTR, HCTR2 etc).

func NewHCTR added in v0.24.0 

func NewHCTR(cipher _cipher.Block, tweak, hkey []byte) (LengthPreservingMode, error)

NewHCTR returns a LengthPreservingMode which encrypts/decrypts useing the given [Block] in HCTR mode. The lenght of tweak and hash key must be the same as the [Block]'s block size.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.