ocb2

package module
v0.0.0-...-042ca66 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 23, 2022 License: BSD-3-Clause Imports: 4 Imported by: 0

Documentation

Overview

Package ocb2 implements the version 2 of the OCB authenticated-encryption algorithm. OCB2 is specified in http://www.cs.ucdavis.edu/~rogaway/papers/draft-krovetz-ocb-00.txt.

Note that this implementation is limited to block ciphers with a block size of 128 bits.

It should also be noted that OCB's author, Phil Rogaway <rogaway@cs.ucdavis.edu>, holds several US patents on the algorithm. This should be considered before using this code in your own projects. See OCB's FAQ for more info: http://www.cs.ucdavis.edu/~rogaway/ocb/ocb-faq.htm#patent:phil

The Mumble Project has a license to use OCB mode in its BSD licensed code on a royalty free basis.

Index

Constants

View Source
const (
	// BlockSize defines the block size that this particular implementation
	// of OCB2 is made to work on.
	BlockSize = 16
	// TagSize specifies the length in bytes of a full OCB2 tag.
	// As per the specification, applications may truncate their
	// tags to a given length, but advocates that typical applications
	// should use a tag length of at least 8 bytes (64 bits).
	TagSize = BlockSize
	// NonceSize specifies the length in bytes of an OCB2 nonce.
	NonceSize = BlockSize
)

Variables

This section is empty.

Functions

func Decrypt

func Decrypt(cipher cipher.Block, plain []byte, encrypted []byte, nonce []byte, tag []byte) bool

Decrypt takes a ciphertext, a nonce, and a tag as its input and outputs a decrypted plaintext (if successful) and a boolean flag that determines whether the function successfully decrypted the given ciphertext.

Before using the decrpyted plaintext, the application should verify that the computed authentication tag matches the tag that was produced when encrypting the message (taking into consideration that OCB tags are allowed to be truncated to a length less than ocb.TagSize).

The block cipher used in function must work on a block size equal to ocb2.BlockSize. The tag slice used in this function must have a length equal to ocb2.TagSize. The nonce slice used in this function must have a length equal to ocb2.NonceSize. If any of the above are violated, Encrypt will panic.

func Encrypt

func Encrypt(cipher cipher.Block, dst []byte, src []byte, nonce []byte, tag []byte)

Encrypt encrypts the plaintext src and outputs the corresponding ciphertext into dst. Besides outputting a ciphertext into dst, Encrypt also outputs an authentication tag of ocb2.TagSize bytes into tag, which should be used to verify the authenticity of the message on the receiving side.

To ensure both authenticity and secrecy of messages, each invocation to this function must be given an unique nonce of ocb2.NonceSize bytes. The nonce need not be secret (it can be a counter), but it needs to be unique.

The block cipher used in function must work on a block size equal to ocb2.BlockSize. The tag slice used in this function must have a length equal to ocb2.TagSize. The nonce slice used in this function must have a length equal to ocb2.NonceSize. If any of the above are violated, Encrypt will panic.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL