cipher.go

     1  // Copyright 2009 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  package aes
     6  
     7  import (
     8  	"crypto/cipher"
     9  	"crypto/internal/alias"
    10  	"crypto/internal/boring"
    11  	"strconv"
    12  )
    13  
    14  // The AES block size in bytes.
    15  const BlockSize = 16
    16  
    17  // A cipher is an instance of AES encryption using a particular key.
    18  type aesCipher struct {
    19  	l   uint8 // only this length of the enc and dec array is actually used
    20  	enc [28 + 32]uint32
    21  	dec [28 + 32]uint32
    22  }
    23  
    24  type KeySizeError int
    25  
    26  func (k KeySizeError) Error() string {
    27  	return "crypto/aes: invalid key size " + strconv.Itoa(int(k))
    28  }
    29  
    30  // NewCipher creates and returns a new [cipher.Block].
    31  // The key argument should be the AES key,
    32  // either 16, 24, or 32 bytes to select
    33  // AES-128, AES-192, or AES-256.
    34  func NewCipher(key []byte) (cipher.Block, error) {
    35  	k := len(key)
    36  	switch k {
    37  	default:
    38  		return nil, KeySizeError(k)
    39  	case 16, 24, 32:
    40  		break
    41  	}
    42  	if boring.Enabled {
    43  		return boring.NewAESCipher(key)
    44  	}
    45  	return newCipher(key)
    46  }
    47  
    48  // newCipherGeneric creates and returns a new cipher.Block
    49  // implemented in pure Go.
    50  func newCipherGeneric(key []byte) (cipher.Block, error) {
    51  	c := aesCipher{l: uint8(len(key) + 28)}
    52  	expandKeyGo(key, c.enc[:c.l], c.dec[:c.l])
    53  	return &c, nil
    54  }
    55  
    56  func (c *aesCipher) BlockSize() int { return BlockSize }
    57  
    58  func (c *aesCipher) Encrypt(dst, src []byte) {
    59  	if len(src) < BlockSize {
    60  		panic("crypto/aes: input not full block")
    61  	}
    62  	if len(dst) < BlockSize {
    63  		panic("crypto/aes: output not full block")
    64  	}
    65  	if alias.InexactOverlap(dst[:BlockSize], src[:BlockSize]) {
    66  		panic("crypto/aes: invalid buffer overlap")
    67  	}
    68  	encryptBlockGo(c.enc[:c.l], dst, src)
    69  }
    70  
    71  func (c *aesCipher) Decrypt(dst, src []byte) {
    72  	if len(src) < BlockSize {
    73  		panic("crypto/aes: input not full block")
    74  	}
    75  	if len(dst) < BlockSize {
    76  		panic("crypto/aes: output not full block")
    77  	}
    78  	if alias.InexactOverlap(dst[:BlockSize], src[:BlockSize]) {
    79  		panic("crypto/aes: invalid buffer overlap")
    80  	}
    81  	decryptBlockGo(c.dec[:c.l], dst, src)
    82  }
    83
View as plain text