diff options
| author | YDBot <[email protected]> | 2026-06-10 06:27:27 +0000 |
|---|---|---|
| committer | YDBot <[email protected]> | 2026-06-10 06:27:27 +0000 |
| commit | eb8c7d3ee0c13034ecf5d8d35c24cefc40f0bb3f (patch) | |
| tree | a1eba7fec49a258bb24bfa77808233496ac0047f /contrib/go/_std_1.25/src/crypto/cipher/cbc.go | |
| parent | c4011885693f041c96b035f368aae8a1baac8885 (diff) | |
| parent | 72cfbf8958fa6fa5227e9ad6466abfc635fdeb15 (diff) | |
Diffstat (limited to 'contrib/go/_std_1.25/src/crypto/cipher/cbc.go')
| -rw-r--r-- | contrib/go/_std_1.25/src/crypto/cipher/cbc.go | 207 |
1 files changed, 0 insertions, 207 deletions
diff --git a/contrib/go/_std_1.25/src/crypto/cipher/cbc.go b/contrib/go/_std_1.25/src/crypto/cipher/cbc.go deleted file mode 100644 index 8e614062969..00000000000 --- a/contrib/go/_std_1.25/src/crypto/cipher/cbc.go +++ /dev/null @@ -1,207 +0,0 @@ -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Cipher block chaining (CBC) mode. - -// CBC provides confidentiality by xoring (chaining) each plaintext block -// with the previous ciphertext block before applying the block cipher. - -// See NIST SP 800-38A, pp 10-11 - -package cipher - -import ( - "bytes" - "crypto/internal/fips140/aes" - "crypto/internal/fips140/alias" - "crypto/internal/fips140only" - "crypto/subtle" -) - -type cbc struct { - b Block - blockSize int - iv []byte - tmp []byte -} - -func newCBC(b Block, iv []byte) *cbc { - return &cbc{ - b: b, - blockSize: b.BlockSize(), - iv: bytes.Clone(iv), - tmp: make([]byte, b.BlockSize()), - } -} - -type cbcEncrypter cbc - -// cbcEncAble is an interface implemented by ciphers that have a specific -// optimized implementation of CBC encryption. crypto/aes doesn't use this -// anymore, and we'd like to eventually remove it. -type cbcEncAble interface { - NewCBCEncrypter(iv []byte) BlockMode -} - -// NewCBCEncrypter returns a BlockMode which encrypts in cipher block chaining -// mode, using the given Block. The length of iv must be the same as the -// Block's block size. -func NewCBCEncrypter(b Block, iv []byte) BlockMode { - if len(iv) != b.BlockSize() { - panic("cipher.NewCBCEncrypter: IV length must equal block size") - } - if b, ok := b.(*aes.Block); ok { - return aes.NewCBCEncrypter(b, [16]byte(iv)) - } - if fips140only.Enabled { - panic("crypto/cipher: use of CBC with non-AES ciphers is not allowed in FIPS 140-only mode") - } - if cbc, ok := b.(cbcEncAble); ok { - return cbc.NewCBCEncrypter(iv) - } - return (*cbcEncrypter)(newCBC(b, iv)) -} - -// newCBCGenericEncrypter returns a BlockMode which encrypts in cipher block chaining -// mode, using the given Block. The length of iv must be the same as the -// Block's block size. This always returns the generic non-asm encrypter for use -// in fuzz testing. -func newCBCGenericEncrypter(b Block, iv []byte) BlockMode { - if len(iv) != b.BlockSize() { - panic("cipher.NewCBCEncrypter: IV length must equal block size") - } - return (*cbcEncrypter)(newCBC(b, iv)) -} - -func (x *cbcEncrypter) BlockSize() int { return x.blockSize } - -func (x *cbcEncrypter) CryptBlocks(dst, src []byte) { - if len(src)%x.blockSize != 0 { - panic("crypto/cipher: input not full blocks") - } - if len(dst) < len(src) { - panic("crypto/cipher: output smaller than input") - } - if alias.InexactOverlap(dst[:len(src)], src) { - panic("crypto/cipher: invalid buffer overlap") - } - if _, ok := x.b.(*aes.Block); ok { - panic("crypto/cipher: internal error: generic CBC used with AES") - } - - iv := x.iv - - for len(src) > 0 { - // Write the xor to dst, then encrypt in place. - subtle.XORBytes(dst[:x.blockSize], src[:x.blockSize], iv) - x.b.Encrypt(dst[:x.blockSize], dst[:x.blockSize]) - - // Move to the next block with this block as the next iv. - iv = dst[:x.blockSize] - src = src[x.blockSize:] - dst = dst[x.blockSize:] - } - - // Save the iv for the next CryptBlocks call. - copy(x.iv, iv) -} - -func (x *cbcEncrypter) SetIV(iv []byte) { - if len(iv) != len(x.iv) { - panic("cipher: incorrect length IV") - } - copy(x.iv, iv) -} - -type cbcDecrypter cbc - -// cbcDecAble is an interface implemented by ciphers that have a specific -// optimized implementation of CBC decryption. crypto/aes doesn't use this -// anymore, and we'd like to eventually remove it. -type cbcDecAble interface { - NewCBCDecrypter(iv []byte) BlockMode -} - -// NewCBCDecrypter returns a BlockMode which decrypts in cipher block chaining -// mode, using the given Block. The length of iv must be the same as the -// Block's block size and must match the iv used to encrypt the data. -func NewCBCDecrypter(b Block, iv []byte) BlockMode { - if len(iv) != b.BlockSize() { - panic("cipher.NewCBCDecrypter: IV length must equal block size") - } - if b, ok := b.(*aes.Block); ok { - return aes.NewCBCDecrypter(b, [16]byte(iv)) - } - if fips140only.Enabled { - panic("crypto/cipher: use of CBC with non-AES ciphers is not allowed in FIPS 140-only mode") - } - if cbc, ok := b.(cbcDecAble); ok { - return cbc.NewCBCDecrypter(iv) - } - return (*cbcDecrypter)(newCBC(b, iv)) -} - -// newCBCGenericDecrypter returns a BlockMode which encrypts in cipher block chaining -// mode, using the given Block. The length of iv must be the same as the -// Block's block size. This always returns the generic non-asm decrypter for use in -// fuzz testing. -func newCBCGenericDecrypter(b Block, iv []byte) BlockMode { - if len(iv) != b.BlockSize() { - panic("cipher.NewCBCDecrypter: IV length must equal block size") - } - return (*cbcDecrypter)(newCBC(b, iv)) -} - -func (x *cbcDecrypter) BlockSize() int { return x.blockSize } - -func (x *cbcDecrypter) CryptBlocks(dst, src []byte) { - if len(src)%x.blockSize != 0 { - panic("crypto/cipher: input not full blocks") - } - if len(dst) < len(src) { - panic("crypto/cipher: output smaller than input") - } - if alias.InexactOverlap(dst[:len(src)], src) { - panic("crypto/cipher: invalid buffer overlap") - } - if _, ok := x.b.(*aes.Block); ok { - panic("crypto/cipher: internal error: generic CBC used with AES") - } - if len(src) == 0 { - return - } - - // For each block, we need to xor the decrypted data with the previous block's ciphertext (the iv). - // To avoid making a copy each time, we loop over the blocks BACKWARDS. - end := len(src) - start := end - x.blockSize - prev := start - x.blockSize - - // Copy the last block of ciphertext in preparation as the new iv. - copy(x.tmp, src[start:end]) - - // Loop over all but the first block. - for start > 0 { - x.b.Decrypt(dst[start:end], src[start:end]) - subtle.XORBytes(dst[start:end], dst[start:end], src[prev:start]) - - end = start - start = prev - prev -= x.blockSize - } - - // The first block is special because it uses the saved iv. - x.b.Decrypt(dst[start:end], src[start:end]) - subtle.XORBytes(dst[start:end], dst[start:end], x.iv) - - // Set the new iv to the first block we copied earlier. - x.iv, x.tmp = x.tmp, x.iv -} - -func (x *cbcDecrypter) SetIV(iv []byte) { - if len(iv) != len(x.iv) { - panic("cipher: incorrect length IV") - } - copy(x.iv, iv) -} |