Package cipher

import "crypto/cipher"
Overview
Index
Examples

Overview ▾

包密码实现标准的分组密码模式,可以将其包装在低级分组密码实现中. 请参阅https://csrc.nist.gov/groups/ST/toolkit/BCM/current_modes.html和NIST特殊出版物800-38A.

type AEAD 1.2

AEAD是一种密码模式,可对关联数据进行身份验证加密. 有关方法的说明,请参见

https://en.wikipedia.org/wiki/Authenticated_encryption
type AEAD interface {
    // NonceSize returns the size of the nonce that must be passed to Seal
    // and Open.
    NonceSize() int

    // Overhead returns the maximum difference between the lengths of a
    // plaintext and its ciphertext.
    Overhead() int

    // Seal encrypts and authenticates plaintext, authenticates the
    // additional data and appends the result to dst, returning the updated
    // slice. The nonce must be NonceSize() bytes long and unique for all
    // time, for a given key.
    //
    // To reuse plaintext's storage for the encrypted output, use plaintext[:0]
    // as dst. Otherwise, the remaining capacity of dst must not overlap plaintext.
    Seal(dst, nonce, plaintext, additionalData []byte) []byte

    // Open decrypts and authenticates ciphertext, authenticates the
    // additional data and, if successful, appends the resulting plaintext
    // to dst, returning the updated slice. The nonce must be NonceSize()
    // bytes long and both it and the additional data must match the
    // value passed to Seal.
    //
    // To reuse ciphertext's storage for the decrypted output, use ciphertext[:0]
    // as dst. Otherwise, the remaining capacity of dst must not overlap plaintext.
    //
    // Even if the function fails, the contents of dst, up to its capacity,
    // may be overwritten.
    Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error)
}

func NewGCM 1.2

func NewGCM(cipher Block) (AEAD, error)

NewGCM返回在Galois计数器模式下以标准随机数长度包装的给定128位块密码.

通常,此GCM实施执行的GHASH操作不是固定时间. 一个例外是当底层的块是由aes.NewCipher在具有AES硬件支持的系统上创建的. 有关详细信息,请参见crypto / aes软件包文档.

示例(解密)

exampleplaintext

示例(加密)

func NewGCMWithNonceSize 1.5

func NewGCMWithNonceSize(cipher Block, size int) (AEAD, error)

NewGCMWithNonceSize返回以Galois计数器模式包装的给定的128位块密码,该密码接受给定长度的随机数.

仅在需要与使用非标准随机数长度的现有密码系统兼容时,才使用此功能. 所有其他用户都应使用NewGCM,该速度更快且更易于滥用.

func NewGCMWithTagSize 1.11

func NewGCMWithTagSize(cipher Block, tagSize int) (AEAD, error)

NewGCMWithTagSize returns the given 128-bit, block cipher wrapped in Galois Counter Mode, which generates tags with the given length.

标签大小允许在12到16个字节之间.

仅在需要与使用非标准标签长度的现有密码系统兼容时,才使用此功能. 所有其他用户都应使用NewGCM,它可以更有效地防止滥用.

type Block

块表示使用给定密钥的块密码的实现. 它提供了加密或解密单个块的功能. 模式实现将该功能扩展到块流.

type Block interface {
    // BlockSize returns the cipher's block size.
    BlockSize() int

    // Encrypt encrypts the first block in src into dst.
    // Dst and src must overlap entirely or not at all.
    Encrypt(dst, src []byte)

    // Decrypt decrypts the first block in src into dst.
    // Dst and src must overlap entirely or not at all.
    Decrypt(dst, src []byte)
}

type BlockMode

BlockMode表示以基于块的模式(CBC,ECB等)运行的块密码.

type BlockMode interface {
    // BlockSize returns the mode's block size.
    BlockSize() int

    // CryptBlocks encrypts or decrypts a number of blocks. The length of
    // src must be a multiple of the block size. Dst and src must overlap
    // entirely or not at all.
    //
    // If len(dst) < len(src), CryptBlocks should panic. It is acceptable
    // to pass a dst bigger than src, and in that case, CryptBlocks will
    // only update dst[:len(src)] and will not touch the rest of dst.
    //
    // Multiple calls to CryptBlocks behave as if the concatenation of
    // the src buffers was passed in a single run. That is, BlockMode
    // maintains state and does not reset at each CryptBlocks call.
    CryptBlocks(dst, src []byte)
}

func NewCBCDecrypter

func NewCBCDecrypter(b Block, iv []byte) BlockMode

NewCB​​CDecrypter返回一个BlockMode,它使用给定的Block以密码块链接模式解密. iv的长度必须与块的块大小相同,并且必须与用于加密数据的iv匹配.

Example

exampleplaintext

func NewCBCEncrypter

func NewCBCEncrypter(b Block, iv []byte) BlockMode

NewCB​​CEncrypter返回一个BlockMode,它使用给定的Block以密码块链接模式进行加密. iv的长度必须与块的块大小相同.

Example

type Stream

流表示流密码.

type Stream interface {
    // XORKeyStream XORs each byte in the given slice with a byte from the
    // cipher's key stream. Dst and src must overlap entirely or not at all.
    //
    // If len(dst) < len(src), XORKeyStream should panic. It is acceptable
    // to pass a dst bigger than src, and in that case, XORKeyStream will
    // only update dst[:len(src)] and will not touch the rest of dst.
    //
    // Multiple calls to XORKeyStream behave as if the concatenation of
    // the src buffers was passed in a single run. That is, Stream
    // maintains state and does not reset at each XORKeyStream call.
    XORKeyStream(dst, src []byte)
}

func NewCFBDecrypter

func NewCFBDecrypter(block Block, iv []byte) Stream

NewCFBDecrypter returns a Stream which decrypts with cipher feedback mode, using the given Block. The iv must be the same length as the Block's block size.

Example

some plaintext

func NewCFBEncrypter

func NewCFBEncrypter(block Block, iv []byte) Stream

NewCFBEncrypter返回一个Stream,该Stream使用给定的Block以密码反馈模式进行加密. iv的长度必须与块的块大小相同.

Example

func NewCTR

func NewCTR(block Block, iv []byte) Stream

NewCTR返回一个Stream,该Stream在计数器模式下使用给定的Block进行加密/解密. iv的长度必须与块的块大小相同.

Example

some plaintext

func NewOFB

func NewOFB(b Block, iv []byte) Stream

NewOFB返回在输出反馈模式下使用块密码b加密或解密的Stream. 初始化向量iv的长度必须等于b的块大小.

Example

some plaintext

type StreamReader

StreamReader将Stream包装到io.Reader中. 它调用XORKeyStream来处理通过的每个数据片.

type StreamReader struct {
    S Stream
    R io.Reader
}

Example

some secret text

func (StreamReader) Read

func (r StreamReader) Read(dst []byte) (n int, err error)

type StreamWriter

StreamWriter将Stream包装到io.Writer中. 它调用XORKeyStream来处理通过的每个数据片. 如果有任何Write调用返回的时间很短,则StreamWriter不同步,必须将其丢弃. StreamWriter没有内部缓冲. 不需要调用Close来刷新写入数据.

type StreamWriter struct {
    S   Stream
    W   io.Writer
    Err error // unused
}

Example

cf0495cc6f75dafc23948538e79904a9

func (StreamWriter) Close

func (w StreamWriter) Close() error

如果Writer也是io.Closer,则Close将关闭基础Writer并返回其Close返回值. 否则返回nil.

func (StreamWriter) Write

func (w StreamWriter) Write(src []byte) (n int, err error)

by  ICOPY.SITE