Gitiles
Code Review Sign In
gerrit.opencord.org / voltha-go / 7b1e0641d3328bc930bc6e1732210a69fc794a6e / . / vendor / golang.org / x / crypto / blowfish / cipher.go
blob: 213bf204afea5bb048b8e2dd61f68cfeb9ee2afb [file] [log] [blame]
khenaidooab1f7bd2019-11-14 14:00:27 -0500[diff] [blame]1// Copyright 2010 The Go Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style
3// license that can be found in the LICENSE file.
4
5// Package blowfish implements Bruce Schneier's Blowfish encryption algorithm.
6//
7// Blowfish is a legacy cipher and its short block size makes it vulnerable to
8// birthday bound attacks (see https://sweet32.info). It should only be used
9// where compatibility with legacy systems, not security, is the goal.
10//
11// Deprecated: any new system should use AES (from crypto/aes, if necessary in
12// an AEAD mode like crypto/cipher.NewGCM) or XChaCha20-Poly1305 (from
13// golang.org/x/crypto/chacha20poly1305).
14package blowfish // import "golang.org/x/crypto/blowfish"
15
16// The code is a port of Bruce Schneier's C implementation.
17// See https://www.schneier.com/blowfish.html.
18
19import "strconv"
20
21// The Blowfish block size in bytes.
22const BlockSize = 8
23
24// A Cipher is an instance of Blowfish encryption using a particular key.
25type Cipher struct {
26 p [18]uint32
27 s0, s1, s2, s3 [256]uint32
28}
29
30type KeySizeError int
31
32func (k KeySizeError) Error() string {
33 return "crypto/blowfish: invalid key size " + strconv.Itoa(int(k))
34}
35
36// NewCipher creates and returns a Cipher.
37// The key argument should be the Blowfish key, from 1 to 56 bytes.
38func NewCipher(key []byte) (*Cipher, error) {
39 var result Cipher
40 if k := len(key); k < 1 || k > 56 {
41 return nil, KeySizeError(k)
42 }
43 initCipher(&result)
44 ExpandKey(key, &result)
45 return &result, nil
46}
47
48// NewSaltedCipher creates a returns a Cipher that folds a salt into its key
49// schedule. For most purposes, NewCipher, instead of NewSaltedCipher, is
50// sufficient and desirable. For bcrypt compatibility, the key can be over 56
51// bytes.
52func NewSaltedCipher(key, salt []byte) (*Cipher, error) {
53 if len(salt) == 0 {
54 return NewCipher(key)
55 }
56 var result Cipher
57 if k := len(key); k < 1 {
58 return nil, KeySizeError(k)
59 }
60 initCipher(&result)
61 expandKeyWithSalt(key, salt, &result)
62 return &result, nil
63}
64
65// BlockSize returns the Blowfish block size, 8 bytes.
66// It is necessary to satisfy the Block interface in the
67// package "crypto/cipher".
68func (c *Cipher) BlockSize() int { return BlockSize }
69
70// Encrypt encrypts the 8-byte buffer src using the key k
71// and stores the result in dst.
72// Note that for amounts of data larger than a block,
73// it is not safe to just call Encrypt on successive blocks;
74// instead, use an encryption mode like CBC (see crypto/cipher/cbc.go).
75func (c *Cipher) Encrypt(dst, src []byte) {
76 l := uint32(src[0])<<24 | uint32(src[1])<<16 | uint32(src[2])<<8 | uint32(src[3])
77 r := uint32(src[4])<<24 | uint32(src[5])<<16 | uint32(src[6])<<8 | uint32(src[7])
78 l, r = encryptBlock(l, r, c)
79 dst[0], dst[1], dst[2], dst[3] = byte(l>>24), byte(l>>16), byte(l>>8), byte(l)
80 dst[4], dst[5], dst[6], dst[7] = byte(r>>24), byte(r>>16), byte(r>>8), byte(r)
81}
82
83// Decrypt decrypts the 8-byte buffer src using the key k
84// and stores the result in dst.
85func (c *Cipher) Decrypt(dst, src []byte) {
86 l := uint32(src[0])<<24 | uint32(src[1])<<16 | uint32(src[2])<<8 | uint32(src[3])
87 r := uint32(src[4])<<24 | uint32(src[5])<<16 | uint32(src[6])<<8 | uint32(src[7])
88 l, r = decryptBlock(l, r, c)
89 dst[0], dst[1], dst[2], dst[3] = byte(l>>24), byte(l>>16), byte(l>>8), byte(l)
90 dst[4], dst[5], dst[6], dst[7] = byte(r>>24), byte(r>>16), byte(r>>8), byte(r)
91}
92
93func initCipher(c *Cipher) {
94 copy(c.p[0:], p[0:])
95 copy(c.s0[0:], s0[0:])
96 copy(c.s1[0:], s1[0:])
97 copy(c.s2[0:], s2[0:])
98 copy(c.s3[0:], s3[0:])
99}