-
Notifications
You must be signed in to change notification settings - Fork 12
/
aes.go
100 lines (82 loc) · 2.3 KB
/
aes.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
//go:build !cmd_go_bootstrap
package openssl
// #include "goopenssl.h"
import "C"
import (
"crypto/cipher"
"errors"
)
type extraModes interface {
// Copied out of crypto/aes/modes.go.
NewCBCEncrypter(iv []byte) cipher.BlockMode
NewCBCDecrypter(iv []byte) cipher.BlockMode
NewCTR(iv []byte) cipher.Stream
NewGCM(nonceSize, tagSize int) (cipher.AEAD, error)
// Invented for BoringCrypto.
NewGCMTLS() (cipher.AEAD, error)
}
var _ extraModes = (*aesCipher)(nil)
func NewAESCipher(key []byte) (cipher.Block, error) {
var kind cipherKind
switch len(key) * 8 {
case 128:
kind = cipherAES128
case 192:
kind = cipherAES192
case 256:
kind = cipherAES256
default:
return nil, errors.New("crypto/aes: invalid key size")
}
c, err := newEVPCipher(key, kind)
if err != nil {
return nil, err
}
return &aesCipher{c}, nil
}
// NewGCMTLS returns a GCM cipher specific to TLS
// and should not be used for non-TLS purposes.
func NewGCMTLS(c cipher.Block) (cipher.AEAD, error) {
return c.(*aesCipher).NewGCMTLS()
}
// NewGCMTLS13 returns a GCM cipher specific to TLS 1.3 and should not be used
// for non-TLS purposes.
func NewGCMTLS13(c cipher.Block) (cipher.AEAD, error) {
return c.(*aesCipher).NewGCMTLS13()
}
type aesCipher struct {
*evpCipher
}
func (c *aesCipher) BlockSize() int {
return c.blockSize
}
func (c *aesCipher) Encrypt(dst, src []byte) {
if err := c.encrypt(dst, src); err != nil {
// crypto/aes expects that the panic message starts with "crypto/aes: ".
panic("crypto/aes: " + err.Error())
}
}
func (c *aesCipher) Decrypt(dst, src []byte) {
if err := c.decrypt(dst, src); err != nil {
// crypto/aes expects that the panic message starts with "crypto/aes: ".
panic("crypto/aes: " + err.Error())
}
}
func (c *aesCipher) NewCBCEncrypter(iv []byte) cipher.BlockMode {
return c.newCBC(iv, cipherOpEncrypt)
}
func (c *aesCipher) NewCBCDecrypter(iv []byte) cipher.BlockMode {
return c.newCBC(iv, cipherOpDecrypt)
}
func (c *aesCipher) NewCTR(iv []byte) cipher.Stream {
return c.newCTR(iv)
}
func (c *aesCipher) NewGCM(nonceSize, tagSize int) (cipher.AEAD, error) {
return c.newGCMChecked(nonceSize, tagSize)
}
func (c *aesCipher) NewGCMTLS() (cipher.AEAD, error) {
return c.newGCM(cipherGCMTLS12)
}
func (c *aesCipher) NewGCMTLS13() (cipher.AEAD, error) {
return c.newGCM(cipherGCMTLS13)
}