| // Copyright 2011 The Go Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style |
| // license that can be found in the LICENSE file. |
| |
| package des |
| |
| import ( |
| "crypto/cipher" |
| "crypto/internal/alias" |
| "encoding/binary" |
| "strconv" |
| ) |
| |
| // The DES block size in bytes. |
| const BlockSize = 8 |
| |
| type KeySizeError int |
| |
| func (k KeySizeError) Error() string { |
| return "crypto/des: invalid key size " + strconv.Itoa(int(k)) |
| } |
| |
| // desCipher is an instance of DES encryption. |
| type desCipher struct { |
| subkeys [16]uint64 |
| } |
| |
| // NewCipher creates and returns a new [cipher.Block]. |
| func NewCipher(key []byte) (cipher.Block, error) { |
| if len(key) != 8 { |
| return nil, KeySizeError(len(key)) |
| } |
| |
| c := new(desCipher) |
| c.generateSubkeys(key) |
| return c, nil |
| } |
| |
| func (c *desCipher) BlockSize() int { return BlockSize } |
| |
| func (c *desCipher) Encrypt(dst, src []byte) { |
| if len(src) < BlockSize { |
| panic("crypto/des: input not full block") |
| } |
| if len(dst) < BlockSize { |
| panic("crypto/des: output not full block") |
| } |
| if alias.InexactOverlap(dst[:BlockSize], src[:BlockSize]) { |
| panic("crypto/des: invalid buffer overlap") |
| } |
| cryptBlock(c.subkeys[:], dst, src, false) |
| } |
| |
| func (c *desCipher) Decrypt(dst, src []byte) { |
| if len(src) < BlockSize { |
| panic("crypto/des: input not full block") |
| } |
| if len(dst) < BlockSize { |
| panic("crypto/des: output not full block") |
| } |
| if alias.InexactOverlap(dst[:BlockSize], src[:BlockSize]) { |
| panic("crypto/des: invalid buffer overlap") |
| } |
| cryptBlock(c.subkeys[:], dst, src, true) |
| } |
| |
| // A tripleDESCipher is an instance of TripleDES encryption. |
| type tripleDESCipher struct { |
| cipher1, cipher2, cipher3 desCipher |
| } |
| |
| // NewTripleDESCipher creates and returns a new [cipher.Block]. |
| func NewTripleDESCipher(key []byte) (cipher.Block, error) { |
| if len(key) != 24 { |
| return nil, KeySizeError(len(key)) |
| } |
| |
| c := new(tripleDESCipher) |
| c.cipher1.generateSubkeys(key[:8]) |
| c.cipher2.generateSubkeys(key[8:16]) |
| c.cipher3.generateSubkeys(key[16:]) |
| return c, nil |
| } |
| |
| func (c *tripleDESCipher) BlockSize() int { return BlockSize } |
| |
| func (c *tripleDESCipher) Encrypt(dst, src []byte) { |
| if len(src) < BlockSize { |
| panic("crypto/des: input not full block") |
| } |
| if len(dst) < BlockSize { |
| panic("crypto/des: output not full block") |
| } |
| if alias.InexactOverlap(dst[:BlockSize], src[:BlockSize]) { |
| panic("crypto/des: invalid buffer overlap") |
| } |
| |
| b := binary.BigEndian.Uint64(src) |
| b = permuteInitialBlock(b) |
| left, right := uint32(b>>32), uint32(b) |
| |
| left = (left << 1) | (left >> 31) |
| right = (right << 1) | (right >> 31) |
| |
| for i := 0; i < 8; i++ { |
| left, right = feistel(left, right, c.cipher1.subkeys[2*i], c.cipher1.subkeys[2*i+1]) |
| } |
| for i := 0; i < 8; i++ { |
| right, left = feistel(right, left, c.cipher2.subkeys[15-2*i], c.cipher2.subkeys[15-(2*i+1)]) |
| } |
| for i := 0; i < 8; i++ { |
| left, right = feistel(left, right, c.cipher3.subkeys[2*i], c.cipher3.subkeys[2*i+1]) |
| } |
| |
| left = (left << 31) | (left >> 1) |
| right = (right << 31) | (right >> 1) |
| |
| preOutput := (uint64(right) << 32) | uint64(left) |
| binary.BigEndian.PutUint64(dst, permuteFinalBlock(preOutput)) |
| } |
| |
| func (c *tripleDESCipher) Decrypt(dst, src []byte) { |
| if len(src) < BlockSize { |
| panic("crypto/des: input not full block") |
| } |
| if len(dst) < BlockSize { |
| panic("crypto/des: output not full block") |
| } |
| if alias.InexactOverlap(dst[:BlockSize], src[:BlockSize]) { |
| panic("crypto/des: invalid buffer overlap") |
| } |
| |
| b := binary.BigEndian.Uint64(src) |
| b = permuteInitialBlock(b) |
| left, right := uint32(b>>32), uint32(b) |
| |
| left = (left << 1) | (left >> 31) |
| right = (right << 1) | (right >> 31) |
| |
| for i := 0; i < 8; i++ { |
| left, right = feistel(left, right, c.cipher3.subkeys[15-2*i], c.cipher3.subkeys[15-(2*i+1)]) |
| } |
| for i := 0; i < 8; i++ { |
| right, left = feistel(right, left, c.cipher2.subkeys[2*i], c.cipher2.subkeys[2*i+1]) |
| } |
| for i := 0; i < 8; i++ { |
| left, right = feistel(left, right, c.cipher1.subkeys[15-2*i], c.cipher1.subkeys[15-(2*i+1)]) |
| } |
| |
| left = (left << 31) | (left >> 1) |
| right = (right << 31) | (right >> 1) |
| |
| preOutput := (uint64(right) << 32) | uint64(left) |
| binary.BigEndian.PutUint64(dst, permuteFinalBlock(preOutput)) |
| } |