| // Copyright 2016 The Go Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style |
| // license that can be found in the LICENSE file. |
| |
| package aes |
| |
| import ( |
| "crypto/cipher" |
| "crypto/internal/subtle" |
| ) |
| |
| // Assert that aesCipherAsm implements the cbcEncAble and cbcDecAble interfaces. |
| var _ cbcEncAble = (*aesCipherAsm)(nil) |
| var _ cbcDecAble = (*aesCipherAsm)(nil) |
| |
| type cbc struct { |
| b *aesCipherAsm |
| c code |
| iv [BlockSize]byte |
| } |
| |
| func (b *aesCipherAsm) NewCBCEncrypter(iv []byte) cipher.BlockMode { |
| var c cbc |
| c.b = b |
| c.c = b.function |
| copy(c.iv[:], iv) |
| return &c |
| } |
| |
| func (b *aesCipherAsm) NewCBCDecrypter(iv []byte) cipher.BlockMode { |
| var c cbc |
| c.b = b |
| c.c = b.function + 128 // decrypt function code is encrypt + 128 |
| copy(c.iv[:], iv) |
| return &c |
| } |
| |
| func (x *cbc) BlockSize() int { return BlockSize } |
| |
| // cryptBlocksChain invokes the cipher message with chaining (KMC) instruction |
| // with the given function code. The length must be a multiple of BlockSize (16). |
| // |
| //go:noescape |
| func cryptBlocksChain(c code, iv, key, dst, src *byte, length int) |
| |
| func (x *cbc) CryptBlocks(dst, src []byte) { |
| if len(src)%BlockSize != 0 { |
| panic("crypto/cipher: input not full blocks") |
| } |
| if len(dst) < len(src) { |
| panic("crypto/cipher: output smaller than input") |
| } |
| if subtle.InexactOverlap(dst[:len(src)], src) { |
| panic("crypto/cipher: invalid buffer overlap") |
| } |
| if len(src) > 0 { |
| cryptBlocksChain(x.c, &x.iv[0], &x.b.key[0], &dst[0], &src[0], len(src)) |
| } |
| } |
| |
| func (x *cbc) SetIV(iv []byte) { |
| if len(iv) != BlockSize { |
| panic("cipher: incorrect length IV") |
| } |
| copy(x.iv[:], iv) |
| } |