github.com/slspeek/camlistore_namedsearch@v0.0.0-20140519202248-ed6f70f7721a/third_party/code.google.com/p/go.crypto/blowfish/cipher.go (about) 1 // Copyright 2010 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 // Package blowfish implements Bruce Schneier's Blowfish encryption algorithm. 6 package blowfish 7 8 // The code is a port of Bruce Schneier's C implementation. 9 // See http://www.schneier.com/blowfish.html. 10 11 import "strconv" 12 13 // The Blowfish block size in bytes. 14 const BlockSize = 8 15 16 // A Cipher is an instance of Blowfish encryption using a particular key. 17 type Cipher struct { 18 p [18]uint32 19 s0, s1, s2, s3 [256]uint32 20 } 21 22 type KeySizeError int 23 24 func (k KeySizeError) Error() string { 25 return "crypto/blowfish: invalid key size " + strconv.Itoa(int(k)) 26 } 27 28 // NewCipher creates and returns a Cipher. 29 // The key argument should be the Blowfish key, 4 to 56 bytes. 30 func NewCipher(key []byte) (*Cipher, error) { 31 var result Cipher 32 k := len(key) 33 if k < 4 || k > 56 { 34 return nil, KeySizeError(k) 35 } 36 initCipher(key, &result) 37 ExpandKey(key, &result) 38 return &result, nil 39 } 40 41 // NewSaltedCipher creates a returns a Cipher that folds a salt into its key 42 // schedule. For most purposes, NewCipher, instead of NewSaltedCipher, is 43 // sufficient and desirable. For bcrypt compatiblity, the key can be over 56 44 // bytes. 45 func NewSaltedCipher(key, salt []byte) (*Cipher, error) { 46 var result Cipher 47 k := len(key) 48 if k < 4 { 49 return nil, KeySizeError(k) 50 } 51 initCipher(key, &result) 52 expandKeyWithSalt(key, salt, &result) 53 return &result, nil 54 } 55 56 // BlockSize returns the Blowfish block size, 8 bytes. 57 // It is necessary to satisfy the Block interface in the 58 // package "crypto/cipher". 59 func (c *Cipher) BlockSize() int { return BlockSize } 60 61 // Encrypt encrypts the 8-byte buffer src using the key k 62 // and stores the result in dst. 63 // Note that for amounts of data larger than a block, 64 // it is not safe to just call Encrypt on successive blocks; 65 // instead, use an encryption mode like CBC (see crypto/cipher/cbc.go). 66 func (c *Cipher) Encrypt(dst, src []byte) { 67 l := uint32(src[0])<<24 | uint32(src[1])<<16 | uint32(src[2])<<8 | uint32(src[3]) 68 r := uint32(src[4])<<24 | uint32(src[5])<<16 | uint32(src[6])<<8 | uint32(src[7]) 69 l, r = encryptBlock(l, r, c) 70 dst[0], dst[1], dst[2], dst[3] = byte(l>>24), byte(l>>16), byte(l>>8), byte(l) 71 dst[4], dst[5], dst[6], dst[7] = byte(r>>24), byte(r>>16), byte(r>>8), byte(r) 72 } 73 74 // Decrypt decrypts the 8-byte buffer src using the key k 75 // and stores the result in dst. 76 func (c *Cipher) Decrypt(dst, src []byte) { 77 l := uint32(src[0])<<24 | uint32(src[1])<<16 | uint32(src[2])<<8 | uint32(src[3]) 78 r := uint32(src[4])<<24 | uint32(src[5])<<16 | uint32(src[6])<<8 | uint32(src[7]) 79 l, r = decryptBlock(l, r, c) 80 dst[0], dst[1], dst[2], dst[3] = byte(l>>24), byte(l>>16), byte(l>>8), byte(l) 81 dst[4], dst[5], dst[6], dst[7] = byte(r>>24), byte(r>>16), byte(r>>8), byte(r) 82 } 83 84 // Reset zeros the key data, so that it will no longer 85 // appear in the process's memory. 86 func (c *Cipher) Reset() { 87 zero(c.p[0:]) 88 zero(c.s0[0:]) 89 zero(c.s1[0:]) 90 zero(c.s2[0:]) 91 zero(c.s3[0:]) 92 } 93 94 func initCipher(key []byte, c *Cipher) { 95 copy(c.p[0:], p[0:]) 96 copy(c.s0[0:], s0[0:]) 97 copy(c.s1[0:], s1[0:]) 98 copy(c.s2[0:], s2[0:]) 99 copy(c.s3[0:], s3[0:]) 100 }