1// Copyright 2016 The Go Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5//go:build !purego 6 7package aes 8 9import ( 10 "crypto/cipher" 11 "crypto/internal/alias" 12) 13 14// Assert that aesCipherAsm implements the cbcEncAble and cbcDecAble interfaces. 15var _ cbcEncAble = (*aesCipherAsm)(nil) 16var _ cbcDecAble = (*aesCipherAsm)(nil) 17 18type cbc struct { 19 b *aesCipherAsm 20 c code 21 iv [BlockSize]byte 22} 23 24func (b *aesCipherAsm) NewCBCEncrypter(iv []byte) cipher.BlockMode { 25 var c cbc 26 c.b = b 27 c.c = b.function 28 copy(c.iv[:], iv) 29 return &c 30} 31 32func (b *aesCipherAsm) NewCBCDecrypter(iv []byte) cipher.BlockMode { 33 var c cbc 34 c.b = b 35 c.c = b.function + 128 // decrypt function code is encrypt + 128 36 copy(c.iv[:], iv) 37 return &c 38} 39 40func (x *cbc) BlockSize() int { return BlockSize } 41 42// cryptBlocksChain invokes the cipher message with chaining (KMC) instruction 43// with the given function code. The length must be a multiple of BlockSize (16). 44// 45//go:noescape 46func cryptBlocksChain(c code, iv, key, dst, src *byte, length int) 47 48func (x *cbc) CryptBlocks(dst, src []byte) { 49 if len(src)%BlockSize != 0 { 50 panic("crypto/cipher: input not full blocks") 51 } 52 if len(dst) < len(src) { 53 panic("crypto/cipher: output smaller than input") 54 } 55 if alias.InexactOverlap(dst[:len(src)], src) { 56 panic("crypto/cipher: invalid buffer overlap") 57 } 58 if len(src) > 0 { 59 cryptBlocksChain(x.c, &x.iv[0], &x.b.key[0], &dst[0], &src[0], len(src)) 60 } 61} 62 63func (x *cbc) SetIV(iv []byte) { 64 if len(iv) != BlockSize { 65 panic("cipher: incorrect length IV") 66 } 67 copy(x.iv[:], iv) 68} 69