Source File
cfb.go
Belonging Package
crypto/cipher
// Copyright 2010 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// CFB (Cipher Feedback) Mode.
package cipher
import (
)
type cfb struct {
b Block
next []byte
out []byte
outUsed int
decrypt bool
}
func ( *cfb) (, []byte) {
if len() < len() {
panic("crypto/cipher: output smaller than input")
}
if alias.InexactOverlap([:len()], ) {
panic("crypto/cipher: invalid buffer overlap")
}
for len() > 0 {
if .outUsed == len(.out) {
.b.Encrypt(.out, .next)
.outUsed = 0
}
if .decrypt {
// We can precompute a larger segment of the
// keystream on decryption. This will allow
// larger batches for xor, and we should be
// able to match CTR/OFB performance.
copy(.next[.outUsed:], )
}
:= subtle.XORBytes(, , .out[.outUsed:])
if !.decrypt {
copy(.next[.outUsed:], )
}
= [:]
= [:]
.outUsed +=
}
}
// NewCFBEncrypter returns a [Stream] which encrypts with cipher feedback mode,
// using the given [Block]. The iv must be the same length as the [Block]'s block
// size.
//
// Deprecated: CFB mode is not authenticated, which generally enables active
// attacks to manipulate and recover the plaintext. It is recommended that
// applications use [AEAD] modes instead. The standard library implementation of
// CFB is also unoptimized and not validated as part of the FIPS 140-3 module.
// If an unauthenticated [Stream] mode is required, use [NewCTR] instead.
func ( Block, []byte) Stream {
if fips140only.Enabled {
panic("crypto/cipher: use of CFB is not allowed in FIPS 140-only mode")
}
return newCFB(, , false)
}
// NewCFBDecrypter returns a [Stream] which decrypts with cipher feedback mode,
// using the given [Block]. The iv must be the same length as the [Block]'s block
// size.
//
// Deprecated: CFB mode is not authenticated, which generally enables active
// attacks to manipulate and recover the plaintext. It is recommended that
// applications use [AEAD] modes instead. The standard library implementation of
// CFB is also unoptimized and not validated as part of the FIPS 140-3 module.
// If an unauthenticated [Stream] mode is required, use [NewCTR] instead.
func ( Block, []byte) Stream {
if fips140only.Enabled {
panic("crypto/cipher: use of CFB is not allowed in FIPS 140-only mode")
}
return newCFB(, , true)
}
func ( Block, []byte, bool) Stream {
:= .BlockSize()
if len() != {
// stack trace will indicate whether it was de or encryption
panic("cipher.newCFB: IV length must equal block size")
}
:= &cfb{
b: ,
out: make([]byte, ),
next: make([]byte, ),
outUsed: ,
decrypt: ,
}
copy(.next, )
return
}
The pages are generated with Golds v0.7.6. (GOOS=linux GOARCH=amd64)