...
1
2
3
4
5
6
7
8
9
10
11
12
13 package cipher
14
15 import "crypto/internal/subtle"
16
17 type ctr struct {
18 b Block
19 ctr []byte
20 out []byte
21 outUsed int
22 }
23
24 const streamBufferSize = 512
25
26
27
28
29 type ctrAble interface {
30 NewCTR(iv []byte) Stream
31 }
32
33
34
35 func NewCTR(block Block, iv []byte) Stream {
36 if ctr, ok := block.(ctrAble); ok {
37 return ctr.NewCTR(iv)
38 }
39 if len(iv) != block.BlockSize() {
40 panic("cipher.NewCTR: IV length must equal block size")
41 }
42 bufSize := streamBufferSize
43 if bufSize < block.BlockSize() {
44 bufSize = block.BlockSize()
45 }
46 return &ctr{
47 b: block,
48 ctr: dup(iv),
49 out: make([]byte, 0, bufSize),
50 outUsed: 0,
51 }
52 }
53
54 func (x *ctr) refill() {
55 remain := len(x.out) - x.outUsed
56 copy(x.out, x.out[x.outUsed:])
57 x.out = x.out[:cap(x.out)]
58 bs := x.b.BlockSize()
59 for remain <= len(x.out)-bs {
60 x.b.Encrypt(x.out[remain:], x.ctr)
61 remain += bs
62
63
64 for i := len(x.ctr) - 1; i >= 0; i-- {
65 x.ctr[i]++
66 if x.ctr[i] != 0 {
67 break
68 }
69 }
70 }
71 x.out = x.out[:remain]
72 x.outUsed = 0
73 }
74
75 func (x *ctr) XORKeyStream(dst, src []byte) {
76 if len(dst) < len(src) {
77 panic("crypto/cipher: output smaller than input")
78 }
79 if subtle.InexactOverlap(dst[:len(src)], src) {
80 panic("crypto/cipher: invalid buffer overlap")
81 }
82 for len(src) > 0 {
83 if x.outUsed >= len(x.out)-x.b.BlockSize() {
84 x.refill()
85 }
86 n := xorBytes(dst, src, x.out[x.outUsed:])
87 dst = dst[n:]
88 src = src[n:]
89 x.outUsed += n
90 }
91 }
92
View as plain text