更新

pkg/lakego-pkg/go-cryptobin/cipher/ocb/ocb.go

@@ -10,14 +10,6 @@ import (
     "github.com/deatil/go-cryptobin/tool/byteutil"
 )
 
-type ocb struct {
-    block        cipher.Block
-    tagSize      int
-    nonceSize    int
-    mask         mask
-    reusableKtop reusableKtop
-}
-
 type mask struct {
     // L_*, L_$, (L_i)_{i ∈ N}
     lAst []byte
@@ -40,37 +32,37 @@ const (
     dec
 )
 
-func (o *ocb) NonceSize() int {
-    return o.nonceSize
-}
-
-func (o *ocb) Overhead() int {
-    return o.tagSize
+type ocb struct {
+    block        cipher.Block
+    tagSize      int
+    nonceSize    int
+    mask         mask
+    reusableKtop reusableKtop
 }
 
-// NewOCB returns an OCB instance with the given block cipher and default
+// New returns an OCB instance with the given block cipher and default
 // tag and nonce sizes.
-func NewOCB(block cipher.Block) (cipher.AEAD, error) {
-    return NewOCBWithNonceAndTagSize(block, defaultNonceSize, defaultTagSize)
+func New(block cipher.Block) (cipher.AEAD, error) {
+    return NewWithNonceAndTagSize(block, defaultNonceSize, defaultTagSize)
 }
 
-func NewOCBWithNonceSize(block cipher.Block, nonceSize int) (cipher.AEAD, error) {
-    return NewOCBWithNonceAndTagSize(block, nonceSize, defaultTagSize)
+func NewWithNonceSize(block cipher.Block, nonceSize int) (cipher.AEAD, error) {
+    return NewWithNonceAndTagSize(block, nonceSize, defaultTagSize)
 }
 
-func NewOCBWithTagSize(block cipher.Block, tagSize int) (cipher.AEAD, error) {
-    return NewOCBWithNonceAndTagSize(block, defaultNonceSize, tagSize)
+func NewWithTagSize(block cipher.Block, tagSize int) (cipher.AEAD, error) {
+    return NewWithNonceAndTagSize(block, defaultNonceSize, tagSize)
 }
 
-// NewOCBWithNonceAndTagSize returns an OCB instance with the given block
+// NewWithNonceAndTagSize returns an OCB instance with the given block
 // cipher, nonce length, and tag length. Panics on zero nonceSize and
 // exceedingly long tag size.
 //
 // It is recommended to use at least 12 bytes as tag length.
-func NewOCBWithNonceAndTagSize(
-    block cipher.Block,
+func NewWithNonceAndTagSize(
+    block     cipher.Block,
     nonceSize int,
-    tagSize int,
+    tagSize   int,
 ) (cipher.AEAD, error) {
     if block.BlockSize() != 16 {
         return nil, ocbError("Block cipher must have 128-bit blocks")
@@ -97,6 +89,14 @@ func NewOCBWithNonceAndTagSize(
     }, nil
 }
 
+func (o *ocb) NonceSize() int {
+    return o.nonceSize
+}
+
+func (o *ocb) Overhead() int {
+    return o.tagSize
+}
+
 func (o *ocb) Seal(dst, nonce, plaintext, adata []byte) []byte {
     if len(nonce) > o.nonceSize {
         panic("crypto/ocb: Incorrect nonce length given to OCB")

pkg/lakego-pkg/go-cryptobin/cipher/ocb/ocb_test.go

@@ -46,12 +46,12 @@ func TestZeroHash(t *testing.T) {
     }
 }
 
-func TestNewOCBIncorrectNonceLength(t *testing.T) {
+func TestNewIncorrectNonceLength(t *testing.T) {
     aesCipher, err := aes.NewCipher(make([]byte, 16))
     if err != nil {
         t.Fatal(err)
     }
-    e, err := NewOCBWithNonceAndTagSize(aesCipher, 0, 16)
+    e, err := NewWithNonceAndTagSize(aesCipher, 0, 16)
     if err == nil || e != nil {
         t.Errorf("OCB with nonceLength 0 was not rejected")
     }
@@ -62,7 +62,7 @@ func TestSealIncorrectNonceLength(t *testing.T) {
     if err != nil {
         t.Fatal(err)
     }
-    o, err := NewOCBWithNonceAndTagSize(aesCipher, 15, 16)
+    o, err := NewWithNonceAndTagSize(aesCipher, 15, 16)
     if err != nil {
         t.Fatal(err)
     }
@@ -80,7 +80,7 @@ func TestOpenIncorrectNonceLength(t *testing.T) {
     if err != nil {
         t.Fatal(err)
     }
-    o, err := NewOCBWithNonceAndTagSize(aesCipher, 15, 16)
+    o, err := NewWithNonceAndTagSize(aesCipher, 15, 16)
     if err != nil {
         t.Fatal(err)
     }
@@ -101,7 +101,7 @@ func TestOpenShortCiphertext(t *testing.T) {
     if err != nil {
         t.Fatal(err)
     }
-    o, err := NewOCBWithNonceAndTagSize(aesCipher, 15, 16)
+    o, err := NewWithNonceAndTagSize(aesCipher, 15, 16)
     if err != nil {
         t.Fatal(err)
     }
@@ -118,7 +118,7 @@ func TestEncryptDecryptRFC7253TestVectors(t *testing.T) {
     if err != nil {
         t.Fatal(err)
     }
-    ocbInstance, errO := NewOCB(aesCipher)
+    ocbInstance, errO := New(aesCipher)
     if errO != nil {
         t.Fatal(err)
     }
@@ -169,7 +169,7 @@ func TestEncryptDecryptRFC7253TagLen96(t *testing.T) {
     if err != nil {
         t.Fatal(err)
     }
-    ocbInstance, err := NewOCBWithNonceAndTagSize(aesCipher, len(nonce), 96/8)
+    ocbInstance, err := NewWithNonceAndTagSize(aesCipher, len(nonce), 96/8)
     if err != nil {
         t.Fatal(err)
     }
@@ -208,7 +208,7 @@ func TestEncryptDecryptRFC7253DifferentKeySizes(t *testing.T) {
         if err != nil {
             t.Fatal(err)
         }
-        ocbInstance, err := NewOCBWithNonceAndTagSize(aesCipher, 12, tagLen/8)
+        ocbInstance, err := NewWithNonceAndTagSize(aesCipher, 12, tagLen/8)
         if err != nil {
             t.Fatal(err)
         }
@@ -259,7 +259,7 @@ func TestEncryptDecryptGoTestVectors(t *testing.T) {
         targetPt, _ := hex.DecodeString(test.plaintext)
         targetCt, _ := hex.DecodeString(test.ciphertext)
         tagSize := len(targetCt) - len(targetPt)
-        ocbInstance, err := NewOCBWithNonceAndTagSize(aesCipher, len(nonce), tagSize)
+        ocbInstance, err := NewWithNonceAndTagSize(aesCipher, len(nonce), tagSize)
         if err != nil {
             t.Fatal(err)
         }
@@ -316,7 +316,7 @@ func TestEncryptDecryptVectorsWithPreviousDataRandomizeSlow(t *testing.T) {
         if err != nil {
             t.Fatal(err)
         }
-        ocb, err := NewOCB(aesCipher)
+        ocb, err := New(aesCipher)
         if err != nil {
             t.Fatal(err)
         }
@@ -352,7 +352,7 @@ func TestRejectTamperedCiphertextRandomizeSlow(t *testing.T) {
     if err != nil {
         t.Fatal(err)
     }
-    ocb, errO := NewOCB(aesCipher)
+    ocb, errO := New(aesCipher)
     if errO != nil {
         t.Fatal(err)
     }
@@ -381,15 +381,15 @@ func TestParameters(t *testing.T) {
     t.Run("Should return error on too long tagSize", func(st *testing.T) {
         tagSize := blockLength + 1 + mathrand.Intn(12)
         nonceSize := 1 + mathrand.Intn(16)
-        _, err := NewOCBWithNonceAndTagSize(aesCipher, nonceSize, tagSize)
+        _, err := NewWithNonceAndTagSize(aesCipher, nonceSize, tagSize)
         if err == nil {
             st.Errorf("No error was returned")
         }
     })
     t.Run("Should return error on too long nonceSize", func(st *testing.T) {
         tagSize := 12
         nonceSize := blockLength + mathrand.Intn(16)
-        _, err := NewOCBWithNonceAndTagSize(aesCipher, nonceSize, tagSize)
+        _, err := NewWithNonceAndTagSize(aesCipher, nonceSize, tagSize)
         if err == nil {
             st.Errorf("No error was returned")
         }
@@ -400,7 +400,7 @@ func TestParameters(t *testing.T) {
             // Shorter values of nonceSize are not recommended.
             nonceSize := 12 + mathrand.Intn(blockLength-12)
             tagSize := 12 + mathrand.Intn(blockLength-11)
-            _, err := NewOCBWithNonceAndTagSize(aesCipher, nonceSize, tagSize)
+            _, err := NewWithNonceAndTagSize(aesCipher, nonceSize, tagSize)
             if err != nil {
                 st.Errorf("An error was returned")
             }
@@ -424,7 +424,7 @@ func BenchmarkEncrypt(b *testing.B) {
     if err != nil {
         b.Fatal(err)
     }
-    ocb, err := NewOCB(aesCipher)
+    ocb, err := New(aesCipher)
     if err != nil {
         b.Fatal(err)
     }
@@ -450,7 +450,7 @@ func BenchmarkDecrypt(b *testing.B) {
     if err != nil {
         b.Fatal(err)
     }
-    ocb, errO := NewOCB(aesCipher)
+    ocb, errO := New(aesCipher)
     if errO != nil {
         b.Fatal(err)
     }

pkg/lakego-pkg/go-cryptobin/cipher/ocb3/ocb3.go

@@ -49,6 +49,50 @@ const (
 
 var errOpen = errors.New("ocb3: message authentication failure")
 
+const (
+    // lsize is the size of the key-dependent L buffer. On
+    // a 64-bit system, lsize will be 58 and on a 32-bit system
+    // lsize will be 26.
+    //
+    // On a 64-bit system, the maximum plaintext size is 1<<63-1,
+    // which is 1<<59-1 blocks and a maximum 58 trailing zeros.
+    //
+    // On a 32-bit system, the maximum plaintext size is 1<<31-1,
+    // which is 1<<27-1 blocks and a maximum 26 trailing zeros.
+    lsize = 58 - (64 - uintSize)
+    // uintSize is 64 on a 64-bit system and 32 on a 32-bit
+    // system.
+    uintSize = 32 << (^uint(0) >> 32 & 1)
+)
+
+// aead implements cipher.AEAD.
+type aead struct {
+    // b is the underlying block cipher.
+    b cipher.Block
+    // nonceSize is the size of the nonce.
+    //
+    // Will be in [1, 15].
+    nonceSize int
+    // tagSize is the size of the tag.
+    //
+    // Will be in [12, 16].
+    tagSize int
+    // Lstar is the encrypted zero block.
+    //
+    // Used by setup and updating the offset for partial
+    // plaintext blocks.
+    Lstar uint128
+    // Ldollar is Lstar doubled in GF(2^128).
+    //
+    // Used by setup and updating the offset when computing the
+    // authentication tag.
+    Ldollar uint128
+    // L is the complete L cache, including L_0.
+    L [lsize]uint128
+    // buf is a scratch buffer for encipher and decipher.
+    buf [BlockSize]byte
+}
+
 // New creates an OCB3 AEAD from a secure block cipher.
 //
 // The AEAD uses a 96-bit nonce and 128-bit tag.
@@ -102,52 +146,6 @@ func NewWithNonceAndTagSize(b cipher.Block, nonceSize, tagSize int) (cipher.AEAD
     return a, nil
 }
 
-// aead implements cipher.AEAD.
-type aead struct {
-    // b is the underlying block cipher.
-    b cipher.Block
-    // nonceSize is the size of the nonce.
-    //
-    // Will be in [1, 15].
-    nonceSize int
-    // tagSize is the size of the tag.
-    //
-    // Will be in [12, 16].
-    tagSize int
-    // Lstar is the encrypted zero block.
-    //
-    // Used by setup and updating the offset for partial
-    // plaintext blocks.
-    Lstar uint128
-    // Ldollar is Lstar doubled in GF(2^128).
-    //
-    // Used by setup and updating the offset when computing the
-    // authentication tag.
-    Ldollar uint128
-    // L is the complete L cache, including L_0.
-    L [lsize]uint128
-    // buf is a scratch buffer for encipher and decipher.
-    buf [BlockSize]byte
-}
-
-const (
-    // lsize is the size of the key-dependent L buffer. On
-    // a 64-bit system, lsize will be 58 and on a 32-bit system
-    // lsize will be 26.
-    //
-    // On a 64-bit system, the maximum plaintext size is 1<<63-1,
-    // which is 1<<59-1 blocks and a maximum 58 trailing zeros.
-    //
-    // On a 32-bit system, the maximum plaintext size is 1<<31-1,
-    // which is 1<<27-1 blocks and a maximum 26 trailing zeros.
-    lsize = 58 - (64 - uintSize)
-    // uintSize is 64 on a 64-bit system and 32 on a 32-bit
-    // system.
-    uintSize = 32 << (^uint(0) >> 32 & 1)
-)
-
-var _ cipher.AEAD = (*aead)(nil)
-
 func (a *aead) NonceSize() int {
     return a.nonceSize
 }

pkg/lakego-pkg/go-cryptobin/cipher/ocb3/ocb3_test.go

@@ -6,6 +6,7 @@ import (
     "testing"
     "crypto/aes"
     "crypto/rand"
+    "crypto/cipher"
     "encoding/binary"
     "encoding/hex"
     mrand "math/rand"
@@ -47,6 +48,10 @@ func unhex(t *testing.T, s string) []byte {
     return p
 }
 
+func Test_Interface(t *testing.T) {
+    var _ cipher.AEAD = (*aead)(nil)
+}
+
 func TestSeal(t *testing.T) {
     for i, tc := range tests {
         c, err := aes.NewCipher(unhex(t, tc.key))