crypto: implement Output Feedback (OFB) Mode for AES and DES (#13583)

2023-08-10 21:13:21 +03:00 · 2022-02-24 13:38:21 +01:00
parent 0d07a64230
commit fa645516c3
3 changed files with 151 additions and 0 deletions
--- a/vlib/crypto/cipher/ofb.v
+++ b/vlib/crypto/cipher/ofb.v
@@ -0,0 +1,66 @@
+// The source code refers to the go standard library, which will be combined with AES in the future.
+//
+// Use of this source code is governed by an MIT license
+// that can be found in the LICENSE file.
+//
+// OFB (Output Feedback) Mode.
+// See NIST SP 800-38A, pp 13-15
+module cipher
+
+import crypto.internal.subtle
+
+struct Ofb {
+mut:
+	b        Block
+	next     []byte
+	out      []byte
+	out_used int
+}
+
+// new_ofb returns a Ofb that encrypts or decrypts using the block cipher b
+// in output feedback mode. The initialization vector iv's length must be equal
+// to b's block size.
+pub fn new_ofb(b Block, iv []byte) Ofb {
+	block_size := b.block_size
+	if iv.len != block_size {
+		panic('cipher.new_ofb: IV length must be equal block size')
+	}
+	x := Ofb{
+		b: b
+		out: []byte{len: b.block_size}
+		next: []byte{len: b.block_size}
+		out_used: block_size
+	}
+
+	copy(x.next, iv)
+
+	return x
+}
+
+pub fn (x &Ofb) xor_key_stream(mut dst_ []byte, src_ []byte) {
+	unsafe {
+		mut dst := *dst_
+		mut src := src_
+		if dst.len < src.len {
+			panic('crypto.cipher.xor_key_stream: output smaller than input')
+		}
+
+		if subtle.inexact_overlap(dst[..src.len], src) {
+			panic('crypto.cipher.xor_key_stream: invalid buffer overlap')
+		}
+
+		for src.len > 0 {
+			if x.out_used == x.out.len {
+				x.b.encrypt(mut x.out, x.next)
+				x.out_used = 0
+			}
+
+			copy(x.next, x.out)
+
+			n := xor_bytes(mut dst, src, x.out)
+			dst = dst[n..]
+			src = src[n..]
+			x.out_used += n
+		}
+	}
+}