Package xts
Package xts implements the XTS cipher mode as specified in IEEE P1619/D16.
XTS mode is typically used for disk encryption, which presents a number of
novel problems that make more common modes inapplicable. The disk is
conceptually an array of sectors and we must be able to encrypt and decrypt
a sector in isolation. However, an attacker must not be able to transpose
two sectors of plaintext by transposing their ciphertext.
XTS wraps a block cipher with Rogaway's XEX mode in order to build a
tweakable block cipher. This allows each sector to have a unique tweak and
effectively create a unique key for each sector.
XTS does not provide any authentication. An attacker can manipulate the
ciphertext and randomise a block (16 bytes) of the plaintext.
(Note: this package does not implement ciphertext-stealing so sectors must
be a multiple of 16 bytes.)
In the call graph viewer below, each node
is a function belonging to this package
and its children are the functions it
calls—perhaps dynamically.
The root nodes are the entry points of the
package: functions that may be called from
outside the package.
There may be non-exported or anonymous
functions among them if they are called
dynamically from another package.
Click a node to visit that function's source code.
From there you can visit its callers by
clicking its declaring func
token.
Functions may be omitted if they were
determined to be unreachable in the
particular programs or tests that were
analyzed.
Cipher contains an expanded key structure. It doesn't contain mutable state
and therefore can be used concurrently.
type Cipher struct {
}
func NewCipher(cipherFunc func([]byte) (cipher.Block, error), key []byte) (c *Cipher, err error)
NewCipher creates a Cipher given a function for creating the underlying
block cipher (which must have a block size of 16 bytes). The key must be
twice the length of the underlying cipher's key.
func (c *Cipher) Decrypt(plaintext, ciphertext []byte, sectorNum uint64)
Decrypt decrypts a sector of ciphertext and puts the result into plaintext.
Plaintext and ciphertext may be the same slice but should not overlap.
Sectors must be a multiple of 16 bytes and less than 2²⁴ bytes.
func (c *Cipher) Encrypt(ciphertext, plaintext []byte, sectorNum uint64)
Encrypt encrypts a sector of plaintext and puts the result into ciphertext.
Plaintext and ciphertext may be the same slice but should not overlap.
Sectors must be a multiple of 16 bytes and less than 2²⁴ bytes.
ActiveGo 1.8