ocb2

package

v0.4.0 Latest Latest Go to latest Published: Sep 4, 2021 License: MIT Imports: 2 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/CodingVoid/gomble

Links

Open Source Insights

Documentation ¶

Overview ¶

Package ocb2 implements the version 2 of the OCB authenticated-encryption algorithm. OCB2 is specified in http://www.cs.ucdavis.edu/~rogaway/papers/draft-krovetz-ocb-00.txt.

Note that this implementation is limited to block ciphers with a block size of 128 bits.

It should also be noted that OCB's author, Phil Rogaway <rogaway@cs.ucdavis.edu>, holds several US patents on the algorithm. This should be considered before using this code in your own projects. See OCB's FAQ for more info: http://www.cs.ucdavis.edu/~rogaway/ocb/ocb-faq.htm#patent:phil

The Mumble Project has a license to use OCB mode in its BSD licensed code on a royalty free basis.

Index ¶

Constants
func Decrypt(cipher cipher.Block, plain []byte, encrypted []byte, nonce []byte, tag []byte) bool
func Encrypt(cipher cipher.Block, dst []byte, src []byte, nonce []byte, tag []byte)

Constants ¶

View Source

const (
	// BlockSize defines the block size that this particular implementation
	// of OCB2 is made to work on.
	BlockSize = 16
	// TagSize specifies the length in bytes of a full OCB2 tag.
	// As per the specification, applications may truncate their
	// tags to a given length, but advocates that typical applications
	// should use a tag length of at least 8 bytes (64 bits).
	TagSize = BlockSize
	// NonceSize specifies the length in bytes of an OCB2 nonce.
	NonceSize = BlockSize
)

Variables ¶

This section is empty.

Functions ¶

func Decrypt ¶

func Decrypt(cipher cipher.Block, plain []byte, encrypted []byte, nonce []byte, tag []byte) bool

Decrypt takes a ciphertext, a nonce, and a tag as its input and outputs a decrypted plaintext (if successful) and a boolean flag that determines whether the function successfully decrypted the given ciphertext.

Before using the decrpyted plaintext, the application should verify that the computed authentication tag matches the tag that was produced when encrypting the message (taking into consideration that OCB tags are allowed to be truncated to a length less than ocb.TagSize).

The block cipher used in function must work on a block size equal to ocb2.BlockSize. The tag slice used in this function must have a length equal to ocb2.TagSize. The nonce slice used in this function must have a length equal to ocb2.NonceSize. If any of the above are violated, Encrypt will panic.

func Encrypt ¶

func Encrypt(cipher cipher.Block, dst []byte, src []byte, nonce []byte, tag []byte)

Encrypt encrypts the plaintext src and outputs the corresponding ciphertext into dst. Besides outputting a ciphertext into dst, Encrypt also outputs an authentication tag of ocb2.TagSize bytes into tag, which should be used to verify the authenticity of the message on the receiving side.

To ensure both authenticity and secrecy of messages, each invocation to this function must be given an unique nonce of ocb2.NonceSize bytes. The nonce need not be secret (it can be a counter), but it needs to be unique.

The block cipher used in function must work on a block size equal to ocb2.BlockSize. The tag slice used in this function must have a length equal to ocb2.TagSize. The nonce slice used in this function must have a length equal to ocb2.NonceSize. If any of the above are violated, Encrypt will panic.

Types ¶

This section is empty.

Source Files ¶

View all Source files

ocb2.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL