xts

package

v0.1.1 Latest Latest Go to latest Published: Jan 3, 2022 License: MIT Imports: 4 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ralim/switchhost

Links

Open Source Insights

README ¶

XTS -- Tweaked

Big N decided to flip the endianness of their implementation of the sector tweak for XTS This is the golang xts from go 1.17, tweaked to compensate.

Documentation ¶

Overview ¶

Package xts implements the XTS cipher mode as specified in IEEE P1619/D16.

XTS mode is typically used for disk encryption, which presents a number of novel problems that make more common modes inapplicable. The disk is conceptually an array of sectors and we must be able to encrypt and decrypt a sector in isolation. However, an attacker must not be able to transpose two sectors of plaintext by transposing their ciphertext.

XTS wraps a block cipher with Rogaway's XEX mode in order to build a tweakable block cipher. This allows each sector to have a unique tweak and effectively create a unique key for each sector.

XTS does not provide any authentication. An attacker can manipulate the ciphertext and randomise a block (16 bytes) of the plaintext. This package does not implement ciphertext-stealing so sectors must be a multiple of 16 bytes.

Note that XTS is usually not appropriate for any use besides disk encryption. Most users should use an AEAD mode like GCM (from crypto/cipher.NewGCM) instead.

Index ¶

type Cipher
- func NewCipher(cipherFunc func([]byte) (cipher.Block, error), key []byte) (c *Cipher, err error)
- func (c *Cipher) Decrypt(plaintext, ciphertext []byte, sectorNum uint64)
- func (c *Cipher) Encrypt(ciphertext, plaintext []byte, sectorNum uint64)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Cipher ¶

type Cipher struct {
	// contains filtered or unexported fields
}

Cipher contains an expanded key structure. It is safe for concurrent use if the underlying block cipher is safe for concurrent use.

func NewCipher ¶

func NewCipher(cipherFunc func([]byte) (cipher.Block, error), key []byte) (c *Cipher, err error)

NewCipher creates a Cipher given a function for creating the underlying block cipher (which must have a block size of 16 bytes). The key must be twice the length of the underlying cipher's key.

func (*Cipher) Decrypt ¶

func (c *Cipher) Decrypt(plaintext, ciphertext []byte, sectorNum uint64)

Decrypt decrypts a sector of ciphertext and puts the result into plaintext. Plaintext and ciphertext must overlap entirely or not at all. Sectors must be a multiple of 16 bytes and less than 2²⁴ bytes.

func (*Cipher) Encrypt ¶

func (c *Cipher) Encrypt(ciphertext, plaintext []byte, sectorNum uint64)

Encrypt encrypts a sector of plaintext and puts the result into ciphertext. Plaintext and ciphertext must overlap entirely or not at all. Sectors must be a multiple of 16 bytes and less than 2²⁴ bytes.

Source Files ¶

View all Source files

tweaked_xts.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL