// NewCipher returns a new cipher.Block implementing the serpent block cipher.
// The key argument must be 128, 192 or 256 bit (16, 24, 32 byte).
func NewCipher(key []byte) (cipher.Block, error) {
if k := len(key); k != 16 && k != 24 && k != 32 {
return nil, crypto.KeySizeError(k)
}
s := &subkeys{}
s.keySchedule(key)
return s, nil
}
// NewCipher returns a cipher.Block implementing the Threefish cipher.
// The length of the key must be 32, 64 or 128 byte.
// The length of the tweak must be TweakSize.
// The returned cipher implements:
// - Threefish-256 - if len(key) = 32
// - Threefish-512 - if len(key) = 64
// - Threefish-1024 - if len(key) = 128
func NewCipher(tweak *[TweakSize]byte, key []byte) (cipher.Block, error) {
switch k := len(key); k {
default:
return nil, crypto.KeySizeError(k)
case BlockSize256:
return newCipher256(tweak, key), nil
case BlockSize512:
return newCipher512(tweak, key), nil
case BlockSize1024:
return newCipher1024(tweak, key), nil
}
}
// NewCipher returns a new cipher.Block implementing the camellia cipher.
// The key argument must be 128, 192 or 256 bit (16, 24, 32 byte).
func NewCipher(key []byte) (cipher.Block, error) {
k := len(key)
if k == 16 {
c := new(blockCipher128)
c.keySchedule(key)
return c, nil
}
if k == 24 || k == 32 {
c := new(blockCipher256)
c.keySchedule(key)
return c, nil
}
return nil, crypto.KeySizeError(k)
}
// Configure takes the hash size and the BLAKE2b configuration and
// computes the 8 64-bit chain values. The conf is optional and can be nil,
// or must be a valid configuraton struct - otherwise a non-nil error is returned.
func Configure(hVal *[8]uint64, hashsize int, conf *Config) error {
if hashsize <= 0 || hashsize > Size {
return errors.New("illegal hash size " + strconv.Itoa(hashsize))
}
var key, salt, personal []byte
if conf != nil {
key = conf.Key
salt = conf.Salt
personal = conf.Personal
}
if k := len(key); k > Size {
return crypto.KeySizeError(k)
}
if s := len(salt); s > 16 {
return errors.New("illegal salt size " + strconv.Itoa(s))
}
if p := len(personal); p > 16 {
return errors.New("illegal personalization size " + strconv.Itoa(p))
}
var p [BlockSize]byte
p[0] = byte(hashsize)
p[1] = byte(len(key))
p[2] = 1
p[3] = 1
if len(salt) > 0 {
copy(p[32:], salt)
}
if len(personal) > 0 {
copy(p[48:], personal)
}
for i := range iv {
j := i * 8
v := uint64(p[j+0]) | uint64(p[j+1])<<8 | uint64(p[j+2])<<16 | uint64(p[j+3])<<24 |
uint64(p[j+4])<<32 | uint64(p[j+5])<<40 | uint64(p[j+6])<<48 | uint64(p[j+7])<<56
hVal[i] = iv[i] ^ v
}
return nil
}