Skip to content

Commit 5b12dac

Browse files
authored
cipher: update comments
1 parent 00a09d0 commit 5b12dac

6 files changed

Lines changed: 40 additions & 16 deletions

File tree

cipher/ghash.go

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,7 @@
1+
// Copyright 2025 Sun Yimin. All rights reserved.
2+
// Use of this source code is governed by a MIT-style
3+
// license that can be found in the LICENSE file.
4+
15
package cipher
26

37
import "github.com/emmansun/gmsm/internal/byteorder"

cipher/gxm.go

Lines changed: 11 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,7 @@
1+
// Copyright 2025 Sun Yimin. All rights reserved.
2+
// Use of this source code is governed by a MIT-style
3+
// license that can be found in the LICENSE file.
4+
15
package cipher
26

37
import (
@@ -19,12 +23,16 @@ type gxm struct {
1923
}
2024

2125
// NewGXM creates a new GXM instance using the provided cipher stream and hash key.
22-
// It uses the default tag size of 16 bytes.
26+
// It uses the default tag size of 16 bytes.
27+
//
28+
// Due to the nature of GXM, the same stream cipher instance should not be reused.
2329
func NewGXM(stream cipher.Stream, hkey []byte) (*gxm, error) {
2430
return NewGXMWithTagSize(stream, hkey, 16)
2531
}
2632

2733
// NewGXMWithTagSize creates a new instance of GXM (Galois XOR Mode) with a specified tag size.
34+
//
35+
// Due to the nature of GXM, the same stream cipher instance should not be reused.
2836
func NewGXMWithTagSize(stream cipher.Stream, hkey []byte, tagSize int) (*gxm, error) {
2937
if len(hkey) != ghashBlockSize {
3038
return nil, errors.New("cipher: invalid hash key length")
@@ -65,8 +73,7 @@ func (g *gxm) Overhead() int {
6573

6674
// Seal encrypts and authenticates plaintext, authenticates the
6775
// additional data and appends the result to dst, returning the updated
68-
// slice. The nonce must be NonceSize() bytes long and unique for all
69-
// time, for a given key.
76+
// slice.
7077
//
7178
// To reuse plaintext's storage for the encrypted output, use plaintext[:0]
7279
// as dst. Otherwise, the remaining capacity of dst must not overlap plaintext.
@@ -87,8 +94,7 @@ func (g *gxm) Seal(dst, plaintext, additionalData []byte) []byte {
8794

8895
// Open decrypts and authenticates ciphertext, authenticates the
8996
// additional data and, if successful, appends the resulting plaintext
90-
// to dst, returning the updated slice. The nonce must be NonceSize()
91-
// bytes long and both it and the additional data must match the
97+
// to dst, returning the updated slice. The additional data must match the
9298
// value passed to Seal.
9399
//
94100
// To reuse ciphertext's storage for the decrypted output, use ciphertext[:0]

cipher/hctr.go

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,7 @@
1+
// Copyright 2024 Sun Yimin. All rights reserved.
2+
// Use of this source code is governed by a MIT-style
3+
// license that can be found in the LICENSE file.
4+
15
package cipher
26

37
import (

cipher/mur.go

Lines changed: 13 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,7 @@
1+
// Copyright 2025 Sun Yimin. All rights reserved.
2+
// Use of this source code is governed by a MIT-style
3+
// license that can be found in the LICENSE file.
4+
15
package cipher
26

37
import (
@@ -70,13 +74,12 @@ func (g *mur) Overhead() int {
7074

7175
// Seal encrypts and authenticates plaintext, authenticates the
7276
// additional data and appends the result to dst, returning the updated
73-
// slice. The nonce must be NonceSize() bytes long and unique for all
74-
// time, for a given key.
77+
// slice.
7578
//
7679
// To reuse plaintext's storage for the encrypted output, use plaintext[:0]
7780
// as dst. Otherwise, the remaining capacity of dst must not overlap plaintext.
7881
// dst and additionalData may not overlap.
79-
func (g *mur) Seal(iv, key1, key2, dst, plaintext, additionalData []byte) ([]byte, error) {
82+
func (g *mur) Seal(iv, dataKey, tagKey, dst, plaintext, additionalData []byte) ([]byte, error) {
8083
ret, out := alias.SliceForAppend(dst, len(plaintext)+g.tagSize)
8184
if alias.InexactOverlap(out, plaintext) {
8285
panic("cipher: invalid buffer overlap")
@@ -95,15 +98,15 @@ func (g *mur) Seal(iv, key1, key2, dst, plaintext, additionalData []byte) ([]byt
9598
copy(tmpIV[:], iv)
9699
g.murAuth(tmpIV[:], plaintext, additionalData)
97100
subtle.XORBytes(tmpIV[:], tmpIV[:], iv)
98-
tagStream, err := g.streamCipherCreator(key2, tmpIV[:ivLen])
101+
tagStream, err := g.streamCipherCreator(tagKey, tmpIV[:ivLen])
99102
if err != nil {
100103
return nil, err
101104
}
102105
tagStream.XORKeyStream(tag[:g.tagSize], tag[:g.tagSize])
103106

104107
clear(tmpIV[:])
105108
subtle.XORBytes(tmpIV[:], iv, tag[:])
106-
dataStream, err := g.streamCipherCreator(key1, tmpIV[:ivLen])
109+
dataStream, err := g.streamCipherCreator(dataKey, tmpIV[:ivLen])
107110
if err != nil {
108111
return nil, err
109112
}
@@ -114,17 +117,16 @@ func (g *mur) Seal(iv, key1, key2, dst, plaintext, additionalData []byte) ([]byt
114117

115118
// Open decrypts and authenticates ciphertext, authenticates the
116119
// additional data and, if successful, appends the resulting plaintext
117-
// to dst, returning the updated slice. The nonce must be NonceSize()
118-
// bytes long and both it and the additional data must match the
119-
// value passed to Seal.
120+
// to dst, returning the updated slice. The iv, dataKey, tagKey
121+
// and the additional data must match the value passed to Seal.
120122
//
121123
// To reuse ciphertext's storage for the decrypted output, use ciphertext[:0]
122124
// as dst. Otherwise, the remaining capacity of dst must not overlap ciphertext.
123125
// dst and additionalData may not overlap.
124126
//
125127
// Even if the function fails, the contents of dst, up to its capacity,
126128
// may be overwritten.
127-
func (g *mur) Open(iv, key1, key2, dst, ciphertext, additionalData []byte) ([]byte, error) {
129+
func (g *mur) Open(iv, dataKey, tagKey, dst, ciphertext, additionalData []byte) ([]byte, error) {
128130
if len(ciphertext) < g.tagSize {
129131
return nil, errOpen
130132
}
@@ -148,7 +150,7 @@ func (g *mur) Open(iv, key1, key2, dst, ciphertext, additionalData []byte) ([]by
148150
}
149151
copy(tmpIV[:], tag)
150152
subtle.XORBytes(tmpIV[:], iv, tmpIV[:])
151-
dataStream, err := g.streamCipherCreator(key1, tmpIV[:ivLen])
153+
dataStream, err := g.streamCipherCreator(dataKey, tmpIV[:ivLen])
152154
if err != nil {
153155
return nil, err
154156
}
@@ -157,7 +159,7 @@ func (g *mur) Open(iv, key1, key2, dst, ciphertext, additionalData []byte) ([]by
157159
clear(tmpIV[:])
158160
g.murAuth(tmpIV[:], out, additionalData)
159161
subtle.XORBytes(tmpIV[:], tmpIV[:], iv)
160-
tagStream, err := g.streamCipherCreator(key2, tmpIV[:ivLen])
162+
tagStream, err := g.streamCipherCreator(tagKey, tmpIV[:ivLen])
161163
if err != nil {
162164
return nil, err
163165
}

cipher/zuc_gxm_test.go

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,7 @@
1+
// Copyright 2025 Sun Yimin. All rights reserved.
2+
// Use of this source code is governed by a MIT-style
3+
// license that can be found in the LICENSE file.
4+
15
package cipher_test
26

37
import (

cipher/zuc_mur_test.go

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,7 @@
1+
// Copyright 2025 Sun Yimin. All rights reserved.
2+
// Use of this source code is governed by a MIT-style
3+
// license that can be found in the LICENSE file.
4+
15
package cipher_test
26

37
import (

0 commit comments

Comments
 (0)