1+ // Copyright 2025 Sun Yimin. All rights reserved.
2+ // Use of this source code is governed by a MIT-style
3+ // license that can be found in the LICENSE file.
4+
15package cipher
26
37import (
@@ -70,13 +74,12 @@ func (g *mur) Overhead() int {
7074
7175// Seal encrypts and authenticates plaintext, authenticates the
7276// additional data and appends the result to dst, returning the updated
73- // slice. The nonce must be NonceSize() bytes long and unique for all
74- // time, for a given key.
77+ // slice.
7578//
7679// To reuse plaintext's storage for the encrypted output, use plaintext[:0]
7780// as dst. Otherwise, the remaining capacity of dst must not overlap plaintext.
7881// dst and additionalData may not overlap.
79- func (g * mur ) Seal (iv , key1 , key2 , dst , plaintext , additionalData []byte ) ([]byte , error ) {
82+ func (g * mur ) Seal (iv , dataKey , tagKey , dst , plaintext , additionalData []byte ) ([]byte , error ) {
8083 ret , out := alias .SliceForAppend (dst , len (plaintext )+ g .tagSize )
8184 if alias .InexactOverlap (out , plaintext ) {
8285 panic ("cipher: invalid buffer overlap" )
@@ -95,15 +98,15 @@ func (g *mur) Seal(iv, key1, key2, dst, plaintext, additionalData []byte) ([]byt
9598 copy (tmpIV [:], iv )
9699 g .murAuth (tmpIV [:], plaintext , additionalData )
97100 subtle .XORBytes (tmpIV [:], tmpIV [:], iv )
98- tagStream , err := g .streamCipherCreator (key2 , tmpIV [:ivLen ])
101+ tagStream , err := g .streamCipherCreator (tagKey , tmpIV [:ivLen ])
99102 if err != nil {
100103 return nil , err
101104 }
102105 tagStream .XORKeyStream (tag [:g .tagSize ], tag [:g .tagSize ])
103106
104107 clear (tmpIV [:])
105108 subtle .XORBytes (tmpIV [:], iv , tag [:])
106- dataStream , err := g .streamCipherCreator (key1 , tmpIV [:ivLen ])
109+ dataStream , err := g .streamCipherCreator (dataKey , tmpIV [:ivLen ])
107110 if err != nil {
108111 return nil , err
109112 }
@@ -114,17 +117,16 @@ func (g *mur) Seal(iv, key1, key2, dst, plaintext, additionalData []byte) ([]byt
114117
115118// Open decrypts and authenticates ciphertext, authenticates the
116119// additional data and, if successful, appends the resulting plaintext
117- // to dst, returning the updated slice. The nonce must be NonceSize()
118- // bytes long and both it and the additional data must match the
119- // value passed to Seal.
120+ // to dst, returning the updated slice. The iv, dataKey, tagKey
121+ // and the additional data must match the value passed to Seal.
120122//
121123// To reuse ciphertext's storage for the decrypted output, use ciphertext[:0]
122124// as dst. Otherwise, the remaining capacity of dst must not overlap ciphertext.
123125// dst and additionalData may not overlap.
124126//
125127// Even if the function fails, the contents of dst, up to its capacity,
126128// may be overwritten.
127- func (g * mur ) Open (iv , key1 , key2 , dst , ciphertext , additionalData []byte ) ([]byte , error ) {
129+ func (g * mur ) Open (iv , dataKey , tagKey , dst , ciphertext , additionalData []byte ) ([]byte , error ) {
128130 if len (ciphertext ) < g .tagSize {
129131 return nil , errOpen
130132 }
@@ -148,7 +150,7 @@ func (g *mur) Open(iv, key1, key2, dst, ciphertext, additionalData []byte) ([]by
148150 }
149151 copy (tmpIV [:], tag )
150152 subtle .XORBytes (tmpIV [:], iv , tmpIV [:])
151- dataStream , err := g .streamCipherCreator (key1 , tmpIV [:ivLen ])
153+ dataStream , err := g .streamCipherCreator (dataKey , tmpIV [:ivLen ])
152154 if err != nil {
153155 return nil , err
154156 }
@@ -157,7 +159,7 @@ func (g *mur) Open(iv, key1, key2, dst, ciphertext, additionalData []byte) ([]by
157159 clear (tmpIV [:])
158160 g .murAuth (tmpIV [:], out , additionalData )
159161 subtle .XORBytes (tmpIV [:], tmpIV [:], iv )
160- tagStream , err := g .streamCipherCreator (key2 , tmpIV [:ivLen ])
162+ tagStream , err := g .streamCipherCreator (tagKey , tmpIV [:ivLen ])
161163 if err != nil {
162164 return nil , err
163165 }
0 commit comments