...

Package blowfish

import "golang.org/x/crypto/blowfish"
Overview
Index

Overview ▾

Package blowfish implements Bruce Schneier's Blowfish encryption algorithm.

Blowfish is a legacy cipher and its short block size makes it vulnerable to birthday bound attacks (see https://sweet32.info). It should only be used where compatibility with legacy systems, not security, is the goal.

Deprecated: any new system should use AES (from crypto/aes, if necessary in an AEAD mode like crypto/cipher.NewGCM) or XChaCha20-Poly1305 (from golang.org/x/crypto/chacha20poly1305).

Constants

The Blowfish block size in bytes.

const BlockSize = 8

func ExpandKey

func ExpandKey(key []byte, c *Cipher)

ExpandKey performs a key expansion on the given *Cipher. Specifically, it performs the Blowfish algorithm's key schedule which sets up the *Cipher's pi and substitution tables for calls to Encrypt. This is used, primarily, by the bcrypt package to reuse the Blowfish key schedule during its set up. It's unlikely that you need to use this directly.

type Cipher

A Cipher is an instance of Blowfish encryption using a particular key.

type Cipher struct {
    // contains filtered or unexported fields
}

func NewCipher

func NewCipher(key []byte) (*Cipher, error)

NewCipher creates and returns a Cipher. The key argument should be the Blowfish key, from 1 to 56 bytes.

func NewSaltedCipher

func NewSaltedCipher(key, salt []byte) (*Cipher, error)

NewSaltedCipher creates a returns a Cipher that folds a salt into its key schedule. For most purposes, NewCipher, instead of NewSaltedCipher, is sufficient and desirable. For bcrypt compatibility, the key can be over 56 bytes.

func (*Cipher) BlockSize

func (c *Cipher) BlockSize() int

BlockSize returns the Blowfish block size, 8 bytes. It is necessary to satisfy the Block interface in the package "crypto/cipher".

func (*Cipher) Decrypt

func (c *Cipher) Decrypt(dst, src []byte)

Decrypt decrypts the 8-byte buffer src using the key k and stores the result in dst.

func (*Cipher) Encrypt

func (c *Cipher) Encrypt(dst, src []byte)

Encrypt encrypts the 8-byte buffer src using the key k and stores the result in dst. Note that for amounts of data larger than a block, it is not safe to just call Encrypt on successive blocks; instead, use an encryption mode like CBC (see crypto/cipher/cbc.go).

type KeySizeError

type KeySizeError int

func (KeySizeError) Error

func (k KeySizeError) Error() string