1 // Copyright 2009 The Go Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style
3 // license that can be found in the LICENSE file.
7 // CTR converts a block cipher into a stream cipher by
8 // repeatedly encrypting an incrementing counter and
9 // xoring the resulting stream of data with the input.
11 // See NIST SP 800-38A, pp 13-15
22 // NewCTR returns a Stream which encrypts/decrypts using the given Block in
23 // counter mode. The length of iv must be the same as the Block's block size.
24 func NewCTR(block Block, iv []byte) Stream {
25 if len(iv) != block.BlockSize() {
26 panic("cipher.NewCTR: IV length must equal block size")
32 out: make([]byte, len(iv)),
37 func (x *ctr) XORKeyStream(dst, src []byte) {
38 for i := 0; i < len(src); i++ {
39 if x.outUsed == len(x.ctr) {
40 x.b.Encrypt(x.out, x.ctr)
44 for i := len(x.ctr) - 1; i >= 0; i-- {
52 dst[i] = src[i] ^ x.out[x.outUsed]