crypto/...: more fixes for bug 2841

1) Remove the Reset() member in crypto/aes and crypto/des (and
   document the change).
2) Turn several empty error structures into vars. Any remaining error
   structures are either non-empty, or will probably become so in the
   future.
3) Implement SetWriteDeadline for TLS sockets. At the moment, the TLS
   status cannot be reused after a Write error, which is probably fine
   for most uses.
4) Make crypto/aes and crypto/des return a cipher.Block.

R=rsc, r
CC=golang-dev
https://golang.org/cl/5625045
This commit is contained in:
Adam Langley 2012-02-13 12:38:45 -05:00
Родитель a52fb458df
Коммит cdd7e02583
17 изменённых файлов: 232 добавлений и 487 удалений

Просмотреть файл

@ -855,38 +855,23 @@ few programs beyond the need to run <code>go fix</code>.
This category includes packages that are new in Go 1. This category includes packages that are new in Go 1.
</p> </p>
<h3 id="bufio">The bufio package</h3> <h3 id="crypto_aes_des">The crypto/aes and crypto/des packages</h3>
<p> <p>
In Go 1, <a href="/pkg/bufio/#NewReaderSize"><code>bufio.NewReaderSize</code></a> In Go 1, the <code>Reset</code> method has been removed. Go does not guarantee
and that memory is not copied and therefore this method was misleading.
<a href="/pkg/bufio/#NewWriterSize"><code>bufio.NewWriterSize</code></a> </p>
functions no longer return an error for invalid sizes.
If the argument size is too small or invalid, it is adjusted. <p>
The cipher-specific types <code>*aes.Cipher</code>, <code>*des.Cipher</code>,
and <code>*des.TripleDESCipher</code> have been removed in favor of
<code>cipher.Block</code>.
</p> </p>
<p> <p>
<em>Updating</em>: <em>Updating</em>:
What little code is affected will be caught by the compiler and must be updated by hand. Remove the calls to Reset. Replace uses of the specific cipher types with
</p> cipher.Block.
<h3 id="bufio">The compress/flate, compress/gzip and compress/zlib packages</h3>
<p>
In Go 1, the <code>NewWriterXxx</code> functions in
<a href="/pkg/compress/flate"><code>compress/flate</code></a>,
<a href="/pkg/compress/gzip"><code>compress/gzip</code></a> and
<a href="/pkg/compress/zlib"><code>compress/zlib</code></a>
all return <code>(*Writer, error)</code> if they take a compression level,
and <code>*Writer</code> otherwise. Package <code>gzip</code>'s
<code>Compressor</code> and <code>Decompressor</code> types have been renamed
to <code>Writer</code> and <code>Reader</code>. Package <code>flate</code>'s
<code>WrongValueError</code> type has been removed.
</p>
<p>
<em>Updating</em>:
What little code is affected will be caught by the compiler and must be updated by hand.
</p> </p>
<h3 id="crypto_elliptic">The crypto/elliptic package</h3> <h3 id="crypto_elliptic">The crypto/elliptic package</h3>
@ -939,64 +924,6 @@ to be implemented in the future.
No changes will be needed. No changes will be needed.
</p> </p>
<h3 id="encoding_binary">The encoding/binary package</h3>
<p>
In Go 1, the <code>binary.TotalSize</code> function has been replaced by
<a href="/pkg/encoding/binary/#Size"><code>Size</code></a>,
which takes an <code>interface{}</code> argument rather than
a <code>reflect.Value</code>.
</p>
<p>
<em>Updating</em>:
What little code is affected will be caught by the compiler and must be updated by hand.
</p>
<h3 id="encoding_xml">The encoding/xml package</h3>
<p>
In Go 1, the <a href="/pkg/encoding/xml/"><code>xml</code></a> package
has been brought closer in design to the other marshaling packages such
as <a href="/pkg/encoding/gob/"><code>encoding/gob</code></a>.
</p>
<p>
The old <code>Parser</code> type is renamed
<a href="/pkg/encoding/xml/#Decoder"><code>Decoder</code></a> and has a new
<a href="/pkg/encoding/xml/#Decoder.Decode"><code>Decode</code></a> method. An
<a href="/pkg/encoding/xml/#Encoder"><code>Encoder</code></a> type was also
introduced.
</p>
<p>
The functions <a href="/pkg/encoding/xml/#Marshal"><code>Marshal</code></a>
and <a href="/pkg/encoding/xml/#Unmarshal"><code>Unmarshal</code></a>
work with <code>[]byte</code> values now. To work with streams,
use the new <a href="/pkg/encoding/xml/#Encoder"><code>Encoder</code></a>
and <a href="/pkg/encoding/xml/#Decoder"><code>Decoder</code></a> types.
</p>
<p>
When marshaling or unmarshaling values, the format of supported flags in
field tags has changed to be closer to the
<a href="/pkg/encoding/json"><code>json</code></a> package
(<code>`xml:"name,flag"`</code>). The matching done between field tags, field
names, and the XML attribute and element names is now case-sensitive.
The <code>XMLName</code> field tag, if present, must also match the name
of the XML element being marshaled.
</p>
<p>
<em>Updating</em>:
Running <code>go fix</code> will update most uses of the package except for some calls to
<code>Unmarshal</code>. Special care must be taken with field tags,
since the fix tool will not update them and if not fixed by hand they will
misbehave silently in some cases. For example, the old
<code>"attr"</code> is now written <code>",attr"</code> while plain
<code>"attr"</code> remains valid but with a different meaning.
</p>
<h3 id="expvar">The expvar package</h3> <h3 id="expvar">The expvar package</h3>
<p> <p>
@ -1046,15 +973,6 @@ The <code>Duration</code> flag is new and affects no existing code.
Several packages under <code>go</code> have slightly revised APIs. Several packages under <code>go</code> have slightly revised APIs.
</p> </p>
<p>
A concrete <code>Mode</code> type was introduced for configuration mode flags
in the packages
<a href="/pkg/go/scanner/"><code>go/scanner</code></a>,
<a href="/pkg/go/parser/"><code>go/parser</code></a>,
<a href="/pkg/go/printer/"><code>go/printer</code></a>, and
<a href="/pkg/go/doc/"><code>go/doc</code></a>.
</p>
<p> <p>
The modes <code>AllowIllegalChars</code> and <code>InsertSemis</code> have been removed The modes <code>AllowIllegalChars</code> and <code>InsertSemis</code> have been removed
from the <a href="/pkg/go/scanner/"><code>go/scanner</code></a> package. They were mostly from the <a href="/pkg/go/scanner/"><code>go/scanner</code></a> package. They were mostly
@ -1063,16 +981,6 @@ useful for scanning text other then Go source files. Instead, the
for that purpose. for that purpose.
</p> </p>
<p>
The <a href="/pkg/go/scanner/#ErrorHandler"><code>ErrorHandler</code></a> provided
to the scanner's <a href="/pkg/go/scanner/#Scanner.Init"><code>Init</code></a> method is
now simply a function rather than an interface. The <code>ErrorVector</code> type has
been removed in favor of the (existing) <a href="/pkg/go/scanner/#ErrorList"><code>ErrorList</code></a>
type, and the <code>ErrorVector</code> methods have been migrated. Instead of embedding
an <code>ErrorVector</code> in a client of the scanner, now a client should maintain
an <code>ErrorList</code>.
</p>
<p> <p>
The set of parse functions provided by the <a href="/pkg/go/parser/"><code>go/parser</code></a> The set of parse functions provided by the <a href="/pkg/go/parser/"><code>go/parser</code></a>
package has been reduced to the primary parse function package has been reduced to the primary parse function
@ -1081,17 +989,6 @@ convenience functions <a href="/pkg/go/parser/#ParseDir"><code>ParseDir</code></
and <a href="/pkg/go/parser/#ParseExpr"><code>ParseExpr</code></a>. and <a href="/pkg/go/parser/#ParseExpr"><code>ParseExpr</code></a>.
</p> </p>
<p>
The <a href="/pkg/go/printer/"><code>go/printer</code></a> package supports an additional
configuration mode <a href="/pkg/go/printer/#Mode"><code>SourcePos</code></a>;
if set, the printer will emit <code>//line</code> comments such that the generated
output contains the original source code position information. The new type
<a href="/pkg/go/printer/#CommentedNode"><code>CommentedNode</code></a> can be
used to provide comments associated with an arbitrary
<a href="/pkg/go/ast/#Node"><code>ast.Node</code></a> (until now only
<a href="/pkg/go/ast/#File"><code>ast.File</code></a> carried comment information).
</p>
<p> <p>
The type names of the <a href="/pkg/go/doc/"><code>go/doc</code></a> package have been The type names of the <a href="/pkg/go/doc/"><code>go/doc</code></a> package have been
streamlined by removing the <code>Doc</code> suffix: <code>PackageDoc</code> streamlined by removing the <code>Doc</code> suffix: <code>PackageDoc</code>
@ -1189,16 +1086,10 @@ The affected items are:
</ul> </ul>
<p> <p>
The <code>Request.RawURL</code> field has been removed; it was a Also, the <code>Request.RawURL</code> field has been removed; it was a
historical artifact. historical artifact.
</p> </p>
<p>
The <code>Handle</code> and <code>HandleFunc</code>
functions, and the similarly-named methods of <code>ServeMux</code>,
now panic if an attempt is made to register the same pattern twice.
</p>
<p> <p>
<em>Updating</em>: <em>Updating</em>:
Running <code>go fix</code> will update the few programs that are affected except for Running <code>go fix</code> will update the few programs that are affected except for
@ -1235,7 +1126,9 @@ packages.
The old <code>image.ColorImage</code> type is still in the <code>image</code> The old <code>image.ColorImage</code> type is still in the <code>image</code>
package but has been renamed package but has been renamed
<a href="/pkg/image/#Uniform"><code>image.Uniform</code></a>, <a href="/pkg/image/#Uniform"><code>image.Uniform</code></a>,
while <code>image.Tiled</code> has been removed. while <code>image.Tiled</code>
has been renamed
<a href="/pkg/image/#Repeated"><code>image.Repeated</code></a>.
</p> </p>
<p> <p>
@ -1296,6 +1189,7 @@ This table lists the renamings.
<td colspan="2"><hr></td> <td colspan="2"><hr></td>
</tr> </tr>
<tr><td>image.ColorImage</td> <td>image.Uniform</td></tr> <tr><td>image.ColorImage</td> <td>image.Uniform</td></tr>
<tr><td>image.Tiled</td> <td>image.Repeated</td></tr>
</table> </table>
<p> <p>
@ -1320,18 +1214,6 @@ and
Running <code>go fix</code> will update almost all code affected by the change. Running <code>go fix</code> will update almost all code affected by the change.
</p> </p>
<h3 id="log_syslog">The log/syslog package</h3>
<p>
In Go 1, the <a href="/pkg/log/syslog/#NewLogger"><code>syslog.NewLogger</code></a>
function returns an error as well as a <code>log.Logger</code>.
</p>
<p>
<em>Updating</em>:
What little code is affected will be caught by the compiler and must be updated by hand.
</p>
<h3 id="mime">The mime package</h3> <h3 id="mime">The mime package</h3>
<p> <p>
@ -1378,27 +1260,7 @@ Code that uses the old methods will fail to compile and must be updated by hand.
The semantic change makes it difficult for the fix tool to update automatically. The semantic change makes it difficult for the fix tool to update automatically.
</p> </p>
<h3 id="os">The os package</h3> <h3 id="os_fileinfo">The os.FileInfo type</h3>
<p>The <code>Time</code> function has been removed; callers should use
the <a href="/pkg/time/#Time"><code>Time</code></a> type from the
<code>time</code> package.</p>
<p>The <code>Exec</code> function has been removed; callers should use
<code>Exec</code> from the <code>syscall</code> package, where available.</p>
<p>The <code>ShellExpand</code> function has been renamed to <a
href="/pkg/os/#ExpandEnv"><code>ExpandEnv</code></a>.</p>
<p>The <a href="/pkg/os/#NewFile"><code>NewFile</code></a> function
now takes a <code>uintptr</code> fd, instead of an <code>int</code>.
The <a href="/pkg/os/#File.Fd"><code>Fd</code></a> method on files now
also returns a <code>uintptr</code>.</p>
<p><em>Updating</em>: Code will fail to compile and must be updated
by hand. </p>
<h4 id="os_fileinfo">The os.FileInfo type</h4>
<p> <p>
Go 1 redefines the <a href="/pkg/os/#FileInfo"><code>os.FileInfo</code></a> type, Go 1 redefines the <a href="/pkg/os/#FileInfo"><code>os.FileInfo</code></a> type,
@ -1639,17 +1501,6 @@ Existing code is unaffected, although benchmarks that use <code>println</code>
or <code>panic</code> should be updated to use the new methods. or <code>panic</code> should be updated to use the new methods.
</p> </p>
<h3 id="testing_script">The testing/script package</h3>
<p>
The testing/script package has been deleted. It was a dreg.
</p>
<p>
<em>Updating</em>:
No code is likely to be affected.
</p>
<h3 id="url">The url package</h3> <h3 id="url">The url package</h3>
<p> <p>
@ -1718,6 +1569,50 @@ Code that uses the old fields will fail to compile and must be updated by hand.
The semantic changes make it difficult for the fix tool to update automatically. The semantic changes make it difficult for the fix tool to update automatically.
</p> </p>
<h3 id="xml">The xml package</h3>
<p>
In Go 1, the <a href="/pkg/encoding/xml/"><code>xml</code></a> package
has been brought closer in design to the other marshaling packages such
as <a href="/pkg/encoding/gob/"><code>encoding/gob</code></a>.
</p>
<p>
The old <code>Parser</code> type is renamed
<a href="/pkg/encoding/xml/#Decoder"><code>Decoder</code></a> and has a new
<a href="/pkg/encoding/xml/#Decoder.Decode"><code>Decode</code></a> method. An
<a href="/pkg/encoding/xml/#Encoder"><code>Encoder</code></a> type was also
introduced.
</p>
<p>
The functions <a href="/pkg/encoding/xml/#Marshal"><code>Marshal</code></a>
and <a href="/pkg/encoding/xml/#Unmarshal"><code>Unmarshal</code></a>
work with <code>[]byte</code> values now. To work with streams,
use the new <a href="/pkg/encoding/xml/#Encoder"><code>Encoder</code></a>
and <a href="/pkg/encoding/xml/#Decoder"><code>Decoder</code></a> types.
</p>
<p>
When marshaling or unmarshaling values, the format of supported flags in
field tags has changed to be closer to the
<a href="/pkg/encoding/json"><code>json</code></a> package
(<code>`xml:"name,flag"`</code>). The matching done between field tags, field
names, and the XML attribute and element names is now case-sensitive.
The <code>XMLName</code> field tag, if present, must also match the name
of the XML element being marshaled.
</p>
<p>
<em>Updating</em>:
Running <code>go fix</code> will update most uses of the package except for some calls to
<code>Unmarshal</code>. Special care must be taken with field tags,
since the fix tool will not update them and if not fixed by hand they will
misbehave silently in some cases. For example, the old
<code>"attr"</code> is now written <code>",attr"</code> while plain
<code>"attr"</code> remains valid but with a different meaning.
</p>
<h2 id="go_command">The go command</h2> <h2 id="go_command">The go command</h2>
<h2 id="releases">Packaged releases</h2> <h2 id="releases">Packaged releases</h2>

Просмотреть файл

@ -759,38 +759,23 @@ few programs beyond the need to run <code>go fix</code>.
This category includes packages that are new in Go 1. This category includes packages that are new in Go 1.
</p> </p>
<h3 id="bufio">The bufio package</h3> <h3 id="crypto_aes_des">The crypto/aes and crypto/des packages</h3>
<p> <p>
In Go 1, <a href="/pkg/bufio/#NewReaderSize"><code>bufio.NewReaderSize</code></a> In Go 1, the <code>Reset</code> method has been removed. Go does not guarantee
and that memory is not copied and therefore this method was misleading.
<a href="/pkg/bufio/#NewWriterSize"><code>bufio.NewWriterSize</code></a> </p>
functions no longer return an error for invalid sizes.
If the argument size is too small or invalid, it is adjusted. <p>
The cipher-specific types <code>*aes.Cipher</code>, <code>*des.Cipher</code>,
and <code>*des.TripleDESCipher</code> have been removed in favor of
<code>cipher.Block</code>.
</p> </p>
<p> <p>
<em>Updating</em>: <em>Updating</em>:
What little code is affected will be caught by the compiler and must be updated by hand. Remove the calls to Reset. Replace uses of the specific cipher types with
</p> cipher.Block.
<h3 id="bufio">The compress/flate, compress/gzip and compress/zlib packages</h3>
<p>
In Go 1, the <code>NewWriterXxx</code> functions in
<a href="/pkg/compress/flate"><code>compress/flate</code></a>,
<a href="/pkg/compress/gzip"><code>compress/gzip</code></a> and
<a href="/pkg/compress/zlib"><code>compress/zlib</code></a>
all return <code>(*Writer, error)</code> if they take a compression level,
and <code>*Writer</code> otherwise. Package <code>gzip</code>'s
<code>Compressor</code> and <code>Decompressor</code> types have been renamed
to <code>Writer</code> and <code>Reader</code>. Package <code>flate</code>'s
<code>WrongValueError</code> type has been removed.
</p>
<p>
<em>Updating</em>:
What little code is affected will be caught by the compiler and must be updated by hand.
</p> </p>
<h3 id="crypto_elliptic">The crypto/elliptic package</h3> <h3 id="crypto_elliptic">The crypto/elliptic package</h3>
@ -843,64 +828,6 @@ to be implemented in the future.
No changes will be needed. No changes will be needed.
</p> </p>
<h3 id="encoding_binary">The encoding/binary package</h3>
<p>
In Go 1, the <code>binary.TotalSize</code> function has been replaced by
<a href="/pkg/encoding/binary/#Size"><code>Size</code></a>,
which takes an <code>interface{}</code> argument rather than
a <code>reflect.Value</code>.
</p>
<p>
<em>Updating</em>:
What little code is affected will be caught by the compiler and must be updated by hand.
</p>
<h3 id="encoding_xml">The encoding/xml package</h3>
<p>
In Go 1, the <a href="/pkg/encoding/xml/"><code>xml</code></a> package
has been brought closer in design to the other marshaling packages such
as <a href="/pkg/encoding/gob/"><code>encoding/gob</code></a>.
</p>
<p>
The old <code>Parser</code> type is renamed
<a href="/pkg/encoding/xml/#Decoder"><code>Decoder</code></a> and has a new
<a href="/pkg/encoding/xml/#Decoder.Decode"><code>Decode</code></a> method. An
<a href="/pkg/encoding/xml/#Encoder"><code>Encoder</code></a> type was also
introduced.
</p>
<p>
The functions <a href="/pkg/encoding/xml/#Marshal"><code>Marshal</code></a>
and <a href="/pkg/encoding/xml/#Unmarshal"><code>Unmarshal</code></a>
work with <code>[]byte</code> values now. To work with streams,
use the new <a href="/pkg/encoding/xml/#Encoder"><code>Encoder</code></a>
and <a href="/pkg/encoding/xml/#Decoder"><code>Decoder</code></a> types.
</p>
<p>
When marshaling or unmarshaling values, the format of supported flags in
field tags has changed to be closer to the
<a href="/pkg/encoding/json"><code>json</code></a> package
(<code>`xml:"name,flag"`</code>). The matching done between field tags, field
names, and the XML attribute and element names is now case-sensitive.
The <code>XMLName</code> field tag, if present, must also match the name
of the XML element being marshaled.
</p>
<p>
<em>Updating</em>:
Running <code>go fix</code> will update most uses of the package except for some calls to
<code>Unmarshal</code>. Special care must be taken with field tags,
since the fix tool will not update them and if not fixed by hand they will
misbehave silently in some cases. For example, the old
<code>"attr"</code> is now written <code>",attr"</code> while plain
<code>"attr"</code> remains valid but with a different meaning.
</p>
<h3 id="expvar">The expvar package</h3> <h3 id="expvar">The expvar package</h3>
<p> <p>
@ -949,15 +876,6 @@ The <code>Duration</code> flag is new and affects no existing code.
Several packages under <code>go</code> have slightly revised APIs. Several packages under <code>go</code> have slightly revised APIs.
</p> </p>
<p>
A concrete <code>Mode</code> type was introduced for configuration mode flags
in the packages
<a href="/pkg/go/scanner/"><code>go/scanner</code></a>,
<a href="/pkg/go/parser/"><code>go/parser</code></a>,
<a href="/pkg/go/printer/"><code>go/printer</code></a>, and
<a href="/pkg/go/doc/"><code>go/doc</code></a>.
</p>
<p> <p>
The modes <code>AllowIllegalChars</code> and <code>InsertSemis</code> have been removed The modes <code>AllowIllegalChars</code> and <code>InsertSemis</code> have been removed
from the <a href="/pkg/go/scanner/"><code>go/scanner</code></a> package. They were mostly from the <a href="/pkg/go/scanner/"><code>go/scanner</code></a> package. They were mostly
@ -966,16 +884,6 @@ useful for scanning text other then Go source files. Instead, the
for that purpose. for that purpose.
</p> </p>
<p>
The <a href="/pkg/go/scanner/#ErrorHandler"><code>ErrorHandler</code></a> provided
to the scanner's <a href="/pkg/go/scanner/#Scanner.Init"><code>Init</code></a> method is
now simply a function rather than an interface. The <code>ErrorVector</code> type has
been removed in favor of the (existing) <a href="/pkg/go/scanner/#ErrorList"><code>ErrorList</code></a>
type, and the <code>ErrorVector</code> methods have been migrated. Instead of embedding
an <code>ErrorVector</code> in a client of the scanner, now a client should maintain
an <code>ErrorList</code>.
</p>
<p> <p>
The set of parse functions provided by the <a href="/pkg/go/parser/"><code>go/parser</code></a> The set of parse functions provided by the <a href="/pkg/go/parser/"><code>go/parser</code></a>
package has been reduced to the primary parse function package has been reduced to the primary parse function
@ -984,17 +892,6 @@ convenience functions <a href="/pkg/go/parser/#ParseDir"><code>ParseDir</code></
and <a href="/pkg/go/parser/#ParseExpr"><code>ParseExpr</code></a>. and <a href="/pkg/go/parser/#ParseExpr"><code>ParseExpr</code></a>.
</p> </p>
<p>
The <a href="/pkg/go/printer/"><code>go/printer</code></a> package supports an additional
configuration mode <a href="/pkg/go/printer/#Mode"><code>SourcePos</code></a>;
if set, the printer will emit <code>//line</code> comments such that the generated
output contains the original source code position information. The new type
<a href="/pkg/go/printer/#CommentedNode"><code>CommentedNode</code></a> can be
used to provide comments associated with an arbitrary
<a href="/pkg/go/ast/#Node"><code>ast.Node</code></a> (until now only
<a href="/pkg/go/ast/#File"><code>ast.File</code></a> carried comment information).
</p>
<p> <p>
The type names of the <a href="/pkg/go/doc/"><code>go/doc</code></a> package have been The type names of the <a href="/pkg/go/doc/"><code>go/doc</code></a> package have been
streamlined by removing the <code>Doc</code> suffix: <code>PackageDoc</code> streamlined by removing the <code>Doc</code> suffix: <code>PackageDoc</code>
@ -1092,16 +989,10 @@ The affected items are:
</ul> </ul>
<p> <p>
The <code>Request.RawURL</code> field has been removed; it was a Also, the <code>Request.RawURL</code> field has been removed; it was a
historical artifact. historical artifact.
</p> </p>
<p>
The <code>Handle</code> and <code>HandleFunc</code>
functions, and the similarly-named methods of <code>ServeMux</code>,
now panic if an attempt is made to register the same pattern twice.
</p>
<p> <p>
<em>Updating</em>: <em>Updating</em>:
Running <code>go fix</code> will update the few programs that are affected except for Running <code>go fix</code> will update the few programs that are affected except for
@ -1138,7 +1029,9 @@ packages.
The old <code>image.ColorImage</code> type is still in the <code>image</code> The old <code>image.ColorImage</code> type is still in the <code>image</code>
package but has been renamed package but has been renamed
<a href="/pkg/image/#Uniform"><code>image.Uniform</code></a>, <a href="/pkg/image/#Uniform"><code>image.Uniform</code></a>,
while <code>image.Tiled</code> has been removed. while <code>image.Tiled</code>
has been renamed
<a href="/pkg/image/#Repeated"><code>image.Repeated</code></a>.
</p> </p>
<p> <p>
@ -1199,6 +1092,7 @@ This table lists the renamings.
<td colspan="2"><hr></td> <td colspan="2"><hr></td>
</tr> </tr>
<tr><td>image.ColorImage</td> <td>image.Uniform</td></tr> <tr><td>image.ColorImage</td> <td>image.Uniform</td></tr>
<tr><td>image.Tiled</td> <td>image.Repeated</td></tr>
</table> </table>
<p> <p>
@ -1223,18 +1117,6 @@ and
Running <code>go fix</code> will update almost all code affected by the change. Running <code>go fix</code> will update almost all code affected by the change.
</p> </p>
<h3 id="log_syslog">The log/syslog package</h3>
<p>
In Go 1, the <a href="/pkg/log/syslog/#NewLogger"><code>syslog.NewLogger</code></a>
function returns an error as well as a <code>log.Logger</code>.
</p>
<p>
<em>Updating</em>:
What little code is affected will be caught by the compiler and must be updated by hand.
</p>
<h3 id="mime">The mime package</h3> <h3 id="mime">The mime package</h3>
<p> <p>
@ -1281,27 +1163,7 @@ Code that uses the old methods will fail to compile and must be updated by hand.
The semantic change makes it difficult for the fix tool to update automatically. The semantic change makes it difficult for the fix tool to update automatically.
</p> </p>
<h3 id="os">The os package</h3> <h3 id="os_fileinfo">The os.FileInfo type</h3>
<p>The <code>Time</code> function has been removed; callers should use
the <a href="/pkg/time/#Time"><code>Time</code></a> type from the
<code>time</code> package.</p>
<p>The <code>Exec</code> function has been removed; callers should use
<code>Exec</code> from the <code>syscall</code> package, where available.</p>
<p>The <code>ShellExpand</code> function has been renamed to <a
href="/pkg/os/#ExpandEnv"><code>ExpandEnv</code></a>.</p>
<p>The <a href="/pkg/os/#NewFile"><code>NewFile</code></a> function
now takes a <code>uintptr</code> fd, instead of an <code>int</code>.
The <a href="/pkg/os/#File.Fd"><code>Fd</code></a> method on files now
also returns a <code>uintptr</code>.</p>
<p><em>Updating</em>: Code will fail to compile and must be updated
by hand. </p>
<h4 id="os_fileinfo">The os.FileInfo type</h4>
<p> <p>
Go 1 redefines the <a href="/pkg/os/#FileInfo"><code>os.FileInfo</code></a> type, Go 1 redefines the <a href="/pkg/os/#FileInfo"><code>os.FileInfo</code></a> type,
@ -1529,17 +1391,6 @@ Existing code is unaffected, although benchmarks that use <code>println</code>
or <code>panic</code> should be updated to use the new methods. or <code>panic</code> should be updated to use the new methods.
</p> </p>
<h3 id="testing_script">The testing/script package</h3>
<p>
The testing/script package has been deleted. It was a dreg.
</p>
<p>
<em>Updating</em>:
No code is likely to be affected.
</p>
<h3 id="url">The url package</h3> <h3 id="url">The url package</h3>
<p> <p>
@ -1608,6 +1459,50 @@ Code that uses the old fields will fail to compile and must be updated by hand.
The semantic changes make it difficult for the fix tool to update automatically. The semantic changes make it difficult for the fix tool to update automatically.
</p> </p>
<h3 id="xml">The xml package</h3>
<p>
In Go 1, the <a href="/pkg/encoding/xml/"><code>xml</code></a> package
has been brought closer in design to the other marshaling packages such
as <a href="/pkg/encoding/gob/"><code>encoding/gob</code></a>.
</p>
<p>
The old <code>Parser</code> type is renamed
<a href="/pkg/encoding/xml/#Decoder"><code>Decoder</code></a> and has a new
<a href="/pkg/encoding/xml/#Decoder.Decode"><code>Decode</code></a> method. An
<a href="/pkg/encoding/xml/#Encoder"><code>Encoder</code></a> type was also
introduced.
</p>
<p>
The functions <a href="/pkg/encoding/xml/#Marshal"><code>Marshal</code></a>
and <a href="/pkg/encoding/xml/#Unmarshal"><code>Unmarshal</code></a>
work with <code>[]byte</code> values now. To work with streams,
use the new <a href="/pkg/encoding/xml/#Encoder"><code>Encoder</code></a>
and <a href="/pkg/encoding/xml/#Decoder"><code>Decoder</code></a> types.
</p>
<p>
When marshaling or unmarshaling values, the format of supported flags in
field tags has changed to be closer to the
<a href="/pkg/encoding/json"><code>json</code></a> package
(<code>`xml:"name,flag"`</code>). The matching done between field tags, field
names, and the XML attribute and element names is now case-sensitive.
The <code>XMLName</code> field tag, if present, must also match the name
of the XML element being marshaled.
</p>
<p>
<em>Updating</em>:
Running <code>go fix</code> will update most uses of the package except for some calls to
<code>Unmarshal</code>. Special care must be taken with field tags,
since the fix tool will not update them and if not fixed by hand they will
misbehave silently in some cases. For example, the old
<code>"attr"</code> is now written <code>",attr"</code> while plain
<code>"attr"</code> remains valid but with a different meaning.
</p>
<h2 id="go_command">The go command</h2> <h2 id="go_command">The go command</h2>
<h2 id="releases">Packaged releases</h2> <h2 id="releases">Packaged releases</h2>

Просмотреть файл

@ -4,13 +4,16 @@
package aes package aes
import "strconv" import (
"crypto/cipher"
"strconv"
)
// The AES block size in bytes. // The AES block size in bytes.
const BlockSize = 16 const BlockSize = 16
// A Cipher is an instance of AES encryption using a particular key. // A cipher is an instance of AES encryption using a particular key.
type Cipher struct { type aesCipher struct {
enc []uint32 enc []uint32
dec []uint32 dec []uint32
} }
@ -21,11 +24,11 @@ func (k KeySizeError) Error() string {
return "crypto/aes: invalid key size " + strconv.Itoa(int(k)) return "crypto/aes: invalid key size " + strconv.Itoa(int(k))
} }
// NewCipher creates and returns a new Cipher. // NewCipher creates and returns a new cipher.Block.
// The key argument should be the AES key, // The key argument should be the AES key,
// either 16, 24, or 32 bytes to select // either 16, 24, or 32 bytes to select
// AES-128, AES-192, or AES-256. // AES-128, AES-192, or AES-256.
func NewCipher(key []byte) (*Cipher, error) { func NewCipher(key []byte) (cipher.Block, error) {
k := len(key) k := len(key)
switch k { switch k {
default: default:
@ -35,34 +38,13 @@ func NewCipher(key []byte) (*Cipher, error) {
} }
n := k + 28 n := k + 28
c := &Cipher{make([]uint32, n), make([]uint32, n)} c := &aesCipher{make([]uint32, n), make([]uint32, n)}
expandKey(key, c.enc, c.dec) expandKey(key, c.enc, c.dec)
return c, nil return c, nil
} }
// BlockSize returns the AES block size, 16 bytes. func (c *aesCipher) BlockSize() int { return BlockSize }
// It is necessary to satisfy the Block interface in the
// package "crypto/cipher".
func (c *Cipher) BlockSize() int { return BlockSize }
// Encrypt encrypts the 16-byte buffer src using the key k func (c *aesCipher) Encrypt(dst, src []byte) { encryptBlock(c.enc, dst, src) }
// and stores the result in dst.
// Note that for amounts of data larger than a block,
// it is not safe to just call Encrypt on successive blocks;
// instead, use an encryption mode like CBC (see crypto/cipher/cbc.go).
func (c *Cipher) Encrypt(dst, src []byte) { encryptBlock(c.enc, dst, src) }
// Decrypt decrypts the 16-byte buffer src using the key k func (c *aesCipher) Decrypt(dst, src []byte) { decryptBlock(c.dec, dst, src) }
// and stores the result in dst.
func (c *Cipher) Decrypt(dst, src []byte) { decryptBlock(c.dec, dst, src) }
// Reset zeros the key data, so that it will no longer
// appear in the process's memory.
func (c *Cipher) Reset() {
for i := 0; i < len(c.enc); i++ {
c.enc[i] = 0
}
for i := 0; i < len(c.dec); i++ {
c.dec[i] = 0
}
}

Просмотреть файл

@ -8,11 +8,12 @@
// Special Publication 800-38A, ``Recommendation for Block Cipher // Special Publication 800-38A, ``Recommendation for Block Cipher
// Modes of Operation,'' 2001 Edition, pp. 24-29. // Modes of Operation,'' 2001 Edition, pp. 24-29.
package cipher package cipher_test
import ( import (
"bytes" "bytes"
"crypto/aes" "crypto/aes"
"crypto/cipher"
"testing" "testing"
) )
@ -72,14 +73,14 @@ func TestCBC_AES(t *testing.T) {
continue continue
} }
encrypter := NewCBCEncrypter(c, tt.iv) encrypter := cipher.NewCBCEncrypter(c, tt.iv)
d := make([]byte, len(tt.in)) d := make([]byte, len(tt.in))
encrypter.CryptBlocks(d, tt.in) encrypter.CryptBlocks(d, tt.in)
if !bytes.Equal(tt.out, d) { if !bytes.Equal(tt.out, d) {
t.Errorf("%s: CBCEncrypter\nhave %x\nwant %x", test, d, tt.out) t.Errorf("%s: CBCEncrypter\nhave %x\nwant %x", test, d, tt.out)
} }
decrypter := NewCBCDecrypter(c, tt.iv) decrypter := cipher.NewCBCDecrypter(c, tt.iv)
p := make([]byte, len(d)) p := make([]byte, len(d))
decrypter.CryptBlocks(p, d) decrypter.CryptBlocks(p, d)
if !bytes.Equal(tt.in, p) { if !bytes.Equal(tt.in, p) {

Просмотреть файл

@ -2,11 +2,12 @@
// Use of this source code is governed by a BSD-style // Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file. // license that can be found in the LICENSE file.
package cipher package cipher_test
import ( import (
"bytes" "bytes"
"crypto/aes" "crypto/aes"
"crypto/cipher"
"crypto/rand" "crypto/rand"
"testing" "testing"
) )
@ -21,11 +22,11 @@ func TestCFB(t *testing.T) {
plaintext := []byte("this is the plaintext") plaintext := []byte("this is the plaintext")
iv := make([]byte, block.BlockSize()) iv := make([]byte, block.BlockSize())
rand.Reader.Read(iv) rand.Reader.Read(iv)
cfb := NewCFBEncrypter(block, iv) cfb := cipher.NewCFBEncrypter(block, iv)
ciphertext := make([]byte, len(plaintext)) ciphertext := make([]byte, len(plaintext))
cfb.XORKeyStream(ciphertext, plaintext) cfb.XORKeyStream(ciphertext, plaintext)
cfbdec := NewCFBDecrypter(block, iv) cfbdec := cipher.NewCFBDecrypter(block, iv)
plaintextCopy := make([]byte, len(plaintext)) plaintextCopy := make([]byte, len(plaintext))
cfbdec.XORKeyStream(plaintextCopy, ciphertext) cfbdec.XORKeyStream(plaintextCopy, ciphertext)

Просмотреть файл

@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style // Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file. // license that can be found in the LICENSE file.
package cipher package cipher_test
// Common values for tests. // Common values for tests.

Просмотреть файл

@ -8,11 +8,12 @@
// Special Publication 800-38A, ``Recommendation for Block Cipher // Special Publication 800-38A, ``Recommendation for Block Cipher
// Modes of Operation,'' 2001 Edition, pp. 55-58. // Modes of Operation,'' 2001 Edition, pp. 55-58.
package cipher package cipher_test
import ( import (
"bytes" "bytes"
"crypto/aes" "crypto/aes"
"crypto/cipher"
"testing" "testing"
) )
@ -76,7 +77,7 @@ func TestCTR_AES(t *testing.T) {
for j := 0; j <= 5; j += 5 { for j := 0; j <= 5; j += 5 {
in := tt.in[0 : len(tt.in)-j] in := tt.in[0 : len(tt.in)-j]
ctr := NewCTR(c, tt.iv) ctr := cipher.NewCTR(c, tt.iv)
encrypted := make([]byte, len(in)) encrypted := make([]byte, len(in))
ctr.XORKeyStream(encrypted, in) ctr.XORKeyStream(encrypted, in)
if out := tt.out[0:len(in)]; !bytes.Equal(out, encrypted) { if out := tt.out[0:len(in)]; !bytes.Equal(out, encrypted) {
@ -86,7 +87,7 @@ func TestCTR_AES(t *testing.T) {
for j := 0; j <= 7; j += 7 { for j := 0; j <= 7; j += 7 {
in := tt.out[0 : len(tt.out)-j] in := tt.out[0 : len(tt.out)-j]
ctr := NewCTR(c, tt.iv) ctr := cipher.NewCTR(c, tt.iv)
plain := make([]byte, len(in)) plain := make([]byte, len(in))
ctr.XORKeyStream(plain, in) ctr.XORKeyStream(plain, in)
if out := tt.in[0:len(in)]; !bytes.Equal(out, plain) { if out := tt.in[0:len(in)]; !bytes.Equal(out, plain) {

Просмотреть файл

@ -8,11 +8,12 @@
// Special Publication 800-38A, ``Recommendation for Block Cipher // Special Publication 800-38A, ``Recommendation for Block Cipher
// Modes of Operation,'' 2001 Edition, pp. 52-55. // Modes of Operation,'' 2001 Edition, pp. 52-55.
package cipher package cipher_test
import ( import (
"bytes" "bytes"
"crypto/aes" "crypto/aes"
"crypto/cipher"
"testing" "testing"
) )
@ -76,7 +77,7 @@ func TestOFB(t *testing.T) {
for j := 0; j <= 5; j += 5 { for j := 0; j <= 5; j += 5 {
plaintext := tt.in[0 : len(tt.in)-j] plaintext := tt.in[0 : len(tt.in)-j]
ofb := NewOFB(c, tt.iv) ofb := cipher.NewOFB(c, tt.iv)
ciphertext := make([]byte, len(plaintext)) ciphertext := make([]byte, len(plaintext))
ofb.XORKeyStream(ciphertext, plaintext) ofb.XORKeyStream(ciphertext, plaintext)
if !bytes.Equal(ciphertext, tt.out[:len(plaintext)]) { if !bytes.Equal(ciphertext, tt.out[:len(plaintext)]) {
@ -86,7 +87,7 @@ func TestOFB(t *testing.T) {
for j := 0; j <= 5; j += 5 { for j := 0; j <= 5; j += 5 {
ciphertext := tt.out[0 : len(tt.in)-j] ciphertext := tt.out[0 : len(tt.in)-j]
ofb := NewOFB(c, tt.iv) ofb := cipher.NewOFB(c, tt.iv)
plaintext := make([]byte, len(ciphertext)) plaintext := make([]byte, len(ciphertext))
ofb.XORKeyStream(plaintext, ciphertext) ofb.XORKeyStream(plaintext, ciphertext)
if !bytes.Equal(plaintext, tt.in[:len(ciphertext)]) { if !bytes.Equal(plaintext, tt.in[:len(ciphertext)]) {

Просмотреть файл

@ -79,7 +79,7 @@ func ksRotate(in uint32) (out []uint32) {
} }
// creates 16 56-bit subkeys from the original key // creates 16 56-bit subkeys from the original key
func (c *Cipher) generateSubkeys(keyBytes []byte) { func (c *desCipher) generateSubkeys(keyBytes []byte) {
// apply PC1 permutation to key // apply PC1 permutation to key
key := binary.BigEndian.Uint64(keyBytes) key := binary.BigEndian.Uint64(keyBytes)
permutedKey := permuteBlock(key, permutedChoice1[:]) permutedKey := permuteBlock(key, permutedChoice1[:])

Просмотреть файл

@ -4,7 +4,10 @@
package des package des
import "strconv" import (
"crypto/cipher"
"strconv"
)
// The DES block size in bytes. // The DES block size in bytes.
const BlockSize = 8 const BlockSize = 8
@ -15,86 +18,56 @@ func (k KeySizeError) Error() string {
return "crypto/des: invalid key size " + strconv.Itoa(int(k)) return "crypto/des: invalid key size " + strconv.Itoa(int(k))
} }
// Cipher is an instance of DES encryption. // desCipher is an instance of DES encryption.
type Cipher struct { type desCipher struct {
subkeys [16]uint64 subkeys [16]uint64
} }
// NewCipher creates and returns a new Cipher. // NewCipher creates and returns a new cipher.Block.
func NewCipher(key []byte) (*Cipher, error) { func NewCipher(key []byte) (cipher.Block, error) {
if len(key) != 8 { if len(key) != 8 {
return nil, KeySizeError(len(key)) return nil, KeySizeError(len(key))
} }
c := new(Cipher) c := new(desCipher)
c.generateSubkeys(key) c.generateSubkeys(key)
return c, nil return c, nil
} }
// BlockSize returns the DES block size, 8 bytes. func (c *desCipher) BlockSize() int { return BlockSize }
func (c *Cipher) BlockSize() int { return BlockSize }
// Encrypt encrypts the 8-byte buffer src and stores the result in dst. func (c *desCipher) Encrypt(dst, src []byte) { encryptBlock(c.subkeys[:], dst, src) }
// Note that for amounts of data larger than a block,
// it is not safe to just call Encrypt on successive blocks;
// instead, use an encryption mode like CBC (see crypto/cipher/cbc.go).
func (c *Cipher) Encrypt(dst, src []byte) { encryptBlock(c.subkeys[:], dst, src) }
// Decrypt decrypts the 8-byte buffer src and stores the result in dst. func (c *desCipher) Decrypt(dst, src []byte) { decryptBlock(c.subkeys[:], dst, src) }
func (c *Cipher) Decrypt(dst, src []byte) { decryptBlock(c.subkeys[:], dst, src) }
// Reset zeros the key data, so that it will no longer // A tripleDESCipher is an instance of TripleDES encryption.
// appear in the process's memory. type tripleDESCipher struct {
func (c *Cipher) Reset() { cipher1, cipher2, cipher3 desCipher
for i := 0; i < len(c.subkeys); i++ {
c.subkeys[i] = 0
}
} }
// A TripleDESCipher is an instance of TripleDES encryption. // NewTripleDESCipher creates and returns a new cipher.Block.
type TripleDESCipher struct { func NewTripleDESCipher(key []byte) (cipher.Block, error) {
cipher1, cipher2, cipher3 Cipher
}
// NewCipher creates and returns a new Cipher.
func NewTripleDESCipher(key []byte) (*TripleDESCipher, error) {
if len(key) != 24 { if len(key) != 24 {
return nil, KeySizeError(len(key)) return nil, KeySizeError(len(key))
} }
c := new(TripleDESCipher) c := new(tripleDESCipher)
c.cipher1.generateSubkeys(key[:8]) c.cipher1.generateSubkeys(key[:8])
c.cipher2.generateSubkeys(key[8:16]) c.cipher2.generateSubkeys(key[8:16])
c.cipher3.generateSubkeys(key[16:]) c.cipher3.generateSubkeys(key[16:])
return c, nil return c, nil
} }
// BlockSize returns the TripleDES block size, 8 bytes. func (c *tripleDESCipher) BlockSize() int { return BlockSize }
// It is necessary to satisfy the Block interface in the
// package "crypto/cipher".
func (c *TripleDESCipher) BlockSize() int { return BlockSize }
// Encrypts the 8-byte buffer src and stores the result in dst. func (c *tripleDESCipher) Encrypt(dst, src []byte) {
// Note that for amounts of data larger than a block,
// it is not safe to just call Encrypt on successive blocks;
// instead, use an encryption mode like CBC (see crypto/cipher/cbc.go).
func (c *TripleDESCipher) Encrypt(dst, src []byte) {
c.cipher1.Encrypt(dst, src) c.cipher1.Encrypt(dst, src)
c.cipher2.Decrypt(dst, dst) c.cipher2.Decrypt(dst, dst)
c.cipher3.Encrypt(dst, dst) c.cipher3.Encrypt(dst, dst)
} }
// Decrypts the 8-byte buffer src and stores the result in dst. func (c *tripleDESCipher) Decrypt(dst, src []byte) {
func (c *TripleDESCipher) Decrypt(dst, src []byte) {
c.cipher3.Decrypt(dst, src) c.cipher3.Decrypt(dst, src)
c.cipher2.Encrypt(dst, dst) c.cipher2.Encrypt(dst, dst)
c.cipher1.Decrypt(dst, dst) c.cipher1.Decrypt(dst, dst)
} }
// Reset zeros the key data, so that it will no longer
// appear in the process's memory.
func (c *TripleDESCipher) Reset() {
c.cipher1.Reset()
c.cipher2.Reset()
c.cipher3.Reset()
}

Просмотреть файл

@ -1260,11 +1260,19 @@ var tableA4Tests = []CryptTest{
[]byte{0x63, 0xfa, 0xc0, 0xd0, 0x34, 0xd9, 0xf7, 0x93}}, []byte{0x63, 0xfa, 0xc0, 0xd0, 0x34, 0xd9, 0xf7, 0x93}},
} }
func newCipher(key []byte) *desCipher {
c, err := NewCipher(key)
if err != nil {
panic("NewCipher failed: " + err.Error())
}
return c.(*desCipher)
}
// Use the known weak keys to test DES implementation // Use the known weak keys to test DES implementation
func TestWeakKeys(t *testing.T) { func TestWeakKeys(t *testing.T) {
for i, tt := range weakKeyTests { for i, tt := range weakKeyTests {
var encrypt = func(in []byte) (out []byte) { var encrypt = func(in []byte) (out []byte) {
c, _ := NewCipher(tt.key) c := newCipher(tt.key)
out = make([]byte, len(in)) out = make([]byte, len(in))
encryptBlock(c.subkeys[:], out, in) encryptBlock(c.subkeys[:], out, in)
return return
@ -1285,7 +1293,7 @@ func TestWeakKeys(t *testing.T) {
func TestSemiWeakKeyPairs(t *testing.T) { func TestSemiWeakKeyPairs(t *testing.T) {
for i, tt := range semiWeakKeyTests { for i, tt := range semiWeakKeyTests {
var encrypt = func(key, in []byte) (out []byte) { var encrypt = func(key, in []byte) (out []byte) {
c, _ := NewCipher(key) c := newCipher(key)
out = make([]byte, len(in)) out = make([]byte, len(in))
encryptBlock(c.subkeys[:], out, in) encryptBlock(c.subkeys[:], out, in)
return return
@ -1305,7 +1313,7 @@ func TestSemiWeakKeyPairs(t *testing.T) {
func TestDESEncryptBlock(t *testing.T) { func TestDESEncryptBlock(t *testing.T) {
for i, tt := range encryptDESTests { for i, tt := range encryptDESTests {
c, _ := NewCipher(tt.key) c := newCipher(tt.key)
out := make([]byte, len(tt.in)) out := make([]byte, len(tt.in))
encryptBlock(c.subkeys[:], out, tt.in) encryptBlock(c.subkeys[:], out, tt.in)
@ -1317,7 +1325,7 @@ func TestDESEncryptBlock(t *testing.T) {
func TestDESDecryptBlock(t *testing.T) { func TestDESDecryptBlock(t *testing.T) {
for i, tt := range encryptDESTests { for i, tt := range encryptDESTests {
c, _ := NewCipher(tt.key) c := newCipher(tt.key)
plain := make([]byte, len(tt.in)) plain := make([]byte, len(tt.in))
decryptBlock(c.subkeys[:], plain, tt.out) decryptBlock(c.subkeys[:], plain, tt.out)

Просмотреть файл

@ -29,17 +29,11 @@ type PrivateKey struct {
X *big.Int X *big.Int
} }
type invalidPublicKeyError int
func (invalidPublicKeyError) Error() string {
return "crypto/dsa: invalid public key"
}
// ErrInvalidPublicKey results when a public key is not usable by this code. // ErrInvalidPublicKey results when a public key is not usable by this code.
// FIPS is quite strict about the format of DSA keys, but other code may be // FIPS is quite strict about the format of DSA keys, but other code may be
// less so. Thus, when using keys which may have been generated by other code, // less so. Thus, when using keys which may have been generated by other code,
// this error must be handled. // this error must be handled.
var ErrInvalidPublicKey error = invalidPublicKeyError(0) var ErrInvalidPublicKey = errors.New("crypto/dsa: invalid public key")
// ParameterSizes is a enumeration of the acceptable bit lengths of the primes // ParameterSizes is a enumeration of the acceptable bit lengths of the primes
// in a set of DSA parameters. See FIPS 186-3, section 4.2. // in a set of DSA parameters. See FIPS 186-3, section 4.2.

Просмотреть файл

@ -12,6 +12,7 @@ package rand
import ( import (
"bufio" "bufio"
"crypto/aes" "crypto/aes"
"crypto/cipher"
"io" "io"
"os" "os"
"sync" "sync"
@ -66,7 +67,7 @@ func newReader(entropy io.Reader) io.Reader {
type reader struct { type reader struct {
mu sync.Mutex mu sync.Mutex
budget int // number of bytes that can be generated budget int // number of bytes that can be generated
cipher *aes.Cipher cipher cipher.Block
entropy io.Reader entropy io.Reader
time, seed, dst, key [aes.BlockSize]byte time, seed, dst, key [aes.BlockSize]byte
} }

Просмотреть файл

@ -21,7 +21,7 @@ import (
func EncryptPKCS1v15(rand io.Reader, pub *PublicKey, msg []byte) (out []byte, err error) { func EncryptPKCS1v15(rand io.Reader, pub *PublicKey, msg []byte) (out []byte, err error) {
k := (pub.N.BitLen() + 7) / 8 k := (pub.N.BitLen() + 7) / 8
if len(msg) > k-11 { if len(msg) > k-11 {
err = MessageTooLongError{} err = ErrMessageTooLong
return return
} }
@ -47,7 +47,7 @@ func EncryptPKCS1v15(rand io.Reader, pub *PublicKey, msg []byte) (out []byte, er
func DecryptPKCS1v15(rand io.Reader, priv *PrivateKey, ciphertext []byte) (out []byte, err error) { func DecryptPKCS1v15(rand io.Reader, priv *PrivateKey, ciphertext []byte) (out []byte, err error) {
valid, out, err := decryptPKCS1v15(rand, priv, ciphertext) valid, out, err := decryptPKCS1v15(rand, priv, ciphertext)
if err == nil && valid == 0 { if err == nil && valid == 0 {
err = DecryptionError{} err = ErrDecryption
} }
return return
@ -69,7 +69,7 @@ func DecryptPKCS1v15(rand io.Reader, priv *PrivateKey, ciphertext []byte) (out [
func DecryptPKCS1v15SessionKey(rand io.Reader, priv *PrivateKey, ciphertext []byte, key []byte) (err error) { func DecryptPKCS1v15SessionKey(rand io.Reader, priv *PrivateKey, ciphertext []byte, key []byte) (err error) {
k := (priv.N.BitLen() + 7) / 8 k := (priv.N.BitLen() + 7) / 8
if k-(len(key)+3+8) < 0 { if k-(len(key)+3+8) < 0 {
err = DecryptionError{} err = ErrDecryption
return return
} }
@ -86,7 +86,7 @@ func DecryptPKCS1v15SessionKey(rand io.Reader, priv *PrivateKey, ciphertext []by
func decryptPKCS1v15(rand io.Reader, priv *PrivateKey, ciphertext []byte) (valid int, msg []byte, err error) { func decryptPKCS1v15(rand io.Reader, priv *PrivateKey, ciphertext []byte) (valid int, msg []byte, err error) {
k := (priv.N.BitLen() + 7) / 8 k := (priv.N.BitLen() + 7) / 8
if k < 11 { if k < 11 {
err = DecryptionError{} err = ErrDecryption
return return
} }
@ -170,7 +170,7 @@ func SignPKCS1v15(rand io.Reader, priv *PrivateKey, hash crypto.Hash, hashed []b
tLen := len(prefix) + hashLen tLen := len(prefix) + hashLen
k := (priv.N.BitLen() + 7) / 8 k := (priv.N.BitLen() + 7) / 8
if k < tLen+11 { if k < tLen+11 {
return nil, MessageTooLongError{} return nil, ErrMessageTooLong
} }
// EM = 0x00 || 0x01 || PS || 0x00 || T // EM = 0x00 || 0x01 || PS || 0x00 || T
@ -203,7 +203,7 @@ func VerifyPKCS1v15(pub *PublicKey, hash crypto.Hash, hashed []byte, sig []byte)
tLen := len(prefix) + hashLen tLen := len(prefix) + hashLen
k := (pub.N.BitLen() + 7) / 8 k := (pub.N.BitLen() + 7) / 8
if k < tLen+11 { if k < tLen+11 {
err = VerificationError{} err = ErrVerification
return return
} }
@ -223,7 +223,7 @@ func VerifyPKCS1v15(pub *PublicKey, hash crypto.Hash, hashed []byte, sig []byte)
} }
if ok != 1 { if ok != 1 {
return VerificationError{} return ErrVerification
} }
return nil return nil

Просмотреть файл

@ -206,13 +206,9 @@ func mgf1XOR(out []byte, hash hash.Hash, seed []byte) {
} }
} }
// MessageTooLongError is returned when attempting to encrypt a message which // ErrMessageTooLong is returned when attempting to encrypt a message which is
// is too large for the size of the public key. // too large for the size of the public key.
type MessageTooLongError struct{} var ErrMessageTooLong = errors.New("crypto/rsa: message too long for RSA public key size")
func (MessageTooLongError) Error() string {
return "message too long for RSA public key size"
}
func encrypt(c *big.Int, pub *PublicKey, m *big.Int) *big.Int { func encrypt(c *big.Int, pub *PublicKey, m *big.Int) *big.Int {
e := big.NewInt(int64(pub.E)) e := big.NewInt(int64(pub.E))
@ -227,7 +223,7 @@ func EncryptOAEP(hash hash.Hash, random io.Reader, pub *PublicKey, msg []byte, l
hash.Reset() hash.Reset()
k := (pub.N.BitLen() + 7) / 8 k := (pub.N.BitLen() + 7) / 8
if len(msg) > k-2*hash.Size()-2 { if len(msg) > k-2*hash.Size()-2 {
err = MessageTooLongError{} err = ErrMessageTooLong
return return
} }
@ -266,17 +262,13 @@ func EncryptOAEP(hash hash.Hash, random io.Reader, pub *PublicKey, msg []byte, l
return return
} }
// A DecryptionError represents a failure to decrypt a message. // ErrDecryption represents a failure to decrypt a message.
// It is deliberately vague to avoid adaptive attacks. // It is deliberately vague to avoid adaptive attacks.
type DecryptionError struct{} var ErrDecryption = errors.New("crypto/rsa: decryption error")
func (DecryptionError) Error() string { return "RSA decryption error" } // ErrVerification represents a failure to verify a signature.
// A VerificationError represents a failure to verify a signature.
// It is deliberately vague to avoid adaptive attacks. // It is deliberately vague to avoid adaptive attacks.
type VerificationError struct{} var ErrVerification = errors.New("crypto/rsa: verification error")
func (VerificationError) Error() string { return "RSA verification error" }
// modInverse returns ia, the inverse of a in the multiplicative group of prime // modInverse returns ia, the inverse of a in the multiplicative group of prime
// order n. It requires that a be a member of the group (i.e. less than n). // order n. It requires that a be a member of the group (i.e. less than n).
@ -338,7 +330,7 @@ func (priv *PrivateKey) Precompute() {
func decrypt(random io.Reader, priv *PrivateKey, c *big.Int) (m *big.Int, err error) { func decrypt(random io.Reader, priv *PrivateKey, c *big.Int) (m *big.Int, err error) {
// TODO(agl): can we get away with reusing blinds? // TODO(agl): can we get away with reusing blinds?
if c.Cmp(priv.N) > 0 { if c.Cmp(priv.N) > 0 {
err = DecryptionError{} err = ErrDecryption
return return
} }
@ -417,7 +409,7 @@ func DecryptOAEP(hash hash.Hash, random io.Reader, priv *PrivateKey, ciphertext
k := (priv.N.BitLen() + 7) / 8 k := (priv.N.BitLen() + 7) / 8
if len(ciphertext) > k || if len(ciphertext) > k ||
k < hash.Size()*2+2 { k < hash.Size()*2+2 {
err = DecryptionError{} err = ErrDecryption
return return
} }
@ -473,7 +465,7 @@ func DecryptOAEP(hash hash.Hash, random io.Reader, priv *PrivateKey, ciphertext
} }
if firstByteIsZero&lHash2Good&^invalid&^lookingForIndex != 1 { if firstByteIsZero&lHash2Good&^invalid&^lookingForIndex != 1 {
err = DecryptionError{} err = ErrDecryption
return return
} }

Просмотреть файл

@ -87,9 +87,9 @@ func (c *Conn) RemoteAddr() net.Addr {
return c.conn.RemoteAddr() return c.conn.RemoteAddr()
} }
// SetDeadline sets the read deadline associated with the connection. // SetDeadline sets the read and write deadlines associated with the connection.
// There is no write deadline. // A zero value for t means Read and Write will not time out.
// A zero value for t means Read will not time out. // After a Write has timed out, the TLS state is corrupt and all future writes will return the same error.
func (c *Conn) SetDeadline(t time.Time) error { func (c *Conn) SetDeadline(t time.Time) error {
return c.conn.SetDeadline(t) return c.conn.SetDeadline(t)
} }
@ -100,10 +100,11 @@ func (c *Conn) SetReadDeadline(t time.Time) error {
return c.conn.SetReadDeadline(t) return c.conn.SetReadDeadline(t)
} }
// SetWriteDeadline exists to satisfy the net.Conn interface // SetWriteDeadline sets the write deadline on the underlying conneciton.
// but is not implemented by TLS. It always returns an error. // A zero value for t means Write will not time out.
// After a Write has timed out, the TLS state is corrupt and all future writes will return the same error.
func (c *Conn) SetWriteDeadline(t time.Time) error { func (c *Conn) SetWriteDeadline(t time.Time) error {
return errors.New("TLS does not support SetWriteDeadline") return c.conn.SetWriteDeadline(t)
} }
// A halfConn represents one direction of the record layer // A halfConn represents one direction of the record layer
@ -726,9 +727,13 @@ func (c *Conn) readHandshake() (interface{}, error) {
} }
// Write writes data to the connection. // Write writes data to the connection.
func (c *Conn) Write(b []byte) (n int, err error) { func (c *Conn) Write(b []byte) (int, error) {
if err = c.Handshake(); err != nil { if c.err != nil {
return return 0, c.err
}
if c.err = c.Handshake(); c.err != nil {
return 0, c.err
} }
c.out.Lock() c.out.Lock()
@ -737,10 +742,10 @@ func (c *Conn) Write(b []byte) (n int, err error) {
if !c.handshakeComplete { if !c.handshakeComplete {
return 0, alertInternalError return 0, alertInternalError
} }
if c.err != nil {
return 0, c.err var n int
} n, c.err = c.writeRecord(recordTypeApplicationData, b)
return c.writeRecord(recordTypeApplicationData, b) return n, c.err
} }
// Read can be made to time out and return a net.Error with Timeout() == true // Read can be made to time out and return a net.Error with Timeout() == true

Просмотреть файл

@ -327,13 +327,9 @@ type Certificate struct {
PolicyIdentifiers []asn1.ObjectIdentifier PolicyIdentifiers []asn1.ObjectIdentifier
} }
// UnsupportedAlgorithmError results from attempting to perform an operation // ErrUnsupportedAlgorithm results from attempting to perform an operation that
// that involves algorithms that are not currently implemented. // involves algorithms that are not currently implemented.
type UnsupportedAlgorithmError struct{} var ErrUnsupportedAlgorithm = errors.New("crypto/x509: cannot verify signature: algorithm unimplemented")
func (UnsupportedAlgorithmError) Error() string {
return "cannot verify signature: algorithm unimplemented"
}
// ConstraintViolationError results when a requested usage is not permitted by // ConstraintViolationError results when a requested usage is not permitted by
// a certificate. For example: checking a signature when the public key isn't a // a certificate. For example: checking a signature when the public key isn't a
@ -341,7 +337,7 @@ func (UnsupportedAlgorithmError) Error() string {
type ConstraintViolationError struct{} type ConstraintViolationError struct{}
func (ConstraintViolationError) Error() string { func (ConstraintViolationError) Error() string {
return "invalid signature: parent certificate cannot sign this kind of certificate" return "crypto/x509: invalid signature: parent certificate cannot sign this kind of certificate"
} }
func (c *Certificate) Equal(other *Certificate) bool { func (c *Certificate) Equal(other *Certificate) bool {
@ -366,7 +362,7 @@ func (c *Certificate) CheckSignatureFrom(parent *Certificate) (err error) {
} }
if parent.PublicKeyAlgorithm == UnknownPublicKeyAlgorithm { if parent.PublicKeyAlgorithm == UnknownPublicKeyAlgorithm {
return UnsupportedAlgorithmError{} return ErrUnsupportedAlgorithm
} }
// TODO(agl): don't ignore the path length constraint. // TODO(agl): don't ignore the path length constraint.
@ -389,12 +385,12 @@ func (c *Certificate) CheckSignature(algo SignatureAlgorithm, signed, signature
case SHA512WithRSA: case SHA512WithRSA:
hashType = crypto.SHA512 hashType = crypto.SHA512
default: default:
return UnsupportedAlgorithmError{} return ErrUnsupportedAlgorithm
} }
h := hashType.New() h := hashType.New()
if h == nil { if h == nil {
return UnsupportedAlgorithmError{} return ErrUnsupportedAlgorithm
} }
h.Write(signed) h.Write(signed)
@ -416,7 +412,7 @@ func (c *Certificate) CheckSignature(algo SignatureAlgorithm, signed, signature
} }
return return
} }
return UnsupportedAlgorithmError{} return ErrUnsupportedAlgorithm
} }
// CheckCRLSignature checks that the signature in crl is from c. // CheckCRLSignature checks that the signature in crl is from c.