This category includes packages that are new in Go 1.
</p>
-<h3 id="bufio">The bufio package</h3>
+<h3 id="crypto_aes_des">The crypto/aes and crypto/des packages</h3>
<p>
-In Go 1, <a href="/pkg/bufio/#NewReaderSize"><code>bufio.NewReaderSize</code></a>
-and
-<a href="/pkg/bufio/#NewWriterSize"><code>bufio.NewWriterSize</code></a>
-functions no longer return an error for invalid sizes.
-If the argument size is too small or invalid, it is adjusted.
+In Go 1, the <code>Reset</code> method has been removed. Go does not guarantee
+that memory is not copied and therefore this method was misleading.
</p>
<p>
-<em>Updating</em>:
-What little code is affected will be caught by the compiler and must be updated by hand.
-</p>
-
-<h3 id="bufio">The compress/flate, compress/gzip and compress/zlib packages</h3>
-
-<p>
-In Go 1, the <code>NewWriterXxx</code> functions in
-<a href="/pkg/compress/flate"><code>compress/flate</code></a>,
-<a href="/pkg/compress/gzip"><code>compress/gzip</code></a> and
-<a href="/pkg/compress/zlib"><code>compress/zlib</code></a>
-all return <code>(*Writer, error)</code> if they take a compression level,
-and <code>*Writer</code> otherwise. Package <code>gzip</code>'s
-<code>Compressor</code> and <code>Decompressor</code> types have been renamed
-to <code>Writer</code> and <code>Reader</code>. Package <code>flate</code>'s
-<code>WrongValueError</code> type has been removed.
+The cipher-specific types <code>*aes.Cipher</code>, <code>*des.Cipher</code>,
+and <code>*des.TripleDESCipher</code> have been removed in favor of
+<code>cipher.Block</code>.
</p>
<p>
<em>Updating</em>:
-What little code is affected will be caught by the compiler and must be updated by hand.
+Remove the calls to Reset. Replace uses of the specific cipher types with
+cipher.Block.
</p>
<h3 id="crypto_elliptic">The crypto/elliptic package</h3>
No changes will be needed.
</p>
-<h3 id="encoding_binary">The encoding/binary package</h3>
-
-<p>
-In Go 1, the <code>binary.TotalSize</code> function has been replaced by
-<a href="/pkg/encoding/binary/#Size"><code>Size</code></a>,
-which takes an <code>interface{}</code> argument rather than
-a <code>reflect.Value</code>.
-</p>
-
-<p>
-<em>Updating</em>:
-What little code is affected will be caught by the compiler and must be updated by hand.
-</p>
-
-<h3 id="encoding_xml">The encoding/xml package</h3>
-
-<p>
-In Go 1, the <a href="/pkg/encoding/xml/"><code>xml</code></a> package
-has been brought closer in design to the other marshaling packages such
-as <a href="/pkg/encoding/gob/"><code>encoding/gob</code></a>.
-</p>
-
-<p>
-The old <code>Parser</code> type is renamed
-<a href="/pkg/encoding/xml/#Decoder"><code>Decoder</code></a> and has a new
-<a href="/pkg/encoding/xml/#Decoder.Decode"><code>Decode</code></a> method. An
-<a href="/pkg/encoding/xml/#Encoder"><code>Encoder</code></a> type was also
-introduced.
-</p>
-
-<p>
-The functions <a href="/pkg/encoding/xml/#Marshal"><code>Marshal</code></a>
-and <a href="/pkg/encoding/xml/#Unmarshal"><code>Unmarshal</code></a>
-work with <code>[]byte</code> values now. To work with streams,
-use the new <a href="/pkg/encoding/xml/#Encoder"><code>Encoder</code></a>
-and <a href="/pkg/encoding/xml/#Decoder"><code>Decoder</code></a> types.
-</p>
-
-<p>
-When marshaling or unmarshaling values, the format of supported flags in
-field tags has changed to be closer to the
-<a href="/pkg/encoding/json"><code>json</code></a> package
-(<code>`xml:"name,flag"`</code>). The matching done between field tags, field
-names, and the XML attribute and element names is now case-sensitive.
-The <code>XMLName</code> field tag, if present, must also match the name
-of the XML element being marshaled.
-</p>
-
-<p>
-<em>Updating</em>:
-Running <code>go fix</code> will update most uses of the package except for some calls to
-<code>Unmarshal</code>. Special care must be taken with field tags,
-since the fix tool will not update them and if not fixed by hand they will
-misbehave silently in some cases. For example, the old
-<code>"attr"</code> is now written <code>",attr"</code> while plain
-<code>"attr"</code> remains valid but with a different meaning.
-</p>
-
<h3 id="expvar">The expvar package</h3>
<p>
Several packages under <code>go</code> have slightly revised APIs.
</p>
-<p>
-A concrete <code>Mode</code> type was introduced for configuration mode flags
-in the packages
-<a href="/pkg/go/scanner/"><code>go/scanner</code></a>,
-<a href="/pkg/go/parser/"><code>go/parser</code></a>,
-<a href="/pkg/go/printer/"><code>go/printer</code></a>, and
-<a href="/pkg/go/doc/"><code>go/doc</code></a>.
-</p>
-
<p>
The modes <code>AllowIllegalChars</code> and <code>InsertSemis</code> have been removed
from the <a href="/pkg/go/scanner/"><code>go/scanner</code></a> package. They were mostly
for that purpose.
</p>
-<p>
-The <a href="/pkg/go/scanner/#ErrorHandler"><code>ErrorHandler</code></a> provided
-to the scanner's <a href="/pkg/go/scanner/#Scanner.Init"><code>Init</code></a> method is
-now simply a function rather than an interface. The <code>ErrorVector</code> type has
-been removed in favor of the (existing) <a href="/pkg/go/scanner/#ErrorList"><code>ErrorList</code></a>
-type, and the <code>ErrorVector</code> methods have been migrated. Instead of embedding
-an <code>ErrorVector</code> in a client of the scanner, now a client should maintain
-an <code>ErrorList</code>.
-</p>
-
<p>
The set of parse functions provided by the <a href="/pkg/go/parser/"><code>go/parser</code></a>
package has been reduced to the primary parse function
and <a href="/pkg/go/parser/#ParseExpr"><code>ParseExpr</code></a>.
</p>
-<p>
-The <a href="/pkg/go/printer/"><code>go/printer</code></a> package supports an additional
-configuration mode <a href="/pkg/go/printer/#Mode"><code>SourcePos</code></a>;
-if set, the printer will emit <code>//line</code> comments such that the generated
-output contains the original source code position information. The new type
-<a href="/pkg/go/printer/#CommentedNode"><code>CommentedNode</code></a> can be
-used to provide comments associated with an arbitrary
-<a href="/pkg/go/ast/#Node"><code>ast.Node</code></a> (until now only
-<a href="/pkg/go/ast/#File"><code>ast.File</code></a> carried comment information).
-</p>
-
<p>
The type names of the <a href="/pkg/go/doc/"><code>go/doc</code></a> package have been
streamlined by removing the <code>Doc</code> suffix: <code>PackageDoc</code>
</ul>
<p>
-The <code>Request.RawURL</code> field has been removed; it was a
+Also, the <code>Request.RawURL</code> field has been removed; it was a
historical artifact.
</p>
-<p>
-The <code>Handle</code> and <code>HandleFunc</code>
-functions, and the similarly-named methods of <code>ServeMux</code>,
-now panic if an attempt is made to register the same pattern twice.
-</p>
-
<p>
<em>Updating</em>:
Running <code>go fix</code> will update the few programs that are affected except for
The old <code>image.ColorImage</code> type is still in the <code>image</code>
package but has been renamed
<a href="/pkg/image/#Uniform"><code>image.Uniform</code></a>,
-while <code>image.Tiled</code> has been removed.
+while <code>image.Tiled</code>
+has been renamed
+<a href="/pkg/image/#Repeated"><code>image.Repeated</code></a>.
</p>
<p>
<td colspan="2"><hr></td>
</tr>
<tr><td>image.ColorImage</td> <td>image.Uniform</td></tr>
+<tr><td>image.Tiled</td> <td>image.Repeated</td></tr>
</table>
<p>
Running <code>go fix</code> will update almost all code affected by the change.
</p>
-<h3 id="log_syslog">The log/syslog package</h3>
-
-<p>
-In Go 1, the <a href="/pkg/log/syslog/#NewLogger"><code>syslog.NewLogger</code></a>
-function returns an error as well as a <code>log.Logger</code>.
-</p>
-
-<p>
-<em>Updating</em>:
-What little code is affected will be caught by the compiler and must be updated by hand.
-</p>
-
<h3 id="mime">The mime package</h3>
<p>
The semantic change makes it difficult for the fix tool to update automatically.
</p>
-<h3 id="os">The os package</h3>
-
-<p>The <code>Time</code> function has been removed; callers should use
-the <a href="/pkg/time/#Time"><code>Time</code></a> type from the
-<code>time</code> package.</p>
-
-<p>The <code>Exec</code> function has been removed; callers should use
-<code>Exec</code> from the <code>syscall</code> package, where available.</p>
-
-<p>The <code>ShellExpand</code> function has been renamed to <a
-href="/pkg/os/#ExpandEnv"><code>ExpandEnv</code></a>.</p>
-
-<p>The <a href="/pkg/os/#NewFile"><code>NewFile</code></a> function
-now takes a <code>uintptr</code> fd, instead of an <code>int</code>.
-The <a href="/pkg/os/#File.Fd"><code>Fd</code></a> method on files now
-also returns a <code>uintptr</code>.</p>
-
-<p><em>Updating</em>: Code will fail to compile and must be updated
-by hand. </p>
-
-<h4 id="os_fileinfo">The os.FileInfo type</h4>
+<h3 id="os_fileinfo">The os.FileInfo type</h3>
<p>
Go 1 redefines the <a href="/pkg/os/#FileInfo"><code>os.FileInfo</code></a> type,
or <code>panic</code> should be updated to use the new methods.
</p>
-<h3 id="testing_script">The testing/script package</h3>
-
-<p>
-The testing/script package has been deleted. It was a dreg.
-</p>
-
-<p>
-<em>Updating</em>:
-No code is likely to be affected.
-</p>
-
<h3 id="url">The url package</h3>
<p>
The semantic changes make it difficult for the fix tool to update automatically.
</p>
+<h3 id="xml">The xml package</h3>
+
+<p>
+In Go 1, the <a href="/pkg/encoding/xml/"><code>xml</code></a> package
+has been brought closer in design to the other marshaling packages such
+as <a href="/pkg/encoding/gob/"><code>encoding/gob</code></a>.
+</p>
+
+<p>
+The old <code>Parser</code> type is renamed
+<a href="/pkg/encoding/xml/#Decoder"><code>Decoder</code></a> and has a new
+<a href="/pkg/encoding/xml/#Decoder.Decode"><code>Decode</code></a> method. An
+<a href="/pkg/encoding/xml/#Encoder"><code>Encoder</code></a> type was also
+introduced.
+</p>
+
+<p>
+The functions <a href="/pkg/encoding/xml/#Marshal"><code>Marshal</code></a>
+and <a href="/pkg/encoding/xml/#Unmarshal"><code>Unmarshal</code></a>
+work with <code>[]byte</code> values now. To work with streams,
+use the new <a href="/pkg/encoding/xml/#Encoder"><code>Encoder</code></a>
+and <a href="/pkg/encoding/xml/#Decoder"><code>Decoder</code></a> types.
+</p>
+
+<p>
+When marshaling or unmarshaling values, the format of supported flags in
+field tags has changed to be closer to the
+<a href="/pkg/encoding/json"><code>json</code></a> package
+(<code>`xml:"name,flag"`</code>). The matching done between field tags, field
+names, and the XML attribute and element names is now case-sensitive.
+The <code>XMLName</code> field tag, if present, must also match the name
+of the XML element being marshaled.
+</p>
+
+<p>
+<em>Updating</em>:
+Running <code>go fix</code> will update most uses of the package except for some calls to
+<code>Unmarshal</code>. Special care must be taken with field tags,
+since the fix tool will not update them and if not fixed by hand they will
+misbehave silently in some cases. For example, the old
+<code>"attr"</code> is now written <code>",attr"</code> while plain
+<code>"attr"</code> remains valid but with a different meaning.
+</p>
+
<h2 id="go_command">The go command</h2>
<h2 id="releases">Packaged releases</h2>
This category includes packages that are new in Go 1.
</p>
-<h3 id="bufio">The bufio package</h3>
+<h3 id="crypto_aes_des">The crypto/aes and crypto/des packages</h3>
<p>
-In Go 1, <a href="/pkg/bufio/#NewReaderSize"><code>bufio.NewReaderSize</code></a>
-and
-<a href="/pkg/bufio/#NewWriterSize"><code>bufio.NewWriterSize</code></a>
-functions no longer return an error for invalid sizes.
-If the argument size is too small or invalid, it is adjusted.
+In Go 1, the <code>Reset</code> method has been removed. Go does not guarantee
+that memory is not copied and therefore this method was misleading.
</p>
<p>
-<em>Updating</em>:
-What little code is affected will be caught by the compiler and must be updated by hand.
-</p>
-
-<h3 id="bufio">The compress/flate, compress/gzip and compress/zlib packages</h3>
-
-<p>
-In Go 1, the <code>NewWriterXxx</code> functions in
-<a href="/pkg/compress/flate"><code>compress/flate</code></a>,
-<a href="/pkg/compress/gzip"><code>compress/gzip</code></a> and
-<a href="/pkg/compress/zlib"><code>compress/zlib</code></a>
-all return <code>(*Writer, error)</code> if they take a compression level,
-and <code>*Writer</code> otherwise. Package <code>gzip</code>'s
-<code>Compressor</code> and <code>Decompressor</code> types have been renamed
-to <code>Writer</code> and <code>Reader</code>. Package <code>flate</code>'s
-<code>WrongValueError</code> type has been removed.
+The cipher-specific types <code>*aes.Cipher</code>, <code>*des.Cipher</code>,
+and <code>*des.TripleDESCipher</code> have been removed in favor of
+<code>cipher.Block</code>.
</p>
<p>
<em>Updating</em>:
-What little code is affected will be caught by the compiler and must be updated by hand.
+Remove the calls to Reset. Replace uses of the specific cipher types with
+cipher.Block.
</p>
<h3 id="crypto_elliptic">The crypto/elliptic package</h3>
No changes will be needed.
</p>
-<h3 id="encoding_binary">The encoding/binary package</h3>
-
-<p>
-In Go 1, the <code>binary.TotalSize</code> function has been replaced by
-<a href="/pkg/encoding/binary/#Size"><code>Size</code></a>,
-which takes an <code>interface{}</code> argument rather than
-a <code>reflect.Value</code>.
-</p>
-
-<p>
-<em>Updating</em>:
-What little code is affected will be caught by the compiler and must be updated by hand.
-</p>
-
-<h3 id="encoding_xml">The encoding/xml package</h3>
-
-<p>
-In Go 1, the <a href="/pkg/encoding/xml/"><code>xml</code></a> package
-has been brought closer in design to the other marshaling packages such
-as <a href="/pkg/encoding/gob/"><code>encoding/gob</code></a>.
-</p>
-
-<p>
-The old <code>Parser</code> type is renamed
-<a href="/pkg/encoding/xml/#Decoder"><code>Decoder</code></a> and has a new
-<a href="/pkg/encoding/xml/#Decoder.Decode"><code>Decode</code></a> method. An
-<a href="/pkg/encoding/xml/#Encoder"><code>Encoder</code></a> type was also
-introduced.
-</p>
-
-<p>
-The functions <a href="/pkg/encoding/xml/#Marshal"><code>Marshal</code></a>
-and <a href="/pkg/encoding/xml/#Unmarshal"><code>Unmarshal</code></a>
-work with <code>[]byte</code> values now. To work with streams,
-use the new <a href="/pkg/encoding/xml/#Encoder"><code>Encoder</code></a>
-and <a href="/pkg/encoding/xml/#Decoder"><code>Decoder</code></a> types.
-</p>
-
-<p>
-When marshaling or unmarshaling values, the format of supported flags in
-field tags has changed to be closer to the
-<a href="/pkg/encoding/json"><code>json</code></a> package
-(<code>`xml:"name,flag"`</code>). The matching done between field tags, field
-names, and the XML attribute and element names is now case-sensitive.
-The <code>XMLName</code> field tag, if present, must also match the name
-of the XML element being marshaled.
-</p>
-
-<p>
-<em>Updating</em>:
-Running <code>go fix</code> will update most uses of the package except for some calls to
-<code>Unmarshal</code>. Special care must be taken with field tags,
-since the fix tool will not update them and if not fixed by hand they will
-misbehave silently in some cases. For example, the old
-<code>"attr"</code> is now written <code>",attr"</code> while plain
-<code>"attr"</code> remains valid but with a different meaning.
-</p>
-
<h3 id="expvar">The expvar package</h3>
<p>
Several packages under <code>go</code> have slightly revised APIs.
</p>
-<p>
-A concrete <code>Mode</code> type was introduced for configuration mode flags
-in the packages
-<a href="/pkg/go/scanner/"><code>go/scanner</code></a>,
-<a href="/pkg/go/parser/"><code>go/parser</code></a>,
-<a href="/pkg/go/printer/"><code>go/printer</code></a>, and
-<a href="/pkg/go/doc/"><code>go/doc</code></a>.
-</p>
-
<p>
The modes <code>AllowIllegalChars</code> and <code>InsertSemis</code> have been removed
from the <a href="/pkg/go/scanner/"><code>go/scanner</code></a> package. They were mostly
for that purpose.
</p>
-<p>
-The <a href="/pkg/go/scanner/#ErrorHandler"><code>ErrorHandler</code></a> provided
-to the scanner's <a href="/pkg/go/scanner/#Scanner.Init"><code>Init</code></a> method is
-now simply a function rather than an interface. The <code>ErrorVector</code> type has
-been removed in favor of the (existing) <a href="/pkg/go/scanner/#ErrorList"><code>ErrorList</code></a>
-type, and the <code>ErrorVector</code> methods have been migrated. Instead of embedding
-an <code>ErrorVector</code> in a client of the scanner, now a client should maintain
-an <code>ErrorList</code>.
-</p>
-
<p>
The set of parse functions provided by the <a href="/pkg/go/parser/"><code>go/parser</code></a>
package has been reduced to the primary parse function
and <a href="/pkg/go/parser/#ParseExpr"><code>ParseExpr</code></a>.
</p>
-<p>
-The <a href="/pkg/go/printer/"><code>go/printer</code></a> package supports an additional
-configuration mode <a href="/pkg/go/printer/#Mode"><code>SourcePos</code></a>;
-if set, the printer will emit <code>//line</code> comments such that the generated
-output contains the original source code position information. The new type
-<a href="/pkg/go/printer/#CommentedNode"><code>CommentedNode</code></a> can be
-used to provide comments associated with an arbitrary
-<a href="/pkg/go/ast/#Node"><code>ast.Node</code></a> (until now only
-<a href="/pkg/go/ast/#File"><code>ast.File</code></a> carried comment information).
-</p>
-
<p>
The type names of the <a href="/pkg/go/doc/"><code>go/doc</code></a> package have been
streamlined by removing the <code>Doc</code> suffix: <code>PackageDoc</code>
</ul>
<p>
-The <code>Request.RawURL</code> field has been removed; it was a
+Also, the <code>Request.RawURL</code> field has been removed; it was a
historical artifact.
</p>
-<p>
-The <code>Handle</code> and <code>HandleFunc</code>
-functions, and the similarly-named methods of <code>ServeMux</code>,
-now panic if an attempt is made to register the same pattern twice.
-</p>
-
<p>
<em>Updating</em>:
Running <code>go fix</code> will update the few programs that are affected except for
The old <code>image.ColorImage</code> type is still in the <code>image</code>
package but has been renamed
<a href="/pkg/image/#Uniform"><code>image.Uniform</code></a>,
-while <code>image.Tiled</code> has been removed.
+while <code>image.Tiled</code>
+has been renamed
+<a href="/pkg/image/#Repeated"><code>image.Repeated</code></a>.
</p>
<p>
<td colspan="2"><hr></td>
</tr>
<tr><td>image.ColorImage</td> <td>image.Uniform</td></tr>
+<tr><td>image.Tiled</td> <td>image.Repeated</td></tr>
</table>
<p>
Running <code>go fix</code> will update almost all code affected by the change.
</p>
-<h3 id="log_syslog">The log/syslog package</h3>
-
-<p>
-In Go 1, the <a href="/pkg/log/syslog/#NewLogger"><code>syslog.NewLogger</code></a>
-function returns an error as well as a <code>log.Logger</code>.
-</p>
-
-<p>
-<em>Updating</em>:
-What little code is affected will be caught by the compiler and must be updated by hand.
-</p>
-
<h3 id="mime">The mime package</h3>
<p>
The semantic change makes it difficult for the fix tool to update automatically.
</p>
-<h3 id="os">The os package</h3>
-
-<p>The <code>Time</code> function has been removed; callers should use
-the <a href="/pkg/time/#Time"><code>Time</code></a> type from the
-<code>time</code> package.</p>
-
-<p>The <code>Exec</code> function has been removed; callers should use
-<code>Exec</code> from the <code>syscall</code> package, where available.</p>
-
-<p>The <code>ShellExpand</code> function has been renamed to <a
-href="/pkg/os/#ExpandEnv"><code>ExpandEnv</code></a>.</p>
-
-<p>The <a href="/pkg/os/#NewFile"><code>NewFile</code></a> function
-now takes a <code>uintptr</code> fd, instead of an <code>int</code>.
-The <a href="/pkg/os/#File.Fd"><code>Fd</code></a> method on files now
-also returns a <code>uintptr</code>.</p>
-
-<p><em>Updating</em>: Code will fail to compile and must be updated
-by hand. </p>
-
-<h4 id="os_fileinfo">The os.FileInfo type</h4>
+<h3 id="os_fileinfo">The os.FileInfo type</h3>
<p>
Go 1 redefines the <a href="/pkg/os/#FileInfo"><code>os.FileInfo</code></a> type,
or <code>panic</code> should be updated to use the new methods.
</p>
-<h3 id="testing_script">The testing/script package</h3>
-
-<p>
-The testing/script package has been deleted. It was a dreg.
-</p>
-
-<p>
-<em>Updating</em>:
-No code is likely to be affected.
-</p>
-
<h3 id="url">The url package</h3>
<p>
The semantic changes make it difficult for the fix tool to update automatically.
</p>
+<h3 id="xml">The xml package</h3>
+
+<p>
+In Go 1, the <a href="/pkg/encoding/xml/"><code>xml</code></a> package
+has been brought closer in design to the other marshaling packages such
+as <a href="/pkg/encoding/gob/"><code>encoding/gob</code></a>.
+</p>
+
+<p>
+The old <code>Parser</code> type is renamed
+<a href="/pkg/encoding/xml/#Decoder"><code>Decoder</code></a> and has a new
+<a href="/pkg/encoding/xml/#Decoder.Decode"><code>Decode</code></a> method. An
+<a href="/pkg/encoding/xml/#Encoder"><code>Encoder</code></a> type was also
+introduced.
+</p>
+
+<p>
+The functions <a href="/pkg/encoding/xml/#Marshal"><code>Marshal</code></a>
+and <a href="/pkg/encoding/xml/#Unmarshal"><code>Unmarshal</code></a>
+work with <code>[]byte</code> values now. To work with streams,
+use the new <a href="/pkg/encoding/xml/#Encoder"><code>Encoder</code></a>
+and <a href="/pkg/encoding/xml/#Decoder"><code>Decoder</code></a> types.
+</p>
+
+<p>
+When marshaling or unmarshaling values, the format of supported flags in
+field tags has changed to be closer to the
+<a href="/pkg/encoding/json"><code>json</code></a> package
+(<code>`xml:"name,flag"`</code>). The matching done between field tags, field
+names, and the XML attribute and element names is now case-sensitive.
+The <code>XMLName</code> field tag, if present, must also match the name
+of the XML element being marshaled.
+</p>
+
+<p>
+<em>Updating</em>:
+Running <code>go fix</code> will update most uses of the package except for some calls to
+<code>Unmarshal</code>. Special care must be taken with field tags,
+since the fix tool will not update them and if not fixed by hand they will
+misbehave silently in some cases. For example, the old
+<code>"attr"</code> is now written <code>",attr"</code> while plain
+<code>"attr"</code> remains valid but with a different meaning.
+</p>
+
<h2 id="go_command">The go command</h2>
<h2 id="releases">Packaged releases</h2>
package aes
-import "strconv"
+import (
+ "crypto/cipher"
+ "strconv"
+)
// The AES block size in bytes.
const BlockSize = 16
-// A Cipher is an instance of AES encryption using a particular key.
-type Cipher struct {
+// A cipher is an instance of AES encryption using a particular key.
+type aesCipher struct {
enc []uint32
dec []uint32
}
return "crypto/aes: invalid key size " + strconv.Itoa(int(k))
}
-// NewCipher creates and returns a new Cipher.
+// NewCipher creates and returns a new cipher.Block.
// The key argument should be the AES key,
// either 16, 24, or 32 bytes to select
// AES-128, AES-192, or AES-256.
-func NewCipher(key []byte) (*Cipher, error) {
+func NewCipher(key []byte) (cipher.Block, error) {
k := len(key)
switch k {
default:
}
n := k + 28
- c := &Cipher{make([]uint32, n), make([]uint32, n)}
+ c := &aesCipher{make([]uint32, n), make([]uint32, n)}
expandKey(key, c.enc, c.dec)
return c, nil
}
-// BlockSize returns the AES block size, 16 bytes.
-// It is necessary to satisfy the Block interface in the
-// package "crypto/cipher".
-func (c *Cipher) BlockSize() int { return BlockSize }
+func (c *aesCipher) BlockSize() int { return BlockSize }
-// Encrypt encrypts the 16-byte buffer src using the key k
-// and stores the result in dst.
-// Note that for amounts of data larger than a block,
-// it is not safe to just call Encrypt on successive blocks;
-// instead, use an encryption mode like CBC (see crypto/cipher/cbc.go).
-func (c *Cipher) Encrypt(dst, src []byte) { encryptBlock(c.enc, dst, src) }
+func (c *aesCipher) Encrypt(dst, src []byte) { encryptBlock(c.enc, dst, src) }
-// Decrypt decrypts the 16-byte buffer src using the key k
-// and stores the result in dst.
-func (c *Cipher) Decrypt(dst, src []byte) { decryptBlock(c.dec, dst, src) }
-
-// Reset zeros the key data, so that it will no longer
-// appear in the process's memory.
-func (c *Cipher) Reset() {
- for i := 0; i < len(c.enc); i++ {
- c.enc[i] = 0
- }
- for i := 0; i < len(c.dec); i++ {
- c.dec[i] = 0
- }
-}
+func (c *aesCipher) Decrypt(dst, src []byte) { decryptBlock(c.dec, dst, src) }
// Special Publication 800-38A, ``Recommendation for Block Cipher
// Modes of Operation,'' 2001 Edition, pp. 24-29.
-package cipher
+package cipher_test
import (
"bytes"
"crypto/aes"
+ "crypto/cipher"
"testing"
)
continue
}
- encrypter := NewCBCEncrypter(c, tt.iv)
+ encrypter := cipher.NewCBCEncrypter(c, tt.iv)
d := make([]byte, len(tt.in))
encrypter.CryptBlocks(d, tt.in)
if !bytes.Equal(tt.out, d) {
t.Errorf("%s: CBCEncrypter\nhave %x\nwant %x", test, d, tt.out)
}
- decrypter := NewCBCDecrypter(c, tt.iv)
+ decrypter := cipher.NewCBCDecrypter(c, tt.iv)
p := make([]byte, len(d))
decrypter.CryptBlocks(p, d)
if !bytes.Equal(tt.in, p) {
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-package cipher
+package cipher_test
import (
"bytes"
"crypto/aes"
+ "crypto/cipher"
"crypto/rand"
"testing"
)
plaintext := []byte("this is the plaintext")
iv := make([]byte, block.BlockSize())
rand.Reader.Read(iv)
- cfb := NewCFBEncrypter(block, iv)
+ cfb := cipher.NewCFBEncrypter(block, iv)
ciphertext := make([]byte, len(plaintext))
cfb.XORKeyStream(ciphertext, plaintext)
- cfbdec := NewCFBDecrypter(block, iv)
+ cfbdec := cipher.NewCFBDecrypter(block, iv)
plaintextCopy := make([]byte, len(plaintext))
cfbdec.XORKeyStream(plaintextCopy, ciphertext)
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
-package cipher
+package cipher_test
// Common values for tests.
// Special Publication 800-38A, ``Recommendation for Block Cipher
// Modes of Operation,'' 2001 Edition, pp. 55-58.
-package cipher
+package cipher_test
import (
"bytes"
"crypto/aes"
+ "crypto/cipher"
"testing"
)
for j := 0; j <= 5; j += 5 {
in := tt.in[0 : len(tt.in)-j]
- ctr := NewCTR(c, tt.iv)
+ ctr := cipher.NewCTR(c, tt.iv)
encrypted := make([]byte, len(in))
ctr.XORKeyStream(encrypted, in)
if out := tt.out[0:len(in)]; !bytes.Equal(out, encrypted) {
for j := 0; j <= 7; j += 7 {
in := tt.out[0 : len(tt.out)-j]
- ctr := NewCTR(c, tt.iv)
+ ctr := cipher.NewCTR(c, tt.iv)
plain := make([]byte, len(in))
ctr.XORKeyStream(plain, in)
if out := tt.in[0:len(in)]; !bytes.Equal(out, plain) {
// Special Publication 800-38A, ``Recommendation for Block Cipher
// Modes of Operation,'' 2001 Edition, pp. 52-55.
-package cipher
+package cipher_test
import (
"bytes"
"crypto/aes"
+ "crypto/cipher"
"testing"
)
for j := 0; j <= 5; j += 5 {
plaintext := tt.in[0 : len(tt.in)-j]
- ofb := NewOFB(c, tt.iv)
+ ofb := cipher.NewOFB(c, tt.iv)
ciphertext := make([]byte, len(plaintext))
ofb.XORKeyStream(ciphertext, plaintext)
if !bytes.Equal(ciphertext, tt.out[:len(plaintext)]) {
for j := 0; j <= 5; j += 5 {
ciphertext := tt.out[0 : len(tt.in)-j]
- ofb := NewOFB(c, tt.iv)
+ ofb := cipher.NewOFB(c, tt.iv)
plaintext := make([]byte, len(ciphertext))
ofb.XORKeyStream(plaintext, ciphertext)
if !bytes.Equal(plaintext, tt.in[:len(ciphertext)]) {
}
// creates 16 56-bit subkeys from the original key
-func (c *Cipher) generateSubkeys(keyBytes []byte) {
+func (c *desCipher) generateSubkeys(keyBytes []byte) {
// apply PC1 permutation to key
key := binary.BigEndian.Uint64(keyBytes)
permutedKey := permuteBlock(key, permutedChoice1[:])
package des
-import "strconv"
+import (
+ "crypto/cipher"
+ "strconv"
+)
// The DES block size in bytes.
const BlockSize = 8
return "crypto/des: invalid key size " + strconv.Itoa(int(k))
}
-// Cipher is an instance of DES encryption.
-type Cipher struct {
+// desCipher is an instance of DES encryption.
+type desCipher struct {
subkeys [16]uint64
}
-// NewCipher creates and returns a new Cipher.
-func NewCipher(key []byte) (*Cipher, error) {
+// NewCipher creates and returns a new cipher.Block.
+func NewCipher(key []byte) (cipher.Block, error) {
if len(key) != 8 {
return nil, KeySizeError(len(key))
}
- c := new(Cipher)
+ c := new(desCipher)
c.generateSubkeys(key)
return c, nil
}
-// BlockSize returns the DES block size, 8 bytes.
-func (c *Cipher) BlockSize() int { return BlockSize }
+func (c *desCipher) BlockSize() int { return BlockSize }
-// Encrypt encrypts the 8-byte buffer src and stores the result in dst.
-// Note that for amounts of data larger than a block,
-// it is not safe to just call Encrypt on successive blocks;
-// instead, use an encryption mode like CBC (see crypto/cipher/cbc.go).
-func (c *Cipher) Encrypt(dst, src []byte) { encryptBlock(c.subkeys[:], dst, src) }
+func (c *desCipher) Encrypt(dst, src []byte) { encryptBlock(c.subkeys[:], dst, src) }
-// Decrypt decrypts the 8-byte buffer src and stores the result in dst.
-func (c *Cipher) Decrypt(dst, src []byte) { decryptBlock(c.subkeys[:], dst, src) }
+func (c *desCipher) Decrypt(dst, src []byte) { decryptBlock(c.subkeys[:], dst, src) }
-// Reset zeros the key data, so that it will no longer
-// appear in the process's memory.
-func (c *Cipher) Reset() {
- for i := 0; i < len(c.subkeys); i++ {
- c.subkeys[i] = 0
- }
-}
-
-// A TripleDESCipher is an instance of TripleDES encryption.
-type TripleDESCipher struct {
- cipher1, cipher2, cipher3 Cipher
+// A tripleDESCipher is an instance of TripleDES encryption.
+type tripleDESCipher struct {
+ cipher1, cipher2, cipher3 desCipher
}
-// NewCipher creates and returns a new Cipher.
-func NewTripleDESCipher(key []byte) (*TripleDESCipher, error) {
+// NewTripleDESCipher creates and returns a new cipher.Block.
+func NewTripleDESCipher(key []byte) (cipher.Block, error) {
if len(key) != 24 {
return nil, KeySizeError(len(key))
}
- c := new(TripleDESCipher)
+ c := new(tripleDESCipher)
c.cipher1.generateSubkeys(key[:8])
c.cipher2.generateSubkeys(key[8:16])
c.cipher3.generateSubkeys(key[16:])
return c, nil
}
-// BlockSize returns the TripleDES block size, 8 bytes.
-// It is necessary to satisfy the Block interface in the
-// package "crypto/cipher".
-func (c *TripleDESCipher) BlockSize() int { return BlockSize }
+func (c *tripleDESCipher) BlockSize() int { return BlockSize }
-// Encrypts the 8-byte buffer src and stores the result in dst.
-// Note that for amounts of data larger than a block,
-// it is not safe to just call Encrypt on successive blocks;
-// instead, use an encryption mode like CBC (see crypto/cipher/cbc.go).
-func (c *TripleDESCipher) Encrypt(dst, src []byte) {
+func (c *tripleDESCipher) Encrypt(dst, src []byte) {
c.cipher1.Encrypt(dst, src)
c.cipher2.Decrypt(dst, dst)
c.cipher3.Encrypt(dst, dst)
}
-// Decrypts the 8-byte buffer src and stores the result in dst.
-func (c *TripleDESCipher) Decrypt(dst, src []byte) {
+func (c *tripleDESCipher) Decrypt(dst, src []byte) {
c.cipher3.Decrypt(dst, src)
c.cipher2.Encrypt(dst, dst)
c.cipher1.Decrypt(dst, dst)
}
-
-// Reset zeros the key data, so that it will no longer
-// appear in the process's memory.
-func (c *TripleDESCipher) Reset() {
- c.cipher1.Reset()
- c.cipher2.Reset()
- c.cipher3.Reset()
-}
[]byte{0x63, 0xfa, 0xc0, 0xd0, 0x34, 0xd9, 0xf7, 0x93}},
}
+func newCipher(key []byte) *desCipher {
+ c, err := NewCipher(key)
+ if err != nil {
+ panic("NewCipher failed: " + err.Error())
+ }
+ return c.(*desCipher)
+}
+
// Use the known weak keys to test DES implementation
func TestWeakKeys(t *testing.T) {
for i, tt := range weakKeyTests {
var encrypt = func(in []byte) (out []byte) {
- c, _ := NewCipher(tt.key)
+ c := newCipher(tt.key)
out = make([]byte, len(in))
encryptBlock(c.subkeys[:], out, in)
return
func TestSemiWeakKeyPairs(t *testing.T) {
for i, tt := range semiWeakKeyTests {
var encrypt = func(key, in []byte) (out []byte) {
- c, _ := NewCipher(key)
+ c := newCipher(key)
out = make([]byte, len(in))
encryptBlock(c.subkeys[:], out, in)
return
func TestDESEncryptBlock(t *testing.T) {
for i, tt := range encryptDESTests {
- c, _ := NewCipher(tt.key)
+ c := newCipher(tt.key)
out := make([]byte, len(tt.in))
encryptBlock(c.subkeys[:], out, tt.in)
func TestDESDecryptBlock(t *testing.T) {
for i, tt := range encryptDESTests {
- c, _ := NewCipher(tt.key)
+ c := newCipher(tt.key)
plain := make([]byte, len(tt.in))
decryptBlock(c.subkeys[:], plain, tt.out)
X *big.Int
}
-type invalidPublicKeyError int
-
-func (invalidPublicKeyError) Error() string {
- return "crypto/dsa: invalid public key"
-}
-
// ErrInvalidPublicKey results when a public key is not usable by this code.
// FIPS is quite strict about the format of DSA keys, but other code may be
// less so. Thus, when using keys which may have been generated by other code,
// this error must be handled.
-var ErrInvalidPublicKey error = invalidPublicKeyError(0)
+var ErrInvalidPublicKey = errors.New("crypto/dsa: invalid public key")
// ParameterSizes is a enumeration of the acceptable bit lengths of the primes
// in a set of DSA parameters. See FIPS 186-3, section 4.2.
import (
"bufio"
"crypto/aes"
+ "crypto/cipher"
"io"
"os"
"sync"
type reader struct {
mu sync.Mutex
budget int // number of bytes that can be generated
- cipher *aes.Cipher
+ cipher cipher.Block
entropy io.Reader
time, seed, dst, key [aes.BlockSize]byte
}
func EncryptPKCS1v15(rand io.Reader, pub *PublicKey, msg []byte) (out []byte, err error) {
k := (pub.N.BitLen() + 7) / 8
if len(msg) > k-11 {
- err = MessageTooLongError{}
+ err = ErrMessageTooLong
return
}
func DecryptPKCS1v15(rand io.Reader, priv *PrivateKey, ciphertext []byte) (out []byte, err error) {
valid, out, err := decryptPKCS1v15(rand, priv, ciphertext)
if err == nil && valid == 0 {
- err = DecryptionError{}
+ err = ErrDecryption
}
return
func DecryptPKCS1v15SessionKey(rand io.Reader, priv *PrivateKey, ciphertext []byte, key []byte) (err error) {
k := (priv.N.BitLen() + 7) / 8
if k-(len(key)+3+8) < 0 {
- err = DecryptionError{}
+ err = ErrDecryption
return
}
func decryptPKCS1v15(rand io.Reader, priv *PrivateKey, ciphertext []byte) (valid int, msg []byte, err error) {
k := (priv.N.BitLen() + 7) / 8
if k < 11 {
- err = DecryptionError{}
+ err = ErrDecryption
return
}
tLen := len(prefix) + hashLen
k := (priv.N.BitLen() + 7) / 8
if k < tLen+11 {
- return nil, MessageTooLongError{}
+ return nil, ErrMessageTooLong
}
// EM = 0x00 || 0x01 || PS || 0x00 || T
tLen := len(prefix) + hashLen
k := (pub.N.BitLen() + 7) / 8
if k < tLen+11 {
- err = VerificationError{}
+ err = ErrVerification
return
}
}
if ok != 1 {
- return VerificationError{}
+ return ErrVerification
}
return nil
}
}
-// MessageTooLongError is returned when attempting to encrypt a message which
-// is too large for the size of the public key.
-type MessageTooLongError struct{}
-
-func (MessageTooLongError) Error() string {
- return "message too long for RSA public key size"
-}
+// ErrMessageTooLong is returned when attempting to encrypt a message which is
+// too large for the size of the public key.
+var ErrMessageTooLong = errors.New("crypto/rsa: message too long for RSA public key size")
func encrypt(c *big.Int, pub *PublicKey, m *big.Int) *big.Int {
e := big.NewInt(int64(pub.E))
hash.Reset()
k := (pub.N.BitLen() + 7) / 8
if len(msg) > k-2*hash.Size()-2 {
- err = MessageTooLongError{}
+ err = ErrMessageTooLong
return
}
return
}
-// A DecryptionError represents a failure to decrypt a message.
+// ErrDecryption represents a failure to decrypt a message.
// It is deliberately vague to avoid adaptive attacks.
-type DecryptionError struct{}
+var ErrDecryption = errors.New("crypto/rsa: decryption error")
-func (DecryptionError) Error() string { return "RSA decryption error" }
-
-// A VerificationError represents a failure to verify a signature.
+// ErrVerification represents a failure to verify a signature.
// It is deliberately vague to avoid adaptive attacks.
-type VerificationError struct{}
-
-func (VerificationError) Error() string { return "RSA verification error" }
+var ErrVerification = errors.New("crypto/rsa: verification error")
// modInverse returns ia, the inverse of a in the multiplicative group of prime
// order n. It requires that a be a member of the group (i.e. less than n).
func decrypt(random io.Reader, priv *PrivateKey, c *big.Int) (m *big.Int, err error) {
// TODO(agl): can we get away with reusing blinds?
if c.Cmp(priv.N) > 0 {
- err = DecryptionError{}
+ err = ErrDecryption
return
}
k := (priv.N.BitLen() + 7) / 8
if len(ciphertext) > k ||
k < hash.Size()*2+2 {
- err = DecryptionError{}
+ err = ErrDecryption
return
}
}
if firstByteIsZero&lHash2Good&^invalid&^lookingForIndex != 1 {
- err = DecryptionError{}
+ err = ErrDecryption
return
}
return c.conn.RemoteAddr()
}
-// SetDeadline sets the read deadline associated with the connection.
-// There is no write deadline.
-// A zero value for t means Read will not time out.
+// SetDeadline sets the read and write deadlines associated with the connection.
+// A zero value for t means Read and Write will not time out.
+// After a Write has timed out, the TLS state is corrupt and all future writes will return the same error.
func (c *Conn) SetDeadline(t time.Time) error {
return c.conn.SetDeadline(t)
}
return c.conn.SetReadDeadline(t)
}
-// SetWriteDeadline exists to satisfy the net.Conn interface
-// but is not implemented by TLS. It always returns an error.
+// SetWriteDeadline sets the write deadline on the underlying conneciton.
+// A zero value for t means Write will not time out.
+// After a Write has timed out, the TLS state is corrupt and all future writes will return the same error.
func (c *Conn) SetWriteDeadline(t time.Time) error {
- return errors.New("TLS does not support SetWriteDeadline")
+ return c.conn.SetWriteDeadline(t)
}
// A halfConn represents one direction of the record layer
}
// Write writes data to the connection.
-func (c *Conn) Write(b []byte) (n int, err error) {
- if err = c.Handshake(); err != nil {
- return
+func (c *Conn) Write(b []byte) (int, error) {
+ if c.err != nil {
+ return 0, c.err
+ }
+
+ if c.err = c.Handshake(); c.err != nil {
+ return 0, c.err
}
c.out.Lock()
if !c.handshakeComplete {
return 0, alertInternalError
}
- if c.err != nil {
- return 0, c.err
- }
- return c.writeRecord(recordTypeApplicationData, b)
+
+ var n int
+ n, c.err = c.writeRecord(recordTypeApplicationData, b)
+ return n, c.err
}
// Read can be made to time out and return a net.Error with Timeout() == true
PolicyIdentifiers []asn1.ObjectIdentifier
}
-// UnsupportedAlgorithmError results from attempting to perform an operation
-// that involves algorithms that are not currently implemented.
-type UnsupportedAlgorithmError struct{}
-
-func (UnsupportedAlgorithmError) Error() string {
- return "cannot verify signature: algorithm unimplemented"
-}
+// ErrUnsupportedAlgorithm results from attempting to perform an operation that
+// involves algorithms that are not currently implemented.
+var ErrUnsupportedAlgorithm = errors.New("crypto/x509: cannot verify signature: algorithm unimplemented")
// ConstraintViolationError results when a requested usage is not permitted by
// a certificate. For example: checking a signature when the public key isn't a
type ConstraintViolationError struct{}
func (ConstraintViolationError) Error() string {
- return "invalid signature: parent certificate cannot sign this kind of certificate"
+ return "crypto/x509: invalid signature: parent certificate cannot sign this kind of certificate"
}
func (c *Certificate) Equal(other *Certificate) bool {
}
if parent.PublicKeyAlgorithm == UnknownPublicKeyAlgorithm {
- return UnsupportedAlgorithmError{}
+ return ErrUnsupportedAlgorithm
}
// TODO(agl): don't ignore the path length constraint.
case SHA512WithRSA:
hashType = crypto.SHA512
default:
- return UnsupportedAlgorithmError{}
+ return ErrUnsupportedAlgorithm
}
h := hashType.New()
if h == nil {
- return UnsupportedAlgorithmError{}
+ return ErrUnsupportedAlgorithm
}
h.Write(signed)
}
return
}
- return UnsupportedAlgorithmError{}
+ return ErrUnsupportedAlgorithm
}
// CheckCRLSignature checks that the signature in crl is from c.