Encrypt is the encryption function. dst can contain bytes at the beginning of the ciphertext that will not be encrypted but will be authenticated. If dst has enough capacity to hold these bytes, the ciphertext and the tag, no allocation and copy operations will be performed. dst and plaintext do not
(dst, plaintext []byte)
| 66 | // allocation and copy operations will be performed. dst and plaintext do not |
| 67 | // overlap. |
| 68 | func (s *aes128gcm) Encrypt(dst, plaintext []byte) ([]byte, error) { |
| 69 | // If we need to allocate an output buffer, we want to include space for |
| 70 | // GCM tag to avoid forcing ALTS record to reallocate as well. |
| 71 | dlen := len(dst) |
| 72 | dst, out := SliceForAppend(dst, len(plaintext)+GcmTagSize) |
| 73 | seq, err := s.outCounter.Value() |
| 74 | if err != nil { |
| 75 | return nil, err |
| 76 | } |
| 77 | data := out[:len(plaintext)] |
| 78 | copy(data, plaintext) // data may alias plaintext |
| 79 | |
| 80 | // Seal appends the ciphertext and the tag to its first argument and |
| 81 | // returns the updated slice. However, SliceForAppend above ensures that |
| 82 | // dst has enough capacity to avoid a reallocation and copy due to the |
| 83 | // append. |
| 84 | dst = s.aead.Seal(dst[:dlen], seq, data, nil) |
| 85 | s.outCounter.Inc() |
| 86 | return dst, nil |
| 87 | } |
| 88 | |
| 89 | func (s *aes128gcm) EncryptionOverhead() int { |
| 90 | return GcmTagSize |
nothing calls this directly
no test coverage detected