Copyright 2010 The Go Authors. All rights reserved. Use of this source code is governed by a BSD-style license that can be found in the LICENSE file.
Package blowfish implements Bruce Schneier's Blowfish encryption algorithm. Blowfish is a legacy cipher and its short block size makes it vulnerable to birthday bound attacks (see https://sweet32.info). It should only be used where compatibility with legacy systems, not security, is the goal. Deprecated: any new system should use AES (from crypto/aes, if necessary in an AEAD mode like crypto/cipher.NewGCM) or XChaCha20-Poly1305 (from golang.org/x/crypto/chacha20poly1305).
package blowfish // import "golang.org/x/crypto/blowfish"
The code is a port of Bruce Schneier's C implementation. See https://www.schneier.com/blowfish.html.

import 
The Blowfish block size in bytes.
const BlockSize = 8
A Cipher is an instance of Blowfish encryption using a particular key.
type Cipher struct {
	p              [18]uint32
	s0, s1, s2, s3 [256]uint32
}

type KeySizeError int

func ( KeySizeError) () string {
	return "crypto/blowfish: invalid key size " + strconv.Itoa(int())
}
NewCipher creates and returns a Cipher. The key argument should be the Blowfish key, from 1 to 56 bytes.
func ( []byte) (*Cipher, error) {
	var  Cipher
	if  := len();  < 1 ||  > 56 {
		return nil, KeySizeError()
	}
	initCipher(&)
	ExpandKey(, &)
	return &, nil
}
NewSaltedCipher creates a returns a Cipher that folds a salt into its key schedule. For most purposes, NewCipher, instead of NewSaltedCipher, is sufficient and desirable. For bcrypt compatibility, the key can be over 56 bytes.
func (,  []byte) (*Cipher, error) {
	if len() == 0 {
		return NewCipher()
	}
	var  Cipher
	if  := len();  < 1 {
		return nil, KeySizeError()
	}
	initCipher(&)
	expandKeyWithSalt(, , &)
	return &, nil
}
BlockSize returns the Blowfish block size, 8 bytes. It is necessary to satisfy the Block interface in the package "crypto/cipher".
func ( *Cipher) () int { return BlockSize }
Encrypt encrypts the 8-byte buffer src using the key k and stores the result in dst. Note that for amounts of data larger than a block, it is not safe to just call Encrypt on successive blocks; instead, use an encryption mode like CBC (see crypto/cipher/cbc.go).
func ( *Cipher) (,  []byte) {
	 := uint32([0])<<24 | uint32([1])<<16 | uint32([2])<<8 | uint32([3])
	 := uint32([4])<<24 | uint32([5])<<16 | uint32([6])<<8 | uint32([7])
	,  = encryptBlock(, , )
	[0], [1], [2], [3] = byte(>>24), byte(>>16), byte(>>8), byte()
	[4], [5], [6], [7] = byte(>>24), byte(>>16), byte(>>8), byte()
}
Decrypt decrypts the 8-byte buffer src using the key k and stores the result in dst.
func ( *Cipher) (,  []byte) {
	 := uint32([0])<<24 | uint32([1])<<16 | uint32([2])<<8 | uint32([3])
	 := uint32([4])<<24 | uint32([5])<<16 | uint32([6])<<8 | uint32([7])
	,  = decryptBlock(, , )
	[0], [1], [2], [3] = byte(>>24), byte(>>16), byte(>>8), byte()
	[4], [5], [6], [7] = byte(>>24), byte(>>16), byte(>>8), byte()
}

func ( *Cipher) {
	copy(.p[0:], p[0:])
	copy(.s0[0:], s0[0:])
	copy(.s1[0:], s1[0:])
	copy(.s2[0:], s2[0:])
	copy(.s3[0:], s3[0:])