From 6fac1398303c95698880dd16877a8692e86ee15c Mon Sep 17 00:00:00 2001
From: Filippo Valsorda <hi@filippo.io>
Date: Fri, 1 Sep 2017 00:01:57 +0200
Subject: [PATCH] crypto/cipher, crypto/rc4: make overlap rules wording
 consistent

Closes #21279

Change-Id: I84d6b168a684fa9f3c046028d0c9f00292d7c110
Reviewed-on: https://go-review.googlesource.com/61132
Reviewed-by: Adam Langley <agl@golang.org>
Run-TryBot: Adam Langley <agl@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
---
 src/crypto/cipher/cipher.go | 10 +++++-----
 src/crypto/cipher/gcm.go    |  4 ++--
 src/crypto/rc4/rc4.go       |  3 +--
 src/crypto/rc4/rc4_asm.go   |  2 +-
 src/crypto/rc4/rc4_ref.go   |  2 +-
 5 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/src/crypto/cipher/cipher.go b/src/crypto/cipher/cipher.go
index 0950ea9e80..31c14d7f91 100644
--- a/src/crypto/cipher/cipher.go
+++ b/src/crypto/cipher/cipher.go
@@ -17,18 +17,18 @@ type Block interface {
 	BlockSize() int
 
 	// Encrypt encrypts the first block in src into dst.
-	// Dst and src may point at the same memory.
+	// Dst and src must overlap entirely or not at all.
 	Encrypt(dst, src []byte)
 
 	// Decrypt decrypts the first block in src into dst.
-	// Dst and src may point at the same memory.
+	// Dst and src must overlap entirely or not at all.
 	Decrypt(dst, src []byte)
 }
 
 // A Stream represents a stream cipher.
 type Stream interface {
 	// XORKeyStream XORs each byte in the given slice with a byte from the
-	// cipher's key stream. Dst and src may point to the same memory.
+	// cipher's key stream. Dst and src must overlap entirely or not at all.
 	//
 	// If len(dst) < len(src), XORKeyStream should panic. It is acceptable
 	// to pass a dst bigger than src, and in that case, XORKeyStream will
@@ -47,8 +47,8 @@ type BlockMode interface {
 	BlockSize() int
 
 	// CryptBlocks encrypts or decrypts a number of blocks. The length of
-	// src must be a multiple of the block size. Dst and src may point to
-	// the same memory.
+	// src must be a multiple of the block size. Dst and src must overlap
+	// entirely or not at all.
 	//
 	// If len(dst) < len(src), CryptBlocks should panic. It is acceptable
 	// to pass a dst bigger than src, and in that case, CryptBlocks will
diff --git a/src/crypto/cipher/gcm.go b/src/crypto/cipher/gcm.go
index 62085aac0f..28f3ddd6e6 100644
--- a/src/crypto/cipher/gcm.go
+++ b/src/crypto/cipher/gcm.go
@@ -26,7 +26,7 @@ type AEAD interface {
 	// slice. The nonce must be NonceSize() bytes long and unique for all
 	// time, for a given key.
 	//
-	// The plaintext and dst may alias exactly or not at all. To reuse
+	// The plaintext and dst must overlap exactly or not at all. To reuse
 	// plaintext's storage for the encrypted output, use plaintext[:0] as dst.
 	Seal(dst, nonce, plaintext, additionalData []byte) []byte
 
@@ -36,7 +36,7 @@ type AEAD interface {
 	// bytes long and both it and the additional data must match the
 	// value passed to Seal.
 	//
-	// The ciphertext and dst may alias exactly or not at all. To reuse
+	// The ciphertext and dst must overlap exactly or not at all. To reuse
 	// ciphertext's storage for the decrypted output, use ciphertext[:0] as dst.
 	//
 	// Even if the function fails, the contents of dst, up to its capacity,
diff --git a/src/crypto/rc4/rc4.go b/src/crypto/rc4/rc4.go
index 772af0e7e0..8274325c81 100644
--- a/src/crypto/rc4/rc4.go
+++ b/src/crypto/rc4/rc4.go
@@ -52,8 +52,7 @@ func (c *Cipher) Reset() {
 }
 
 // xorKeyStreamGeneric sets dst to the result of XORing src with the
-// key stream. Dst and src may be the same slice but otherwise should
-// not overlap.
+// key stream. Dst and src must overlap entirely or not at all.
 //
 // This is the pure Go version. rc4_{amd64,386,arm}* contain assembly
 // implementations. This is here for tests and to prevent bitrot.
diff --git a/src/crypto/rc4/rc4_asm.go b/src/crypto/rc4/rc4_asm.go
index 8d464547fa..7e5f8b2fa4 100644
--- a/src/crypto/rc4/rc4_asm.go
+++ b/src/crypto/rc4/rc4_asm.go
@@ -9,7 +9,7 @@ package rc4
 func xorKeyStream(dst, src *byte, n int, state *[256]uint32, i, j *uint8)
 
 // XORKeyStream sets dst to the result of XORing src with the key stream.
-// Dst and src may be the same slice but otherwise should not overlap.
+// Dst and src must overlap entirely or not at all.
 func (c *Cipher) XORKeyStream(dst, src []byte) {
 	if len(src) == 0 {
 		return
diff --git a/src/crypto/rc4/rc4_ref.go b/src/crypto/rc4/rc4_ref.go
index e34bd34cf1..9b98fc49e7 100644
--- a/src/crypto/rc4/rc4_ref.go
+++ b/src/crypto/rc4/rc4_ref.go
@@ -7,7 +7,7 @@
 package rc4
 
 // XORKeyStream sets dst to the result of XORing src with the key stream.
-// Dst and src may be the same slice but otherwise should not overlap.
+// Dst and src must overlap entirely or not at all.
 func (c *Cipher) XORKeyStream(dst, src []byte) {
 	c.xorKeyStreamGeneric(dst, src)
 }