Refactor to prepare supporting more encryption method.

cmd/shadowsocks-local/local.go

@@ -150,7 +150,7 @@ func getRequest(conn net.Conn) (rawaddr []byte, host string, err error) {
 
 type ServerCipher struct {
 	server string
-	cipher ss.Cipher
+	cipher *ss.Cipher
 }
 
 var servers struct {
@@ -191,7 +191,7 @@ func parseServerConfig(config *ss.Config) {
 		n := len(config.ServerPassword)
 		servers.srvCipher = make([]*ServerCipher, n)
 
-		cipherCache := make(map[string]ss.Cipher)
+		cipherCache := make(map[string]*ss.Cipher)
 		i := 0
 		for _, serverInfo := range config.ServerPassword {
 			if len(serverInfo) < 2 || len(serverInfo) > 3 {

cmd/shadowsocks-server/server.go

@@ -264,7 +264,7 @@ func run(port, password string) {
 		return
 	}
 	passwdManager.add(port, password, ln)
-	var cipher ss.Cipher
+	var cipher *ss.Cipher
 	log.Printf("server listening port %v ...\n", port)
 	for {
 		conn, err := ln.Accept()

shadowsocks/conn.go

@@ -10,10 +10,10 @@ import (
 
 type Conn struct {
 	net.Conn
-	Cipher
+	*Cipher
 }
 
-func NewConn(cn net.Conn, cipher Cipher) *Conn {
+func NewConn(cn net.Conn, cipher *Cipher) *Conn {
 	return &Conn{cn, cipher}
 }
 
@@ -42,7 +42,7 @@ func RawAddr(addr string) (buf []byte, err error) {
 // This is intended for use by users implementing a local socks proxy.
 // rawaddr shoud contain part of the data in socks request, starting from the
 // ATYP field. (Refer to rfc1928 for more information.)
-func DialWithRawAddr(rawaddr []byte, server string, cipher Cipher) (c *Conn, err error) {
+func DialWithRawAddr(rawaddr []byte, server string, cipher *Cipher) (c *Conn, err error) {
 	conn, err := net.Dial("tcp", server)
 	if err != nil {
 		return
@@ -56,7 +56,7 @@ func DialWithRawAddr(rawaddr []byte, server string, cipher Cipher) (c *Conn, err
 }
 
 // addr should be in the form of host:port
-func Dial(addr, server string, cipher Cipher) (c *Conn, err error) {
+func Dial(addr, server string, cipher *Cipher) (c *Conn, err error) {
 	ra, err := RawAddr(addr)
 	if err != nil {
 		return

shadowsocks/encrypt.go

@@ -2,6 +2,7 @@ package shadowsocks
 
 import (
 	"bytes"
+	"crypto/cipher"
 	"crypto/md5"
 	"crypto/rc4"
 	"encoding/binary"
@@ -10,38 +11,23 @@ import (
 
 var errEmptyKey = errors.New("empty key")
 
-type Cipher interface {
-	// Some ciphers maintains context (e.g. RC4), which means different
-	// connections need to use their own ciphers. Copy() will create an copy
-	// of the cipher in the current state. Use this before calling
-	// Encrypt/Decrypt to avoid initialization cost of of creating a new
-	// cipher.
-	Copy() Cipher
-	// dst should have at least the same length as src
-	Encrypt(dst, src []byte)
-	Decrypt(dst, src []byte)
-}
+type tableCipher []byte
 
-type TableCipher struct {
-	encTbl []byte
-	decTbl []byte
+func (tbl tableCipher) XORKeyStream(dst, src []byte) {
+	for i := 0; i < len(src); i++ {
+		dst[i] = tbl[src[i]]
+	}
 }
 
-// Creates a new table based cipher. err is always nil.
-func NewTableCipher(key string) (c *TableCipher, err error) {
-	if key == "" {
-		return nil, errEmptyKey
-	}
+// NewTableCipher creates a new table based cipher.
+func newTableCipher(key string) (enc, dec tableCipher) {
 	const tbl_size = 256
-	tbl := TableCipher{
-		make([]byte, tbl_size),
-		make([]byte, tbl_size),
-	}
+	enc = make([]byte, tbl_size)
+	dec = make([]byte, tbl_size)
 	table := make([]uint64, tbl_size)
 
 	h := md5.New()
 	h.Write([]byte(key))
-
 	s := h.Sum(nil)
 
 	var a uint64
@@ -57,73 +43,77 @@ func NewTableCipher(key string) (c *TableCipher, err error) {
 		})
 	}
 	for i = 0; i < tbl_size; i++ {
-		tbl.encTbl[i] = byte(table[i])
+		enc[i] = byte(table[i])
 	}
 	for i = 0; i < tbl_size; i++ {
-		tbl.decTbl[tbl.encTbl[i]] = byte(i)
+		dec[enc[i]] = byte(i)
 	}
-	return &tbl, nil
+	return enc, dec
 }
 
-func (c *TableCipher) Encrypt(dst, src []byte) {
-	for i := 0; i < len(src); i++ {
-		dst[i] = c.encTbl[src[i]]
+func newRC4Cipher(key string) (enc, dec cipher.Stream, err error) {
+	h := md5.New()
+	h.Write([]byte(key))
+	rc4Enc, err := rc4.NewCipher(h.Sum(nil))
+	if err != nil {
+		return
 	}
+	// create a copy, as RC4 encrypt and decrypt uses the same keystream
+	rc4Dec := *rc4Enc
+	return rc4Enc, &rc4Dec, nil
 }
 
-func (c *TableCipher) Decrypt(dst, src []byte) {
-	for i := 0; i < len(src); i++ {
-		dst[i] = c.decTbl[src[i]]
-	}
+type Cipher struct {
+	enc    cipher.Stream
+	dec    cipher.Stream
+	key    string
+	method string
 }
 
-// Table cipher has no state, so can return itself.
-func (c *TableCipher) Copy() Cipher {
-	return c
-}
+// NewCipher creates a cipher that can be used in Dial() etc.
+// Use cipher.Copy() to create a new cipher with the same method and password
+// to avoid the cost of repeated cipher initialization.
+func NewCipher(method, password string) (*Cipher, error) {
+	if password == "" {
+		return nil, errEmptyKey
+	}
 
-type RC4Cipher struct {
-	dec *rc4.Cipher
-	enc *rc4.Cipher
-}
+	cipher := Cipher{method: method, key: password}
+	var err error
 
-func NewRC4Cipher(key string) (c *RC4Cipher, err error) {
-	if key == "" {
-		return nil, errEmptyKey
+	if method == "" || method == "table" {
+		cipher.enc, cipher.dec = newTableCipher(password)
+	} else if method == "rc4" {
+		cipher.enc, cipher.dec, err = newRC4Cipher(password)
 	}
-	h := md5.New()
-	h.Write([]byte(key))
-	enc, err := rc4.NewCipher(h.Sum(nil))
 	if err != nil {
-		return
+		return nil, err
 	}
-	dec := *enc // create a copy
-	c = &RC4Cipher{&dec, enc}
-	return
+	return &cipher, nil
 }
 
-func (c RC4Cipher) Encrypt(dst, src []byte) {
+func (c *Cipher) Encrypt(dst, src []byte) {
 	c.enc.XORKeyStream(dst, src)
 }
 
-func (c RC4Cipher) Decrypt(dst, src []byte) {
+func (c *Cipher) Decrypt(dst, src []byte) {
 	c.dec.XORKeyStream(dst, src)
 }
 
-// Create a new RC4 cipher with the same keystream.
-func (c RC4Cipher) Copy() Cipher {
-	dec := *c.dec
-	enc := *c.enc
-	return &RC4Cipher{&dec, &enc}
-}
-
-// Create cipher based on name
-func NewCipher(cipherName, key string) (Cipher, error) {
-	switch cipherName {
-	case "":
-		return NewTableCipher(key)
-	case "rc4":
-		return NewRC4Cipher(key)
+func (c *Cipher) Copy() *Cipher {
+	// This optimization maybe not necessary. But without this function, we
+	// need to maintain a table cache for newTableCipher and use lock to
+	// protect concurrent access to that cache.
+	switch c.enc.(type) {
+	case tableCipher:
+		return c
+	case *rc4.Cipher:
+		enc, _ := c.enc.(*rc4.Cipher)
+		encCpy := *enc
+		decCpy := *enc
+		return &Cipher{enc: &encCpy, dec: &decCpy}
+	default:
+		nc, _ := NewCipher(c.method, c.key)
+		return nc
 	}
-	return nil, errors.New("encryption method " + cipherName + " not supported")
 }

shadowsocks/encrypt_test.go

@@ -1,40 +1,39 @@
 package shadowsocks
 
 import (
+	"crypto/rc4"
 	"testing"
 )
 
-func checkTable(t *testing.T, tbl *TableCipher, encTarget, decTarget []byte, msg string) {
+func checkTable(t *testing.T, enc, dec tableCipher, encTarget, decTarget []byte, msg string) {
 	const tbl_size = 256
 	for i := 0; i < tbl_size; i++ {
-		if encTarget[i] != tbl.encTbl[i] {
+		if encTarget[i] != enc[i] {
 			t.Fatalf("%s: encrypt table error at index %d\n", msg, i)
 		}
-		if decTarget[i] != tbl.decTbl[i] {
+		if decTarget[i] != dec[i] {
 			t.Fatalf("%s: decrypt table error at index %d\n", msg, i)
 		}
 	}
 }
 
 func TestEncrypTable1(t *testing.T) {
-	enc := []byte{60, 53, 84, 138, 217, 94, 88, 23, 39, 242, 219, 35, 12, 157, 165, 181, 255, 143, 83, 247, 162, 16, 31, 209, 190, 171, 115, 65, 38, 41, 21, 245, 236, 46, 121, 62, 166, 233, 44, 154, 153, 145, 230, 49, 128, 216, 173, 29, 241, 119, 64, 229, 194, 103, 131, 110, 26, 197, 218, 59, 204, 56, 27, 34, 141, 221, 149, 239, 192, 195, 24, 155, 170, 183, 11, 254, 213, 37, 137, 226, 75, 203, 55, 19, 72, 248, 22, 129, 33, 175, 178, 10, 198, 71, 77, 36, 113, 167, 48, 2, 117, 140, 142, 66, 199, 232, 243, 32, 123, 54, 51, 82, 57, 177, 87, 251, 150, 196, 133, 5, 253, 130, 8, 184, 14, 152, 231, 3, 186, 159, 76, 89, 228, 205, 156, 96, 163, 146, 18, 91, 132, 85, 80, 109, 172, 176, 105, 13, 50, 235, 127, 0, 189, 95, 98, 136, 250, 200, 108, 179, 211, 214, 106, 168, 78, 79, 74, 210, 30, 73, 201, 151, 208, 114, 101, 174, 92, 52, 120, 240, 15, 169, 220, 182, 81, 224, 43, 185, 40, 99, 180, 17, 212, 158, 42, 90, 9, 191, 45, 6, 25, 4, 222, 67, 126, 1, 116, 124, 206, 69, 61, 7, 68, 97, 202, 63, 244, 20, 28, 58, 93, 134, 104, 144, 227, 147, 102, 118, 135, 148, 47, 238, 86, 112, 122, 70, 107, 215, 100, 139, 223, 225, 164, 237, 111, 125, 207, 160, 187, 246, 234, 161, 188, 193, 249, 252}
-	dec := []byte{151, 205, 99, 127, 201, 119, 199, 211, 122, 196, 91, 74, 12, 147, 124, 180, 21, 191, 138, 83, 217, 30, 86, 7, 70, 200, 56, 62, 218, 47, 168, 22, 107, 88, 63, 11, 95, 77, 28, 8, 188, 29, 194, 186, 38, 198, 33, 230, 98, 43, 148, 110, 177, 1, 109, 82, 61, 112, 219, 59, 0, 210, 35, 215, 50, 27, 103, 203, 212, 209, 235, 93, 84, 169, 166, 80, 130, 94, 164, 165, 142, 184, 111, 18, 2, 141, 232, 114, 6, 131, 195, 139, 176, 220, 5, 153, 135, 213, 154, 189, 238, 174, 226, 53, 222, 146, 162, 236, 158, 143, 55, 244, 233, 96, 173, 26, 206, 100, 227, 49, 178, 34, 234, 108, 207, 245, 204, 150, 44, 87, 121, 54, 140, 118, 221, 228, 155, 78, 3, 239, 101, 64, 102, 17, 223, 41, 137, 225, 229, 66, 116, 171, 125, 40, 39, 71, 134, 13, 193, 129, 247, 251, 20, 136, 242, 14, 36, 97, 163, 181, 72, 25, 144, 46, 175, 89, 145, 113, 90, 159, 190, 15, 183, 73, 123, 187, 128, 248, 252, 152, 24, 197, 68, 253, 52, 69, 117, 57, 92, 104, 157, 170, 214, 81, 60, 133, 208, 246, 172, 23, 167, 160, 192, 76, 161, 237, 45, 4, 58, 10, 182, 65, 202, 240, 185, 241, 79, 224, 132, 51, 42, 126, 105, 37, 250, 149, 32, 243, 231, 67, 179, 48, 9, 106, 216, 31, 249, 19, 85, 254, 156, 115, 255, 120, 75, 16}
-	cipher, _ := NewCipher("", "foobar!")
-	tbl, _ := cipher.(*TableCipher)
-	checkTable(t, tbl, enc, dec, "Error for password foobar!")
+	encTarget := []byte{60, 53, 84, 138, 217, 94, 88, 23, 39, 242, 219, 35, 12, 157, 165, 181, 255, 143, 83, 247, 162, 16, 31, 209, 190, 171, 115, 65, 38, 41, 21, 245, 236, 46, 121, 62, 166, 233, 44, 154, 153, 145, 230, 49, 128, 216, 173, 29, 241, 119, 64, 229, 194, 103, 131, 110, 26, 197, 218, 59, 204, 56, 27, 34, 141, 221, 149, 239, 192, 195, 24, 155, 170, 183, 11, 254, 213, 37, 137, 226, 75, 203, 55, 19, 72, 248, 22, 129, 33, 175, 178, 10, 198, 71, 77, 36, 113, 167, 48, 2, 117, 140, 142, 66, 199, 232, 243, 32, 123, 54, 51, 82, 57, 177, 87, 251, 150, 196, 133, 5, 253, 130, 8, 184, 14, 152, 231, 3, 186, 159, 76, 89, 228, 205, 156, 96, 163, 146, 18, 91, 132, 85, 80, 109, 172, 176, 105, 13, 50, 235, 127, 0, 189, 95, 98, 136, 250, 200, 108, 179, 211, 214, 106, 168, 78, 79, 74, 210, 30, 73, 201, 151, 208, 114, 101, 174, 92, 52, 120, 240, 15, 169, 220, 182, 81, 224, 43, 185, 40, 99, 180, 17, 212, 158, 42, 90, 9, 191, 45, 6, 25, 4, 222, 67, 126, 1, 116, 124, 206, 69, 61, 7, 68, 97, 202, 63, 244, 20, 28, 58, 93, 134, 104, 144, 227, 147, 102, 118, 135, 148, 47, 238, 86, 112, 122, 70, 107, 215, 100, 139, 223, 225, 164, 237, 111, 125, 207, 160, 187, 246, 234, 161, 188, 193, 249, 252}
+	decTarget := []byte{151, 205, 99, 127, 201, 119, 199, 211, 122, 196, 91, 74, 12, 147, 124, 180, 21, 191, 138, 83, 217, 30, 86, 7, 70, 200, 56, 62, 218, 47, 168, 22, 107, 88, 63, 11, 95, 77, 28, 8, 188, 29, 194, 186, 38, 198, 33, 230, 98, 43, 148, 110, 177, 1, 109, 82, 61, 112, 219, 59, 0, 210, 35, 215, 50, 27, 103, 203, 212, 209, 235, 93, 84, 169, 166, 80, 130, 94, 164, 165, 142, 184, 111, 18, 2, 141, 232, 114, 6, 131, 195, 139, 176, 220, 5, 153, 135, 213, 154, 189, 238, 174, 226, 53, 222, 146, 162, 236, 158, 143, 55, 244, 233, 96, 173, 26, 206, 100, 227, 49, 178, 34, 234, 108, 207, 245, 204, 150, 44, 87, 121, 54, 140, 118, 221, 228, 155, 78, 3, 239, 101, 64, 102, 17, 223, 41, 137, 225, 229, 66, 116, 171, 125, 40, 39, 71, 134, 13, 193, 129, 247, 251, 20, 136, 242, 14, 36, 97, 163, 181, 72, 25, 144, 46, 175, 89, 145, 113, 90, 159, 190, 15, 183, 73, 123, 187, 128, 248, 252, 152, 24, 197, 68, 253, 52, 69, 117, 57, 92, 104, 157, 170, 214, 81, 60, 133, 208, 246, 172, 23, 167, 160, 192, 76, 161, 237, 45, 4, 58, 10, 182, 65, 202, 240, 185, 241, 79, 224, 132, 51, 42, 126, 105, 37, 250, 149, 32, 243, 231, 67, 179, 48, 9, 106, 216, 31, 249, 19, 85, 254, 156, 115, 255, 120, 75, 16}
+	enc, dec := newTableCipher("foobar!")
+	checkTable(t, enc, dec, encTarget, decTarget, "Error for password foobar!")
 }
 
 func TestEncryptTable2(t *testing.T) {
-	enc := []byte{124, 30, 170, 247, 27, 127, 224, 59, 13, 22, 196, 76, 72, 154, 32, 209, 4, 2, 131, 62, 101, 51, 230, 9, 166, 11, 99, 80, 208, 112, 36, 248, 81, 102, 130, 88, 218, 38, 168, 15, 241, 228, 167, 117, 158, 41, 10, 180, 194, 50, 204, 243, 246, 251, 29, 198, 219, 210, 195, 21, 54, 91, 203, 221, 70, 57, 183, 17, 147, 49, 133, 65, 77, 55, 202, 122, 162, 169, 188, 200, 190, 125, 63, 244, 96, 31, 107, 106, 74, 143, 116, 148, 78, 46, 1, 137, 150, 110, 181, 56, 95, 139, 58, 3, 231, 66, 165, 142, 242, 43, 192, 157, 89, 175, 109, 220, 128, 0, 178, 42, 255, 20, 214, 185, 83, 160, 253, 7, 23, 92, 111, 153, 26, 226, 33, 176, 144, 18, 216, 212, 28, 151, 71, 206, 222, 182, 8, 174, 205, 201, 152, 240, 155, 108, 223, 104, 239, 98, 164, 211, 184, 34, 193, 14, 114, 187, 40, 254, 12, 67, 93, 217, 6, 94, 16, 19, 82, 86, 245, 24, 197, 134, 132, 138, 229, 121, 5, 235, 238, 85, 47, 103, 113, 179, 69, 250, 45, 135, 156, 25, 61, 75, 44, 146, 189, 84, 207, 172, 119, 53, 123, 186, 120, 171, 68, 227, 145, 136, 100, 90, 48, 79, 159, 149, 39, 213, 236, 126, 52, 60, 225, 199, 105, 73, 233, 252, 118, 215, 35, 115, 64, 37, 97, 129, 161, 177, 87, 237, 141, 173, 191, 163, 140, 234, 232, 249}
-	dec := []byte{117, 94, 17, 103, 16, 186, 172, 127, 146, 23, 46, 25, 168, 8, 163, 39, 174, 67, 137, 175, 121, 59, 9, 128, 179, 199, 132, 4, 140, 54, 1, 85, 14, 134, 161, 238, 30, 241, 37, 224, 166, 45, 119, 109, 202, 196, 93, 190, 220, 69, 49, 21, 228, 209, 60, 73, 99, 65, 102, 7, 229, 200, 19, 82, 240, 71, 105, 169, 214, 194, 64, 142, 12, 233, 88, 201, 11, 72, 92, 221, 27, 32, 176, 124, 205, 189, 177, 246, 35, 112, 219, 61, 129, 170, 173, 100, 84, 242, 157, 26, 218, 20, 33, 191, 155, 232, 87, 86, 153, 114, 97, 130, 29, 192, 164, 239, 90, 43, 236, 208, 212, 185, 75, 210, 0, 81, 227, 5, 116, 243, 34, 18, 182, 70, 181, 197, 217, 95, 183, 101, 252, 248, 107, 89, 136, 216, 203, 68, 91, 223, 96, 141, 150, 131, 13, 152, 198, 111, 44, 222, 125, 244, 76, 251, 158, 106, 24, 42, 38, 77, 2, 213, 207, 249, 147, 113, 135, 245, 118, 193, 47, 98, 145, 66, 160, 123, 211, 165, 78, 204, 80, 250, 110, 162, 48, 58, 10, 180, 55, 231, 79, 149, 74, 62, 50, 148, 143, 206, 28, 15, 57, 159, 139, 225, 122, 237, 138, 171, 36, 56, 115, 63, 144, 154, 6, 230, 133, 215, 41, 184, 22, 104, 254, 234, 253, 187, 226, 247, 188, 156, 151, 40, 108, 51, 83, 178, 52, 3, 31, 255, 195, 53, 235, 126, 167, 120}
-	cipher, _ := NewCipher("", "barfoo!")
-	tbl, _ := cipher.(*TableCipher)
-	checkTable(t, tbl, enc, dec, "Error for password barfoo!")
+	encTarget := []byte{124, 30, 170, 247, 27, 127, 224, 59, 13, 22, 196, 76, 72, 154, 32, 209, 4, 2, 131, 62, 101, 51, 230, 9, 166, 11, 99, 80, 208, 112, 36, 248, 81, 102, 130, 88, 218, 38, 168, 15, 241, 228, 167, 117, 158, 41, 10, 180, 194, 50, 204, 243, 246, 251, 29, 198, 219, 210, 195, 21, 54, 91, 203, 221, 70, 57, 183, 17, 147, 49, 133, 65, 77, 55, 202, 122, 162, 169, 188, 200, 190, 125, 63, 244, 96, 31, 107, 106, 74, 143, 116, 148, 78, 46, 1, 137, 150, 110, 181, 56, 95, 139, 58, 3, 231, 66, 165, 142, 242, 43, 192, 157, 89, 175, 109, 220, 128, 0, 178, 42, 255, 20, 214, 185, 83, 160, 253, 7, 23, 92, 111, 153, 26, 226, 33, 176, 144, 18, 216, 212, 28, 151, 71, 206, 222, 182, 8, 174, 205, 201, 152, 240, 155, 108, 223, 104, 239, 98, 164, 211, 184, 34, 193, 14, 114, 187, 40, 254, 12, 67, 93, 217, 6, 94, 16, 19, 82, 86, 245, 24, 197, 134, 132, 138, 229, 121, 5, 235, 238, 85, 47, 103, 113, 179, 69, 250, 45, 135, 156, 25, 61, 75, 44, 146, 189, 84, 207, 172, 119, 53, 123, 186, 120, 171, 68, 227, 145, 136, 100, 90, 48, 79, 159, 149, 39, 213, 236, 126, 52, 60, 225, 199, 105, 73, 233, 252, 118, 215, 35, 115, 64, 37, 97, 129, 161, 177, 87, 237, 141, 173, 191, 163, 140, 234, 232, 249}
+	decTarget := []byte{117, 94, 17, 103, 16, 186, 172, 127, 146, 23, 46, 25, 168, 8, 163, 39, 174, 67, 137, 175, 121, 59, 9, 128, 179, 199, 132, 4, 140, 54, 1, 85, 14, 134, 161, 238, 30, 241, 37, 224, 166, 45, 119, 109, 202, 196, 93, 190, 220, 69, 49, 21, 228, 209, 60, 73, 99, 65, 102, 7, 229, 200, 19, 82, 240, 71, 105, 169, 214, 194, 64, 142, 12, 233, 88, 201, 11, 72, 92, 221, 27, 32, 176, 124, 205, 189, 177, 246, 35, 112, 219, 61, 129, 170, 173, 100, 84, 242, 157, 26, 218, 20, 33, 191, 155, 232, 87, 86, 153, 114, 97, 130, 29, 192, 164, 239, 90, 43, 236, 208, 212, 185, 75, 210, 0, 81, 227, 5, 116, 243, 34, 18, 182, 70, 181, 197, 217, 95, 183, 101, 252, 248, 107, 89, 136, 216, 203, 68, 91, 223, 96, 141, 150, 131, 13, 152, 198, 111, 44, 222, 125, 244, 76, 251, 158, 106, 24, 42, 38, 77, 2, 213, 207, 249, 147, 113, 135, 245, 118, 193, 47, 98, 145, 66, 160, 123, 211, 165, 78, 204, 80, 250, 110, 162, 48, 58, 10, 180, 55, 231, 79, 149, 74, 62, 50, 148, 143, 206, 28, 15, 57, 159, 139, 225, 122, 237, 138, 171, 36, 56, 115, 63, 144, 154, 6, 230, 133, 215, 41, 184, 22, 104, 254, 234, 253, 187, 226, 247, 188, 156, 151, 40, 108, 51, 83, 178, 52, 3, 31, 255, 195, 53, 235, 126, 167, 120}
+	enc, dec := newTableCipher("barfoo!")
+	checkTable(t, enc, dec, encTarget, decTarget, "Error for password barfoo!")
 }
 
 const text = "Don't tell me the moon is shining; show me the glint of light on broken glass."
 
-func testCiphter(t *testing.T, c Cipher, msg string) {
+func testCiphter(t *testing.T, c *Cipher, msg string) {
 	n := len(text)
 	cipherBuf := make([]byte, n)
 	originTxt := make([]byte, n)
@@ -52,7 +51,7 @@ func TestTableCipher(t *testing.T) {
 	if err != nil {
 		t.Error("Should not get error generating table cipher")
 	}
-	if _, ok := cipher.(*TableCipher); !ok {
+	if _, ok := cipher.enc.(tableCipher); !ok {
 		t.Error("Should get table cipher")
 	} else {
 		testCiphter(t, cipher, "TableCipher")
@@ -69,7 +68,7 @@ func TestRC4Cipher(t *testing.T) {
 	if err != nil {
 		t.Error("Should not error creating rc4 cipher with key Alibaba")
 	}
-	if _, ok := cipher.(*RC4Cipher); !ok {
+	if _, ok := cipher.enc.(*rc4.Cipher); !ok {
 		t.Error("Should get rc4 cipher")
 	} else {
 		testCiphter(t, cipher, "RC4Cipher")