projects / u / mdw / catacomb / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add an internal-representation no-op function.
[u/mdw/catacomb] / ofb-def.h
1 /* -*-c-*-
2 *
3 * $Id: ofb-def.h,v 1.4 2001/04/03 19:36:36 mdw Exp $
4 *
5 * Definitions for output feedback mode
6 *
7 * (c) 1999 Straylight/Edgeware
8 */
9
10 /*----- Licensing notice --------------------------------------------------*
11 *
12 * This file is part of Catacomb.
13 *
14 * Catacomb is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU Library General Public License as
16 * published by the Free Software Foundation; either version 2 of the
17 * License, or (at your option) any later version.
18 *
19 * Catacomb is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU Library General Public License for more details.
23 *
24 * You should have received a copy of the GNU Library General Public
25 * License along with Catacomb; if not, write to the Free
26 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
27 * MA 02111-1307, USA.
28 */
29
30 /*----- Revision history --------------------------------------------------*
31 *
32 * $Log: ofb-def.h,v $
33 * Revision 1.4 2001/04/03 19:36:36 mdw
34 * Don't use @va_arg@ as an argument to @STORE32@!
35 *
36 * Revision 1.3 2000/06/17 11:48:02 mdw
37 * Use secure arena for memory allocation. Rearrange setiv slightly.
38 *
39 * Revision 1.2 1999/12/13 15:34:01 mdw
40 * Add support for seeding from a generic pseudorandom source.
41 *
42 * Revision 1.1 1999/12/10 23:16:40 mdw
43 * Split mode macros into interface and implementation.
44 *
45 */
46
47 #ifndef CATACOMB_OFB_DEF_H
48 #define CATACOMB_OFB_DEF_H
49
50 #ifdef __cplusplus
51 extern "C" {
52 #endif
53
54 /*----- Header files ------------------------------------------------------*/
55
56 #include <stdarg.h>
57 #include <string.h>
58
59 #include <mLib/bits.h>
60 #include <mLib/sub.h>
61
62 #ifndef CATACOMB_ARENA_H
63 # include "arena.h"
64 #endif
65
66 #ifndef CATACOMB_BLKC_H
67 # include "blkc.h"
68 #endif
69
70 #ifndef CATACOMB_GCIPHER_H
71 # include "gcipher.h"
72 #endif
73
74 #ifndef CATACOMB_PARANOIA_H
75 # include "paranoia.h"
76 #endif
77
78 /*----- Macros ------------------------------------------------------------*/
79
80 /* --- @OFB_DEF@ --- *
81 *
82 * Arguments: @PRE@, @pre@ = prefixes for the underlying block cipher
83 *
84 * Use: Creates definitions for output feedback mode.
85 */
86
87 #define OFB_DEF(PRE, pre) \
88 \
89 /* --- @pre_ofbgetiv@ --- * \
90 * \
91 * Arguments: @const pre_ofbctx *ctx@ = pointer to OFB context block \
92 * @void *iv#@ = pointer to output data block \
93 * \
94 * Returns: --- \
95 * \
96 * Use: Reads the currently set IV. Reading and setting an IV \
97 * is not transparent to the cipher. It will add a `step' \
98 * which must be matched by a similar operation during \
99 * decryption. \
100 */ \
101 \
102 void pre##_ofbgetiv(const pre##_ofbctx *ctx, void *iv) \
103 { \
104 octet *p = iv; \
105 unsigned off = ctx->off; \
106 unsigned rest = PRE##_BLKSZ - off; \
107 memcpy(p, ctx->iv + off, rest); \
108 memcpy(p + rest, ctx->iv, off); \
109 } \
110 \
111 /* --- @pre_ofbsetiv@ --- * \
112 * \
113 * Arguments: @pre_ofbctx *ctx@ = pointer to OFB context block \
114 * @cnost void *iv@ = pointer to IV to set \
115 * \
116 * Returns: --- \
117 * \
118 * Use: Sets the IV to use for subsequent encryption. \
119 */ \
120 \
121 void pre##_ofbsetiv(pre##_ofbctx *ctx, const void *iv) \
122 { \
123 memcpy(ctx->iv, iv, PRE##_BLKSZ); \
124 ctx->off = PRE##_BLKSZ; \
125 } \
126 \
127 /* --- @pre_ofbbdry@ --- * \
128 * \
129 * Arguments: @pre_ofbctx *ctx@ = pointer to OFB context block \
130 * \
131 * Returns: --- \
132 * \
133 * Use: Inserts a boundary during encryption. Successful \
134 * decryption must place a similar boundary. \
135 */ \
136 \
137 void pre##_ofbbdry(pre##_ofbctx *ctx) \
138 { \
139 uint32 niv[PRE##_BLKSZ / 4]; \
140 BLKC_LOAD(PRE, niv, ctx->iv); \
141 pre##_eblk(&ctx->ctx, niv, niv); \
142 BLKC_STORE(PRE, ctx->iv, niv); \
143 ctx->off = PRE##_BLKSZ; \
144 BURN(niv); \
145 } \
146 \
147 /* --- @pre_ofbsetkey@ --- * \
148 * \
149 * Arguments: @pre_ofbctx *ctx@ = pointer to OFB context block \
150 * @const pre_ctx *k@ = pointer to cipher context \
151 * \
152 * Returns: --- \
153 * \
154 * Use: Sets the OFB context to use a different cipher key. \
155 */ \
156 \
157 void pre##_ofbsetkey(pre##_ofbctx *ctx, const pre##_ctx *k) \
158 { \
159 ctx->ctx = *k; \
160 } \
161 \
162 /* --- @pre_ofbinit@ --- * \
163 * \
164 * Arguments: @pre_ofbctx *ctx@ = pointer to cipher context \
165 * @const void *key@ = pointer to the key buffer \
166 * @size_t sz@ = size of the key \
167 * @const void *iv@ = pointer to initialization vector \
168 * \
169 * Returns: --- \
170 * \
171 * Use: Initializes a OFB context ready for use. You should \
172 * ensure that the IV chosen is unique: reusing an IV will \
173 * compromise the security of the entire plaintext. This \
174 * is equivalent to calls to @pre_init@, @pre_ofbsetkey@ \
175 * and @pre_ofbsetiv@. \
176 */ \
177 \
178 void pre##_ofbinit(pre##_ofbctx *ctx, \
179 const void *key, size_t sz, \
180 const void *iv) \
181 { \
182 static octet zero[PRE##_BLKSZ] = { 0 }; \
183 pre##_init(&ctx->ctx, key, sz); \
184 pre##_ofbsetiv(ctx, iv ? iv : zero); \
185 } \
186 \
187 /* --- @pre_ofbencrypt@ --- * \
188 * \
189 * Arguments: @pre_ofbctx *ctx@ = pointer to OFB context block \
190 * @const void *src@ = pointer to source data \
191 * @void *dest@ = pointer to destination data \
192 * @size_t sz@ = size of block to be encrypted \
193 * \
194 * Returns: --- \
195 * \
196 * Use: Encrypts or decrypts a block with a block cipher in OFB \
197 * mode: encryption and decryption are the same in OFB. \
198 * The destination may be null to just churn the feedback \
199 * round for a bit. The source may be null to use the \
200 * cipher as a random data generator. \
201 */ \
202 \
203 void pre##_ofbencrypt(pre##_ofbctx *ctx, \
204 const void *src, void *dest, \
205 size_t sz) \
206 { \
207 const octet *s = src; \
208 octet *d = dest; \
209 unsigned off = ctx->off; \
210 \
211 /* --- Empty blocks are trivial --- */ \
212 \
213 if (!sz) \
214 return; \
215 \
216 /* --- If I can deal with the block from my buffer, do that --- */ \
217 \
218 if (sz < PRE##_BLKSZ - off) \
219 goto small; \
220 \
221 /* --- Finish off what's left in my buffer --- */ \
222 \
223 if (!d) \
224 sz -= PRE##_BLKSZ - off; \
225 else { \
226 while (off < PRE##_BLKSZ) { \
227 register octet x = s ? *s++ : 0; \
228 *d++ = ctx->iv[off++] ^ x; \
229 sz--; \
230 } \
231 } \
232 \
233 /* --- Main encryption loop --- */ \
234 \
235 { \
236 uint32 iv[PRE##_BLKSZ / 4]; \
237 BLKC_LOAD(PRE, iv, ctx->iv); \
238 \
239 for (;;) { \
240 pre##_eblk(&ctx->ctx, iv, iv); \
241 if (sz < PRE##_BLKSZ) \
242 break; \
243 if (d) { \
244 if (!s) \
245 BLKC_STORE(PRE, d, iv); \
246 else { \
247 uint32 x[PRE##_BLKSZ / 4]; \
248 BLKC_LOAD(PRE, x, s); \
249 BLKC_XSTORE(PRE, d, iv, x); \
250 s += PRE##_BLKSZ; \
251 } \
252 d += PRE##_BLKSZ; \
253 } \
254 sz -= PRE##_BLKSZ; \
255 } \
256 \
257 BLKC_STORE(PRE, ctx->iv, iv); \
258 off = 0; \
259 } \
260 \
261 /* --- Tidying up the tail end --- */ \
262 \
263 if (sz) { \
264 small: \
265 if (!d) \
266 off += sz; \
267 else do { \
268 register octet x = s ? *s++ : 0; \
269 *d++ = ctx->iv[off++] ^ x; \
270 sz--; \
271 } while (sz); \
272 } \
273 \
274 /* --- Done --- */ \
275 \
276 ctx->off = off; \
277 return; \
278 } \
279 \
280 /* --- Generic cipher interface --- */ \
281 \
282 static const gcipher_ops gops; \
283 \
284 typedef struct gctx { \
285 gcipher c; \
286 pre##_ofbctx k; \
287 } gctx; \
288 \
289 static gcipher *ginit(const void *k, size_t sz) \
290 { \
291 gctx *g = S_CREATE(gctx); \
292 g->c.ops = &gops; \
293 pre##_ofbinit(&g->k, k, sz, 0); \
294 return (&g->c); \
295 } \
296 \
297 static void gencrypt(gcipher *c, const void *s, void *t, size_t sz) \
298 { \
299 gctx *g = (gctx *)c; \
300 pre##_ofbencrypt(&g->k, s, t, sz); \
301 } \
302 \
303 static void gdestroy(gcipher *c) \
304 { \
305 gctx *g = (gctx *)c; \
306 BURN(*g); \
307 S_DESTROY(g); \
308 } \
309 \
310 static void gsetiv(gcipher *c, const void *iv) \
311 { \
312 gctx *g = (gctx *)c; \
313 pre##_ofbsetiv(&g->k, iv); \
314 } \
315 \
316 static void gbdry(gcipher *c) \
317 { \
318 gctx *g = (gctx *)c; \
319 pre##_ofbbdry(&g->k); \
320 } \
321 \
322 static const gcipher_ops gops = { \
323 &pre##_ofb, \
324 gencrypt, gencrypt, gdestroy, gsetiv, gbdry \
325 }; \
326 \
327 const gccipher pre##_ofb = { \
328 #pre "-ofb", pre##_keysz, PRE##_BLKSZ, \
329 ginit \
330 }; \
331 \
332 /* --- Generic random number generator interface --- */ \
333 \
334 typedef struct grctx { \
335 grand r; \
336 pre##_ofbctx k; \
337 } grctx; \
338 \
339 static void grdestroy(grand *r) \
340 { \
341 grctx *g = (grctx *)r; \
342 BURN(*g); \
343 S_DESTROY(g); \
344 } \
345 \
346 static int grmisc(grand *r, unsigned op, ...) \
347 { \
348 grctx *g = (grctx *)r; \
349 va_list ap; \
350 int rc = 0; \
351 uint32 i; \
352 octet buf[PRE##_BLKSZ]; \
353 va_start(ap, op); \
354 \
355 switch (op) { \
356 case GRAND_CHECK: \
357 switch (va_arg(ap, unsigned)) { \
358 case GRAND_CHECK: \
359 case GRAND_SEEDINT: \
360 case GRAND_SEEDUINT32: \
361 case GRAND_SEEDBLOCK: \
362 case GRAND_SEEDRAND: \
363 rc = 1; \
364 break; \
365 default: \
366 rc = 0; \
367 break; \
368 } \
369 break; \
370 case GRAND_SEEDINT: \
371 memset(buf, 0, sizeof(buf)); \
372 i = va_arg(ap, unsigned); \
373 STORE32(buf, i); \
374 pre##_ofbsetiv(&g->k, buf); \
375 break; \
376 case GRAND_SEEDUINT32: \
377 memset(buf, 0, sizeof(buf)); \
378 i = va_arg(ap, uint32); \
379 STORE32(buf, i); \
380 pre##_ofbsetiv(&g->k, buf); \
381 break; \
382 case GRAND_SEEDBLOCK: { \
383 const void *p = va_arg(ap, const void *); \
384 size_t sz = va_arg(ap, size_t); \
385 if (sz < sizeof(buf)) { \
386 memset(buf, 0, sizeof(buf)); \
387 memcpy(buf, p, sz); \
388 p = buf; \
389 } \
390 pre##_ofbsetiv(&g->k, p); \
391 } break; \
392 case GRAND_SEEDRAND: { \
393 grand *rr = va_arg(ap, grand *); \
394 rr->ops->fill(rr, buf, sizeof(buf)); \
395 pre##_ofbsetiv(&g->k, buf); \
396 } break; \
397 default: \
398 GRAND_BADOP; \
399 break; \
400 } \
401 \
402 va_end(ap); \
403 return (rc); \
404 } \
405 \
406 static octet grbyte(grand *r) \
407 { \
408 grctx *g = (grctx *)r; \
409 octet o; \
410 pre##_ofbencrypt(&g->k, 0, &o, 1); \
411 return (o); \
412 } \
413 \
414 static uint32 grword(grand *r) \
415 { \
416 grctx *g = (grctx *)r; \
417 octet b[4]; \
418 pre##_ofbencrypt(&g->k, 0, b, sizeof(b)); \
419 return (LOAD32(b)); \
420 } \
421 \
422 static void grfill(grand *r, void *p, size_t sz) \
423 { \
424 grctx *g = (grctx *)r; \
425 pre##_ofbencrypt(&g->k, 0, p, sz); \
426 } \
427 \
428 static const grand_ops grops = { \
429 #pre "-ofb", \
430 GRAND_CRYPTO, 0, \
431 grmisc, grdestroy, \
432 grword, grbyte, grword, grand_range, grfill \
433 }; \
434 \
435 /* --- @pre_ofbrand@ --- * \
436 * \
437 * Arguments: @const void *k@ = pointer to key material \
438 * @size_t sz@ = size of key material \
439 * \
440 * Returns: Pointer to generic random number generator interface. \
441 * \
442 * Use: Creates a random number interface wrapper around an \
443 * OFB-mode block cipher. \
444 */ \
445 \
446 grand *pre##_ofbrand(const void *k, size_t sz) \
447 { \
448 grctx *g = S_CREATE(grctx); \
449 g->r.ops = &grops; \
450 pre##_ofbinit(&g->k, k, sz, 0); \
451 return (&g->r); \
452 } \
453 \
454 OFB_TEST(PRE, pre)
455
456 /*----- Test rig ----------------------------------------------------------*/
457
458 #ifdef TEST_RIG
459
460 #include <stdio.h>
461
462 #include "daftstory.h"
463
464 /* --- @OFB_TEST@ --- *
465 *
466 * Arguments: @PRE@, @pre@ = prefixes for block cipher definitions
467 *
468 * Use: Standard test rig for OFB functions.
469 */
470
471 #define OFB_TEST(PRE, pre) \
472 \
473 /* --- Initial plaintext for the test --- */ \
474 \
475 static const octet text[] = TEXT; \
476 \
477 /* --- Key and IV to use --- */ \
478 \
479 static const octet key[] = KEY; \
480 static const octet iv[] = IV; \
481 \
482 /* --- Buffers for encryption and decryption output --- */ \
483 \
484 static octet ct[sizeof(text)]; \
485 static octet pt[sizeof(text)]; \
486 \
487 static void hexdump(const octet *p, size_t sz) \
488 { \
489 const octet *q = p + sz; \
490 for (sz = 0; p < q; p++, sz++) { \
491 printf("%02x", *p); \
492 if ((sz + 1) % PRE##_BLKSZ == 0) \
493 putchar(':'); \
494 } \
495 } \
496 \
497 int main(void) \
498 { \
499 size_t sz = 0, rest; \
500 pre##_ofbctx ctx; \
501 int status = 0; \
502 int done = 0; \
503 pre##_ctx k; \
504 \
505 size_t keysz = PRE##_KEYSZ ? \
506 PRE##_KEYSZ : strlen((const char *)key); \
507 \
508 fputs(#pre "-ofb: ", stdout); \
509 \
510 pre##_init(&k, key, keysz); \
511 pre##_ofbsetkey(&ctx, &k); \
512 \
513 while (sz <= sizeof(text)) { \
514 rest = sizeof(text) - sz; \
515 memcpy(ct, text, sizeof(text)); \
516 pre##_ofbsetiv(&ctx, iv); \
517 pre##_ofbencrypt(&ctx, ct, ct, sz); \
518 pre##_ofbencrypt(&ctx, ct + sz, ct + sz, rest); \
519 memcpy(pt, ct, sizeof(text)); \
520 pre##_ofbsetiv(&ctx, iv); \
521 pre##_ofbencrypt(&ctx, pt, pt, rest); \
522 pre##_ofbencrypt(&ctx, pt + rest, pt + rest, sz); \
523 if (memcmp(pt, text, sizeof(text)) == 0) { \
524 done++; \
525 if (sizeof(text) < 40 || done % 8 == 0) \
526 fputc('.', stdout); \
527 if (done % 480 == 0) \
528 fputs("\n\t", stdout); \
529 fflush(stdout); \
530 } else { \
531 printf("\nError (sz = %lu)\n", (unsigned long)sz); \
532 status = 1; \
533 printf("\tplaintext = "); hexdump(text, sz); \
534 printf(", "); hexdump(text + sz, rest); \
535 fputc('\n', stdout); \
536 printf("\tciphertext = "); hexdump(ct, sz); \
537 printf(", "); hexdump(ct + sz, rest); \
538 fputc('\n', stdout); \
539 printf("\trecovered text = "); hexdump(pt, sz); \
540 printf(", "); hexdump(pt + sz, rest); \
541 fputc('\n', stdout); \
542 fputc('\n', stdout); \
543 } \
544 if (sz < 63) \
545 sz++; \
546 else \
547 sz += 9; \
548 } \
549 \
550 fputs(status ? " failed\n" : " ok\n", stdout); \
551 return (status); \
552 }
553
554 #else
555 # define OFB_TEST(PRE, pre)
556 #endif
557
558 /*----- That's all, folks -------------------------------------------------*/
559
560 #ifdef __cplusplus
561 }
562 #endif
563
564 #endif
Catacomb cryptographic library (downstream of http://git.distorted.org.uk/~mdw/catacomb/)