[catacomb] / symm / cfb-def.h

/* -*-c-*-
 *
 * Definitions for ciphertext feedback mode
 *
 * (c) 1999 Straylight/Edgeware
 */

/*----- Licensing notice --------------------------------------------------*
 *
 * This file is part of Catacomb.
 *
 * Catacomb is free software; you can redistribute it and/or modify
 * it under the terms of the GNU Library General Public License as
 * published by the Free Software Foundation; either version 2 of the
 * License, or (at your option) any later version.
 *
 * Catacomb is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Library General Public License for more details.
 *
 * You should have received a copy of the GNU Library General Public
 * License along with Catacomb; if not, write to the Free
 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
 * MA 02111-1307, USA.
 */

#ifndef CATACOMB_CFB_DEF_H
#define CATACOMB_CFB_DEF_H

#ifdef __cplusplus
  extern "C" {
#endif

/*----- Header files ------------------------------------------------------*/

#include <string.h>

#include <mLib/bits.h>
#include <mLib/sub.h>

#ifndef CATACOMB_ARENA_H
#  include "arena.h"
#endif

#ifndef CATACOMB_BLKC_H
#  include "blkc.h"
#endif

#ifndef CATACOMB_GCIPHER_H
#  include "gcipher.h"
#endif

#ifndef CATACOMB_PARANOIA_H
#  include "paranoia.h"
#endif

#ifndef CATACOMB_PARANOIA_H
#  include "paranoia.h"
#endif

/*----- Macros ------------------------------------------------------------*/

/* --- @CFB_DEF@ --- *
 *
 * Arguments:	@PRE@, @pre@ = prefixes for the underlying block cipher
 *
 * Use:		Creates an implementation for CFB mode.
 */

#define CFB_DEF(PRE, pre) CFB_DEFX(PRE, pre, #pre, #pre)

#define CFB_DEFX(PRE, pre, name, fname)					\
									\
/* --- @pre_cfbgetiv@ --- *						\
 *									\
 * Arguments:	@const pre_cfbctx *ctx@ = pointer to CFB context block	\
 *		@void *iv@ = pointer to output data block		\
 *									\
 * Returns:	---							\
 *									\
 * Use:		Reads the currently set IV.  Reading and setting an IV	\
 *		is not transparent to the cipher.  It will add a `step'	\
 *		which must be matched by a similar operation during	\
 *		decryption.						\
 */									\
									\
void pre##_cfbgetiv(const pre##_cfbctx *ctx, void *iv)			\
{									\
  octet *p = iv;							\
  unsigned off = ctx->off;						\
  unsigned rest = PRE##_BLKSZ - off;					\
									\
  memcpy(p, ctx->b + off, rest);					\
  memcpy(p + rest, ctx->b, off);					\
}									\
									\
/* --- @pre_cfbsetiv@ --- *						\
 *									\
 * Arguments:	@pre_cfbctx *ctx@ = pointer to CFB context block	\
 *		@cnost void *iv@ = pointer to IV to set			\
 *									\
 * Returns:	---							\
 *									\
 * Use:		Sets the IV to use for subsequent encryption.		\
 */									\
									\
void pre##_cfbsetiv(pre##_cfbctx *ctx, const void *iv)			\
  { memcpy(ctx->b, iv, PRE##_BLKSZ); ctx->off = PRE##_BLKSZ; }		\
									\
/* --- @pre_cfbbdry@ --- *						\
 *									\
 * Arguments:	@pre_cfbctx *ctx@ = pointer to CFB context block	\
 *									\
 * Returns:	---							\
 *									\
 * Use:		Inserts a boundary during encryption.  Successful	\
 *		decryption must place a similar boundary.		\
 */									\
									\
void pre##_cfbbdry(pre##_cfbctx *ctx)					\
{									\
  uint32 t[PRE##_BLKSZ/4];						\
									\
  BLKC_LOAD(PRE, t, ctx->b);						\
  pre##_eblk(&ctx->ctx, t, t);						\
  BLKC_STORE(PRE, ctx->b, t);						\
  ctx->off = PRE##_BLKSZ;						\
  BURN(t);								\
}									\
									\
/* --- @pre_cfbsetkey@ --- *						\
 *									\
 * Arguments:	@pre_cfbctx *ctx@ = pointer to CFB context block	\
 *		@const pre_ctx *k@ = pointer to cipher context		\
 *									\
 * Returns:	---							\
 *									\
 * Use:		Sets the CFB context to use a different cipher key.	\
 */									\
									\
void pre##_cfbsetkey(pre##_cfbctx *ctx, const pre##_ctx *k)		\
  { ctx->ctx = *k; ctx->off = PRE##_BLKSZ; }				\
									\
/* --- @pre_cfbinit@ --- *						\
 *									\
 * Arguments:	@pre_cfbctx *ctx@ = pointer to cipher context		\
 *		@const void *key@ = pointer to the key buffer		\
 *		@size_t sz@ = size of the key				\
 *		@const void *iv@ = pointer to initialization vector	\
 *									\
 * Returns:	---							\
 *									\
 * Use:		Initializes a CFB context ready for use.  You should	\
 *		ensure that the IV chosen is unique: reusing an IV will	\
 *		compromise the security of at least the first block	\
 *		encrypted.  This is equivalent to calls to @pre_init@,	\
 *		@pre_cfbsetkey@ and @pre_cfbsetiv@.			\
 */									\
									\
void pre##_cfbinit(pre##_cfbctx *ctx,					\
		   const void *key, size_t sz,				\
		   const void *iv)					\
{									\
  static const octet zero[PRE##_BLKSZ] = { 0 };				\
									\
  pre##_init(&ctx->ctx, key, sz);					\
  pre##_cfbsetiv(ctx, iv ? iv : zero);					\
}									\
									\
/* --- @pre_cfbencrypt@ --- *						\
 *									\
 * Arguments:	@pre_cfbctx *ctx@ = pointer to CFB context block	\
 *		@const void *src@ = pointer to source data		\
 *		@void *dest@ = pointer to destination data		\
 *		@size_t sz@ = size of block to be encrypted		\
 *									\
 * Returns:	---							\
 *									\
 * Use:		Encrypts a block with a block cipher in CFB mode.  The	\
 *		input block may be arbitrary in size.  CFB mode is not	\
 *		sensitive to block boundaries.				\
 */									\
									\
void pre##_cfbencrypt(pre##_cfbctx *ctx,				\
		      const void *src, void *dest,			\
		      size_t sz)					\
{									\
  const octet *s = src;							\
  octet *d = dest;							\
  unsigned off = ctx->off;						\
  uint32 t[PRE##_BLKSZ/4];						\
  octet y;								\
									\
  /* --- Empty blocks are trivial --- */				\
									\
  if (!sz) return;							\
									\
  /* --- If I can deal with the block from my buffer, do that --- */	\
									\
  if (sz < PRE##_BLKSZ - off) goto small;				\
									\
  /* --- Finish off what's left in my buffer --- */			\
									\
  while (off < PRE##_BLKSZ) {						\
    y = s ? *s++ : 0;							\
    ctx->b[off] ^= y;							\
    if (d) *d++ = ctx->b[off];						\
    off++; sz--;							\
  }									\
									\
  /* --- Main encryption loop --- */					\
									\
  BLKC_LOAD(PRE, t, ctx->b);						\
									\
  for (;;) {								\
    pre##_eblk(&ctx->ctx, t, t);					\
    if (sz < PRE##_BLKSZ) break;					\
    if (s) { BLKC_XLOAD(PRE, t, s); s += PRE##_BLKSZ; }			\
    if (d) { BLKC_STORE(PRE, d, t); d += PRE##_BLKSZ; }			\
    sz -= PRE##_BLKSZ;							\
  }									\
									\
  BLKC_STORE(PRE, ctx->b, t);						\
  off = 0;								\
									\
  /* --- Tidying up the tail end --- */					\
									\
  if (sz) {								\
  small:								\
    do {								\
      y = s ? *s++ : 0;							\
      ctx->b[off] ^= y;							\
      if (d) *d++ = ctx->b[off];					\
      off++; sz--;							\
    } while (sz);							\
  }									\
									\
  /* --- Done --- */							\
									\
  ctx->off = off;							\
  return;								\
}									\
									\
/* --- @pre_cfbdecrypt@ --- *						\
 *									\
 * Arguments:	@pre_cfbctx *ctx@ = pointer to CFB context block	\
 *		@const void *src@ = pointer to source data		\
 *		@void *dest@ = pointer to destination data		\
 *		@size_t sz@ = size of block to be encrypted		\
 *									\
 * Returns:	---							\
 *									\
 * Use:		Decrypts a block with a block cipher in CFB mode.  The	\
 *		input block may be arbitrary in size.  CFB mode is not	\
 *		sensitive to block boundaries.				\
 */									\
									\
void pre##_cfbdecrypt(pre##_cfbctx *ctx,				\
		      const void *src, void *dest,			\
		      size_t sz)					\
{									\
  const octet *s = src;							\
  octet *d = dest;							\
  unsigned off = ctx->off;						\
  uint32 t[PRE##_BLKSZ/4], u[PRE##_BLKSZ/4];				\
  octet y;								\
									\
  /* --- Empty blocks are trivial --- */				\
									\
  if (!sz) return;							\
									\
  /* --- If I can deal with the block from my buffer, do that --- */	\
									\
  if (sz < PRE##_BLKSZ - off) goto small;				\
									\
  /* --- Finish off what's left in my buffer --- */			\
									\
  while (off < PRE##_BLKSZ)						\
    { y = *s++; *d++ = ctx->b[off] ^ y; ctx->b[off++] = y; sz--; }	\
									\
  /* --- Main encryption loop --- */					\
									\
  BLKC_LOAD(PRE, t, ctx->b);						\
									\
  for (;;) {								\
    pre##_eblk(&ctx->ctx, t, t);					\
    if (sz < PRE##_BLKSZ) break;					\
    BLKC_LOAD(PRE, u, s); s += PRE##_BLKSZ;				\
    BLKC_XSTORE(PRE, d, t, u); d += PRE##_BLKSZ;			\
    BLKC_MOVE(PRE, t, u);						\
    sz -= PRE##_BLKSZ;							\
  }									\
									\
  BLKC_STORE(PRE, ctx->b, t);						\
  off = 0;								\
									\
  /* --- Tidying up the tail end --- */					\
									\
  if (sz) {								\
  small:								\
    do { y = *s++; *d++ = ctx->b[off] ^ y; ctx->b[off++] = y; sz--; }	\
    while (sz);								\
  }									\
									\
  /* --- Done --- */							\
									\
  ctx->off = off;							\
  return;								\
}									\
									\
/* --- Generic cipher interface --- */					\
									\
static const gcipher_ops gops;						\
									\
typedef struct gctx {							\
  gcipher c;								\
  pre##_cfbctx k;							\
} gctx;									\
									\
static gcipher *ginit(const void *k, size_t sz)				\
{									\
  gctx *g = S_CREATE(gctx);						\
  g->c.ops = &gops;							\
  pre##_cfbinit(&g->k, k, sz, 0);					\
  return (&g->c);							\
}									\
									\
static void gencrypt(gcipher *c, const void *s, void *t, size_t sz)	\
  { gctx *g = (gctx *)c; pre##_cfbencrypt(&g->k, s, t, sz); }		\
									\
static void gdecrypt(gcipher *c, const void *s, void *t, size_t sz)	\
  { gctx *g = (gctx *)c; pre##_cfbdecrypt(&g->k, s, t, sz); }		\
									\
static void gdestroy(gcipher *c)					\
  { gctx *g = (gctx *)c; BURN(*g); S_DESTROY(g); }			\
									\
static void gsetiv(gcipher *c, const void *iv)				\
  { gctx *g = (gctx *)c; pre##_cfbsetiv(&g->k, iv); }			\
									\
static void gbdry(gcipher *c)						\
  { gctx *g = (gctx *)c; pre##_cfbbdry(&g->k); }			\
									\
static const gcipher_ops gops = {					\
  &pre##_cfb,								\
  gencrypt, gdecrypt, gdestroy, gsetiv, gbdry				\
};									\
									\
const gccipher pre##_cfb = {						\
  name "-cfb", pre##_keysz, PRE##_BLKSZ,				\
  ginit									\
};									\
									\
CFB_TESTX(PRE, pre, name, fname)

/*----- Test rig ----------------------------------------------------------*/

#define CFB_TEST(PRE, pre) CFB_TESTX(PRE, pre, #pre, #pre)

#ifdef TEST_RIG

#include "modes-test.h"

/* --- @CFB_TEST@ --- *
 *
 * Arguments:	@PRE@, @pre@ = prefixes for block cipher definitions
 *
 * Use:		Standard test rig for CFB functions.
 */

#define CFB_TESTX(PRE, pre, name, fname)				\
									\
static pre##_ctx key;							\
static pre##_cfbctx ctx;						\
									\
static void pre##_cfb_test_setup(const octet *k, size_t ksz)		\
  { pre##_init(&key, k, ksz); pre##_cfbsetkey(&ctx, &key); }		\
									\
static void pre##_cfb_test_reset(const octet *iv)			\
  { pre##_cfbsetiv(&ctx, iv); }						\
									\
static void pre##_cfb_test_enc(const octet *s, octet *d, size_t sz)	\
  { pre##_cfbencrypt(&ctx, s, d, sz); }					\
									\
static void pre##_cfb_test_dec(const octet *s, octet *d, size_t sz)	\
  { pre##_cfbdecrypt(&ctx, s, d, sz); }					\
									\
int main(int argc, char *argv[])					\
{									\
  return test_encmode(fname "-cfb", PRE##_KEYSZ, PRE##_BLKSZ, 1, 0,	\
		      pre##_cfb_test_setup, pre##_cfb_test_reset,	\
		      pre##_cfb_test_enc, pre##_cfb_test_dec,		\
		      argc, argv);					\
}

#else
#  define CFB_TESTX(PRE, pre, name, fname)
#endif

/*----- That's all, folks -------------------------------------------------*/

#ifdef __cplusplus
  }
#endif

#endif
Commit	Line	Data
79ba130c	1	/* --c--
79ba130c	2	*
79ba130c	3	* Definitions for ciphertext feedback mode
	4	*
	5	* (c) 1999 Straylight/Edgeware
	6	*/
	7
45c0fd36	8	/----- Licensing notice --------------------------------------------------
79ba130c	9	*
	10	* This file is part of Catacomb.
	11	*
	12	* Catacomb is free software; you can redistribute it and/or modify
	13	* it under the terms of the GNU Library General Public License as
	14	* published by the Free Software Foundation; either version 2 of the
	15	* License, or (at your option) any later version.
45c0fd36	16	*
79ba130c	17	* Catacomb is distributed in the hope that it will be useful,
	18	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	19	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	20	* GNU Library General Public License for more details.
45c0fd36	21	*
79ba130c	22	* You should have received a copy of the GNU Library General Public
	23	* License along with Catacomb; if not, write to the Free
	24	* Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
	25	* MA 02111-1307, USA.
	26	*/
	27
79ba130c	28	#ifndef CATACOMB_CFB_DEF_H
	29	#define CATACOMB_CFB_DEF_H
	30
	31	#ifdef __cplusplus
	32	extern "C" {
	33	#endif
	34
	35	/----- Header files ------------------------------------------------------/
	36
	37	#include <string.h>
	38
	39	#include <mLib/bits.h>
	40	#include <mLib/sub.h>
	41
426aab6b	42	#ifndef CATACOMB_ARENA_H
	43	# include "arena.h"
	44	#endif
	45
79ba130c	46	#ifndef CATACOMB_BLKC_H
	47	# include "blkc.h"
	48	#endif
	49
	50	#ifndef CATACOMB_GCIPHER_H
	51	# include "gcipher.h"
	52	#endif
	53
	54	#ifndef CATACOMB_PARANOIA_H
	55	# include "paranoia.h"
	56	#endif
	57
426aab6b	58	#ifndef CATACOMB_PARANOIA_H
	59	# include "paranoia.h"
	60	#endif
	61
79ba130c	62	/----- Macros ------------------------------------------------------------/
	63
	64	/* --- @CFB_DEF@ --- *
	65	*
	66	* Arguments: @PRE@, @pre@ = prefixes for the underlying block cipher
	67	*
	68	* Use: Creates an implementation for CFB mode.
	69	*/
	70
aaae9cab MW	71	#define CFB_DEF(PRE, pre) CFB_DEFX(PRE, pre, #pre, #pre)
	72
	73	#define CFB_DEFX(PRE, pre, name, fname) \
79ba130c	74	\
	75	/* --- @pre_cfbgetiv@ --- * \
	76	* \
	77	* Arguments: @const pre_cfbctx *ctx@ = pointer to CFB context block \
4efe32ba	78	* @void *iv@ = pointer to output data block \
79ba130c	79	* \
	80	* Returns: --- \
	81	* \
	82	* Use: Reads the currently set IV. Reading and setting an IV \
	83	* is not transparent to the cipher. It will add a `step' \
	84	* which must be matched by a similar operation during \
	85	* decryption. \
	86	*/ \
	87	\
	88	void pre##_cfbgetiv(const pre##_cfbctx ctx, void iv) \
	89	{ \
	90	octet *p = iv; \
426aab6b	91	unsigned off = ctx->off; \
426aab6b	92	unsigned rest = PRE##_BLKSZ - off; \
0fee61eb MW	93	\
	94	memcpy(p, ctx->b + off, rest); \
	95	memcpy(p + rest, ctx->b, off); \
79ba130c	96	} \
	97	\
	98	/* --- @pre_cfbsetiv@ --- * \
	99	* \
	100	* Arguments: @pre_cfbctx *ctx@ = pointer to CFB context block \
	101	* @cnost void *iv@ = pointer to IV to set \
	102	* \
	103	* Returns: --- \
	104	* \
	105	* Use: Sets the IV to use for subsequent encryption. \
	106	*/ \
	107	\
	108	void pre##_cfbsetiv(pre##_cfbctx ctx, const void iv) \
0fee61eb	109	{ memcpy(ctx->b, iv, PRE##_BLKSZ); ctx->off = PRE##_BLKSZ; } \
79ba130c	110	\
	111	/* --- @pre_cfbbdry@ --- * \
	112	* \
	113	* Arguments: @pre_cfbctx *ctx@ = pointer to CFB context block \
	114	* \
	115	* Returns: --- \
	116	* \
	117	* Use: Inserts a boundary during encryption. Successful \
	118	* decryption must place a similar boundary. \
	119	*/ \
	120	\
	121	void pre##_cfbbdry(pre##_cfbctx *ctx) \
	122	{ \
0fee61eb MW	123	uint32 t[PRE##_BLKSZ/4]; \
	124	\
	125	BLKC_LOAD(PRE, t, ctx->b); \
	126	pre##_eblk(&ctx->ctx, t, t); \
	127	BLKC_STORE(PRE, ctx->b, t); \
426aab6b	128	ctx->off = PRE##_BLKSZ; \
0fee61eb	129	BURN(t); \
79ba130c	130	} \
	131	\
	132	/* --- @pre_cfbsetkey@ --- * \
	133	* \
	134	* Arguments: @pre_cfbctx *ctx@ = pointer to CFB context block \
	135	* @const pre_ctx *k@ = pointer to cipher context \
	136	* \
	137	* Returns: --- \
	138	* \
	139	* Use: Sets the CFB context to use a different cipher key. \
	140	*/ \
	141	\
	142	void pre##_cfbsetkey(pre##_cfbctx ctx, const pre##_ctx k) \
0fee61eb	143	{ ctx->ctx = *k; ctx->off = PRE##_BLKSZ; } \
79ba130c	144	\
	145	/* --- @pre_cfbinit@ --- * \
	146	* \
	147	* Arguments: @pre_cfbctx *ctx@ = pointer to cipher context \
	148	* @const void *key@ = pointer to the key buffer \
	149	* @size_t sz@ = size of the key \
	150	* @const void *iv@ = pointer to initialization vector \
	151	* \
	152	* Returns: --- \
	153	* \
	154	* Use: Initializes a CFB context ready for use. You should \
	155	* ensure that the IV chosen is unique: reusing an IV will \
	156	* compromise the security of at least the first block \
	157	* encrypted. This is equivalent to calls to @pre_init@, \
	158	* @pre_cfbsetkey@ and @pre_cfbsetiv@. \
	159	*/ \
	160	\
	161	void pre##_cfbinit(pre##_cfbctx *ctx, \
81b52866 MW	162	const void *key, size_t sz, \
81b52866 MW	163	const void *iv) \
79ba130c	164	{ \
4e66da02	165	static const octet zero[PRE##_BLKSZ] = { 0 }; \
0fee61eb	166	\
79ba130c	167	pre##_init(&ctx->ctx, key, sz); \
	168	pre##_cfbsetiv(ctx, iv ? iv : zero); \
	169	} \
	170	\
	171	/* --- @pre_cfbencrypt@ --- * \
	172	* \
	173	* Arguments: @pre_cfbctx *ctx@ = pointer to CFB context block \
	174	* @const void *src@ = pointer to source data \
	175	* @void *dest@ = pointer to destination data \
	176	* @size_t sz@ = size of block to be encrypted \
	177	* \
	178	* Returns: --- \
	179	* \
	180	* Use: Encrypts a block with a block cipher in CFB mode. The \
	181	* input block may be arbitrary in size. CFB mode is not \
	182	* sensitive to block boundaries. \
	183	*/ \
	184	\
	185	void pre##_cfbencrypt(pre##_cfbctx *ctx, \
81b52866 MW	186	const void src, void dest, \
81b52866 MW	187	size_t sz) \
79ba130c	188	{ \
	189	const octet *s = src; \
	190	octet *d = dest; \
426aab6b	191	unsigned off = ctx->off; \
0fee61eb MW	192	uint32 t[PRE##_BLKSZ/4]; \
0fee61eb MW	193	octet y; \
79ba130c	194	\
	195	/* --- Empty blocks are trivial --- */ \
	196	\
0fee61eb	197	if (!sz) return; \
79ba130c	198	\
	199	/* --- If I can deal with the block from my buffer, do that --- */ \
	200	\
0fee61eb	201	if (sz < PRE##_BLKSZ - off) goto small; \
79ba130c	202	\
	203	/* --- Finish off what's left in my buffer --- */ \
	204	\
	205	while (off < PRE##_BLKSZ) { \
0fee61eb MW	206	y = s ? *s++ : 0; \
	207	ctx->b[off] ^= y; \
	208	if (d) *d++ = ctx->b[off]; \
	209	off++; sz--; \
79ba130c	210	} \
	211	\
	212	/* --- Main encryption loop --- */ \
	213	\
0fee61eb MW	214	BLKC_LOAD(PRE, t, ctx->b); \
	215	\
	216	for (;;) { \
	217	pre##_eblk(&ctx->ctx, t, t); \
	218	if (sz < PRE##_BLKSZ) break; \
	219	if (s) { BLKC_XLOAD(PRE, t, s); s += PRE##_BLKSZ; } \
	220	if (d) { BLKC_STORE(PRE, d, t); d += PRE##_BLKSZ; } \
	221	sz -= PRE##_BLKSZ; \
79ba130c	222	} \
79ba130c	223	\
0fee61eb MW	224	BLKC_STORE(PRE, ctx->b, t); \
	225	off = 0; \
	226	\
79ba130c	227	/* --- Tidying up the tail end --- */ \
	228	\
	229	if (sz) { \
	230	small: \
	231	do { \
0fee61eb MW	232	y = s ? *s++ : 0; \
	233	ctx->b[off] ^= y; \
	234	if (d) *d++ = ctx->b[off]; \
	235	off++; sz--; \
79ba130c	236	} while (sz); \
	237	} \
	238	\
	239	/* --- Done --- */ \
	240	\
	241	ctx->off = off; \
	242	return; \
	243	} \
	244	\
426aab6b	245	/* --- @pre_cfbdecrypt@ --- * \
79ba130c	246	* \
	247	* Arguments: @pre_cfbctx *ctx@ = pointer to CFB context block \
	248	* @const void *src@ = pointer to source data \
	249	* @void *dest@ = pointer to destination data \
	250	* @size_t sz@ = size of block to be encrypted \
	251	* \
	252	* Returns: --- \
	253	* \
	254	* Use: Decrypts a block with a block cipher in CFB mode. The \
	255	* input block may be arbitrary in size. CFB mode is not \
	256	* sensitive to block boundaries. \
	257	*/ \
	258	\
	259	void pre##_cfbdecrypt(pre##_cfbctx *ctx, \
81b52866 MW	260	const void src, void dest, \
81b52866 MW	261	size_t sz) \
79ba130c	262	{ \
	263	const octet *s = src; \
	264	octet *d = dest; \
426aab6b	265	unsigned off = ctx->off; \
0fee61eb MW	266	uint32 t[PRE##_BLKSZ/4], u[PRE##_BLKSZ/4]; \
0fee61eb MW	267	octet y; \
79ba130c	268	\
	269	/* --- Empty blocks are trivial --- */ \
	270	\
0fee61eb	271	if (!sz) return; \
79ba130c	272	\
	273	/* --- If I can deal with the block from my buffer, do that --- */ \
	274	\
0fee61eb	275	if (sz < PRE##_BLKSZ - off) goto small; \
79ba130c	276	\
	277	/* --- Finish off what's left in my buffer --- */ \
	278	\
0fee61eb MW	279	while (off < PRE##_BLKSZ) \
0fee61eb MW	280	{ y = s++; d++ = ctx->b[off] ^ y; ctx->b[off++] = y; sz--; } \
79ba130c	281	\
	282	/* --- Main encryption loop --- */ \
	283	\
0fee61eb MW	284	BLKC_LOAD(PRE, t, ctx->b); \
	285	\
	286	for (;;) { \
	287	pre##_eblk(&ctx->ctx, t, t); \
	288	if (sz < PRE##_BLKSZ) break; \
	289	BLKC_LOAD(PRE, u, s); s += PRE##_BLKSZ; \
	290	BLKC_XSTORE(PRE, d, t, u); d += PRE##_BLKSZ; \
	291	BLKC_MOVE(PRE, t, u); \
	292	sz -= PRE##_BLKSZ; \
79ba130c	293	} \
79ba130c	294	\
0fee61eb MW	295	BLKC_STORE(PRE, ctx->b, t); \
	296	off = 0; \
	297	\
79ba130c	298	/* --- Tidying up the tail end --- */ \
	299	\
	300	if (sz) { \
	301	small: \
0fee61eb MW	302	do { y = s++; d++ = ctx->b[off] ^ y; ctx->b[off++] = y; sz--; } \
0fee61eb MW	303	while (sz); \
79ba130c	304	} \
	305	\
	306	/* --- Done --- */ \
	307	\
	308	ctx->off = off; \
	309	return; \
	310	} \
	311	\
	312	/* --- Generic cipher interface --- */ \
	313	\
	314	static const gcipher_ops gops; \
	315	\
	316	typedef struct gctx { \
	317	gcipher c; \
	318	pre##_cfbctx k; \
	319	} gctx; \
	320	\
	321	static gcipher ginit(const void k, size_t sz) \
	322	{ \
426aab6b	323	gctx *g = S_CREATE(gctx); \
79ba130c	324	g->c.ops = &gops; \
	325	pre##_cfbinit(&g->k, k, sz, 0); \
	326	return (&g->c); \
	327	} \
	328	\
	329	static void gencrypt(gcipher c, const void s, void *t, size_t sz) \
0fee61eb	330	{ gctx g = (gctx )c; pre##_cfbencrypt(&g->k, s, t, sz); } \
79ba130c	331	\
79ba130c	332	static void gdecrypt(gcipher c, const void s, void *t, size_t sz) \
0fee61eb	333	{ gctx g = (gctx )c; pre##_cfbdecrypt(&g->k, s, t, sz); } \
79ba130c	334	\
79ba130c	335	static void gdestroy(gcipher *c) \
0fee61eb	336	{ gctx g = (gctx )c; BURN(*g); S_DESTROY(g); } \
79ba130c	337	\
79ba130c	338	static void gsetiv(gcipher c, const void iv) \
0fee61eb	339	{ gctx g = (gctx )c; pre##_cfbsetiv(&g->k, iv); } \
79ba130c	340	\
79ba130c	341	static void gbdry(gcipher *c) \
0fee61eb	342	{ gctx g = (gctx )c; pre##_cfbbdry(&g->k); } \
79ba130c	343	\
79ba130c	344	static const gcipher_ops gops = { \
426aab6b	345	&pre##_cfb, \
426aab6b	346	gencrypt, gdecrypt, gdestroy, gsetiv, gbdry \
79ba130c	347	}; \
	348	\
	349	const gccipher pre##_cfb = { \
aaae9cab	350	name "-cfb", pre##_keysz, PRE##_BLKSZ, \
79ba130c	351	ginit \
	352	}; \
	353	\
aaae9cab	354	CFB_TESTX(PRE, pre, name, fname)
79ba130c	355
	356	/----- Test rig ----------------------------------------------------------/
	357
aaae9cab MW	358	#define CFB_TEST(PRE, pre) CFB_TESTX(PRE, pre, #pre, #pre)
aaae9cab MW	359
79ba130c	360	#ifdef TEST_RIG
79ba130c	361
57f459eb	362	#include "modes-test.h"
79ba130c	363
	364	/* --- @CFB_TEST@ --- *
	365	*
	366	* Arguments: @PRE@, @pre@ = prefixes for block cipher definitions
	367	*
	368	* Use: Standard test rig for CFB functions.
	369	*/
	370
aaae9cab	371	#define CFB_TESTX(PRE, pre, name, fname) \
79ba130c	372	\
57f459eb MW	373	static pre##_ctx key; \
57f459eb MW	374	static pre##_cfbctx ctx; \
79ba130c	375	\
57f459eb MW	376	static void pre##_cfb_test_setup(const octet *k, size_t ksz) \
57f459eb MW	377	{ pre##_init(&key, k, ksz); pre##_cfbsetkey(&ctx, &key); } \
79ba130c	378	\
57f459eb MW	379	static void pre##_cfb_test_reset(const octet *iv) \
57f459eb MW	380	{ pre##_cfbsetiv(&ctx, iv); } \
79ba130c	381	\
57f459eb MW	382	static void pre##_cfb_test_enc(const octet s, octet d, size_t sz) \
57f459eb MW	383	{ pre##_cfbencrypt(&ctx, s, d, sz); } \
79ba130c	384	\
57f459eb MW	385	static void pre##_cfb_test_dec(const octet s, octet d, size_t sz) \
57f459eb MW	386	{ pre##_cfbdecrypt(&ctx, s, d, sz); } \
79ba130c	387	\
57f459eb	388	int main(int argc, char *argv[]) \
79ba130c	389	{ \
57f459eb MW	390	return test_encmode(fname "-cfb", PRE##_KEYSZ, PRE##_BLKSZ, 1, 0, \
	391	pre##_cfb_test_setup, pre##_cfb_test_reset, \
	392	pre##_cfb_test_enc, pre##_cfb_test_dec, \
	393	argc, argv); \
79ba130c	394	}
	395
	396	#else
aaae9cab	397	# define CFB_TESTX(PRE, pre, name, fname)
79ba130c	398	#endif
	399
	400	/----- That's all, folks -------------------------------------------------/
	401
	402	#ifdef __cplusplus
	403	}
	404	#endif
	405
	406	#endif