~mdw / catacomb / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
symm/...: Reformat encryption mode loops and related code.
[catacomb] / symm / ofb-def.h
1 /* -*-c-*-
2 *
3 * Definitions for output feedback mode
4 *
5 * (c) 1999 Straylight/Edgeware
6 */
7
8 /*----- Licensing notice --------------------------------------------------*
9 *
10 * This file is part of Catacomb.
11 *
12 * Catacomb is free software; you can redistribute it and/or modify
13 * it under the terms of the GNU Library General Public License as
14 * published by the Free Software Foundation; either version 2 of the
15 * License, or (at your option) any later version.
16 *
17 * Catacomb is distributed in the hope that it will be useful,
18 * but WITHOUT ANY WARRANTY; without even the implied warranty of
19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 * GNU Library General Public License for more details.
21 *
22 * You should have received a copy of the GNU Library General Public
23 * License along with Catacomb; if not, write to the Free
24 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
25 * MA 02111-1307, USA.
26 */
27
28 #ifndef CATACOMB_OFB_DEF_H
29 #define CATACOMB_OFB_DEF_H
30
31 #ifdef __cplusplus
32 extern "C" {
33 #endif
34
35 /*----- Header files ------------------------------------------------------*/
36
37 #include <stdarg.h>
38 #include <string.h>
39
40 #include <mLib/bits.h>
41 #include <mLib/sub.h>
42
43 #ifndef CATACOMB_ARENA_H
44 # include "arena.h"
45 #endif
46
47 #ifndef CATACOMB_BLKC_H
48 # include "blkc.h"
49 #endif
50
51 #ifndef CATACOMB_GCIPHER_H
52 # include "gcipher.h"
53 #endif
54
55 #ifndef CATACOMB_PARANOIA_H
56 # include "paranoia.h"
57 #endif
58
59 /*----- Macros ------------------------------------------------------------*/
60
61 /* --- @OFB_DEF@ --- *
62 *
63 * Arguments: @PRE@, @pre@ = prefixes for the underlying block cipher
64 *
65 * Use: Creates definitions for output feedback mode.
66 */
67
68 #define OFB_DEF(PRE, pre) OFB_DEFX(PRE, pre, #pre, #pre)
69
70 #define OFB_DEFX(PRE, pre, name, fname) \
71 \
72 /* --- @pre_ofbgetiv@ --- * \
73 * \
74 * Arguments: @const pre_ofbctx *ctx@ = pointer to OFB context block \
75 * @void *iv@ = pointer to output data block \
76 * \
77 * Returns: --- \
78 * \
79 * Use: Reads the currently set IV. Reading and setting an IV \
80 * is not transparent to the cipher. It will add a `step' \
81 * which must be matched by a similar operation during \
82 * decryption. \
83 */ \
84 \
85 void pre##_ofbgetiv(const pre##_ofbctx *ctx, void *iv) \
86 { \
87 octet *p = iv; \
88 unsigned off = ctx->off; \
89 unsigned rest = PRE##_BLKSZ - off; \
90 \
91 memcpy(p, ctx->b + off, rest); \
92 memcpy(p + rest, ctx->b, off); \
93 } \
94 \
95 /* --- @pre_ofbsetiv@ --- * \
96 * \
97 * Arguments: @pre_ofbctx *ctx@ = pointer to OFB context block \
98 * @cnost void *iv@ = pointer to IV to set \
99 * \
100 * Returns: --- \
101 * \
102 * Use: Sets the IV to use for subsequent encryption. \
103 */ \
104 \
105 void pre##_ofbsetiv(pre##_ofbctx *ctx, const void *iv) \
106 { memcpy(ctx->b, iv, PRE##_BLKSZ); ctx->off = PRE##_BLKSZ; } \
107 \
108 /* --- @pre_ofbbdry@ --- * \
109 * \
110 * Arguments: @pre_ofbctx *ctx@ = pointer to OFB context block \
111 * \
112 * Returns: --- \
113 * \
114 * Use: Inserts a boundary during encryption. Successful \
115 * decryption must place a similar boundary. \
116 */ \
117 \
118 void pre##_ofbbdry(pre##_ofbctx *ctx) \
119 { \
120 uint32 t[PRE##_BLKSZ/4]; \
121 \
122 BLKC_LOAD(PRE, t, ctx->b); \
123 pre##_eblk(&ctx->ctx, t, t); \
124 BLKC_STORE(PRE, ctx->b, t); \
125 ctx->off = PRE##_BLKSZ; \
126 BURN(t); \
127 } \
128 \
129 /* --- @pre_ofbsetkey@ --- * \
130 * \
131 * Arguments: @pre_ofbctx *ctx@ = pointer to OFB context block \
132 * @const pre_ctx *k@ = pointer to cipher context \
133 * \
134 * Returns: --- \
135 * \
136 * Use: Sets the OFB context to use a different cipher key. \
137 */ \
138 \
139 void pre##_ofbsetkey(pre##_ofbctx *ctx, const pre##_ctx *k) \
140 { ctx->ctx = *k; } \
141 \
142 /* --- @pre_ofbinit@ --- * \
143 * \
144 * Arguments: @pre_ofbctx *ctx@ = pointer to cipher context \
145 * @const void *key@ = pointer to the key buffer \
146 * @size_t sz@ = size of the key \
147 * @const void *iv@ = pointer to initialization vector \
148 * \
149 * Returns: --- \
150 * \
151 * Use: Initializes a OFB context ready for use. You should \
152 * ensure that the IV chosen is unique: reusing an IV will \
153 * compromise the security of the entire plaintext. This \
154 * is equivalent to calls to @pre_init@, @pre_ofbsetkey@ \
155 * and @pre_ofbsetiv@. \
156 */ \
157 \
158 void pre##_ofbinit(pre##_ofbctx *ctx, \
159 const void *key, size_t sz, \
160 const void *iv) \
161 { \
162 static const octet zero[PRE##_BLKSZ] = { 0 }; \
163 \
164 pre##_init(&ctx->ctx, key, sz); \
165 pre##_ofbsetiv(ctx, iv ? iv : zero); \
166 } \
167 \
168 /* --- @pre_ofbencrypt@ --- * \
169 * \
170 * Arguments: @pre_ofbctx *ctx@ = pointer to OFB context block \
171 * @const void *src@ = pointer to source data \
172 * @void *dest@ = pointer to destination data \
173 * @size_t sz@ = size of block to be encrypted \
174 * \
175 * Returns: --- \
176 * \
177 * Use: Encrypts or decrypts a block with a block cipher in OFB \
178 * mode: encryption and decryption are the same in OFB. \
179 * The destination may be null to just churn the feedback \
180 * round for a bit. The source may be null to use the \
181 * cipher as a random data generator. \
182 */ \
183 \
184 void pre##_ofbencrypt(pre##_ofbctx *ctx, \
185 const void *src, void *dest, \
186 size_t sz) \
187 { \
188 const octet *s = src; \
189 octet *d = dest; \
190 unsigned off = ctx->off; \
191 uint32 t[PRE##_BLKSZ/4], u[PRE##_BLKSZ/4]; \
192 octet y; \
193 \
194 /* --- Empty blocks are trivial --- */ \
195 \
196 if (!sz) return; \
197 \
198 /* --- If I can deal with the block from my buffer, do that --- */ \
199 \
200 if (sz < PRE##_BLKSZ - off) goto small; \
201 \
202 /* --- Finish off what's left in my buffer --- */ \
203 \
204 if (!d) sz -= PRE##_BLKSZ - off; \
205 else while (off < PRE##_BLKSZ) \
206 { y = s ? *s++ : 0; *d++ = ctx->b[off++] ^ y; sz--; } \
207 \
208 /* --- Main encryption loop --- */ \
209 \
210 BLKC_LOAD(PRE, t, ctx->b); \
211 \
212 for (;;) { \
213 pre##_eblk(&ctx->ctx, t, t); \
214 if (sz < PRE##_BLKSZ) break; \
215 if (!d) /* do nothing */; \
216 else if (!s) { BLKC_STORE(PRE, d, t); d += PRE##_BLKSZ; } \
217 else { \
218 BLKC_LOAD(PRE, u, s); s += PRE##_BLKSZ; \
219 BLKC_XSTORE(PRE, d, t, u); d += PRE##_BLKSZ; \
220 } \
221 sz -= PRE##_BLKSZ; \
222 } \
223 \
224 BLKC_STORE(PRE, ctx->b, t); \
225 off = 0; \
226 \
227 /* --- Tidying up the tail end --- */ \
228 \
229 if (sz) { \
230 small: \
231 if (!d) off += sz; \
232 else do { y = s ? *s++ : 0; *d++ = ctx->b[off++] ^ y; sz--; } \
233 while (sz); \
234 } \
235 \
236 /* --- Done --- */ \
237 \
238 ctx->off = off; \
239 return; \
240 } \
241 \
242 /* --- Generic cipher interface --- */ \
243 \
244 static const gcipher_ops gops; \
245 \
246 typedef struct gctx { \
247 gcipher c; \
248 pre##_ofbctx k; \
249 } gctx; \
250 \
251 static gcipher *ginit(const void *k, size_t sz) \
252 { \
253 gctx *g = S_CREATE(gctx); \
254 g->c.ops = &gops; \
255 pre##_ofbinit(&g->k, k, sz, 0); \
256 return (&g->c); \
257 } \
258 \
259 static void gencrypt(gcipher *c, const void *s, void *t, size_t sz) \
260 { gctx *g = (gctx *)c; pre##_ofbencrypt(&g->k, s, t, sz); } \
261 \
262 static void gdestroy(gcipher *c) \
263 { gctx *g = (gctx *)c; BURN(*g); S_DESTROY(g); } \
264 \
265 static void gsetiv(gcipher *c, const void *iv) \
266 { gctx *g = (gctx *)c; pre##_ofbsetiv(&g->k, iv); } \
267 \
268 static void gbdry(gcipher *c) \
269 { \
270 gctx *g = (gctx *)c; \
271 pre##_ofbbdry(&g->k); \
272 } \
273 \
274 static const gcipher_ops gops = { \
275 &pre##_ofb, \
276 gencrypt, gencrypt, gdestroy, gsetiv, gbdry \
277 }; \
278 \
279 const gccipher pre##_ofb = { \
280 name "-ofb", pre##_keysz, PRE##_BLKSZ, \
281 ginit \
282 }; \
283 \
284 /* --- Generic random number generator interface --- */ \
285 \
286 typedef struct grctx { \
287 grand r; \
288 pre##_ofbctx k; \
289 } grctx; \
290 \
291 static void grdestroy(grand *r) \
292 { grctx *g = (grctx *)r; BURN(*g); S_DESTROY(g); } \
293 \
294 static int grmisc(grand *r, unsigned op, ...) \
295 { \
296 grctx *g = (grctx *)r; \
297 va_list ap; \
298 int rc = 0; \
299 uint32 i; \
300 octet buf[PRE##_BLKSZ]; \
301 va_start(ap, op); \
302 \
303 switch (op) { \
304 case GRAND_CHECK: \
305 switch (va_arg(ap, unsigned)) { \
306 case GRAND_CHECK: \
307 case GRAND_SEEDINT: \
308 case GRAND_SEEDUINT32: \
309 case GRAND_SEEDBLOCK: \
310 case GRAND_SEEDRAND: \
311 rc = 1; \
312 break; \
313 default: \
314 rc = 0; \
315 break; \
316 } \
317 break; \
318 case GRAND_SEEDINT: \
319 memset(buf, 0, sizeof(buf)); \
320 i = va_arg(ap, unsigned); \
321 STORE32(buf, i); \
322 pre##_ofbsetiv(&g->k, buf); \
323 break; \
324 case GRAND_SEEDUINT32: \
325 memset(buf, 0, sizeof(buf)); \
326 i = va_arg(ap, uint32); \
327 STORE32(buf, i); \
328 pre##_ofbsetiv(&g->k, buf); \
329 break; \
330 case GRAND_SEEDBLOCK: { \
331 const void *p = va_arg(ap, const void *); \
332 size_t sz = va_arg(ap, size_t); \
333 if (sz < sizeof(buf)) { \
334 memset(buf, 0, sizeof(buf)); \
335 memcpy(buf, p, sz); \
336 p = buf; \
337 } \
338 pre##_ofbsetiv(&g->k, p); \
339 } break; \
340 case GRAND_SEEDRAND: { \
341 grand *rr = va_arg(ap, grand *); \
342 rr->ops->fill(rr, buf, sizeof(buf)); \
343 pre##_ofbsetiv(&g->k, buf); \
344 } break; \
345 default: \
346 GRAND_BADOP; \
347 break; \
348 } \
349 \
350 va_end(ap); \
351 return (rc); \
352 } \
353 \
354 static octet grbyte(grand *r) \
355 { \
356 grctx *g = (grctx *)r; \
357 octet o; \
358 pre##_ofbencrypt(&g->k, 0, &o, 1); \
359 return (o); \
360 } \
361 \
362 static uint32 grword(grand *r) \
363 { \
364 grctx *g = (grctx *)r; \
365 octet b[4]; \
366 pre##_ofbencrypt(&g->k, 0, b, sizeof(b)); \
367 return (LOAD32(b)); \
368 } \
369 \
370 static void grfill(grand *r, void *p, size_t sz) \
371 { grctx *g = (grctx *)r; pre##_ofbencrypt(&g->k, 0, p, sz); } \
372 \
373 static const grand_ops grops = { \
374 name "-ofb", \
375 GRAND_CRYPTO, 0, \
376 grmisc, grdestroy, \
377 grword, grbyte, grword, grand_defaultrange, grfill \
378 }; \
379 \
380 /* --- @pre_ofbrand@ --- * \
381 * \
382 * Arguments: @const void *k@ = pointer to key material \
383 * @size_t sz@ = size of key material \
384 * \
385 * Returns: Pointer to generic random number generator interface. \
386 * \
387 * Use: Creates a random number interface wrapper around an \
388 * OFB-mode block cipher. \
389 */ \
390 \
391 grand *pre##_ofbrand(const void *k, size_t sz) \
392 { \
393 grctx *g = S_CREATE(grctx); \
394 g->r.ops = &grops; \
395 pre##_ofbinit(&g->k, k, sz, 0); \
396 return (&g->r); \
397 } \
398 \
399 OFB_TESTX(PRE, pre, name, name)
400
401 /*----- Test rig ----------------------------------------------------------*/
402
403 #define OFB_TEST(PRE, pre) OFB_TESTX(PRE, pre, #pre, #pre)
404
405 #ifdef TEST_RIG
406
407 #include "modes-test.h"
408
409 /* --- @OFB_TEST@ --- *
410 *
411 * Arguments: @PRE@, @pre@ = prefixes for block cipher definitions
412 *
413 * Use: Standard test rig for OFB functions.
414 */
415
416 #define OFB_TESTX(PRE, pre, name, fname) \
417 \
418 static pre##_ctx key; \
419 static pre##_ofbctx ctx; \
420 \
421 static void pre##_ofb_test_setup(const octet *k, size_t ksz) \
422 { pre##_init(&key, k, ksz); pre##_ofbsetkey(&ctx, &key); } \
423 \
424 static void pre##_ofb_test_reset(const octet *iv) \
425 { pre##_ofbsetiv(&ctx, iv); } \
426 \
427 static void pre##_ofb_test_enc(const octet *s, octet *d, size_t sz) \
428 { pre##_ofbencrypt(&ctx, s, d, sz); } \
429 \
430 int main(int argc, char *argv[]) \
431 { \
432 return test_encmode(fname "-ofb", PRE##_KEYSZ, PRE##_BLKSZ, 1, 0, \
433 pre##_ofb_test_setup, pre##_ofb_test_reset, \
434 pre##_ofb_test_enc, pre##_ofb_test_enc, \
435 argc, argv); \
436 }
437
438 #else
439 # define OFB_TESTX(PRE, pre, name, fname)
440 #endif
441
442 /*----- That's all, folks -------------------------------------------------*/
443
444 #ifdef __cplusplus
445 }
446 #endif
447
448 #endif
Catacomb cryptographic library