# include "paranoia.h"
#endif
+#ifndef CATACOMB_RSVR_H
+# include "rsvr.h"
+#endif
+
/*----- Macros ------------------------------------------------------------*/
/* --- @OFB_DEF@ --- *
* Use: Creates definitions for output feedback mode.
*/
-#define OFB_DEF(PRE, pre) \
+#define OFB_DEF(PRE, pre) OFB_DEFX(PRE, pre, #pre, #pre)
+
+#define OFB_DEFX(PRE, pre, name, fname) \
\
/* --- @pre_ofbgetiv@ --- * \
* \
octet *p = iv; \
unsigned off = ctx->off; \
unsigned rest = PRE##_BLKSZ - off; \
- memcpy(p, ctx->iv + off, rest); \
- memcpy(p + rest, ctx->iv, off); \
+ \
+ memcpy(p, ctx->b + off, rest); \
+ memcpy(p + rest, ctx->b, off); \
} \
\
/* --- @pre_ofbsetiv@ --- * \
*/ \
\
void pre##_ofbsetiv(pre##_ofbctx *ctx, const void *iv) \
-{ \
- memcpy(ctx->iv, iv, PRE##_BLKSZ); \
- ctx->off = PRE##_BLKSZ; \
-} \
+ { memcpy(ctx->b, iv, PRE##_BLKSZ); ctx->off = 0; } \
\
/* --- @pre_ofbbdry@ --- * \
* \
\
void pre##_ofbbdry(pre##_ofbctx *ctx) \
{ \
- uint32 niv[PRE##_BLKSZ / 4]; \
- BLKC_LOAD(PRE, niv, ctx->iv); \
- pre##_eblk(&ctx->ctx, niv, niv); \
- BLKC_STORE(PRE, ctx->iv, niv); \
- ctx->off = PRE##_BLKSZ; \
- BURN(niv); \
+ uint32 t[PRE##_BLKSZ/4]; \
+ \
+ BLKC_LOAD(PRE, t, ctx->b); \
+ pre##_eblk(&ctx->ctx, t, t); \
+ BLKC_STORE(PRE, ctx->b, t); \
+ ctx->off = 0; \
+ BURN(t); \
} \
\
/* --- @pre_ofbsetkey@ --- * \
*/ \
\
void pre##_ofbsetkey(pre##_ofbctx *ctx, const pre##_ctx *k) \
-{ \
- ctx->ctx = *k; \
-} \
+ { ctx->ctx = *k; } \
\
/* --- @pre_ofbinit@ --- * \
* \
const void *iv) \
{ \
static const octet zero[PRE##_BLKSZ] = { 0 }; \
+ \
pre##_init(&ctx->ctx, key, sz); \
pre##_ofbsetiv(ctx, iv ? iv : zero); \
} \
* cipher as a random data generator. \
*/ \
\
+static const rsvr_policy pre##_ofbpolicy = { 0, PRE##_BLKSZ, PRE##_BLKSZ }; \
+ \
void pre##_ofbencrypt(pre##_ofbctx *ctx, \
- const void *src, void *dest, \
- size_t sz) \
+ const void *src, void *dest, \
+ size_t sz) \
{ \
- const octet *s = src; \
+ rsvr_plan plan; \
+ const octet *s = src, *p; \
octet *d = dest; \
- unsigned off = ctx->off; \
- \
- /* --- Empty blocks are trivial --- */ \
- \
- if (!sz) \
- return; \
- \
- /* --- If I can deal with the block from my buffer, do that --- */ \
- \
- if (sz < PRE##_BLKSZ - off) \
- goto small; \
- \
- /* --- Finish off what's left in my buffer --- */ \
- \
- if (!d) \
- sz -= PRE##_BLKSZ - off; \
- else { \
- while (off < PRE##_BLKSZ) { \
- register octet x = s ? *s++ : 0; \
- *d++ = ctx->iv[off++] ^ x; \
- sz--; \
+ uint32 t[PRE##_BLKSZ/4], u[PRE##_BLKSZ/4]; \
+ \
+ /* Construct a plan and prepare to follow through. */ \
+ rsvr_mkplan(&plan, &pre##_ofbpolicy, ctx->off, sz); \
+ BLKC_LOAD(PRE, t, ctx->b); \
+ \
+ /* Initial portion, fulfilled from the buffer. If the chunk is small \
+ * enough, then this will be the only portion. If the buffer is \
+ * currently empty, then we must prepare it. \
+ */ \
+ if (plan.head) { \
+ if (!ctx->off) { \
+ pre##_eblk(&ctx->ctx, t, t); \
+ BLKC_STORE(PRE, ctx->b, t); \
} \
+ p = ctx->b + ctx->off; ctx->off += plan.head; \
+ if (!d) /* nothing to do */; \
+ else if (!s) { memcpy(d, p, plan.head); d += plan.head; } \
+ else while (plan.head--) *d++ = *s++ ^ *p++; \
} \
\
- /* --- Main encryption loop --- */ \
- \
- { \
- uint32 iv[PRE##_BLKSZ / 4]; \
- BLKC_LOAD(PRE, iv, ctx->iv); \
- \
- for (;;) { \
- pre##_eblk(&ctx->ctx, iv, iv); \
- if (sz < PRE##_BLKSZ) \
- break; \
- if (d) { \
- if (!s) \
- BLKC_STORE(PRE, d, iv); \
- else { \
- uint32 x[PRE##_BLKSZ / 4]; \
- BLKC_LOAD(PRE, x, s); \
- BLKC_XSTORE(PRE, d, iv, x); \
- s += PRE##_BLKSZ; \
- } \
- d += PRE##_BLKSZ; \
- } \
- sz -= PRE##_BLKSZ; \
- } \
- \
- BLKC_STORE(PRE, ctx->iv, iv); \
- off = 0; \
+ /* If the buffer is all used, then reset it ready for next time. */ \
+ ctx->off -= plan.from_rsvr; \
+ \
+ /* Handle multiple whole blocks. */ \
+ if (!d) while (plan.from_input) { \
+ pre##_eblk(&ctx->ctx, t, t); \
+ plan.from_input -= PRE##_BLKSZ; \
+ } else if (!s) while (plan.from_input) { \
+ pre##_eblk(&ctx->ctx, t, t); \
+ BLKC_STORE(PRE, d, t); d += PRE##_BLKSZ; \
+ plan.from_input -= PRE##_BLKSZ; \
+ } else while (plan.from_input) { \
+ pre##_eblk(&ctx->ctx, t, t); \
+ BLKC_LOAD(PRE, u, s); s += PRE##_BLKSZ; \
+ BLKC_XSTORE(PRE, d, t, u); d += PRE##_BLKSZ; \
+ plan.from_input -= PRE##_BLKSZ; \
} \
\
- /* --- Tidying up the tail end --- */ \
- \
- if (sz) { \
- small: \
- if (!d) \
- off += sz; \
- else do { \
- register octet x = s ? *s++ : 0; \
- *d++ = ctx->iv[off++] ^ x; \
- sz--; \
- } while (sz); \
+ /* Final portion. Note that the buffer must be empty if there is a \
+ * tail, since otherwise the input data would have been part of the \
+ * head portion instad. */ \
+ if (!plan.tail) \
+ BLKC_STORE(PRE, ctx->b, t); \
+ else { \
+ pre##_eblk(&ctx->ctx, t, t); \
+ BLKC_STORE(PRE, ctx->b, t); \
+ p = ctx->b; ctx->off += plan.tail; \
+ if (!d) /* nothing to do */; \
+ else if (!s) { memcpy(d, p, plan.tail); d += plan.tail; } \
+ else while (plan.tail--) *d++ = *s++ ^ *p++; \
} \
- \
- /* --- Done --- */ \
- \
- ctx->off = off; \
- return; \
} \
\
/* --- Generic cipher interface --- */ \
} \
\
static void gencrypt(gcipher *c, const void *s, void *t, size_t sz) \
-{ \
- gctx *g = (gctx *)c; \
- pre##_ofbencrypt(&g->k, s, t, sz); \
-} \
+ { gctx *g = (gctx *)c; pre##_ofbencrypt(&g->k, s, t, sz); } \
\
static void gdestroy(gcipher *c) \
-{ \
- gctx *g = (gctx *)c; \
- BURN(*g); \
- S_DESTROY(g); \
-} \
+ { gctx *g = (gctx *)c; BURN(*g); S_DESTROY(g); } \
\
static void gsetiv(gcipher *c, const void *iv) \
-{ \
- gctx *g = (gctx *)c; \
- pre##_ofbsetiv(&g->k, iv); \
-} \
+ { gctx *g = (gctx *)c; pre##_ofbsetiv(&g->k, iv); } \
\
static void gbdry(gcipher *c) \
{ \
}; \
\
const gccipher pre##_ofb = { \
- #pre "-ofb", pre##_keysz, PRE##_BLKSZ, \
+ name "-ofb", pre##_keysz, PRE##_BLKSZ, \
ginit \
}; \
\
} grctx; \
\
static void grdestroy(grand *r) \
-{ \
- grctx *g = (grctx *)r; \
- BURN(*g); \
- S_DESTROY(g); \
-} \
+ { grctx *g = (grctx *)r; BURN(*g); S_DESTROY(g); } \
\
static int grmisc(grand *r, unsigned op, ...) \
{ \
} \
\
static void grfill(grand *r, void *p, size_t sz) \
-{ \
- grctx *g = (grctx *)r; \
- pre##_ofbencrypt(&g->k, 0, p, sz); \
-} \
+ { grctx *g = (grctx *)r; pre##_ofbencrypt(&g->k, 0, p, sz); } \
\
static const grand_ops grops = { \
- #pre "-ofb", \
+ name "-ofb", \
GRAND_CRYPTO, 0, \
grmisc, grdestroy, \
- grword, grbyte, grword, grand_range, grfill \
+ grword, grbyte, grword, grand_defaultrange, grfill \
}; \
\
/* --- @pre_ofbrand@ --- * \
return (&g->r); \
} \
\
-OFB_TEST(PRE, pre)
+OFB_TESTX(PRE, pre, name, name)
/*----- Test rig ----------------------------------------------------------*/
-#ifdef TEST_RIG
+#define OFB_TEST(PRE, pre) OFB_TESTX(PRE, pre, #pre, #pre)
-#include <stdio.h>
+#ifdef TEST_RIG
-#include "daftstory.h"
+#include "modes-test.h"
/* --- @OFB_TEST@ --- *
*
* Use: Standard test rig for OFB functions.
*/
-#define OFB_TEST(PRE, pre) \
- \
-/* --- Initial plaintext for the test --- */ \
- \
-static const octet text[] = TEXT; \
- \
-/* --- Key and IV to use --- */ \
+#define OFB_TESTX(PRE, pre, name, fname) \
\
-static const octet key[] = KEY; \
-static const octet iv[] = IV; \
+static pre##_ctx key; \
+static pre##_ofbctx ctx; \
\
-/* --- Buffers for encryption and decryption output --- */ \
+static void pre##_ofb_test_setup(const octet *k, size_t ksz) \
+ { pre##_init(&key, k, ksz); pre##_ofbsetkey(&ctx, &key); } \
\
-static octet ct[sizeof(text)]; \
-static octet pt[sizeof(text)]; \
+static void pre##_ofb_test_reset(const octet *iv) \
+ { pre##_ofbsetiv(&ctx, iv); } \
\
-static void hexdump(const octet *p, size_t sz) \
-{ \
- const octet *q = p + sz; \
- for (sz = 0; p < q; p++, sz++) { \
- printf("%02x", *p); \
- if ((sz + 1) % PRE##_BLKSZ == 0) \
- putchar(':'); \
- } \
-} \
+static void pre##_ofb_test_enc(const octet *s, octet *d, size_t sz) \
+ { pre##_ofbencrypt(&ctx, s, d, sz); } \
\
-int main(void) \
+int main(int argc, char *argv[]) \
{ \
- size_t sz = 0, rest; \
- pre##_ofbctx ctx; \
- int status = 0; \
- int done = 0; \
- pre##_ctx k; \
- \
- size_t keysz = PRE##_KEYSZ ? \
- PRE##_KEYSZ : strlen((const char *)key); \
- \
- fputs(#pre "-ofb: ", stdout); \
- \
- pre##_init(&k, key, keysz); \
- pre##_ofbsetkey(&ctx, &k); \
- \
- while (sz <= sizeof(text)) { \
- rest = sizeof(text) - sz; \
- memcpy(ct, text, sizeof(text)); \
- pre##_ofbsetiv(&ctx, iv); \
- pre##_ofbencrypt(&ctx, ct, ct, sz); \
- pre##_ofbencrypt(&ctx, ct + sz, ct + sz, rest); \
- memcpy(pt, ct, sizeof(text)); \
- pre##_ofbsetiv(&ctx, iv); \
- pre##_ofbencrypt(&ctx, pt, pt, rest); \
- pre##_ofbencrypt(&ctx, pt + rest, pt + rest, sz); \
- if (memcmp(pt, text, sizeof(text)) == 0) { \
- done++; \
- if (sizeof(text) < 40 || done % 8 == 0) \
- fputc('.', stdout); \
- if (done % 480 == 0) \
- fputs("\n\t", stdout); \
- fflush(stdout); \
- } else { \
- printf("\nError (sz = %lu)\n", (unsigned long)sz); \
- status = 1; \
- printf("\tplaintext = "); hexdump(text, sz); \
- printf(", "); hexdump(text + sz, rest); \
- fputc('\n', stdout); \
- printf("\tciphertext = "); hexdump(ct, sz); \
- printf(", "); hexdump(ct + sz, rest); \
- fputc('\n', stdout); \
- printf("\trecovered text = "); hexdump(pt, sz); \
- printf(", "); hexdump(pt + sz, rest); \
- fputc('\n', stdout); \
- fputc('\n', stdout); \
- } \
- if (sz < 63) \
- sz++; \
- else \
- sz += 9; \
- } \
- \
- fputs(status ? " failed\n" : " ok\n", stdout); \
- return (status); \
+ return test_encmode(fname "-ofb", PRE##_KEYSZ, PRE##_BLKSZ, 1, 0, \
+ pre##_ofb_test_setup, pre##_ofb_test_reset, \
+ pre##_ofb_test_enc, pre##_ofb_test_enc, \
+ argc, argv); \
}
#else
-# define OFB_TEST(PRE, pre)
+# define OFB_TESTX(PRE, pre, name, fname)
#endif
/*----- That's all, folks -------------------------------------------------*/