1 |
|
|
/* $OpenBSD: ofb128.c,v 1.4 2015/02/10 09:46:30 miod Exp $ */ |
2 |
|
|
/* ==================================================================== |
3 |
|
|
* Copyright (c) 2008 The OpenSSL Project. All rights reserved. |
4 |
|
|
* |
5 |
|
|
* Redistribution and use in source and binary forms, with or without |
6 |
|
|
* modification, are permitted provided that the following conditions |
7 |
|
|
* are met: |
8 |
|
|
* |
9 |
|
|
* 1. Redistributions of source code must retain the above copyright |
10 |
|
|
* notice, this list of conditions and the following disclaimer. |
11 |
|
|
* |
12 |
|
|
* 2. Redistributions in binary form must reproduce the above copyright |
13 |
|
|
* notice, this list of conditions and the following disclaimer in |
14 |
|
|
* the documentation and/or other materials provided with the |
15 |
|
|
* distribution. |
16 |
|
|
* |
17 |
|
|
* 3. All advertising materials mentioning features or use of this |
18 |
|
|
* software must display the following acknowledgment: |
19 |
|
|
* "This product includes software developed by the OpenSSL Project |
20 |
|
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)" |
21 |
|
|
* |
22 |
|
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
23 |
|
|
* endorse or promote products derived from this software without |
24 |
|
|
* prior written permission. For written permission, please contact |
25 |
|
|
* openssl-core@openssl.org. |
26 |
|
|
* |
27 |
|
|
* 5. Products derived from this software may not be called "OpenSSL" |
28 |
|
|
* nor may "OpenSSL" appear in their names without prior written |
29 |
|
|
* permission of the OpenSSL Project. |
30 |
|
|
* |
31 |
|
|
* 6. Redistributions of any form whatsoever must retain the following |
32 |
|
|
* acknowledgment: |
33 |
|
|
* "This product includes software developed by the OpenSSL Project |
34 |
|
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)" |
35 |
|
|
* |
36 |
|
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
37 |
|
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
38 |
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
39 |
|
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
40 |
|
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
41 |
|
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
42 |
|
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
43 |
|
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
44 |
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
45 |
|
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
46 |
|
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
47 |
|
|
* OF THE POSSIBILITY OF SUCH DAMAGE. |
48 |
|
|
* ==================================================================== |
49 |
|
|
* |
50 |
|
|
*/ |
51 |
|
|
|
52 |
|
|
#include <openssl/crypto.h> |
53 |
|
|
#include "modes_lcl.h" |
54 |
|
|
#include <string.h> |
55 |
|
|
|
56 |
|
|
#ifndef MODES_DEBUG |
57 |
|
|
# ifndef NDEBUG |
58 |
|
|
# define NDEBUG |
59 |
|
|
# endif |
60 |
|
|
#endif |
61 |
|
|
|
62 |
|
|
/* The input and output encrypted as though 128bit ofb mode is being |
63 |
|
|
* used. The extra state information to record how much of the |
64 |
|
|
* 128bit block we have used is contained in *num; |
65 |
|
|
*/ |
66 |
|
|
void CRYPTO_ofb128_encrypt(const unsigned char *in, unsigned char *out, |
67 |
|
|
size_t len, const void *key, |
68 |
|
|
unsigned char ivec[16], int *num, |
69 |
|
|
block128_f block) |
70 |
|
|
{ |
71 |
|
|
unsigned int n; |
72 |
|
|
size_t l=0; |
73 |
|
|
|
74 |
|
624 |
n = *num; |
75 |
|
|
|
76 |
|
|
#if !defined(OPENSSL_SMALL_FOOTPRINT) |
77 |
|
|
if (16%sizeof(size_t) == 0) do { /* always true actually */ |
78 |
✓✓ |
3720 |
while (n && len) { |
79 |
|
1548 |
*(out++) = *(in++) ^ ivec[n]; |
80 |
|
1548 |
--len; |
81 |
|
1548 |
n = (n+1) % 16; |
82 |
|
|
} |
83 |
|
|
#ifdef __STRICT_ALIGNMENT |
84 |
|
|
if (((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0) |
85 |
|
|
break; |
86 |
|
|
#endif |
87 |
✓✓ |
3168 |
while (len>=16) { |
88 |
|
1272 |
(*block)(ivec, ivec, key); |
89 |
✓✓ |
7632 |
for (; n<16; n+=sizeof(size_t)) |
90 |
|
2544 |
*(size_t*)(out+n) = |
91 |
|
2544 |
*(size_t*)(in+n) ^ *(size_t*)(ivec+n); |
92 |
|
1272 |
len -= 16; |
93 |
|
1272 |
out += 16; |
94 |
|
1272 |
in += 16; |
95 |
|
|
n = 0; |
96 |
|
|
} |
97 |
✓✓ |
312 |
if (len) { |
98 |
|
168 |
(*block)(ivec, ivec, key); |
99 |
✓✓ |
2184 |
while (len--) { |
100 |
|
924 |
out[n] = in[n] ^ ivec[n]; |
101 |
|
924 |
++n; |
102 |
|
|
} |
103 |
|
|
} |
104 |
|
312 |
*num = n; |
105 |
|
|
return; |
106 |
|
|
} while(0); |
107 |
|
|
/* the rest would be commonly eliminated by x86* compiler */ |
108 |
|
|
#endif |
109 |
|
|
while (l<len) { |
110 |
|
|
if (n==0) { |
111 |
|
|
(*block)(ivec, ivec, key); |
112 |
|
|
} |
113 |
|
|
out[l] = in[l] ^ ivec[n]; |
114 |
|
|
++l; |
115 |
|
|
n = (n+1) % 16; |
116 |
|
|
} |
117 |
|
|
|
118 |
|
|
*num=n; |
119 |
|
312 |
} |