1238384Sjkim/* ====================================================================
2238384Sjkim * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
3238384Sjkim *
4238384Sjkim * Redistribution and use in source and binary forms, with or without
5238384Sjkim * modification, are permitted provided that the following conditions
6238384Sjkim * are met:
7238384Sjkim *
8238384Sjkim * 1. Redistributions of source code must retain the above copyright
9296341Sdelphij *    notice, this list of conditions and the following disclaimer.
10238384Sjkim *
11238384Sjkim * 2. Redistributions in binary form must reproduce the above copyright
12238384Sjkim *    notice, this list of conditions and the following disclaimer in
13238384Sjkim *    the documentation and/or other materials provided with the
14238384Sjkim *    distribution.
15238384Sjkim *
16238384Sjkim * 3. All advertising materials mentioning features or use of this
17238384Sjkim *    software must display the following acknowledgment:
18238384Sjkim *    "This product includes software developed by the OpenSSL Project
19238384Sjkim *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
20238384Sjkim *
21238384Sjkim * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
22238384Sjkim *    endorse or promote products derived from this software without
23238384Sjkim *    prior written permission. For written permission, please contact
24238384Sjkim *    openssl-core@openssl.org.
25238384Sjkim *
26238384Sjkim * 5. Products derived from this software may not be called "OpenSSL"
27238384Sjkim *    nor may "OpenSSL" appear in their names without prior written
28238384Sjkim *    permission of the OpenSSL Project.
29238384Sjkim *
30238384Sjkim * 6. Redistributions of any form whatsoever must retain the following
31238384Sjkim *    acknowledgment:
32238384Sjkim *    "This product includes software developed by the OpenSSL Project
33238384Sjkim *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
34238384Sjkim *
35238384Sjkim * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
36238384Sjkim * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
37238384Sjkim * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
38238384Sjkim * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
39238384Sjkim * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
40238384Sjkim * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
41238384Sjkim * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
42238384Sjkim * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
43238384Sjkim * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
44238384Sjkim * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
45238384Sjkim * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
46238384Sjkim * OF THE POSSIBILITY OF SUCH DAMAGE.
47238384Sjkim * ====================================================================
48238384Sjkim *
49238384Sjkim */
50238384Sjkim
51238384Sjkim#include <openssl/crypto.h>
52238384Sjkim#include "modes_lcl.h"
53238384Sjkim#include <string.h>
54238384Sjkim
55238384Sjkim#ifndef MODES_DEBUG
56238384Sjkim# ifndef NDEBUG
57238384Sjkim#  define NDEBUG
58238384Sjkim# endif
59238384Sjkim#endif
60238384Sjkim#include <assert.h>
61238384Sjkim
62238384Sjkim#ifndef STRICT_ALIGNMENT
63296341Sdelphij# define STRICT_ALIGNMENT 0
64238384Sjkim#endif
65238384Sjkim
66238384Sjkimvoid CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,
67296341Sdelphij                           size_t len, const void *key,
68296341Sdelphij                           unsigned char ivec[16], block128_f block)
69238384Sjkim{
70296341Sdelphij    size_t n;
71296341Sdelphij    const unsigned char *iv = ivec;
72238384Sjkim
73296341Sdelphij    assert(in && out && key && ivec);
74238384Sjkim
75238384Sjkim#if !defined(OPENSSL_SMALL_FOOTPRINT)
76296341Sdelphij    if (STRICT_ALIGNMENT &&
77296341Sdelphij        ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) {
78296341Sdelphij        while (len >= 16) {
79296341Sdelphij            for (n = 0; n < 16; ++n)
80296341Sdelphij                out[n] = in[n] ^ iv[n];
81296341Sdelphij            (*block) (out, out, key);
82296341Sdelphij            iv = out;
83296341Sdelphij            len -= 16;
84296341Sdelphij            in += 16;
85296341Sdelphij            out += 16;
86296341Sdelphij        }
87296341Sdelphij    } else {
88296341Sdelphij        while (len >= 16) {
89296341Sdelphij            for (n = 0; n < 16; n += sizeof(size_t))
90296341Sdelphij                *(size_t *)(out + n) =
91296341Sdelphij                    *(size_t *)(in + n) ^ *(size_t *)(iv + n);
92296341Sdelphij            (*block) (out, out, key);
93296341Sdelphij            iv = out;
94296341Sdelphij            len -= 16;
95296341Sdelphij            in += 16;
96296341Sdelphij            out += 16;
97296341Sdelphij        }
98296341Sdelphij    }
99238384Sjkim#endif
100296341Sdelphij    while (len) {
101296341Sdelphij        for (n = 0; n < 16 && n < len; ++n)
102296341Sdelphij            out[n] = in[n] ^ iv[n];
103296341Sdelphij        for (; n < 16; ++n)
104296341Sdelphij            out[n] = iv[n];
105296341Sdelphij        (*block) (out, out, key);
106296341Sdelphij        iv = out;
107296341Sdelphij        if (len <= 16)
108296341Sdelphij            break;
109296341Sdelphij        len -= 16;
110296341Sdelphij        in += 16;
111296341Sdelphij        out += 16;
112296341Sdelphij    }
113296341Sdelphij    memcpy(ivec, iv, 16);
114238384Sjkim}
115238384Sjkim
116238384Sjkimvoid CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,
117296341Sdelphij                           size_t len, const void *key,
118296341Sdelphij                           unsigned char ivec[16], block128_f block)
119238384Sjkim{
120296341Sdelphij    size_t n;
121296341Sdelphij    union {
122296341Sdelphij        size_t t[16 / sizeof(size_t)];
123296341Sdelphij        unsigned char c[16];
124296341Sdelphij    } tmp;
125238384Sjkim
126296341Sdelphij    assert(in && out && key && ivec);
127238384Sjkim
128238384Sjkim#if !defined(OPENSSL_SMALL_FOOTPRINT)
129296341Sdelphij    if (in != out) {
130296341Sdelphij        const unsigned char *iv = ivec;
131238384Sjkim
132296341Sdelphij        if (STRICT_ALIGNMENT &&
133296341Sdelphij            ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) {
134296341Sdelphij            while (len >= 16) {
135296341Sdelphij                (*block) (in, out, key);
136296341Sdelphij                for (n = 0; n < 16; ++n)
137296341Sdelphij                    out[n] ^= iv[n];
138296341Sdelphij                iv = in;
139296341Sdelphij                len -= 16;
140296341Sdelphij                in += 16;
141296341Sdelphij                out += 16;
142296341Sdelphij            }
143296341Sdelphij        } else if (16 % sizeof(size_t) == 0) { /* always true */
144296341Sdelphij            while (len >= 16) {
145296341Sdelphij                size_t *out_t = (size_t *)out, *iv_t = (size_t *)iv;
146264331Sjkim
147296341Sdelphij                (*block) (in, out, key);
148296341Sdelphij                for (n = 0; n < 16 / sizeof(size_t); n++)
149296341Sdelphij                    out_t[n] ^= iv_t[n];
150296341Sdelphij                iv = in;
151296341Sdelphij                len -= 16;
152296341Sdelphij                in += 16;
153296341Sdelphij                out += 16;
154296341Sdelphij            }
155296341Sdelphij        }
156296341Sdelphij        memcpy(ivec, iv, 16);
157296341Sdelphij    } else {
158296341Sdelphij        if (STRICT_ALIGNMENT &&
159296341Sdelphij            ((size_t)in | (size_t)out | (size_t)ivec) % sizeof(size_t) != 0) {
160296341Sdelphij            unsigned char c;
161296341Sdelphij            while (len >= 16) {
162296341Sdelphij                (*block) (in, tmp.c, key);
163296341Sdelphij                for (n = 0; n < 16; ++n) {
164296341Sdelphij                    c = in[n];
165296341Sdelphij                    out[n] = tmp.c[n] ^ ivec[n];
166296341Sdelphij                    ivec[n] = c;
167296341Sdelphij                }
168296341Sdelphij                len -= 16;
169296341Sdelphij                in += 16;
170296341Sdelphij                out += 16;
171296341Sdelphij            }
172296341Sdelphij        } else if (16 % sizeof(size_t) == 0) { /* always true */
173296341Sdelphij            while (len >= 16) {
174296341Sdelphij                size_t c, *out_t = (size_t *)out, *ivec_t = (size_t *)ivec;
175296341Sdelphij                const size_t *in_t = (const size_t *)in;
176264331Sjkim
177296341Sdelphij                (*block) (in, tmp.c, key);
178296341Sdelphij                for (n = 0; n < 16 / sizeof(size_t); n++) {
179296341Sdelphij                    c = in_t[n];
180296341Sdelphij                    out_t[n] = tmp.t[n] ^ ivec_t[n];
181296341Sdelphij                    ivec_t[n] = c;
182296341Sdelphij                }
183296341Sdelphij                len -= 16;
184296341Sdelphij                in += 16;
185296341Sdelphij                out += 16;
186296341Sdelphij            }
187296341Sdelphij        }
188296341Sdelphij    }
189238384Sjkim#endif
190296341Sdelphij    while (len) {
191296341Sdelphij        unsigned char c;
192296341Sdelphij        (*block) (in, tmp.c, key);
193296341Sdelphij        for (n = 0; n < 16 && n < len; ++n) {
194296341Sdelphij            c = in[n];
195296341Sdelphij            out[n] = tmp.c[n] ^ ivec[n];
196296341Sdelphij            ivec[n] = c;
197296341Sdelphij        }
198296341Sdelphij        if (len <= 16) {
199296341Sdelphij            for (; n < 16; ++n)
200296341Sdelphij                ivec[n] = in[n];
201296341Sdelphij            break;
202296341Sdelphij        }
203296341Sdelphij        len -= 16;
204296341Sdelphij        in += 16;
205296341Sdelphij        out += 16;
206296341Sdelphij    }
207238384Sjkim}
208