walters-labs
diff --git a/‎include/cbc.h‎
Lines changed: 36 additions & 48 deletions b/‎include/cbc.h‎
Lines changed: 36 additions & 48 deletions
diff --git a/‎src/cbc.c‎
Lines changed: 67 additions & 30 deletions b/‎src/cbc.c‎
Lines changed: 67 additions & 30 deletions
@@ -1,23 +1,15 @@
 #ifndef CBC_H
 #define CBC_H
 
-#include <stdint.h>
 #include <stddef.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
+#include <stdint.h>
+#include "aes_wrapper.h"  // provides encrypt_block_fn and decrypt_block_fn
 
 #define AES_BLOCK 16
 
-/* encryption / decryption function types (adapter style):
- * encrypt_fn: encrypt one 16-byte block
- * decrypt_fn: decrypt one 16-byte block
- *
- * Both follow the pattern:
- *    void fn(const uint8_t in[16], uint8_t out[16], const void *ctx);
- * where ctx is a pointer to the AES context (round keys + sbox).
- */
+/* ===============================
+ *  Block function typedefs
+ * =============================== */
 typedef void (*encrypt_block_fn)(const uint8_t in[AES_BLOCK],
                                  uint8_t out[AES_BLOCK],
                                  const void *ctx);
@@ -26,38 +18,34 @@ typedef void (*decrypt_block_fn)(const uint8_t in[AES_BLOCK],
                                  uint8_t out[AES_BLOCK],
                                  const void *ctx);
 
-/* AES-CBC encrypt: pads with PKCS#7 to a multiple of 16 bytes.
- * - in: plaintext
- * - in_len: plaintext length
- * - out: buffer to receive ciphertext; must be at least ((in_len / 16) + 1) * 16 bytes
- * - out_len: pointer to store resulting ciphertext length
- * - iv: 16-byte initialization vector
- * - encrypt: block encrypt function
- * - ctx: pointer to AES context (round keys + sbox)
- */
-int aes_cbc_encrypt(const uint8_t *in, size_t in_len,
-                    uint8_t *out, size_t *out_len,
-                    const uint8_t iv[AES_BLOCK],
-                    encrypt_block_fn encrypt, const void *ctx);
-
-/* AES-CBC decrypt:
- * - in: ciphertext (multiple of 16 bytes)
- * - in_len: ciphertext length (must be multiple of 16)
- * - out: buffer to receive plaintext; must be at least in_len bytes
- * - out_len: pointer to store resulting plaintext length
- * - iv: 16-byte IV used during encryption
- * - decrypt: block decrypt function
- * - ctx: pointer to AES context
- *
- * Returns 0 on success, non-zero on failure (e.g., invalid padding).
- */
-int aes_cbc_decrypt(const uint8_t *in, size_t in_len,
-                    uint8_t *out, size_t *out_len,
-                    const uint8_t iv[AES_BLOCK],
-                    decrypt_block_fn decrypt, const void *ctx);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* CBC_H */
+/* ===============================
+ *  Unpadded CBC (raw block-wise)
+ * =============================== */
+int aes_cbc_encrypt_unpadded(const uint8_t *in, size_t in_len,
+                             uint8_t *out, size_t *out_len,
+                             const uint8_t iv[AES_BLOCK],
+                             encrypt_block_fn encrypt,
+                             const void *ctx);
+
+int aes_cbc_decrypt_unpadded(const uint8_t *in, size_t in_len,
+                             uint8_t *out, size_t *out_len,
+                             const uint8_t iv[AES_BLOCK],
+                             decrypt_block_fn decrypt,
+                             const void *ctx);
+
+/* ===============================
+ *  Padded CBC (PKCS#7)
+ * =============================== */
+int aes_cbc_encrypt_padded(const uint8_t *in, size_t in_len,
+                           uint8_t *out, size_t *out_len,
+                           const uint8_t iv[AES_BLOCK],
+                           encrypt_block_fn encrypt,
+                           const void *ctx);
+
+int aes_cbc_decrypt_padded(const uint8_t *in, size_t in_len,
+                           uint8_t *out, size_t *out_len,
+                           const uint8_t iv[AES_BLOCK],
+                           decrypt_block_fn decrypt,
+                           const void *ctx);
+
+#endif /* CBC_H */
@@ -3,7 +3,9 @@
 #include <string.h>
 #include <stdlib.h>
 
-/* XOR helper */
+/* ===============================
+ *  Helper
+ * =============================== */
 static inline void xor_block(uint8_t out[AES_BLOCK],
                              const uint8_t a[AES_BLOCK],
                              const uint8_t b[AES_BLOCK])
@@ -12,41 +14,38 @@ static inline void xor_block(uint8_t out[AES_BLOCK],
         out[i] = a[i] ^ b[i];
 }
 
-int aes_cbc_encrypt(const uint8_t *in, size_t in_len,
-                    uint8_t *out, size_t *out_len,
-                    const uint8_t iv[AES_BLOCK],
-                    encrypt_block_fn encrypt, const void *ctx)
+/* ===============================
+ *  Core CBC (unpadded)
+ * =============================== */
+int aes_cbc_encrypt_unpadded(const uint8_t *in, size_t in_len,
+                             uint8_t *out, size_t *out_len,
+                             const uint8_t iv[AES_BLOCK],
+                             encrypt_block_fn encrypt,
+                             const void *ctx)
 {
-    if (!out || !out_len || !iv || !encrypt) return -1;
-    if (!in && in_len > 0) return -1; // NULL only allowed if in_len==0
-    if (!in) in = (const uint8_t *)""; // empty input is valid
-
-    uint8_t *padded = NULL;
-    size_t padded_len = 0;
-    if (pkcs7_pad(in, in_len, AES_BLOCK, &padded, &padded_len) != PADDING_OK)
-        return -2;
+    if (!in || !out || !out_len || !iv || !encrypt) return -1;
+    if ((in_len % AES_BLOCK) != 0) return -2;
 
     uint8_t prev[AES_BLOCK];
     memcpy(prev, iv, AES_BLOCK);
 
-    for (size_t off = 0; off < padded_len; off += AES_BLOCK) {
+    for (size_t off = 0; off < in_len; off += AES_BLOCK) {
         uint8_t block[AES_BLOCK];
-        xor_block(block, padded + off, prev);
+        xor_block(block, in + off, prev);
         encrypt(block, out + off, ctx);
         memcpy(prev, out + off, AES_BLOCK);
     }
 
-    *out_len = padded_len;
+    *out_len = in_len;
     memset(prev, 0, AES_BLOCK);
-    memset(padded, 0, padded_len);
-    free(padded);
     return 0;
 }
 
-int aes_cbc_decrypt(const uint8_t *in, size_t in_len,
-                    uint8_t *out, size_t *out_len,
-                    const uint8_t iv[AES_BLOCK],
-                    decrypt_block_fn decrypt, const void *ctx)
+int aes_cbc_decrypt_unpadded(const uint8_t *in, size_t in_len,
+                             uint8_t *out, size_t *out_len,
+                             const uint8_t iv[AES_BLOCK],
+                             decrypt_block_fn decrypt,
+                             const void *ctx)
 {
     if (!in || !out || !out_len || !iv || !decrypt) return -1;
     if ((in_len % AES_BLOCK) != 0) return -2;
@@ -61,19 +60,57 @@ int aes_cbc_decrypt(const uint8_t *in, size_t in_len,
         memcpy(prev, in + off, AES_BLOCK);
     }
 
-    /* Unpad using reusable PKCS#7 function */
+    *out_len = in_len;
+    memset(prev, 0, AES_BLOCK);
+    return 0;
+}
+
+/* ===============================
+ *  CBC with PKCS#7 padding
+ * =============================== */
+int aes_cbc_encrypt_padded(const uint8_t *in, size_t in_len,
+                           uint8_t *out, size_t *out_len,
+                           const uint8_t iv[AES_BLOCK],
+                           encrypt_block_fn encrypt,
+                           const void *ctx)
+{
+    uint8_t *padded = NULL;
+    size_t padded_len = 0;
+
+    // Allow NULL input only if length is zero
+    const uint8_t *ptr = in_len > 0 ? in : (const uint8_t *)"\0";
+
+    if (pkcs7_pad(ptr, in_len, AES_BLOCK, &padded, &padded_len) != PADDING_OK)
+        return -1;
+
+    int ret = aes_cbc_encrypt_unpadded(padded, padded_len, out, out_len, iv, encrypt, ctx);
+
+    memset(padded, 0, padded_len);
+    free(padded);
+    return ret;
+}
+
+
+int aes_cbc_decrypt_padded(const uint8_t *in, size_t in_len,
+                           uint8_t *out, size_t *out_len,
+                           const uint8_t iv[AES_BLOCK],
+                           decrypt_block_fn decrypt,
+                           const void *ctx)
+{
+    if ((in_len % AES_BLOCK) != 0) return -1;
+
+    size_t tmp_len = 0;
+    int ret = aes_cbc_decrypt_unpadded(in, in_len, out, &tmp_len, iv, decrypt, ctx);
+    if (ret != 0) return ret;
+
     uint8_t *unpadded = NULL;
     size_t plain_len = 0;
-    if (pkcs7_unpad(out, in_len, AES_BLOCK, &unpadded, &plain_len) != PADDING_OK) {
-        memset(out, 0, in_len);
-        memset(prev, 0, AES_BLOCK);
-        return -3;
-    }
+    if (pkcs7_unpad(out, tmp_len, AES_BLOCK, &unpadded, &plain_len) != PADDING_OK)
+        return -2;
 
+    if (out_len) *out_len = plain_len;
     memcpy(out, unpadded, plain_len);
-    *out_len = plain_len;
     memset(unpadded, 0, plain_len);
     free(unpadded);
-    memset(prev, 0, AES_BLOCK);
     return 0;
 }