128-bit block cipher modes consolidation. As consolidated functions

#

# OpenSSL/crypto/modes/Makefile

#

DIR=	modes

TOP=	../..

CC=	cc

INCLUDES= -I.. -I$(TOP) -I../../include

CFLAG=-g

MAKEFILE=	Makefile

AR=		ar r

CFLAGS= $(INCLUDES) $(CFLAG)

GENERAL=Makefile

TEST=

APPS=

LIB=$(TOP)/libcrypto.a

LIBSRC= cbc128.c ctr128.c cfb128.c ofb128.c

LIBOBJ= cbc128.o ctr128.o cfb128.o ofb128.o

SRC= $(LIBSRC)

#EXHEADER= store.h str_compat.h

EXHEADER= modes.h

HEADER=	$(EXHEADER)

ALL=    $(GENERAL) $(SRC) $(HEADER)

top:

	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)

all:	lib

lib:	$(LIBOBJ)

	$(AR) $(LIB) $(LIBOBJ)

	$(RANLIB) $(LIB) || echo Never mind.

	@touch lib

files:

	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO

links:

	@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)

	@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)

	@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)

install:

	@[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...

	@headerlist="$(EXHEADER)"; for i in $$headerlist; \

	do  \

	(cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \

	chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \

	done;

tags:

	ctags $(SRC)

tests:

lint:

	lint -DLINT $(INCLUDES) $(SRC)>fluff

depend:

	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...

	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)

dclean:

	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new

	mv -f Makefile.new $(MAKEFILE)

clean:

	rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff

# DO NOT DELETE THIS LINE -- make depend depends on it.

cbc128.o: cbc128.c modes.h

cfb128.o: cfb128.c modes.h

ctr128.o: ctr128.c modes.h

ofb128.o: modes.h ofb128.c

/* ====================================================================

 * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 *

 * 1. Redistributions of source code must retain the above copyright

 *    notice, this list of conditions and the following disclaimer. 

 *

 * 2. Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in

 *    the documentation and/or other materials provided with the

 *    distribution.

 *

 * 3. All advertising materials mentioning features or use of this

 *    software must display the following acknowledgment:

 *    "This product includes software developed by the OpenSSL Project

 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"

 *

 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

 *    endorse or promote products derived from this software without

 *    prior written permission. For written permission, please contact

 *    openssl-core@openssl.org.

 *

 * 5. Products derived from this software may not be called "OpenSSL"

 *    nor may "OpenSSL" appear in their names without prior written

 *    permission of the OpenSSL Project.

 *

 * 6. Redistributions of any form whatsoever must retain the following

 *    acknowledgment:

 *    "This product includes software developed by the OpenSSL Project

 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"

 *

 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

 * OF THE POSSIBILITY OF SUCH DAMAGE.

 * ====================================================================

 *

 */

#include <stddef.h>

#include <string.h>

#ifndef MODES_DEBUG

# ifndef NDEBUG

#  define NDEBUG

# endif

#endif

#include <assert.h>

#include "modes.h"

#define STRICT_ALIGNMENT 1

#if defined(__i386) || defined(__i386__) || \

    defined(__x86_64) || defined(__x86_64__) || \

    defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \

    defined(__s390__) || defined(__s390x__)

#  undef STRICT_ALIGNMENT

#  define STRICT_ALIGNMENT 0

#endif

void CRYPTO_cbc128_encrypt(const unsigned char *in, unsigned char *out,

			size_t len, const void *key,

			unsigned char ivec[16], block_f block)

{

	size_t n;

	const unsigned char *iv = ivec;

	assert(in && out && key && ivec);

#if !defined(OPENSSL_SMALL_FOOTPRINT)

	if (STRICT_ALIGNMENT &&

	    ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0) {

		while (len>=16) {

			for(n=0; n<16; ++n)

				out[n] = in[n] ^ iv[n];

			(*block)(out, out, key);

			iv = out;

			len -= 16;

			in  += 16;

			out += 16;

		}

	} else {

		while (len>=16) {

			for(n=0; n<16; n+=sizeof(size_t))

				*(size_t*)(out+n) =

				*(size_t*)(in+n) ^ *(size_t*)(iv+n);

			(*block)(out, out, key);

			iv = out;

			len -= 16;

			in  += 16;

			out += 16;

		}

	}

#endif

	while (len) {

		for(n=0; n<16 && n<len; ++n)

			out[n] = in[n] ^ iv[n];

		for(; n<16; ++n)

			out[n] = iv[n];

		(*block)(out, out, key);

		iv = out;

		if (len<=16) break;

		len -= 16;

		in  += 16;

		out += 16;

	}

	memcpy(ivec,iv,16);

}

void CRYPTO_cbc128_decrypt(const unsigned char *in, unsigned char *out,

			size_t len, const void *key,

			unsigned char ivec[16], block_f block)

{

	size_t n;

	union { size_t align; unsigned char c[16]; } tmp;

	assert(in && out && key && ivec);

#if !defined(OPENSSL_SMALL_FOOTPRINT)

	if (in != out) {

		const unsigned char *iv = ivec;

		if (STRICT_ALIGNMENT &&

		    ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0) {

			while (len>=16) {

				(*block)(in, out, key);

				for(n=0; n<16; ++n)

					out[n] ^= iv[n];

				iv = in;

				len -= 16;

				in  += 16;

				out += 16;

			}

		}

		else {

			while (len>=16) {

				(*block)(in, out, key);

				for(n=0; n<16; n+=sizeof(size_t))

					*(size_t *)(out+n) ^= *(size_t *)(iv+n);

				iv = in;

				len -= 16;

				in  += 16;

				out += 16;

			}

		}

		memcpy(ivec,iv,16);

	} else {

		if (STRICT_ALIGNMENT &&

		    ((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0) {

			unsigned char c;

			while (len>=16) {

				(*block)(in, tmp.c, key);

				for(n=0; n<16; ++n) {

					c = in[n];

					out[n] = tmp.c[n] ^ ivec[n];

					ivec[n] = c;

				}

				len -= 16;

				in  += 16;

				out += 16;

			}

		}

		else {

			size_t c;

			while (len>=16) {

				(*block)(in, tmp.c, key);

				for(n=0; n<16; n+=sizeof(size_t)) {

					c = *(size_t *)(in+n);

					*(size_t *)(out+n) =

					*(size_t *)(tmp.c+n) ^ *(size_t *)(ivec+n);

					*(size_t *)(ivec+n) = c;

				}

				len -= 16;

				in  += 16;

				out += 16;

			}

		}

	}

#endif

	while (len) {

		unsigned char c;

		(*block)(in, tmp.c, key);

		for(n=0; n<16 && n<len; ++n) {

			c = in[n];

			out[n] = tmp.c[n] ^ ivec[n];

			ivec[n] = c;

		}

		if (len<=16) {

			for (; n<16; ++n)

				ivec[n] = in[n];

			break;

		}

		len -= 16;

		in  += 16;

		out += 16;

	}

}

/* ====================================================================

 * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 *

 * 1. Redistributions of source code must retain the above copyright

 *    notice, this list of conditions and the following disclaimer. 

 *

 * 2. Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in

 *    the documentation and/or other materials provided with the

 *    distribution.

 *

 * 3. All advertising materials mentioning features or use of this

 *    software must display the following acknowledgment:

 *    "This product includes software developed by the OpenSSL Project

 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"

 *

 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

 *    endorse or promote products derived from this software without

 *    prior written permission. For written permission, please contact

 *    openssl-core@openssl.org.

 *

 * 5. Products derived from this software may not be called "OpenSSL"

 *    nor may "OpenSSL" appear in their names without prior written

 *    permission of the OpenSSL Project.

 *

 * 6. Redistributions of any form whatsoever must retain the following

 *    acknowledgment:

 *    "This product includes software developed by the OpenSSL Project

 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"

 *

 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

 * OF THE POSSIBILITY OF SUCH DAMAGE.

 * ====================================================================

 *

 */

#include <stddef.h>

#include <string.h>

#ifndef MODES_DEBUG

# ifndef NDEBUG

#  define NDEBUG

# endif

#endif

#include <assert.h>

#include "modes.h"

#define STRICT_ALIGNMENT

#if defined(__i386) || defined(__i386__) || \

    defined(__x86_64) || defined(__x86_64__) || \

    defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \

    defined(__s390__) || defined(__s390x__)

#  undef STRICT_ALIGNMENT

#endif

/* The input and output encrypted as though 128bit cfb mode is being

 * used.  The extra state information to record how much of the

 * 128bit block we have used is contained in *num;

 */

void CRYPTO_cfb128_encrypt(const unsigned char *in, unsigned char *out,

			size_t len, const void *key,

			unsigned char ivec[16], int *num,

			int enc, block_f block)

{

    unsigned int n;

    size_t l = 0;

    assert(in && out && key && ivec && num);

    n = *num;

    if (enc) {

#if !defined(OPENSSL_SMALL_FOOTPRINT)

	if (16%sizeof(size_t) == 0) do {	/* always true actually */

		while (n && len) {

			*(out++) = ivec[n] ^= *(in++);

			--len;

			n = (n+1) % 16;

		}

#if defined(STRICT_ALIGNMENT)

		if (((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0)

			break;

#endif

		while (len>=16) {

			(*block)(ivec, ivec, key);

			for (n=0; n<16; n+=sizeof(size_t)) {

				*(size_t*)(out+n) =

				*(size_t*)(ivec+n) ^= *(size_t*)(in+n);

			}

			len -= 16;

			out += 16;

			in  += 16;

		}

		n = 0;

		if (len) {

			(*block)(ivec, ivec, key);

			while (len--) {

				out[n] = ivec[n] ^= in[n];

				++n;

			}

		}

		*num = n;

		return;

	} while (0);

	/* the rest would be commonly eliminated by x86* compiler */

#endif

	while (l<len) {

		if (n == 0) {

			(*block)(ivec, ivec, key);

		}

		out[l] = ivec[n] ^= in[l];

		++l;

		n = (n+1) % 16;

	}

	*num = n;

    } else {

#if !defined(OPENSSL_SMALL_FOOTPRINT)

	if (16%sizeof(size_t) == 0) do {	/* always true actually */

		while (n && len) {

			unsigned char c;

			*(out++) = ivec[n] ^ (c = *(in++)); ivec[n] = c;

			--len;

			n = (n+1) % 16;

 		}

#if defined(STRICT_ALIGNMENT)

		if (((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0)

			break;

#endif

		while (len>=16) {

			(*block)(ivec, ivec, key);

			for (n=0; n<16; n+=sizeof(size_t)) {

				size_t t = *(size_t*)(in+n);

				*(size_t*)(out+n) = *(size_t*)(ivec+n) ^ t;

				*(size_t*)(ivec+n) = t;

			}

			len -= 16;

			out += 16;

			in  += 16;

		}

		n = 0;

		if (len) {

			(*block)(ivec, ivec, key);

			while (len--) {

				unsigned char c;

				out[n] = ivec[n] ^ (c = in[n]); ivec[n] = c;

				++n;

			}

 		}

		*num = n;

		return;

	} while (0);

	/* the rest would be commonly eliminated by x86* compiler */

#endif

	while (l<len) {

		unsigned char c;

		if (n == 0) {

			(*block)(ivec, ivec, key);

		}

		out[l] = ivec[n] ^ (c = in[l]); ivec[n] = c;

		++l;

		n = (n+1) % 16;

	}

	*num=n;

    }

}

/* This expects a single block of size nbits for both in and out. Note that

   it corrupts any extra bits in the last byte of out */

static void cfbr_encrypt_block(const unsigned char *in,unsigned char *out,

			    int nbits,const void *key,

			    unsigned char ivec[16],int enc,

			    block_f block)

{

    int n,rem,num;

    unsigned char ovec[16*2 + 1];  /* +1 because we dererefence (but don't use) one byte off the end */

    if (nbits<=0 || nbits>128) return;

	/* fill in the first half of the new IV with the current IV */

	memcpy(ovec,ivec,16);

	/* construct the new IV */

	(*block)(ivec,ivec,key);

	num = (nbits+7)/8;

	if (enc)	/* encrypt the input */

	    for(n=0 ; n < num ; ++n)

		out[n] = (ovec[16+n] = in[n] ^ ivec[n]);

	else		/* decrypt the input */

	    for(n=0 ; n < num ; ++n)

		out[n] = (ovec[16+n] = in[n]) ^ ivec[n];

	/* shift ovec left... */

	rem = nbits%8;

	num = nbits/8;

	if(rem==0)

	    memcpy(ivec,ovec+num,16);

	else

	    for(n=0 ; n < 16 ; ++n)

		ivec[n] = ovec[n+num]<<rem | ovec[n+num+1]>>(8-rem);

    /* it is not necessary to cleanse ovec, since the IV is not secret */

}

/* N.B. This expects the input to be packed, MS bit first */

void CRYPTO_cfb128_1_encrypt(const unsigned char *in, unsigned char *out,

		 	size_t bits, const void *key,

			unsigned char ivec[16], int *num,

			int enc, block_f block)

{

    size_t n;

    unsigned char c[1],d[1];

    assert(in && out && key && ivec && num);

    assert(*num == 0);

    memset(out,0,(bits+7)/8);

    for(n=0 ; n<bits ; ++n)

	{

	c[0]=(in[n/8]&(1 << (7-n%8))) ? 0x80 : 0;

	cfbr_encrypt_block(c,d,1,key,ivec,enc,block);

	out[n/8]=(out[n/8]&~(1 << (7-n%8)))|((d[0]&0x80) >> (n%8));

	}

}

void CRYPTO_cfb128_8_encrypt(const unsigned char *in, unsigned char *out,

			size_t length, const void *key,

			unsigned char ivec[16], int *num,

			int enc, block_f block)

{

    size_t n;

    assert(in && out && key && ivec && num);

    assert(*num == 0);

    for(n=0 ; n<length ; ++n)

	cfbr_encrypt_block(&in[n],&out[n],8,key,ivec,enc,block);

}

/* ====================================================================

 * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.

 *

 * Redistribution and use in source and binary forms, with or without

 * modification, are permitted provided that the following conditions

 * are met:

 *

 * 1. Redistributions of source code must retain the above copyright

 *    notice, this list of conditions and the following disclaimer. 

 *

 * 2. Redistributions in binary form must reproduce the above copyright

 *    notice, this list of conditions and the following disclaimer in

 *    the documentation and/or other materials provided with the

 *    distribution.

 *

 * 3. All advertising materials mentioning features or use of this

 *    software must display the following acknowledgment:

 *    "This product includes software developed by the OpenSSL Project

 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"

 *

 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

 *    endorse or promote products derived from this software without

 *    prior written permission. For written permission, please contact

 *    openssl-core@openssl.org.

 *

 * 5. Products derived from this software may not be called "OpenSSL"

 *    nor may "OpenSSL" appear in their names without prior written

 *    permission of the OpenSSL Project.

 *

 * 6. Redistributions of any form whatsoever must retain the following

 *    acknowledgment:

 *    "This product includes software developed by the OpenSSL Project

 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"

 *

 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR

 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

 * OF THE POSSIBILITY OF SUCH DAMAGE.

 * ====================================================================

 *

 */

#include <stddef.h>

#include <string.h>

#ifndef MODES_DEBUG

# ifndef NDEBUG

#  define NDEBUG

# endif

#endif

#include <assert.h>

#include "modes.h"

typedef unsigned int u32;

typedef unsigned char u8;

# define GETU32(pt) (((u32)(pt)[0] << 24) ^ ((u32)(pt)[1] << 16) ^ ((u32)(pt)[2] <<  8) ^ ((u32)(pt)[3]))

# define PUTU32(ct, st) { (ct)[0] = (u8)((st) >> 24); (ct)[1] = (u8)((st) >> 16); (ct)[2] = (u8)((st) >>  8); (ct)[3] = (u8)(st); }

#define STRICT_ALIGNMENT

#if defined(__i386) || defined(__i386__) || \

    defined(__x86_64) || defined(__x86_64__) || \

    defined(_M_IX86) || defined(_M_AMD64) || defined(_M_X64) || \

    defined(__s390__) || defined(__s390x__)

#  undef STRICT_ALIGNMENT

#endif

/* NOTE: the IV/counter CTR mode is big-endian.  The code itself

 * is endian-neutral. */

/* increment counter (128-bit int) by 1 */

static void ctr128_inc(unsigned char *counter) {

	u32 c,n=16;

	do {

		n -= 4;

		c = GETU32(counter+n);

		++c;	c &= 0xFFFFFFFF;

		PUTU32(counter + n, c);

		if (c) return;

	} while (n);

}

#if !defined(OPENSSL_SMALL_FOORPRINT)

static void ctr128_inc_aligned(unsigned char *counter) {

	size_t *data,c,n;

	const union { long one; char little; } is_endian = {1};

	if (is_endian.little) {

		ctr128_inc(counter);

		return;

	}

	data = (size_t *)counter;

	n = 16/sizeof(size_t);

	do {

		--n;

		c = data[n];

		++c;

		data[n] = c;

		if (c) return;

	} while (n);

}

#endif

/* The input encrypted as though 128bit counter mode is being

 * used.  The extra state information to record how much of the

 * 128bit block we have used is contained in *num, and the

 * encrypted counter is kept in ecount_buf.  Both *num and

 * ecount_buf must be initialised with zeros before the first

 * call to CRYPTO_ctr128_encrypt().

 *

 * This algorithm assumes that the counter is in the x lower bits

 * of the IV (ivec), and that the application has full control over

 * overflow and the rest of the IV.  This implementation takes NO

 * responsability for checking that the counter doesn't overflow

 * into the rest of the IV when incremented.

 */

void CRYPTO_ctr128_encrypt(const unsigned char *in, unsigned char *out,

			size_t len, const void *key,

			unsigned char ivec[16], unsigned char ecount_buf[16],

			unsigned int *num, block_f block)

{

	unsigned int n;

	size_t l=0;

	assert(in && out && key && ecount_buf && num);

	assert(*num < 16);

	n = *num;

#if !defined(OPENSSL_SMALL_FOOTPRINT)

	if (16%sizeof(size_t) == 0) do { /* always true actually */

		while (n && len) {

			*(out++) = *(in++) ^ ecount_buf[n];

			--len;

			n = (n+1) % 16;

		}

#if defined(STRICT_ALIGNMENT)

		if (((size_t)in|(size_t)out|(size_t)ivec)%sizeof(size_t) != 0)

			break;

#endif

		while (len>=16) {