adding ofb- and ctr-mode

bcal-cbc.c

@@ -23,7 +23,7 @@
 #include "bcal-basic.h"
 #include "memxor.h"
 
-uint8_t bcal_cbc_init(const bcdesc_t* desc, const void* key, uint16_t keysize, bcal_cbc_ctx_t* ctx){
+uint8_t bcal_cbc_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_cbc_ctx_t* ctx){
 	ctx->desc = (bcdesc_t*)desc;
 	ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
 	ctx->prev_block = malloc(ctx->blocksize_B);
@@ -31,7 +31,7 @@ uint8_t bcal_cbc_init(const bcdesc_t* desc, const void* key, uint16_t keysize, b
 	if(ctx->prev_block==NULL){
 		return 0x11;
 	}
-	return bcal_cipher_init(desc, key, keysize, &(ctx->cctx));
+	return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
 }
 
 void bcal_cbc_free(bcal_cbc_ctx_t* ctx){
@@ -41,8 +41,10 @@ void bcal_cbc_free(bcal_cbc_ctx_t* ctx){
 
 
 void bcal_cbc_loadIV(const void* iv, bcal_cbc_ctx_t* ctx){
+	if(iv){
 		memcpy(ctx->prev_block, iv, ctx->blocksize_B);
 	}
+}
 
 void bcal_cbc_encNext(void* block, bcal_cbc_ctx_t* ctx){
 	memxor(block, ctx->prev_block, ctx->blocksize_B);

bcal-cbc.h

@@ -31,7 +31,7 @@ typedef struct{
 	uint8_t      blocksize_B;
 } bcal_cbc_ctx_t;
 
-uint8_t bcal_cbc_init(const bcdesc_t* desc, const void* key, uint16_t keysize, bcal_cbc_ctx_t* ctx);
+uint8_t bcal_cbc_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_cbc_ctx_t* ctx);
 void bcal_cbc_free(bcal_cbc_ctx_t* ctx);
 void bcal_cbc_loadIV(const void* iv, bcal_cbc_ctx_t* ctx);
 void bcal_cbc_encNext(void* block, bcal_cbc_ctx_t* ctx);

bcal-cfb_bit.c

@@ -40,7 +40,7 @@ static void write_bit(void* block, uint32_t index, uint8_t value){
 	}
 }
 
-uint8_t bcal_cfb_b_init(const bcdesc_t* desc, const void* key, uint16_t keysize, uint16_t size_b, bcal_cfb_b_ctx_t* ctx){
+uint8_t bcal_cfb_b_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, uint16_t size_b, bcal_cfb_b_ctx_t* ctx){
 	ctx->desc = (bcdesc_t*)desc;
 	ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
 	ctx->in_block=malloc(ctx->blocksize_B);
@@ -51,7 +51,7 @@ uint8_t bcal_cfb_b_init(const bcdesc_t* desc, const void* key, uint16_t keysize,
 		return 0x12;
 	}
 	ctx->size_b = size_b;
-	return bcal_cipher_init(desc, key, keysize, &(ctx->cctx));
+	return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
 }
 
 void bcal_cfb_b_free(bcal_cfb_b_ctx_t* ctx){
@@ -60,8 +60,10 @@ void bcal_cfb_b_free(bcal_cfb_b_ctx_t* ctx){
 }
 
 void bcal_cfb_b_loadIV(const void* iv, bcal_cfb_b_ctx_t* ctx){
+	if(iv){
 		memcpy(ctx->in_block, iv, ctx->blocksize_B);
 	}
+}
 
 void bcal_cfb_b_encNext(void* block, uint8_t offset, bcal_cfb_b_ctx_t* ctx){
 	uint8_t tmp[ctx->blocksize_B];

bcal-cfb_bit.h

@@ -17,6 +17,10 @@
     along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
+
+#ifndef BCALCFB_BIT_H_
+#define BCALCFB_BIT_H_
+
 #include <stdint.h>
 #include "bcal-basic.h"
 #include "blockcipher_descriptor.h"
@@ -31,7 +35,7 @@ typedef struct{
 } bcal_cfb_b_ctx_t;
 
 
-uint8_t bcal_cfb_b_init(const bcdesc_t* desc, const void* key, uint16_t keysize, uint16_t size_b, bcal_cfb_b_ctx_t* ctx);
+uint8_t bcal_cfb_b_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, uint16_t size_b, bcal_cfb_b_ctx_t* ctx);
 void bcal_cfb_b_free(bcal_cfb_b_ctx_t* ctx);
 void bcal_cfb_b_loadIV(const void* iv, bcal_cfb_b_ctx_t* ctx);
 void bcal_cfb_b_encNext(void* block, uint8_t offset, bcal_cfb_b_ctx_t* ctx);
@@ -39,3 +43,5 @@ void bcal_cfb_b_decNext(void* block, uint8_t offset, bcal_cfb_b_ctx_t* ctx);
 void bcal_cfb_b_encMsg(const void* iv, void* msg, uint8_t offset, uint32_t msg_blocks, bcal_cfb_b_ctx_t* ctx);
 void bcal_cfb_b_decMsg(const void* iv, void* msg, uint8_t offset, uint32_t msg_blocks, bcal_cfb_b_ctx_t* ctx);
 
+
+#endif /* BCALCFB_BIT_H_ */

bcal-cfb_byte.c

@@ -25,7 +25,7 @@
 #include "memxor.h"
 
 
-uint8_t bcal_cfb_B_init(const bcdesc_t* desc, const void* key, uint16_t keysize, uint16_t size_b, bcal_cfb_B_ctx_t* ctx){
+uint8_t bcal_cfb_B_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, uint16_t size_b, bcal_cfb_B_ctx_t* ctx){
 	ctx->desc = (bcdesc_t*)desc;
 	ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
 	ctx->in_block=malloc(ctx->blocksize_B);
@@ -36,7 +36,7 @@ uint8_t bcal_cfb_B_init(const bcdesc_t* desc, const void* key, uint16_t keysize,
 		return 0x12;
 	}
 	ctx->size_B = size_b/8;
-	return bcal_cipher_init(desc, key, keysize, &(ctx->cctx));
+	return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
 }
 
 void bcal_cfb_B_free(bcal_cfb_B_ctx_t* ctx){
@@ -45,8 +45,10 @@ void bcal_cfb_B_free(bcal_cfb_B_ctx_t* ctx){
 }
 
 void bcal_cfb_B_loadIV(const void* iv, bcal_cfb_B_ctx_t* ctx){
+	if(iv){
 		memcpy(ctx->in_block, iv, ctx->blocksize_B);
 	}
+}
 
 void bcal_cfb_B_encNext(void* block, bcal_cfb_B_ctx_t* ctx){
 	uint8_t tmp[ctx->blocksize_B];

bcal-cfb_byte.h

@@ -34,7 +34,7 @@ typedef struct{
 } bcal_cfb_B_ctx_t;
 
 
-uint8_t bcal_cfb_B_init(const bcdesc_t* desc, const void* key, uint16_t keysize, uint16_t size_b, bcal_cfb_B_ctx_t* ctx);
+uint8_t bcal_cfb_B_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, uint16_t size_b, bcal_cfb_B_ctx_t* ctx);
 void bcal_cfb_B_free(bcal_cfb_B_ctx_t* ctx);
 void bcal_cfb_B_loadIV(const void* iv, bcal_cfb_B_ctx_t* ctx);
 void bcal_cfb_B_encNext(void* block, bcal_cfb_B_ctx_t* ctx);

bcal-ctr.c

@@ -0,0 +1,95 @@
+/* bcal-ctr.c */
+/*
+    This file is part of the AVR-Crypto-Lib.
+    Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+
+#include <stdint.h>
+#include <string.h>
+#include "bcal-basic.h"
+#include "bcal-ctr.h"
+#include "memxor.h"
+
+static void increment_be(void* block, uint8_t size_B){
+	uint16_t c=1;
+	do{
+		--size_B;
+		c += ((uint8_t*)block)[size_B];
+		((uint8_t*)block)[size_B] = (uint8_t)c;
+		c>>=8;
+	}while(size_B);
+}
+
+uint8_t bcal_ctr_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, inc_fp_t inc_func, bcal_ctr_ctx_t* ctx){
+	ctx->desc = (bcdesc_t*)desc;
+	if(inc_func){
+		ctx->inc_func = inc_func;
+	}else{
+		ctx->inc_func = increment_be;
+	}
+	ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
+	ctx->in_block=malloc(ctx->blocksize_B);
+	if(ctx->in_block==NULL){
+			return 0x11;
+	}
+	return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
+}
+
+void bcal_ctr_free(bcal_ctr_ctx_t* ctx){
+	free(ctx->in_block);
+	bcal_cipher_free(&(ctx->cctx));
+}
+
+void bcal_ctr_loadIV(const void* iv, bcal_ctr_ctx_t* ctx){
+	if(iv){
+		memcpy(ctx->in_block, iv, ctx->blocksize_B);
+	}
+}
+
+void bcal_ctr_encNext(void* block, bcal_ctr_ctx_t* ctx){
+	uint8_t tmp[ctx->blocksize_B];
+	memcpy(tmp, ctx->in_block, ctx->blocksize_B);
+	bcal_cipher_enc(tmp, &(ctx->cctx));
+	memxor(block, tmp, ctx->blocksize_B);
+	ctx->inc_func(ctx->in_block, ctx->blocksize_B);
+}
+
+void bcal_ctr_decNext(void* block, bcal_ctr_ctx_t* ctx){
+	bcal_ctr_encNext(block, ctx);
+}
+
+void bcal_ctr_encMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ctr_ctx_t* ctx){
+	bcal_ctr_loadIV(iv, ctx);
+	uint16_t blocksize_b;
+	blocksize_b = ctx->blocksize_B*8;
+	while(msg_len_b>blocksize_b){
+		bcal_ctr_encNext(msg, ctx);
+		msg_len_b -= blocksize_b;
+		msg = (uint8_t*)msg + ctx->blocksize_B;
+	}
+	uint8_t tmp[ctx->blocksize_B];
+	memcpy(tmp, ctx->in_block, ctx->blocksize_B);
+	bcal_cipher_enc(tmp, &(ctx->cctx));
+	ctx->inc_func(ctx->in_block, ctx->blocksize_B);
+	tmp[msg_len_b/8] = 0xff00>>(msg_len_b&7);
+	memxor(msg, tmp, (msg_len_b+7)/8);
+}
+
+void bcal_ctr_decMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ctr_ctx_t* ctx){
+	bcal_ctr_encMsg(iv, msg, msg_len_b, ctx);
+}
+

bcal-ctr.h

@@ -0,0 +1,45 @@
+/* bcal-ctr.h */
+/*
+    This file is part of the AVR-Crypto-Lib.
+    Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef BCALCTR_H_
+#define BCALCTR_H_
+
+#include <stdint.h>
+#include "bcal-basic.h"
+#include "blockcipher_descriptor.h"
+
+typedef void(*inc_fp_t)(void* block, uint8_t size_B);
+
+typedef struct{
+	bcdesc_t*    desc;
+	bcgen_ctx_t  cctx;
+	uint8_t*     in_block;
+	inc_fp_t     inc_func;
+	uint8_t      blocksize_B;
+} bcal_ctr_ctx_t;
+
+uint8_t bcal_ctr_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, inc_fp_t inc_func, bcal_ctr_ctx_t* ctx);
+void bcal_ctr_free(bcal_ctr_ctx_t* ctx);
+void bcal_ctr_loadIV(const void* iv, bcal_ctr_ctx_t* ctx);
+void bcal_ctr_encNext(void* block, bcal_ctr_ctx_t* ctx);
+void bcal_ctr_decNext(void* block, bcal_ctr_ctx_t* ctx);
+void bcal_ctr_encMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ctr_ctx_t* ctx);
+void bcal_ctr_decMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ctr_ctx_t* ctx);
+
+#endif /* BCALCTR_H_ */

bcal-ofb.c

@@ -0,0 +1,76 @@
+/* bcal-ofb.c */
+/*
+    This file is part of the AVR-Crypto-Lib.
+    Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include <stdint.h>
+#include <string.h>
+#include "bcal-ofb.h"
+#include "bcal-basic.h"
+#include "memxor.h"
+
+
+uint8_t bcal_ofb_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_ofb_ctx_t* ctx){
+	ctx->desc = (bcdesc_t*)desc;
+	ctx->blocksize_B = (bcal_cipher_getBlocksize_b(desc)+7)/8;
+	ctx->in_block=malloc(ctx->blocksize_B);
+	if(ctx->in_block==NULL){
+			return 0x11;
+	}
+	return bcal_cipher_init(desc, key, keysize_b, &(ctx->cctx));
+}
+
+void bcal_ofb_free(bcal_ofb_ctx_t* ctx){
+	free(ctx->in_block);
+	bcal_cipher_free(&(ctx->cctx));
+}
+
+void bcal_ofb_loadIV(const void* iv, bcal_ofb_ctx_t* ctx){
+	if(iv){
+		memcpy(ctx->in_block, iv, ctx->blocksize_B);
+	}
+}
+
+void bcal_ofb_encNext(void* block, bcal_ofb_ctx_t* ctx){
+	bcal_cipher_enc(ctx->in_block , &(ctx->cctx));
+	memxor(block, ctx->in_block, ctx->blocksize_B);
+}
+
+void bcal_ofb_decNext(void* block, bcal_ofb_ctx_t* ctx){
+	bcal_cipher_enc(ctx->in_block , &(ctx->cctx));
+	memxor(block, ctx->in_block, ctx->blocksize_B);
+}
+
+
+void bcal_ofb_encMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ofb_ctx_t* ctx){
+	uint16_t block_len_b;
+	block_len_b = ctx->blocksize_B*8;
+	bcal_ofb_loadIV(iv, ctx);
+	while(msg_len_b>block_len_b){
+		bcal_ofb_encNext(msg, ctx);
+		msg_len_b -= block_len_b;
+		msg = (uint8_t*)msg + ctx->blocksize_B;
+	}
+	bcal_cipher_enc(ctx->in_block, &(ctx->cctx));
+	ctx->in_block[msg_len_b/8] = 0xff00>>(msg_len_b&7);
+	memxor(msg, ctx->in_block, (msg_len_b+7)/8);
+}
+
+void bcal_ofb_decMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ofb_ctx_t* ctx){
+	bcal_ofb_encMsg(iv, msg, msg_len_b, ctx);
+}
+

bcal-ofb.h

@@ -0,0 +1,46 @@
+/* bcal-ofb.h */
+/*
+    This file is part of the AVR-Crypto-Lib.
+    Copyright (C) 2010 Daniel Otte (daniel.otte@rub.de)
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+
+#ifndef BCALOFB_H_
+#define BCALOFB_H_
+
+#include <stdint.h>
+#include "bcal-basic.h"
+#include "blockcipher_descriptor.h"
+
+
+typedef struct{
+	bcdesc_t*    desc;
+	bcgen_ctx_t  cctx;
+	uint8_t*     in_block;
+	uint8_t      blocksize_B;
+} bcal_ofb_ctx_t;
+
+
+uint8_t bcal_ofb_init(const bcdesc_t* desc, const void* key, uint16_t keysize_b, bcal_ofb_ctx_t* ctx);
+void bcal_ofb_free(bcal_ofb_ctx_t* ctx);
+void bcal_ofb_loadIV(const void* iv, bcal_ofb_ctx_t* ctx);
+void bcal_ofb_encNext(void* block, bcal_ofb_ctx_t* ctx);
+void bcal_ofb_decNext(void* block, bcal_ofb_ctx_t* ctx);
+void bcal_ofb_encMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ofb_ctx_t* ctx);
+void bcal_ofb_decMsg(const void* iv, void* msg, uint32_t msg_len_b, bcal_ofb_ctx_t* ctx);
+
+
+#endif /* BCALOFB_H_ */

mkfiles/aes.mk

@@ -11,7 +11,7 @@ $(ALGO_NAME)_TEST_BIN := main-aes-test.o $(CLI_STD)  \
                          nessie_bc_test.o nessie_common.o performance_test.o memxor.o \
                          bcal_aes128.o bcal_aes192.o bcal_aes256.o bcal-basic.o bcal-cbc.o \
                          keysize_descriptor.o dump-asm.o dump-decl.o bcal-cfb_byte.o \
-                         bcal-cfb_bit.o
+                         bcal-cfb_bit.o bcal-ofb.o bcal-ctr.o
 $(ALGO_NAME)_NESSIE_TEST      := test nessie
 $(ALGO_NAME)_PERFORMANCE_TEST := performance
 

mkfiles/aes_c.mk

@@ -14,7 +14,7 @@ $(ALGO_NAME)_TEST_BIN := main-aes-test.o $(CLI_STD)  \
                          nessie_bc_test.o nessie_common.o performance_test.o memxor.o \
                          bcal_aes128.o bcal_aes192.o bcal_aes256.o bcal-basic.o bcal-cbc.o \
                          keysize_descriptor.o dump-asm.o dump-decl.o bcal-cfb_byte.o \
-                         bcal-cfb_bit.o
+                         bcal-cfb_bit.o bcal-ofb.o bcal-ctr.o
 $(ALGO_NAME)_NESSIE_TEST      := test nessie
 $(ALGO_NAME)_PERFORMANCE_TEST := performance
 

test_src/main-aes-test.c

@@ -39,6 +39,8 @@
 #include "bcal-cbc.h"
 #include "bcal-cfb_byte.h"
 #include "bcal-cfb_bit.h"
+#include "bcal-ofb.h"
+#include "bcal-ctr.h"
 
 #include <stdint.h>
 #include <string.h>
@@ -183,13 +185,24 @@ void testrun_testkey_aes(void){
 	testrun_testkey_aes256();
 }
 
-uint8_t modes_key[]   PROGMEM={ 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
+uint8_t modes_key[]   PROGMEM = {
-		                        0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
+		0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
+		0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
+		0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7,
+		0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4
 	};
-uint8_t modes_iv[]    PROGMEM={ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+uint8_t modes_iv[]    PROGMEM = {
+		0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
 		0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
     };
-uint8_t modes_plain[] PROGMEM={ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
+
+uint8_t modes_ctriv[] PROGMEM = {
+		0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
+		0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff
+	};
+
+uint8_t modes_plain[] PROGMEM = {
+		0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
 		0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,
 		/* --- */
 		0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c,
@@ -202,6 +215,7 @@ uint8_t modes_plain[] PROGMEM={ 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96,
 		0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10
     };
 
+
 void testrun_aes128_cbc(void){
 	uint8_t key[16];
 	uint8_t iv[16];
@@ -223,15 +237,15 @@ void testrun_aes128_cbc(void){
 	cli_putstr_P(PSTR("\r\n  IV:    "));
 	cli_hexdump(iv, 128/8);
 	cli_putstr_P(PSTR("\r\n  plaintext:"));
-	cli_hexdump_block(plain, 4*128/8, 4, 8);
+	cli_hexdump_block(plain, 4*128/8, 4, 16);
 	if(r)
 		return;
 	bcal_cbc_encMsg(iv, plain, 4, &ctx);
 	cli_putstr_P(PSTR("\r\n  ciphertext:  "));
-	cli_hexdump_block(plain, 4*128/8, 4, 8);
+	cli_hexdump_block(plain, 4*128/8, 4, 16);
 	bcal_cbc_decMsg(iv, plain, 4, &ctx);
 	cli_putstr_P(PSTR("\r\n  plaintext:   "));
-	cli_hexdump_block(plain, 4*128/8, 4, 8);
+	cli_hexdump_block(plain, 4*128/8, 4, 16);
 	bcal_cbc_free(&ctx);
 }
 
@@ -256,16 +270,16 @@ void testrun_aes128_cfb8(void){
 	cli_putstr_P(PSTR("\r\n  IV:    "));
 	cli_hexdump(iv, 128/8);
 	cli_putstr_P(PSTR("\r\n  plaintext:"));
-	cli_hexdump_block(plain, 4*128/8, 4, 8);
+	cli_hexdump_block(plain, 4*128/8, 4, 16);
 	if(r)
 		return;
 	bcal_cfb_B_encMsg(iv, plain, 64, &ctx);
 	cli_putstr_P(PSTR("\r\n  ciphertext:  "));
-	cli_hexdump_block(plain, 64, 4, 8);
+	cli_hexdump_block(plain, 64, 4, 16);
 
 	bcal_cfb_B_decMsg(iv, plain, 64, &ctx);
 	cli_putstr_P(PSTR("\r\n  plaintext:   "));
-	cli_hexdump_block(plain, 64, 4, 8);
+	cli_hexdump_block(plain, 64, 4, 16);
 
 	bcal_cfb_B_free(&ctx);
 
@@ -292,7 +306,7 @@ void testrun_aes128_cfb1(void){
 	cli_putstr_P(PSTR("\r\n  IV:    "));
 	cli_hexdump(iv, 128/8);
 	cli_putstr_P(PSTR("\r\n  plaintext:"));
-	cli_hexdump_block(plain, 2, 4, 8);
+	cli_hexdump_block(plain, 2, 4, 16);
 	if(r)
 		return;
 	uint8_t i, bit_offset, byte_offset;
@@ -307,7 +321,7 @@ void testrun_aes128_cfb1(void){
 		cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
 	}
 	cli_putstr_P(PSTR("\r\n  ciphertext:  "));
-	cli_hexdump_block(plain, 2, 4, 8);
+	cli_hexdump_block(plain, 2, 4, 16);
 
 	bcal_cfb_b_loadIV(iv, &ctx);
 	for(i=0; i<16; ++i){
@@ -320,20 +334,86 @@ void testrun_aes128_cfb1(void){
 		cli_putc((plain[byte_offset]&(1<<(7-bit_offset)))?'1':'0');
 	}
 	cli_putstr_P(PSTR("\r\n  plaintext:   "));
-	cli_hexdump_block(plain, 2, 4, 8);
+	cli_hexdump_block(plain, 2, 4, 16);
 
 
 	bcal_cfb_b_encMsg(iv, plain, 0, 64*8, &ctx);
 	cli_putstr_P(PSTR("\r\n  ciphertext:  "));
-	cli_hexdump_block(plain, 64, 4, 8);
+	cli_hexdump_block(plain, 64, 4, 16);
 
 	bcal_cfb_b_decMsg(iv, plain, 0, 64*8, &ctx);
 	cli_putstr_P(PSTR("\r\n  plaintext:   "));
-	cli_hexdump_block(plain, 64, 4, 8);
+	cli_hexdump_block(plain, 64, 4, 16);
 
 	bcal_cfb_b_free(&ctx);
-
 }
+
+void testrun_aes128_ofb(void){
+	uint8_t key[16];
+	uint8_t iv[16];
+	uint8_t plain[64];
+
+	bcal_ofb_ctx_t ctx;
+	uint8_t r;
+
+	memcpy_P(key,   modes_key,   16);
+	memcpy_P(iv,    modes_iv,    16);
+	memcpy_P(plain, modes_plain, 64);
+
+	cli_putstr_P(PSTR("\r\n** AES128-OFB-TEST **"));
+	r = bcal_ofb_init(&aes128_desc, key, 128, &ctx);
+	cli_putstr_P(PSTR("\r\n  init = 0x"));
+	cli_hexdump(&r, 1);
+	cli_putstr_P(PSTR("\r\n  key:   "));
+	cli_hexdump(key, 128/8);
+	cli_putstr_P(PSTR("\r\n  IV:    "));
+	cli_hexdump(iv, 128/8);
+	cli_putstr_P(PSTR("\r\n  plaintext:"));
+	cli_hexdump_block(plain, 4*128/8, 4, 16);
+	if(r)
+		return;
+	bcal_ofb_encMsg(iv, plain, 4*128, &ctx);
+	cli_putstr_P(PSTR("\r\n  ciphertext:  "));
+	cli_hexdump_block(plain, 4*128/8, 4, 16);
+	bcal_ofb_decMsg(iv, plain, 4*128, &ctx);
+	cli_putstr_P(PSTR("\r\n  plaintext:   "));
+	cli_hexdump_block(plain, 4*128/8, 4, 16);
+	bcal_ofb_free(&ctx);
+}
+
+void testrun_aes128_ctr(void){
+	uint8_t key[16];
+	uint8_t iv[16];
+	uint8_t plain[64];
+
+	bcal_ctr_ctx_t ctx;
+	uint8_t r;
+
+	memcpy_P(key,   modes_key,   16);
+	memcpy_P(iv,    modes_ctriv, 16);
+	memcpy_P(plain, modes_plain, 64);
+
+	cli_putstr_P(PSTR("\r\n** AES128-CTR-TEST **"));
+	r = bcal_ctr_init(&aes128_desc, key, 128, NULL, &ctx);
+	cli_putstr_P(PSTR("\r\n  init = 0x"));
+	cli_hexdump(&r, 1);
+	cli_putstr_P(PSTR("\r\n  key:   "));
+	cli_hexdump(key, 128/8);
+	cli_putstr_P(PSTR("\r\n  IV:    "));
+	cli_hexdump(iv, 128/8);
+	cli_putstr_P(PSTR("\r\n  plaintext:"));
+	cli_hexdump_block(plain, 4*128/8, 4, 16);
+	if(r)
+		return;
+	bcal_ctr_encMsg(iv, plain, 4*128, &ctx);
+	cli_putstr_P(PSTR("\r\n  ciphertext:  "));
+	cli_hexdump_block(plain, 4*128/8, 4, 16);
+	bcal_ctr_decMsg(iv, plain, 4*128, &ctx);
+	cli_putstr_P(PSTR("\r\n  plaintext:   "));
+	cli_hexdump_block(plain, 4*128/8, 4, 16);
+	bcal_ctr_free(&ctx);
+}
+
 /*****************************************************************************/
 
 void testrun_performance_aes128(void){
@@ -471,6 +551,8 @@ const char testkey_str[]     PROGMEM = "testkey";
 const char testcbc_str[]     PROGMEM = "testcbc";
 const char testcfb8_str[]    PROGMEM = "testcfb8";
 const char testcfb1_str[]    PROGMEM = "testcfb1";
+const char testofb_str[]     PROGMEM = "testofb";
+const char testctr_str[]     PROGMEM = "testctr";
 const char performance_str[] PROGMEM = "performance";
 const char dump_str[]        PROGMEM = "dump";
 const char echo_str[]        PROGMEM = "echo";
@@ -482,6 +564,8 @@ cmdlist_entry_t cmdlist[] PROGMEM = {
 	{ testcbc_str,     NULL, testrun_aes128_cbc},
 	{ testcfb8_str,    NULL, testrun_aes128_cfb8},
 	{ testcfb1_str,    NULL, testrun_aes128_cfb1},
+	{ testofb_str,     NULL, testrun_aes128_ofb},
+	{ testctr_str,     NULL, testrun_aes128_ctr},
 	{ performance_str, NULL, testrun_performance_aes},
 	{ dump_str,    (void*)1, (void_fpt)dump},
 	{ echo_str,    (void*)1, (void_fpt)echo_ctrl},