44 lines
1.8 KiB
Text
44 lines
1.8 KiB
Text
The RC4 library.
|
|
RC4 is a stream cipher that operates on a byte stream. It can be used with
|
|
any length key but I would recommend normally using 16 bytes.
|
|
|
|
This library requires the inclusion of 'rc4.h'.
|
|
|
|
The RC4 encryption function takes what is called an RC4_KEY as an argument.
|
|
The RC4_KEY is generated by the RC4_set_key function from the key bytes.
|
|
|
|
RC4, being a stream cipher, does not have an encryption or decryption mode.
|
|
It produces a stream of bytes that the input stream is xor'ed against and
|
|
so decryption is just a case of 'encrypting' again with the same key.
|
|
|
|
I have only put in one 'mode' for RC4 which is the normal one. This means
|
|
there is no initialisation vector and there is no feedback of the cipher
|
|
text into the cipher. This implies that you should not ever use the
|
|
same key twice if you can help it. If you do, you leave yourself open to
|
|
known plain text attacks; if you know the plain text and
|
|
corresponding cipher text in one message, all messages that used the same
|
|
key can have the cipher text decoded for the corresponding positions in the
|
|
cipher stream.
|
|
|
|
The main positive feature of RC4 is that it is a very fast cipher; about 4
|
|
times faster that DES. This makes it ideally suited to protocols where the
|
|
key is randomly chosen, like SSL.
|
|
|
|
The functions are as follows:
|
|
|
|
void RC4_set_key(
|
|
RC4_KEY *key;
|
|
int len;
|
|
unsigned char *data);
|
|
This function initialises the RC4_KEY structure with the key passed
|
|
in 'data', which is 'len' bytes long. The key data can be any
|
|
length but 16 bytes seems to be a good number.
|
|
|
|
void RC4(
|
|
RC4_KEY *key;
|
|
unsigned long len;
|
|
unsigned char *in;
|
|
unsigned char *out);
|
|
Do the actual RC4 encryption/decryption. Using the 'key', 'len'
|
|
bytes are transformed from 'in' to 'out'. As mentioned above,
|
|
decryption is the operation as encryption.
|