Use RC4-drop, not RC4

[vbig.git] / vbig.cc

diff --git a/vbig.cc b/vbig.cc
index 47f314db82ea55ead29b5c710185ffd645473baa..1823dd316aaacba1cc7d1efb7bea0d6d4e300e29 100644 (file)
--- a/vbig.cc
+++ b/vbig.cc
@@ -61,7 +61,6 @@ static void help(void) {
 
 // Possible modes of operation
 enum mode_type {
-  NONE,
   VERIFY,
   CREATE,
   BOTH
@@ -118,7 +117,7 @@ static bool flush = false;
 static long long size;
 
 int main(int argc, char **argv) {
-  mode_type mode = NONE;
+  mode_type mode = BOTH;
   int n;
   while((n = getopt_long(argc, argv, "+s:vcefhV", opts, 0)) >= 0) {
     switch(n) {
@@ -136,8 +135,6 @@ int main(int argc, char **argv) {
   }
   argc -= optind;
   argv += optind;
-  if(mode == NONE)
-    fatal(0, "must specify one of --verify or --create");
   if(argc > 2)
     fatal(0, "excess arguments");
   if(argc == 1 && mode == BOTH)
@@ -195,6 +192,9 @@ static long long execute(mode_type mode, bool entire, const char *show) {
     setvbuf(fp, 0, _IONBF, 0);
   char generated[4096], input[4096];
   long long remain = size;
+  static const size_t rc4drop = 3072; // en.wikipedia.org/wiki/RC4#Security
+  assert(rc4drop <= sizeof(generated));
+  rng.stream(generated, rc4drop);
   while(remain > 0) {
     size_t bytesGenerated = (remain > (ssize_t)sizeof generated
                              ? sizeof generated