Commit | Line | Data |
---|---|---|
d03ab969 | 1 | /* -*-c-*- |
d03ab969 | 2 | * |
3 | * The alleged RC4 stream cipher | |
4 | * | |
5 | * (c) 1999 Straylight/Edgeware | |
6 | */ | |
7 | ||
45c0fd36 | 8 | /*----- Licensing notice --------------------------------------------------* |
d03ab969 | 9 | * |
10 | * This file is part of Catacomb. | |
11 | * | |
12 | * Catacomb is free software; you can redistribute it and/or modify | |
13 | * it under the terms of the GNU Library General Public License as | |
14 | * published by the Free Software Foundation; either version 2 of the | |
15 | * License, or (at your option) any later version. | |
45c0fd36 | 16 | * |
d03ab969 | 17 | * Catacomb is distributed in the hope that it will be useful, |
18 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
19 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
20 | * GNU Library General Public License for more details. | |
45c0fd36 | 21 | * |
d03ab969 | 22 | * You should have received a copy of the GNU Library General Public |
23 | * License along with Catacomb; if not, write to the Free | |
24 | * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, | |
25 | * MA 02111-1307, USA. | |
26 | */ | |
27 | ||
d03ab969 | 28 | /*----- Notes on RC4 ------------------------------------------------------* |
29 | * | |
30 | * RC4 is a stream cipher desgigned by Ron Rivest. For a while RC4 was a | |
31 | * trade secret of RSA Data Security, Inc., but somehow source code for a | |
32 | * cipher which interworks with RC4 was posted to the Cypherpunks mailing | |
33 | * list. | |
e5f5b799 MW |
34 | * |
35 | * RC4 has some quite bad biases, and its use for cryptographic purposes is | |
36 | * no longer recommended. | |
d03ab969 | 37 | */ |
38 | ||
41f91aa3 | 39 | #ifndef CATACOMB_RC4_H |
40 | #define CATACOMB_RC4_H | |
d03ab969 | 41 | |
42 | #ifdef __cplusplus | |
43 | extern "C" { | |
44 | #endif | |
45 | ||
46 | /*----- Header files ------------------------------------------------------*/ | |
47 | ||
48 | #include <assert.h> | |
49 | ||
50 | #include <mLib/bits.h> | |
51 | ||
41f91aa3 | 52 | #ifndef CATACOMB_GCIPHER_H |
53 | # include "gcipher.h" | |
54 | #endif | |
55 | ||
56 | #ifndef CATACOMB_GRAND_H | |
57 | # include "grand.h" | |
58 | #endif | |
59 | ||
d03ab969 | 60 | /*----- Data structures ---------------------------------------------------*/ |
61 | ||
62 | typedef struct rc4_ctx { | |
63 | unsigned i, j; /* Indices into the @S@ table */ | |
64 | unsigned f; /* Flags word */ | |
65 | octet s[256]; /* The ever-changing @S@ table */ | |
66 | } rc4_ctx; | |
67 | ||
68 | #define RC4F_OPEN 1u | |
69 | ||
70 | /*----- Macros ------------------------------------------------------------*/ | |
71 | ||
72 | /* --- @RC4_OPEN@ --- * | |
73 | * | |
74 | * Arguments: @ctx@ = pointer to an RC4 context | |
75 | * @guts@ = code to perform within the RC4 context | |
76 | * | |
77 | * Use: Performs some code within an RC4 context. Some of the | |
78 | * parameters are extracted from the context and held in local | |
79 | * variables for speed. Multiple calls to @RC4_BYTE@ may be | |
80 | * made within the open context. A context must only be | |
81 | * opened once at a time. | |
82 | */ | |
83 | ||
84 | #define RC4_OPEN(ctx, guts) do { \ | |
85 | unsigned _rc4_i = (ctx)->i; \ | |
86 | unsigned _rc4_j = (ctx)->j; \ | |
87 | octet *_rc4_s = (ctx)->s; \ | |
88 | \ | |
89 | assert(((void)"RC4 context may only be opened once at a time", \ | |
90 | ((ctx)->f & RC4F_OPEN) == 0)); \ | |
91 | (ctx)->f |= RC4F_OPEN; \ | |
92 | \ | |
93 | guts \ | |
94 | \ | |
95 | (ctx)->f &= ~RC4F_OPEN; \ | |
96 | (ctx)->i = _rc4_i; \ | |
97 | (ctx)->j = _rc4_j; \ | |
98 | } while (0) | |
99 | ||
100 | /* --- @RC4_BYTE@ --- * | |
101 | * | |
102 | * Arguments: @x@ = output variable to set | |
103 | * | |
104 | * Use: Extracts an octet from the lexically innermost open RC4 | |
105 | * context and places it in the variable @x@. | |
106 | */ | |
107 | ||
108 | #define RC4_BYTE(x) do { \ | |
109 | unsigned _si, _sj; \ | |
110 | _rc4_i = (_rc4_i + 1) & 0xff; \ | |
111 | _si = _rc4_s[_rc4_i]; \ | |
112 | _rc4_j = (_rc4_j + _si) & 0xff; \ | |
113 | _sj = _rc4_s[_rc4_j]; \ | |
114 | _rc4_s[_rc4_i] = _sj; \ | |
115 | _rc4_s[_rc4_j] = _si; \ | |
116 | (x) = _rc4_s[(_si + _sj) & 0xff]; \ | |
117 | } while (0) | |
118 | ||
119 | /*----- Functions provided ------------------------------------------------*/ | |
120 | ||
030a2456 | 121 | /* --- @rc4_addkey@ --- * |
122 | * | |
123 | * Arguments: @rc4_ctx *ctx@ = pointer to context to key | |
124 | * @const void *k@ = pointer to key data to use | |
125 | * @size_t sz@ = size of the key data | |
126 | * | |
127 | * Returns: --- | |
128 | * | |
129 | * Use: Mixes key data with an RC4 context. The RC4 context is not | |
130 | * reset before mixing. This may be used to mix new key | |
131 | * material with an existing RC4 context. | |
132 | */ | |
133 | ||
134 | extern void rc4_addkey(rc4_ctx */*ctx*/, const void */*k*/, size_t /*sz*/); | |
135 | ||
d03ab969 | 136 | /* --- @rc4_init@ --- * |
137 | * | |
138 | * Arguments: @rc4_ctx *ctx@ = pointer to context to initialize | |
139 | * @const void *k@ = pointer to key data to use | |
140 | * @size_t sz@ = size of the key data | |
141 | * | |
142 | * Returns: --- | |
143 | * | |
144 | * Use: Initializes an RC4 context ready for use. | |
145 | */ | |
146 | ||
147 | extern void rc4_init(rc4_ctx */*ctx*/, const void */*k*/, size_t /*sz*/); | |
148 | ||
149 | /* --- @rc4_encrypt@ --- * | |
150 | * | |
151 | * Arguments: @rc4_ctx *ctx@ = pointer to context to use | |
152 | * @const void *src@ = pointer to the source block | |
153 | * @void *dest@ = pointer to the destination block | |
154 | * @size_t sz@ = size of the block | |
155 | * | |
156 | * Returns: --- | |
157 | * | |
158 | * Use: Encrypts or decrypts a block of data. The destination may | |
159 | * be null to just grind the generator around for a while. It's | |
160 | * recommended that you say `@rc4_encrypt(&ctx, 0, 0, 1024)@' | |
161 | * after initializing a new context, to prevent keystream | |
162 | * guessing attacks. The source may be null to just extract a | |
163 | * big lump of data from the generator. | |
164 | */ | |
165 | ||
166 | extern void rc4_encrypt(rc4_ctx */*ctx*/, | |
167 | const void */*src*/, void */*dest*/, | |
168 | size_t /*sz*/); | |
169 | ||
41f91aa3 | 170 | /*----- Generic cipher interface ------------------------------------------*/ |
171 | ||
030a2456 | 172 | #define RC4_KEYSZ 16 |
173 | extern const octet rc4_keysz[]; | |
174 | ||
41f91aa3 | 175 | extern const gccipher rc4; |
176 | ||
177 | /*----- Generic random number generator interface -------------------------*/ | |
178 | ||
179 | /* --- @rc4_rand@ --- * | |
180 | * | |
181 | * Arguments: @const void *k@ = pointer to key material | |
182 | * @size_t sz@ = size of key material | |
183 | * | |
184 | * Returns: Pointer to generic random number generator interface. | |
185 | * | |
a620b15e MW |
186 | * Use: Creates a random number interface wrapper around the RC4 |
187 | * stream cipher. | |
41f91aa3 | 188 | */ |
189 | ||
190 | extern grand *rc4_rand(const void */*k*/, size_t /*sz*/); | |
191 | ||
d03ab969 | 192 | /*----- That's all, folks -------------------------------------------------*/ |
193 | ||
194 | #ifdef __cplusplus | |
195 | } | |
196 | #endif | |
197 | ||
198 | #endif |