// Copyright 2009 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. // Package rc4 implements RC4 encryption, as defined in Bruce Schneier's // Applied Cryptography. package rc4 // BUG(agl): RC4 is in common use but has design weaknesses that make // it a poor choice for new protocols. import "strconv" // A Cipher is an instance of RC4 using a particular key. type Cipher struct { s [256]uint32 i, j uint8 } type KeySizeError int func (k KeySizeError) Error() string { return "crypto/rc4: invalid key size " + strconv.Itoa(int(k)) } // NewCipher creates and returns a new Cipher. The key argument should be the // RC4 key, at least 1 byte and at most 256 bytes. func NewCipher(key []byte) (*Cipher, error) { k := len(key) if k < 1 || k > 256 { return nil, KeySizeError(k) } var c Cipher for i := 0; i < 256; i++ { c.s[i] = uint32(i) } var j uint8 = 0 for i := 0; i < 256; i++ { j += uint8(c.s[i]) + key[i%k] c.s[i], c.s[j] = c.s[j], c.s[i] } return &c, nil } // Reset zeros the key data so that it will no longer appear in the // process's memory. func (c *Cipher) Reset() { for i := range c.s { c.s[i] = 0 } c.i, c.j = 0, 0 } // xorKeyStreamGeneric sets dst to the result of XORing src with the // key stream. Dst and src may be the same slice but otherwise should // not overlap. // // This is the pure Go version. rc4_{amd64,386,arm}* contain assembly // implementations. This is here for tests and to prevent bitrot. func (c *Cipher) xorKeyStreamGeneric(dst, src []byte) { i, j := c.i, c.j for k, v := range src { i += 1 j += uint8(c.s[i]) c.s[i], c.s[j] = c.s[j], c.s[i] dst[k] = v ^ uint8(c.s[uint8(c.s[i]+c.s[j])]) } c.i, c.j = i, j }