void RC2_set_key(key, len, data, bits)
RC2_KEY *ks;
int len, bits;
unsigned char *key;
void RC2_encrypt(data, key, encrypt)
unsigned long *data;
RC2_KEY *key;
int encrypt;
void RC2_ecb_encrypt(in, out, key, encrypt)
unsigned char *in, *out;
RC2_KEY *key;
int encrypt);
void RC2_cbc_encrypt(in, out, length, ks, ivec, encrypt)
unsigned char *in, *out;
long length;
RC2_KEY *ks;
unsigned char *ivec;
int encrypt;
void RC2_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt)
unsigned char *in, *out, *ivec;
long length;
RC2_KEY *schedule;
int *num, encrypt;
void RC2_ofb64_encrypt(in, out, length, schedule, ivec, num)
unsigned char *in, *out, *ivec;
long length;
RC2_KEY *schedule;
int *num;
typedef struct rc2_key_st
{
RC2_INT data[64];
} RC2_KEY;
This is an expanded form of the actual key.
RC2 is a symmetric block cipher that operates on 64 bit (8 byte) quantities. It uses a variable size key, but 128 bit (16 byte) key would normally be considered good. It can be used in all the modes that DES can be used. This library implements the ecb, cbc, cfb64, and ofb64 modes. For more information on these, see the DES encryption modes overview.
This library was implemented from an article posted to sci.crypt on 11-Feb-1996.
The algorithm is about the same speed as DES and IDEA. No weaknesses in it are known (if this is wrong, let me know!), but neither has it undergone the kind of intense scrutiny that e.g. DES has.
All functions that have input and output for arguments may be passed the same argument for both.
The value RC2_ENCRYPT is passed to specify encryption for the functions that require an encryption/decryption flag. RC2_DECRYPT is passed to specify decryption.
Note that triple-RC2 has not been implemented, but if you really feel that you need the security that a 384-bit key provides, you can follow the template of des_ecb3_encrypt and replace the des_encrypt() calls to RC2_encrypt. The same goes for triple-RC2 in the other modes.
RC2_set_key() converts a len-byte key into an RC2_KEY. A 'ks' is an expanded form of key which is used to perform actual encryption. It can be regenerated from the RC2 key so it only needs to be kept when encryption or decryption is about to occur. Don't save or pass around RC2_KEYs since they are CPU architecture dependent, keys are not.
RC2 is an interesting cipher in that it can be used with a variable length key. len is the number of bytes of key to be used as the key. A len of 16 is recomended. The bits argument is used by BSAFE to limit the number of bits used for the key. To use the key unmodified, set bits to 1024. This is what old versions of this RC2 library did (SSLeay 0.6.3). RSA's BSAFE library sets this parameter to be 128 if 128 bit keys are being used. So to be compatible with BSAFE, set it to 128; if you don't want to reduce RC2's key length, leave it at 1024.
To generate a password from a text string, you might use MD5 (or the first 16 bytes of SHA-1 output) to produce a 16 byte message digest that can then be passed directly to RC2_set_key().
For reading passwords, you can use des_read_pw_string().
RC2_encrypt() is the RC2 encryption function that gets called by just about every other RC2 routine in the library. You should not use this function except to implement modes of RC2. If you do use it you need to do char-to-long conversion beforehand and the reverse after, to make sure 'non-aligned' memory accesses do not occur. See the c2l and l2c routines in rc2_locl.h, for example of such routines. See the des_encrypt() man page for use of these routines in implementing various encryption modes from the underlying function.
data is a pointer to 2 unsigned longs and key is the RC2_KEY to use. Encryption or decryption is indicated by encrypt, which can have the values RC2_ENCRYPT or RC2_DECRYPT.
RC2_ecb_encrypt() (Electronic Code Book) encrypts/decrypts input into output using the key given by key. Encryption or decryption is indicated by encrypt, which can have the values RC2_ENCRYPT or RC2_DECRYPT. input and output must be pointers to 8-byte character arrays.
RC2_cbc_encrypt() (Cipher Block Chaining mode) encrypts/decrypts input into output using the key given by ks. Encryption or decryption is indicated by encrypt, which can have the values RC2_ENCRYPT or RC2_DECRYPT. input and output must be pointers to character arrays that are a multiple of 8 bytes in length, same length for both, given by the argument length. ivec is the initialization vector. This function updates ivec after each call so that it can be passed to the next call to RC2_cbc_encrypt().
RC2_cfb64_encrypt() (Cipher Feedback mode with 64-bit feedback) encrypts/decrypts input into output using the key given by schedule. Encryption or decryption is indicated by encrypt, which can have the values RC2_ENCRYPT or RC2_DECRYPT. input and output must be pointers to character arrays which can be of arbitrary length, given by the argument length. ivec is the initialisation vector. This function updates ivec after each call so that it can be passed to the next call to RC2_cfb64_encrypt(). num is also updated to indicate how many bytes of the initialization vector we have used.
RC2_ofb64_encrypt() (Output Feedback Mode with 64-bit feedback) encrypts/decrypts input into output using the key given by schedule. input and output must be pointers to character arrays which can be of arbitrary length, given by the argument length. ivec is the initialization vector. This function updates ivec after each call so that it can be passed to the next call to RC2_cfb64_encrypt(). num is also updated to indicate how many bytes of the initialization vector we have used.
For more information about the specific RC2 modes in this library (ecb, cbc, cfb and ofb), read the section entitled DES encryption modes overview. What is said about DES is directly applicable for RC2.