Block Ciphers

that, as specified in the Reference Manual entry for AI_RC6_CBCPad, this AI requires an initialized A_RC6_CBC_PARAMS structure, which is defined as follows:

typedef struct { unsigned int rounds; unsigned char *iv;

} A_RC6_CBC_PARAMS;

As mentioned previously, the number of rounds must be 20.

CBC mode requires an initialization vector, so assume that you have the following buffer containing arbitrary bytes to use as the IV. Note that this information must be made available to the entity which decrypts the message. The IV is not secret information and may be sent in the clear with the ciphertext.

#define BLOCK_SIZE 16

unsigned char initVector[BLOCK_SIZE];

Now fill in an A_RC6_CBC_PARAMS structure and call B_SetAlgorithmInfo. As noted previously, the only supported value for rc6Params.rounds is 20.

A_RC6_CBC_PARAMS rc6Params;

rc6Params.rounds = 20;

rc6Params.iv = (unsigned char *)initVector;

if ((status = B_SetAlgorithmInfo

(rc6Encrypter, AI_RC6_CBCPad, (POINTER)&rc6Params)) != 0)

break;

In this example, you can use AI_RC6_CBCPad for PKCS V#5 padding for simplicity. This AI automatically pads the message to be a multiple of the block size, so that you don't have to worry about the length of the data to encrypt.

Note: There is another AI, AI_RC6_CBC, which can be used to perform raw RC6 encryption. However, as is the case when doing raw encryption with any block cipher, the length of the data to encrypt must be a multiple of the block size. In the case of AI_RC6_CBC, the length of the data to encrypt must be a multiple of 16 bytes. These AIs for performing raw encryption are useful if you want to use your own padding scheme, instead of PKCS V#5.

C h a p t e r 6 S y m m e t r i c - K e y O p e r a t i o n s

1 9 7

Page 219
Image 219
RSA Security 5.2.2 manual #define Blocksize Unsigned char initVectorBLOCKSIZE