Block Ciphers

if (rc6KeyItem.data != NULL_PTR) {

T_memset (rc6KeyItem.data, 0, rc6KeyItem.len); T_free (rc6KeyItem.data);

rc6KeyItem.data = NULL_PTR; rc6KeyItem.len = 0;

}

To call B_EncryptInit, we also need an algorithm chooser. The Reference Manual entry for AI_RC6_CBCPad gives us the AMs necessary. Because you will use this chooser for decryption also, you should also include those AMs:

B_ALGORITHM_METHOD *RC6_CHOOSER[] = { &AM_RC6_CBC_ENCRYPT, &AM_RC6_CBC_DECRYPT, (B_ALGORITHM_METHOD *)NULL_PTR

};

Once you have passed in the key data and created the chooser, you are ready to make the call to B_EncryptInit:

if ((status = B_EncryptInit (rc6Encrypter, rc6Key, RC6_CHOOSER, (A_SURRENDER_CTX *)NULL_PTR)) != 0)

break;

Step 4: Update

Enter the data to encrypt through B_EncryptUpdate. From the Reference Manual Chapter 2 entry on AI_RC6_CBCPad you learn that you may pass (B_ALGORITHM_OBJ)NULL_PTR for all randomAlgorithm arguments. Assuming you have some input, call B_EncryptUpdate.

Remember that the RC6 cipher is a block cipher. The current version requires input that is a multiple of sixteen bytes. Because you are using AI_RC5_CBCPad, Crypto-C will pad to make the input a multiple of sixteen bytes. That means that the output buffer should be at least sixteen bytes larger than the input length.

The RC6 cipher is a fast algorithm, so it is reasonable to pass a properly cast NULL_PTR

C h a p t e r 6 S y m m e t r i c - K e y O p e r a t i o n s

1 9 9

Page 221
Image 221
RSA Security 5.2.2 manual Update, If rc6KeyItem.data != Nullptr