Chapter 2 Algorithm Info Types 193
AI_RC4WithMAC
Crypto-C procedures to use with algorithm object:
B_EncryptInit, B_EncryptUpdate, B_EncryptFinal, B_DecryptInit,
B_DecryptUpdate, and B_DecryptFinal. B_DecryptFinal returns BE_INPUT_DATA if the
MAC does not match. You may pass (
B_ALGORITHM_OBJ)NULL_PTR for all
randomAlgorithm
arguments.
Due to the nature of the RC4 algorithm, security is compromised if multiple data
blocks are encrypted with the same RC4 key. Therefore,
B_EncryptUpdate cannot be
called after
B_EncryptFinal. To begin an encryption operation for a new data block,
you must call
B_EncryptInit and supply a new key.
Algorithm methods to include in application’s algorithm chooser:
AM_RC4_WITH_MAC_ENCRYPT for encryption, or AM_RC4_WITH_MAC_DECRYPT for
decryption.
Key info types for keyObjec t in B_EncryptInit or B_DecryptInit:
KI_Item that gives the address and length of the RC4 key.
Compatible representation:
AI_RC4WithMAC_BER.
Output considerations:
The total number of output bytes from encryption will be
macLen
bytes more than the
input.
Token-based algorithm methods:
AI_RC4WithMAC may be used to access the hardware-related algorithm
methods
AM_TOKEN_RC4_ENCRYPT and AM_TOKEN_RC4_DECRYPT, for use with BHAPI.
Token-based key info types:
When used with one of the hardware algorithm methods listed above, AI_RC4WithMac
should be used with
KI_Token or KI_ExtendedToken.
