Chapter 6 Symmetric-Key Operations 197
Block Ciphers
that, as specified in the Reference Manual entry for AI_RC6_CBCPad, this AI requires an
initialized
A_RC6_CBC_PARAMS structure, which is defined as follows:
As mentioned previously, the number of rounds must be 20.
CBC mode requires an initialization vector, so assume that you have the following
buffer containing arbitrary bytes to use as the IV. Note that this information must be
made available to the entity which decrypts the message. The IV is not secret
information and may be sent in the clear with the ciphertext.
Now fill in an
A_RC6_CBC_PARAMS structure and call B_SetAlgorithmInfo. As noted
previously, the only supported value for
rc6Params.rounds
is 20.
In this example, you can use
AI_RC6_CBCPad for PKCS V#5 padding for simplicity.
This AI automatically pads the message to be a multiple of the block size, so that you
don't have to worry about the length of the data to encrypt.
Note: There is another AI,
AI_RC6_CBC, which can be used to perform raw RC6
encryption. However, as is the case when doing raw encryption with any
block cipher, the length of the data to encrypt must be a multiple of the block
size. In the case of
AI_RC6_CBC, the length of the data to encrypt must be a
multiple of 16 bytes. These AIs for performing raw encryption are useful if
you want to use your own padding scheme, instead of PKCS V#5.
typedef struct {
unsigned int rounds;
unsigned char *iv;
} A_RC6_CBC_PARAMS;
#define BLOCK_SIZE 16
unsigned char initVector[BLOCK_SIZE];
A_RC6_CBC_PARAMS rc6Params;
rc6Params.rounds = 20;
rc6Params.iv = (unsigned char *)initVector;
if ((status = B_SetAlgorithmInfo
(rc6Encrypter, AI_RC6_CBCPad, (POINTER)&rc6Params)) != 0)
break;
