Uses mcrypt, if available, and an internal implementation, otherwise.
PHP versions 4 and 5
Useful resources are as follows:
- {@link http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt ARCFOUR Algorithm}
- {@link http://en.wikipedia.org/wiki/RC4 - Wikipedia: RC4}
RC4 is also known as ARCFOUR or ARC4. The reason is elaborated upon at Wikipedia. This class is named RC4 and not
ARCFOUR or ARC4 because RC4 is how it is refered to in the SSH1 specification.
Here's a short example of how to use this library:
setKey('abcdefgh');
$size = 10 * 1024;
$plaintext = '';
for ($i = 0; $i < $size; $i++) {
$plaintext.= 'a';
}
echo $rc4->decrypt($rc4->encrypt($plaintext));
?>
LICENSE: Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
Default Constructor. Determines whether or not the mcrypt extension should be used.
Return value
Type
Description
\Crypt_RC4
Tags
Name
Description
access
public
__destruct(
)
:
n/a
Description
Class destructor. Will be called, automatically, if you're using PHP5. If you're using PHP4, call it yourself. Only really
needs to be called if mcrypt is being used.
Return value
Type
Description
n/a
n/a
Tags
Name
Description
access
public
_closeMCrypt(
)
:
n/a
Description
Properly close the MCrypt objects.
Return value
Type
Description
n/a
n/a
Tags
Name
Description
access
prviate
_crypt(
String
$text,
Integer
$mode,
)
:
n/a
Description
Encrypts or decrypts a message.
Arguments
Name
Type
Description
Default
$text
String
$mode
Integer
Return value
Type
Description
n/a
n/a
Tags
Name
Description
see
see
access
private
decrypt(
String
$ciphertext,
)
:
n/a
Description
Decrypts a message. $this->decrypt($this->encrypt($plaintext)) == $this->encrypt($this->encrypt($plaintext)).
Atleast if the continuous buffer is disabled.
Arguments
Name
Type
Description
Default
$ciphertext
String
Return value
Type
Description
n/a
n/a
Tags
Name
Description
see
access
public
disableContinuousBuffer(
)
:
n/a
Description
Treat consecutive packets as if they are a discontinuous buffer. The default behavior.
Return value
Type
Description
n/a
n/a
Tags
Name
Description
see
access
public
disablePadding(
)
:
n/a
Description
Dummy function.
Return value
Type
Description
n/a
n/a
Tags
Name
Description
see
access
public
enableContinuousBuffer(
)
:
n/a
Description
Treat consecutive "packets" as if they are a continuous buffer. Say you have a 16-byte plaintext $plaintext. Using the default behavior, the two following code snippets
will yield different outputs:
echo $rc4->encrypt(substr($plaintext, 0, 8));
echo $rc4->encrypt(substr($plaintext, 8, 8));
echo $rc4->encrypt($plaintext);
The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates
another, as demonstrated with the following:
$rc4->encrypt(substr($plaintext, 0, 8));
echo $rc4->decrypt($des->encrypt(substr($plaintext, 8, 8)));
echo $rc4->decrypt($des->encrypt(substr($plaintext, 8, 8)));
With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different
outputs. The reason is due to the fact that the initialization vector's change after every encryption /
decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.
Put another way, when the continuous buffer is enabled, the state of the Crypt_DES() object changes after each
encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that
continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them),
however, they are also less intuitive and more likely to cause you problems.
Return value
Type
Description
n/a
n/a
Tags
Name
Description
see
access
public
enablePadding(
)
:
n/a
Description
Dummy function. Since RC4 is a stream cipher and not a block cipher, no padding is necessary. The only reason this function is
included is so that you can switch between a block cipher and a stream cipher transparently.
Return value
Type
Description
n/a
n/a
Tags
Name
Description
see
access
public
encrypt(
String
$plaintext,
)
:
n/a
Description
Encrypts a message.
Arguments
Name
Type
Description
Default
$plaintext
String
Return value
Type
Description
n/a
n/a
Tags
Name
Description
see
access
public
setIV(
String
$iv,
)
:
n/a
Description
Dummy function. Some protocols, such as WEP, prepend an "initialization vector" to the key, effectively creating a new key [1].
If you need to use an initialization vector in this manner, feel free to prepend it to the key, yourself, before
calling setKey().
[1] WEP's initialization vectors (IV's) are used in a somewhat insecure way. Since, in that protocol,
the IV's are relatively easy to predict, an attack described by
{@link http://www.drizzle.com/~aboba/IEEE/rc4_ksaproc.pdf Scott Fluhrer, Itsik Mantin, and Adi Shamir}
can be used to quickly guess at the rest of the key. The following links elaborate:
{@link http://www.rsa.com/rsalabs/node.asp?id=2009 http://www.rsa.com/rsalabs/node.asp?id=2009}
{@link http://en.wikipedia.org/wiki/Related_key_attack http://en.wikipedia.org/wiki/Related_key_attack}
Arguments
Name
Type
Description
Default
$iv
String
Return value
Type
Description
n/a
n/a
Tags
Name
Description
see
access
public
setKey(
String
$key,
)
:
n/a
Description
Sets the key. Keys can be between 1 and 256 bytes long. If they are longer then 256 bytes, the first 256 bytes will
be used. If no key is explicitly set, it'll be assumed to be a single null byte.