/usr/share/perl5/Crypt/RC4.pm is in libcrypt-rc4-perl 2.02-2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 | #--------------------------------------------------------------------#
# Crypt::RC4
# Date Written: 07-Jun-2000 04:15:55 PM
# Last Modified: 13-Dec-2001 03:33:49 PM
# Author: Kurt Kincaid (sifukurt@yahoo.com)
# Copyright (c) 2001, Kurt Kincaid
# All Rights Reserved.
#
# This is free software and may be modified and/or
# redistributed under the same terms as Perl itself.
#--------------------------------------------------------------------#
package Crypt::RC4;
use strict;
use vars qw( $VERSION @ISA @EXPORT $MAX_CHUNK_SIZE );
$MAX_CHUNK_SIZE = 1024 unless $MAX_CHUNK_SIZE;
require Exporter;
@ISA = qw(Exporter);
@EXPORT = qw(RC4);
$VERSION = '2.02';
sub new {
my ( $class, $key ) = @_;
my $self = bless {}, $class;
$self->{state} = Setup( $key );
$self->{x} = 0;
$self->{y} = 0;
$self;
}
sub RC4 {
my $self;
my( @state, $x, $y );
if ( ref $_[0] ) {
$self = shift;
@state = @{ $self->{state} };
$x = $self->{x};
$y = $self->{y};
} else {
@state = Setup( shift );
$x = $y = 0;
}
my $message = shift;
my $num_pieces = do {
my $num = length($message) / $MAX_CHUNK_SIZE;
my $int = int $num;
$int == $num ? $int : $int+1;
};
for my $piece ( 0..$num_pieces - 1 ) {
my @message = unpack "C*", substr($message, $piece * $MAX_CHUNK_SIZE, $MAX_CHUNK_SIZE);
for ( @message ) {
$x = 0 if ++$x > 255;
$y -= 256 if ($y += $state[$x]) > 255;
@state[$x, $y] = @state[$y, $x];
$_ ^= $state[( $state[$x] + $state[$y] ) % 256];
}
substr($message, $piece * $MAX_CHUNK_SIZE, $MAX_CHUNK_SIZE) = pack "C*", @message;
}
if ($self) {
$self->{state} = \@state;
$self->{x} = $x;
$self->{y} = $y;
}
$message;
}
sub Setup {
my @k = unpack( 'C*', shift );
my @state = 0..255;
my $y = 0;
for my $x (0..255) {
$y = ( $k[$x % @k] + $state[$x] + $y ) % 256;
@state[$x, $y] = @state[$y, $x];
}
wantarray ? @state : \@state;
}
1;
__END__
=head1 NAME
Crypt::RC4 - Perl implementation of the RC4 encryption algorithm
=head1 SYNOPSIS
# Functional Style
use Crypt::RC4;
$encrypted = RC4( $passphrase, $plaintext );
$decrypt = RC4( $passphrase, $encrypted );
# OO Style
use Crypt::RC4;
$ref = Crypt::RC4->new( $passphrase );
$encrypted = $ref->RC4( $plaintext );
$ref2 = Crypt::RC4->new( $passphrase );
$decrypted = $ref2->RC4( $encrypted );
# process an entire file, one line at a time
# (Warning: Encrypted file leaks line lengths.)
$ref3 = Crypt::RC4->new( $passphrase );
while (<FILE>) {
chomp;
print $ref3->RC4($_), "\n";
}
=head1 DESCRIPTION
A simple implementation of the RC4 algorithm, developed by RSA Security, Inc. Here is the description
from RSA's website:
RC4 is a stream cipher designed by Rivest for RSA Data Security (now RSA Security). It is a variable
key-size stream cipher with byte-oriented operations. The algorithm is based on the use of a random
permutation. Analysis shows that the period of the cipher is overwhelmingly likely to be greater than
10100. Eight to sixteen machine operations are required per output byte, and the cipher can be
expected to run very quickly in software. Independent analysts have scrutinized the algorithm and it
is considered secure.
Based substantially on the "RC4 in 3 lines of perl" found at http://www.cypherspace.org
A major bug in v1.0 was fixed by David Hook (dgh@wumpus.com.au). Thanks, David.
=head1 AUTHOR
Kurt Kincaid (sifukurt@yahoo.com)
Ronald Rivest for RSA Security, Inc.
=head1 BUGS
Disclaimer: Strictly speaking, this module uses the "alleged" RC4
algorithm. The Algorithm known as "RC4" is a trademark of RSA Security
Inc., and this document makes no claims one way or another that this
is the correct algorithm, and further, make no claims about the
quality of the source code nor any licensing requirements for
commercial use.
There's nothing preventing you from using this module in an insecure
way which leaks information. For example, encrypting multilple
messages with the same passphrase may allow an attacker to decode all of
them with little effort, even though they'll appear to be secured. If
serious crypto is your goal, be careful. Be very careful.
It's a pure-Perl implementation, so that rating of "Eight
to sixteen machine operations" is good for nothing but a good laugh.
If encryption and decryption are a bottleneck for you, please re-write
this module to use native code wherever practical.
=head1 LICENSE
This is free software and may be modified and/or
redistributed under the same terms as Perl itself.
=head1 SEE ALSO
L<perl>, L<http://www.cypherspace.org>, L<http://www.rsasecurity.com>,
L<http://www.achtung.com/crypto/rc4.html>,
L<http://www.columbia.edu/~ariel/ssleay/rrc4.html>
=cut
|