1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89

// Copyright 2020 The Fuchsia Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#![cfg(feature = "insecure")]

use boringssl::{self, CStackWrapper};

/// INSECURE: The RC4 cipher.
///
/// # Security
///
/// RC4 is considered insecure and should only be used for compatibility with
/// legacy applications.
#[deprecated(note = "RC4 is considered insecure")]
#[allow(deprecated)] // Work-around until Rust issue #56195 is resolved
pub struct InsecureRc4Key {
    ctx: CStackWrapper<boringssl::RC4_KEY>,
}

#[allow(deprecated)] // Work-around until Rust issue #56195 is resolved
impl InsecureRc4Key {
    /// INSECURE: Constructs an RC4 cipher from the given key data.
    ///
    /// The data used to construct an RC4 cipher can be of arbitrary length
    /// (within the bounds of `u32`; see below). This includes zero-length keys,
    /// for which care should be taken to avoid.
    ///
    /// # Security
    ///
    /// RC4 is considered insecure and should only be used for compatibility
    /// with legacy applications.
    ///
    /// # Aborts
    ///
    /// This function aborts if the length of the `key` slice exceeds
    /// `u32::MAX`.
    #[deprecated(note = "RC4 is considered insecure")]
    pub fn insecure_new(key: &[u8]) -> Self {
        InsecureRc4Key { ctx: CStackWrapper::rc4_set_key(key.as_ref()) }
    }

    /// INSECURE: Encrypts or decrypts a byte slice into another byte slice.
    ///
    /// RC4 is a symmetrical streaming cipher; there is no distinction between
    /// encryption and decryption.
    ///
    /// The minimum of the input and output slice lengths determines how much
    /// data is read from `input` and written to `output`.
    ///
    /// # Security
    ///
    /// RC4 is considered insecure and should only be used for compatibility
    /// with legacy applications.
    #[deprecated(note = "RC4 is considered insecure")]
    pub fn insecure_xor_stream(&mut self, input: &[u8], output: &mut [u8]) {
        self.ctx.rc4(input, output);
    }
}

#[allow(deprecated)] // Work-around until Rust issue #56195 is resolved
#[cfg(test)]
mod tests {
    use super::*;

    // Compliments `rc4_decrypt`.
    #[test]
    fn rc4_encrypt() {
        let mut rc4 = InsecureRc4Key::insecure_new(b"Key");

        let plaintext = b"Plaintext";
        let mut ciphertext = vec![0u8; 9];

        rc4.insecure_xor_stream(plaintext, &mut ciphertext);
        assert_eq!(&ciphertext, b"\xBB\xF3\x16\xE8\xD9\x40\xAF\x0A\xD3");
    }

    // Compliments `rc4_encrypt`.
    #[test]
    fn rc4_decrypt() {
        let mut rc4 = InsecureRc4Key::insecure_new(b"Key");

        let plaintext = b"\xBB\xF3\x16\xE8\xD9\x40\xAF\x0A\xD3";
        let mut ciphertext = vec![0u8; 9];

        rc4.insecure_xor_stream(plaintext, &mut ciphertext);
        assert_eq!(&ciphertext, b"Plaintext");
    }
}