beyondzzk / as3crypto

Automatically exported from code.google.com/p/as3crypto
0 stars 0 forks source link

Incorrect RC4 generation #69

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
Looking at the current source, there's a slight issue in RC4's code. In the 
next() method:

    ...
    t = S[i];
    S[i] = S[j];
    S[j] = t;
    return S[(t+S[i])&255];

Since t is still S[i], that means the result is S[(S[i]+S[i])] - it should be 
S[(S[j]+S[i])].

Alternatively using the cached value that's:

    return S[(t+S[j])&255];

Original issue reported on code.google.com by virap...@gmail.com on 27 Nov 2011 at 6:55

GoogleCodeExporter commented 9 years ago
Of course everything's correct, I just failed at reading. Can't delete the 
issue though...

Original comment by virap...@gmail.com on 27 Nov 2011 at 10:46