Description: ------------ Hello, I download RC4-1.0.2 and wrote a program very similar to the example - see code sample below Why is this not working? Thanks, Vaish. Reproduce code: --------------- <?php require_once '/home/vaish/Crypt_RC4-1.0.2/Rc4.php'; $key = "password"; $message = "this is a really really long sentence that we made up for testimng purposes to see iof this really really works!@@#$%^&*("; $rc4->key($key); echo "orig message : $message <br> \n"; $rc4->crypt($message); echo "encrypted message is: $message <br> \n"; $rc4->decrypt($message); echo "decrypted message is: $message <br> \n"; ?> Expected result: ---------------- It outputs some junk orig message : this is a really really long sentence that we made up for testimn g purposesxüGeÅi&;£(ô´î$äÕ really really works!@@#$%^&*( <br> e¹¦×Öbj/×Ùz <br> is: }lWÇqÙS'Ãýsè#ç_!#U÷Ký9Âf´ÞÓØZ decrypted message is: this is a really really long sentence that we made up for testimng purposes to see iof this really really works!@@#$%^&*( <br> vaish@enkidu:~/Crypt_RC4-1.0.2$ VT102 The encrypted message is very messed up - I don't even know which is the encrypted message , also the original message is messed up while printing. After this output I am not able to use the command line - eveything I type comes out as some junk. Please help - I replaced the $rc4->key($key); line with $rc4 = new Crypt_RC4($key); but this also doesn't help. Actual result: -------------- The actual result should the orignal message, encrypted message and then the decrypted message (Which is the same as the original message)

The encryted text is binary, so it contains control characters that mess up the console. This bug is not a bug and can be closed.

I took a look at it and it seems that indeed the decryption process is broken. Encryption comes up with the same output. But decryption doesn't. $key = "PEAR"; $message = "PEAR Rulez!"; $rc4 = new Crypt_Rc4; $rc4->key($_key); $result = $rc4->encrypt($message); echo base64_encode($result); echo "\n\n"; $rc4->key($_key); echo $rc4->decrypt($result); // ouput should be $message Plus the docs need to be cleaned up to get rid of the references to setKey. (Same goes for the unit tests.)

ok the following code demonstrates that at initialization, the results are different than later. Could it have something to do with the seed? I don't really understand the algorithm, but maybe someone could take a peak at it. It also doesn't matter whether you reset the key or not. Not sure why that is. In the following, I've used base64_encode when outputting a binary string. Solves the shell issues mentioned by Vaish. <?php require_once('Crypt/Rc4.php'); $encrypted = "9FrIeiS+1xm5/jQ="; echo "Expected encryption: "; echo $encrypted."\n"; $key = "PEARa"; $message = "PEAR Rulez!"; $rc4 = new Crypt_Rc4; echo "\n\n"; echo "Instance 1:\n"; $rc4->key($key); $result = $rc4->encrypt($message); echo "Encrypt: "; echo base64_encode($result); echo "\n"; echo "Decrypt after encrypt:"; echo base64_encode($rc4->decrypt($result)); echo "\nThird run: "; echo base64_encode($rc4->decrypt($result)); echo "\n\n"; echo "Instance 2:\n"; $rc4a = new Crypt_Rc4; $rc4a->key($key); echo "First run: "; echo $rc4a->decrypt($result); // ouput should be $message echo "\nSecond run: "; echo base64_encode($rc4a->decrypt($result)); echo "\nThird run: "; echo base64_encode($rc4a->decrypt($result)); ?> Output: --------- Expected encryption: 9FrIeiS+1xm5/jQ= Instance 1: Encrypt: 9FrIeiS+1xm5/jQ= Decrypt after encrypt: j/9FH94hOr0nh7E= Third run: OKZOx4cr7ifCgrE= Instance 2: First run: PEAR Rulez! Second run: j/9FH94hOr0nh7E= Third run: OKZOx4cr7ifCgrE=

The encryption/decryption functions modify the encryption matrix $s. That is why results are different. A "quick" fix is to comment lines 243 and 263 in Rc4.php. This forces the key initialization routine to reinitialize matrix $s. A cleaner fix is to make a copy of the encryption matrix before the encryption/decryption and restore it afterwards. Also, members $i and $j should also be reset to 0 before encryption.

This bug has been fixed in CVS. If this was a documentation problem, the fix will appear on pear.php.net by the end of next Sunday (CET). If this was a problem with the pear.php.net website, the change should be live shortly. Otherwise, the fix will appear in the package's next release. Thank you for the report and for helping us make PEAR better. Fixed this following the suggestions made by Carlos Joa. Fix confirmed by running the updated phpunit tests - testRoundRobinEncryption failed before this fix was applied but passes now.