#### 5.12.1 Problem

You
want to save computational resources when
data is actually flowing over a network by precomputing keystream so
that encryption or decryption will consist merely of
XOR'ing data with the precomputed keystream.

#### 5.12.2 Solution

If your API has a function that performs keystream generation, use
that. Otherwise, call the encryption routine, passing in
N bytes set to 0, where N
is the number of bytes of keystream you wish to precompute.

#### 5.12.3 Discussion

Most cryptographic APIs do not have an explicit way to precompute
keystream for cipher modes where such precomputation makes sense.
Fortunately, any byte XOR'd with zero returns the
original byte. Therefore, to recover the keystream, we can
"encrypt" a string of zeros. Then,
when we have data that we really do wish to encrypt, we need only XOR
that data with the stored keystream.

If you have the source for the encryption algorithm, you can remove
the final XOR operation to create a keystream-generating function.
For example, the `spc_ctr_update(
)` function from Recipe 5.9 can be adapted
easily into the following keystream generator:

int spc_ctr_keystream(SPC_CTR_CTX *ctx, size_t il, unsigned char *out) {
int i;
if (ctx->ix) {
while (ctx->ix) {
if (!il--) return 1;
*out++ = ctx->ksm[ctx->ix++];
ctx->ix %= SPC_BLOCK_SZ;
}
}
if (!il) return 1;
while (il >= SPC_BLOCK_SZ) {
SPC_DO_ENCRYPT(&(ctx->ks), ctx->ctr, out);
ctr_increment(ctx->ctr);
il -= SPC_BLOCK_SZ;
out += SPC_BLOCK_SZ;
}
SPC_DO_ENCRYPT(&(ctx->ks), ctx->ctr, ctx->ksm);
ctr_increment(ctx->ctr);
for (i = 0; i <il; i++) *out++ = ctx->ksm[ctx->ix++];
return 1;
}

Note that we simply remove the `in` argument along
with the XOR operation whenever we write to the output buffer.