Home Explore Help
Register Sign In
Apq
/
winscp
mirror of https://github.com/winscp/winscp.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: 63acc45b4b
Branches Tags
winscp
/
source
/
putty
/
ssharcf.c

ssharcf.c 3.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127 
  1. /*
    2. 

  2.  * Arcfour (RC4) implementation for PuTTY.
    3. 

  3.  *
    4. 

  4.  * Coded from Schneier.
    5. 

  5.  */
    6. 

  6. 

  7. #include <assert.h>
    8. 

  8. #include "ssh.h"
    9. 

  9. 

  10. typedef struct {
    11. 

  11.     unsigned char i, j, s[256];
    12. 

  12.     ssh_cipher ciph;
    13. 

  13. } ArcfourContext;
    14. 

  14. 

  15. static void arcfour_block(void *handle, void *vblk, int len)
    16. 

  16. {
    17. 

  17.     unsigned char *blk = (unsigned char *)vblk;
    18. 

  18.     ArcfourContext *ctx = (ArcfourContext *)handle;
    19. 

  19.     unsigned k;
    20. 

  20.     unsigned char tmp, i, j, *s;
    21. 

  21. 

  22.     s = ctx->s;
    23. 

  23.     i = ctx->i; j = ctx->j;
    24. 

  24.     for (k = 0; (int)k < len; k++) {
    25. 

  25. 	i  = (i + 1) & 0xff;
    26. 

  26. 	j  = (j + s[i]) & 0xff;
    27. 

  27. 	tmp = s[i]; s[i] = s[j]; s[j] = tmp;
    28. 

  28. 	blk[k] ^= s[(s[i]+s[j]) & 0xff];
    29. 

  29.     }
    30. 

  30.     ctx->i = i; ctx->j = j;
    31. 

  31. }
    32. 

  32. 

  33. static void arcfour_setkey(ArcfourContext *ctx, unsigned char const *key,
    34. 

  34. 			   unsigned keybytes)
    35. 

  35. {
    36. 

  36.     unsigned char tmp, k[256], *s;
    37. 

  37.     unsigned i, j;
    38. 

  38. 

  39.     s = ctx->s;
    40. 

  40.     assert(keybytes <= 256);
    41. 

  41.     ctx->i = ctx->j = 0;
    42. 

  42.     for (i = 0; i < 256; i++) {
    43. 

  43. 	s[i] = i;
    44. 

  44. 	k[i] = key[i % keybytes];
    45. 

  45.     }
    46. 

  46.     j = 0;
    47. 

  47.     for (i = 0; i < 256; i++) {
    48. 

  48. 	j = (j + s[i] + k[i]) & 0xff;
    49. 

  49. 	tmp = s[i]; s[i] = s[j]; s[j] = tmp;
    50. 

  50.     }
    51. 

  51. }
    52. 

  52. 

  53. /* -- Interface with PuTTY -- */
    54. 

  54. 

  55. /*
    56. 

  56.  * We don't implement Arcfour in SSH-1 because it's utterly insecure in
    57. 

  57.  * several ways.  See CERT Vulnerability Notes VU#25309, VU#665372,
    58. 

  58.  * and VU#565052.
    59. 

  59.  * 
    60. 

  60.  * We don't implement the "arcfour" algorithm in SSH-2 because it doesn't
    61. 

  61.  * stir the cipher state before emitting keystream, and hence is likely
    62. 

  62.  * to leak data about the key.
    63. 

  63.  */
    64. 

  64. 

  65. static ssh_cipher *arcfour_new(const ssh_cipheralg *alg)
    66. 

  66. {
    67. 

  67.     ArcfourContext *ctx = snew(ArcfourContext);
    68. 

  68.     ctx->ciph.vt = alg;
    69. 

  69.     return &ctx->ciph;
    70. 

  70. }
    71. 

  71. 

  72. static void arcfour_free(ssh_cipher *cipher)
    73. 

  73. {
    74. 

  74.     ArcfourContext *ctx = container_of(cipher, ArcfourContext, ciph);
    75. 

  75.     smemclr(ctx, sizeof(*ctx));
    76. 

  76.     sfree(ctx);
    77. 

  77. }
    78. 

  78. 

  79. static void arcfour_stir(ArcfourContext *ctx)
    80. 

  80. {
    81. 

  81.     unsigned char *junk = snewn(1536, unsigned char);
    82. 

  82.     memset(junk, 0, 1536);
    83. 

  83.     arcfour_block(ctx, junk, 1536);
    84. 

  84.     smemclr(junk, 1536);
    85. 

  85.     sfree(junk);
    86. 

  86. }
    87. 

  87. 

  88. static void arcfour_ssh2_setiv(ssh_cipher *cipher, const void *key)
    89. 

  89. {
    90. 

  90.     /* As a pure stream cipher, Arcfour has no IV separate from the key */
    91. 

  91. }
    92. 

  92. 

  93. static void arcfour_ssh2_setkey(ssh_cipher *cipher, const void *key)
    94. 

  94. {
    95. 

  95.     ArcfourContext *ctx = container_of(cipher, ArcfourContext, ciph);
    96. 

  96.     arcfour_setkey(ctx, key, ctx->ciph.vt->padded_keybytes);
    97. 

  97.     arcfour_stir(ctx);
    98. 

  98. }
    99. 

  99. 

  100. static void arcfour_ssh2_block(ssh_cipher *cipher, void *blk, int len)
    101. 

  101. {
    102. 

  102.     ArcfourContext *ctx = container_of(cipher, ArcfourContext, ciph);
    103. 

  103.     arcfour_block(ctx, blk, len);
    104. 

  104. }
    105. 

  105. 

  106. const ssh_cipheralg ssh_arcfour128_ssh2 = {
    107. 

  107.     arcfour_new, arcfour_free, arcfour_ssh2_setiv, arcfour_ssh2_setkey,
    108. 

  108.     arcfour_ssh2_block, arcfour_ssh2_block, NULL, NULL,
    109. 

  109.     "arcfour128",
    110. 

  110.     1, 128, 16, 0, "Arcfour-128",
    111. 

  111.     NULL
    112. 

  112. };
    113. 

  113. 

  114. const ssh_cipheralg ssh_arcfour256_ssh2 = {
    115. 

  115.     arcfour_new, arcfour_free, arcfour_ssh2_setiv, arcfour_ssh2_setkey,
    116. 

  116.     arcfour_ssh2_block, arcfour_ssh2_block, NULL, NULL,
    117. 

  117.     "arcfour256",
    118. 

  118.     1, 256, 32, 0, "Arcfour-256",
    119. 

  119.     NULL
    120. 

  120. };
    121. 

  121. 

  122. static const ssh_cipheralg *const arcfour_list[] = {
    123. 

  123.     &ssh_arcfour256_ssh2,
    124. 

  124.     &ssh_arcfour128_ssh2,
    125. 

  125. };
    126. 

  126. 

  127. const ssh2_ciphers ssh2_arcfour = { lenof(arcfour_list), arcfour_list };
    128.