2 * Arcfour (RC4) implementation for PuTTY.
11 unsigned char i
, j
, s
[256];
14 static void arcfour_block(void *handle
, unsigned char *blk
, int len
)
16 ArcfourContext
*ctx
= (ArcfourContext
*)handle
;
18 unsigned char tmp
, i
, j
, *s
;
21 i
= ctx
->i
; j
= ctx
->j
;
22 for (k
= 0; (int)k
< len
; k
++) {
24 j
= (j
+ s
[i
]) & 0xff;
25 tmp
= s
[i
]; s
[i
] = s
[j
]; s
[j
] = tmp
;
26 blk
[k
] ^= s
[(s
[i
]+s
[j
]) & 0xff];
28 ctx
->i
= i
; ctx
->j
= j
;
31 static void arcfour_setkey(ArcfourContext
*ctx
, unsigned char const *key
,
34 unsigned char tmp
, k
[256], *s
;
38 assert(keybytes
<= 256);
40 for (i
= 0; i
< 256; i
++) {
42 k
[i
] = key
[i
% keybytes
];
45 for (i
= 0; i
< 256; i
++) {
46 j
= (j
+ s
[i
] + k
[i
]) & 0xff;
47 tmp
= s
[i
]; s
[i
] = s
[j
]; s
[j
] = tmp
;
51 /* -- Interface with PuTTY -- */
54 * We don't implement Arcfour in SSH-1 because it's utterly insecure in
55 * several ways. See CERT Vulnerability Notes VU#25309, VU#665372,
58 * We don't implement the "arcfour" algorithm in SSH-2 because it doesn't
59 * stir the cipher state before emitting keystream, and hence is likely
60 * to leak data about the key.
63 static void *arcfour_make_context(void)
65 return snew(ArcfourContext
);
68 static void arcfour_free_context(void *handle
)
73 static void arcfour_stir(ArcfourContext
*ctx
)
75 unsigned char *junk
= snewn(1536, unsigned char);
76 memset(junk
, 0, 1536);
77 arcfour_block(ctx
, junk
, 1536);
78 memset(junk
, 0, 1536);
82 static void arcfour128_key(void *handle
, unsigned char *key
)
84 ArcfourContext
*ctx
= (ArcfourContext
*)handle
;
85 arcfour_setkey(ctx
, key
, 16);
89 static void arcfour256_key(void *handle
, unsigned char *key
)
91 ArcfourContext
*ctx
= (ArcfourContext
*)handle
;
92 arcfour_setkey(ctx
, key
, 32);
96 static void arcfour_iv(void *handle
, unsigned char *key
)
101 const struct ssh2_cipher ssh_arcfour128_ssh2
= {
102 arcfour_make_context
, arcfour_free_context
, arcfour_iv
, arcfour128_key
,
103 arcfour_block
, arcfour_block
,
105 1, 128, 0, "Arcfour-128"
108 const struct ssh2_cipher ssh_arcfour256_ssh2
= {
109 arcfour_make_context
, arcfour_free_context
, arcfour_iv
, arcfour256_key
,
110 arcfour_block
, arcfour_block
,
112 1, 256, 0, "Arcfour-256"
115 static const struct ssh2_cipher
*const arcfour_list
[] = {
116 &ssh_arcfour256_ssh2
,
117 &ssh_arcfour128_ssh2
,
120 const struct ssh2_ciphers ssh2_arcfour
= {
121 sizeof(arcfour_list
) / sizeof(*arcfour_list
),