- Timestamp:
- 2007-10-07T20:42:37Z (17 years ago)
- Branches:
- master
- Children:
- 2305488
- Parents:
- 9334cc2
- Location:
- lib
- Files:
-
- 1 edited
- 2 moved
Legend:
- Unmodified
- Added
- Removed
-
lib/Makefile
r9334cc2 ra7b5925 10 10 11 11 # [SH] Program variables 12 objects = base64.o $(EVENT_HANDLER) http_client.o ini.o md5.o misc.o proxy.o rc4.o sha.o $(SSL_CLIENT) url.o12 objects = arc.o base64.o $(EVENT_HANDLER) http_client.o ini.o md5.o misc.o proxy.o sha.o $(SSL_CLIENT) url.o 13 13 14 14 CFLAGS += -Wall -
lib/arc.c
r9334cc2 ra7b5925 2 2 * * 3 3 * BitlBee - An IRC to IM gateway * 4 * Simple (but secure) RC4 implementation for safer password storage.*4 * Simple (but secure) ArcFour implementation for safer password storage. * 5 5 * * 6 6 * Copyright 2006 Wilmer van der Gaast <wilmer@gaast.net> * … … 23 23 24 24 /* 25 This file implements RC4-encryption, which will mainly be used to save IM26 passwords safely in the new XML-format. Possibly other uses will come up27 later. It's supposed to be quite reliable (thanks to the use of a 6-byte28 IV/seed), certainly compared to the old format. The only realistic way to29 crack BitlBee passwords now is to use a sniffer to get your hands on the30 user's password.25 This file implements ArcFour-encryption, which will mainly be used to 26 save IM passwords safely in the new XML-format. Possibly other uses will 27 come up later. It's supposed to be quite reliable (thanks to the use of a 28 6-byte IV/seed), certainly compared to the old format. The only realistic 29 way to crack BitlBee passwords now is to use a sniffer to get your hands 30 on the user's password. 31 31 32 32 If you see that something's wrong in this implementation (I asked a 33 33 couple of people to look at it already, but who knows), please tell me. 34 34 35 The reason I chose for RC4is because it's pretty simple but effective,35 The reason I picked ArcFour is because it's pretty simple but effective, 36 36 so it will work without adding several KBs or an extra library dependency. 37 38 (ArcFour is an RC4-compatible cipher. See for details: 39 http://www.mozilla.org/projects/security/pki/nss/draft-kaukonen-cipher-arcfour-03.txt) 37 40 */ 38 41 … … 43 46 #include <string.h> 44 47 #include "misc.h" 45 #include " rc4.h"48 #include "arc.h" 46 49 47 50 /* Add some seed to the password, to make sure we *never* use the same key. 48 51 This defines how many bytes we use as a seed. */ 49 #define RC4_IV_LEN 652 #define ARC_IV_LEN 6 50 53 51 54 /* To defend against a "Fluhrer, Mantin and Shamir attack", it is recommended 52 55 to shuffle S[] just a bit more before you start to use it. This defines how 53 56 many bytes we'll request before we'll really use them for encryption. */ 54 #define RC4_CYCLES 102457 #define ARC_CYCLES 1024 55 58 56 struct rc4_state *rc4_keymaker( unsigned char *key, int kl, int cycles )59 struct arc_state *arc_keymaker( unsigned char *key, int kl, int cycles ) 57 60 { 58 struct rc4_state *st;61 struct arc_state *st; 59 62 int i, j, tmp; 60 63 61 st = g_malloc( sizeof( struct rc4_state ) );64 st = g_malloc( sizeof( struct arc_state ) ); 62 65 st->i = st->j = 0; 63 66 for( i = 0; i < 256; i ++ ) … … 76 79 77 80 for( i = 0; i < cycles; i ++ ) 78 rc4_getbyte( st );81 arc_getbyte( st ); 79 82 80 83 return st; … … 82 85 83 86 /* 84 For those who don't know, RC4 is basically an algorithm that generates a85 stream of bytes after you give it a key. Just get a byte from it and xor86 it with your cleartext. To decrypt, just give it the same key again and87 start xorring.87 For those who don't know, ArcFour is basically an algorithm that generates 88 a stream of bytes after you give it a key. Just get a byte from it and 89 xor it with your cleartext. To decrypt, just give it the same key again 90 and start xorring. 88 91 89 The function above initializes the RC4 byte generator, the next function90 canbe used to get bytes from the generator (and shuffle things a bit).92 The function above initializes the byte generator, the next function can 93 be used to get bytes from the generator (and shuffle things a bit). 91 94 */ 92 95 93 unsigned char rc4_getbyte( struct rc4_state *st )96 unsigned char arc_getbyte( struct arc_state *st ) 94 97 { 95 98 unsigned char tmp; … … 108 111 The following two functions can be used for reliable encryption and 109 112 decryption. Known plaintext attacks are prevented by adding some (6, 110 by default) random bytes to the password before setting up the RC4113 by default) random bytes to the password before setting up the state 111 114 structures. These 6 bytes are also saved in the results, because of 112 course we'll need them in rc4_decode().115 course we'll need them in arc_decode(). 113 116 114 117 Because the length of the resulting string is unknown to the caller, … … 122 125 */ 123 126 124 int rc4_encode( char *clear, int clear_len, unsigned char **crypt, char *password )127 int arc_encode( char *clear, int clear_len, unsigned char **crypt, char *password ) 125 128 { 126 struct rc4_state *st;129 struct arc_state *st; 127 130 unsigned char *key; 128 131 int key_len, i; 129 132 130 key_len = strlen( password ) + RC4_IV_LEN;133 key_len = strlen( password ) + ARC_IV_LEN; 131 134 if( clear_len <= 0 ) 132 135 clear_len = strlen( clear ); 133 136 134 137 /* Prepare buffers and the key + IV */ 135 *crypt = g_malloc( clear_len + RC4_IV_LEN );138 *crypt = g_malloc( clear_len + ARC_IV_LEN ); 136 139 key = g_malloc( key_len ); 137 140 strcpy( (char*) key, password ); … … 139 142 /* Add the salt. Save it for later (when decrypting) and, of course, 140 143 add it to the encryption key. */ 141 random_bytes( crypt[0], RC4_IV_LEN );142 memcpy( key + key_len - RC4_IV_LEN, crypt[0], RC4_IV_LEN );144 random_bytes( crypt[0], ARC_IV_LEN ); 145 memcpy( key + key_len - ARC_IV_LEN, crypt[0], ARC_IV_LEN ); 143 146 144 147 /* Generate the initial S[] from the IVed key. */ 145 st = rc4_keymaker( key, key_len, RC4_CYCLES );148 st = arc_keymaker( key, key_len, ARC_CYCLES ); 146 149 g_free( key ); 147 150 148 151 for( i = 0; i < clear_len; i ++ ) 149 crypt[0][i+ RC4_IV_LEN] = clear[i] ^ rc4_getbyte( st );152 crypt[0][i+ARC_IV_LEN] = clear[i] ^ arc_getbyte( st ); 150 153 151 154 g_free( st ); 152 155 153 return clear_len + RC4_IV_LEN;156 return clear_len + ARC_IV_LEN; 154 157 } 155 158 156 int rc4_decode( unsigned char *crypt, int crypt_len, char **clear, char *password )159 int arc_decode( unsigned char *crypt, int crypt_len, char **clear, char *password ) 157 160 { 158 struct rc4_state *st;161 struct arc_state *st; 159 162 unsigned char *key; 160 163 int key_len, clear_len, i; 161 164 162 key_len = strlen( password ) + RC4_IV_LEN;163 clear_len = crypt_len - RC4_IV_LEN;165 key_len = strlen( password ) + ARC_IV_LEN; 166 clear_len = crypt_len - ARC_IV_LEN; 164 167 165 168 if( clear_len < 0 ) … … 173 176 key = g_malloc( key_len ); 174 177 strcpy( (char*) key, password ); 175 for( i = 0; i < RC4_IV_LEN; i ++ )176 key[key_len- RC4_IV_LEN+i] = crypt[i];178 for( i = 0; i < ARC_IV_LEN; i ++ ) 179 key[key_len-ARC_IV_LEN+i] = crypt[i]; 177 180 178 181 /* Generate the initial S[] from the IVed key. */ 179 st = rc4_keymaker( key, key_len, RC4_CYCLES );182 st = arc_keymaker( key, key_len, ARC_CYCLES ); 180 183 g_free( key ); 181 184 182 185 for( i = 0; i < clear_len; i ++ ) 183 clear[0][i] = crypt[i+ RC4_IV_LEN] ^ rc4_getbyte( st );186 clear[0][i] = crypt[i+ARC_IV_LEN] ^ arc_getbyte( st ); 184 187 clear[0][i] = 0; /* Nice to have for plaintexts. */ 185 188 -
lib/arc.h
r9334cc2 ra7b5925 2 2 * * 3 3 * BitlBee - An IRC to IM gateway * 4 * Simple (but secure) RC4 implementation for safer password storage.*4 * Simple (but secure) ArcFour implementation for safer password storage. * 5 5 * * 6 * Copyright 200 6Wilmer van der Gaast <wilmer@gaast.net> *6 * Copyright 2007 Wilmer van der Gaast <wilmer@gaast.net> * 7 7 * * 8 8 * This program is free software; you can redistribute it and/or modify * … … 23 23 24 24 25 /* See rc4.c for more information. */25 /* See arc.c for more information. */ 26 26 27 struct rc4_state27 struct arc_state 28 28 { 29 29 unsigned char S[256]; … … 31 31 }; 32 32 33 struct rc4_state *rc4_keymaker( unsigned char *key, int kl, int cycles );34 unsigned char rc4_getbyte( struct rc4_state *st );35 int rc4_encode( char *clear, int clear_len, unsigned char **crypt, char *password );36 int rc4_decode( unsigned char *crypt, int crypt_len, char **clear, char *password );33 struct arc_state *arc_keymaker( unsigned char *key, int kl, int cycles ); 34 unsigned char arc_getbyte( struct arc_state *st ); 35 int arc_encode( char *clear, int clear_len, unsigned char **crypt, char *password ); 36 int arc_decode( unsigned char *crypt, int crypt_len, char **clear, char *password );
Note: See TracChangeset
for help on using the changeset viewer.