On Saturday 01 July 2006 20:06, Alexander Schmehl wrote:
> Hi!
>
> * George Danchev <[EMAIL PROTECTED]> [060701 15:20]:
> > I hope that Alexander Schmehl is still willing to check it out and
> > upload. Should anything still to be corrented I'm willing to do so. The
> > new RC4 implementation is documented in debian/copyright, along with the
> > match script as well (that were the points Alexnder raised in his last
> > reviewing).
>
> Currently I'm on the road without my gpg-key, so I can't upload anythign
> right now. I'll be back on Tuesday evening / wednesday morning will
> check it then (if I don't forget it, might be a got idea to send me an
> reminder ;)
Unfortunately I face a break with the new GPL'ed ARC4 implementation. The
patch for that implementation for shc 3.7 along with some rc4 tests is found
at:
http://crustytoothpaste.ath.cx/~bmc/files/free/crypto.pax.bz2
I still need to resolve why strcmp(TEXT_chk2, chk2) is put there, which
succeeds causing the following break:
$ ./shc -f test.csh
$ ./test.csh.x
$ ./test.csh.x: No such file or directory: shell has changed!
I attached a similar patch for shc 3.8.3, but the following occurs with the
above test.csh test:
$./test.csh.x
$./test.csh.x: location has changed!
--
pub 4096R/0E4BD0AB 2003-03-18 <people.fccf.net/danchev/key pgp.mit.edu>
fingerprint 1AE7 7C66 0A26 5BFF DF22 5D55 1C57 0C89 0E4B D0AB
diff -Naur shc-3.8.3/shc.c shc-3.8.3.dfsg/shc.c
--- shc-3.8.3/shc.c 2005-06-28 22:28:52.000000000 +0300
+++ shc-3.8.3.dfsg/shc.c 2006-07-04 12:35:06.000000000 +0300
@@ -1,10 +1,27 @@
/* shc.c */
-/**
- * This software contains the 'Alleged RC4' source code.
- * The original source code was published on the Net by a group of cypherpunks.
- * I picked up a modified version from the news.
- * The copyright notice does not apply to that code.
+/*-
+ * This software contains a clean-room implementation of Alleged RC4 (ARC4).
+ * The following copyright notice and license apply only to that code.
+ *
+ * Copyright (c) 2006 Brian M. Carlson
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; version 2 of the License, dated June
+ * 1991, with MD5 hash 8ca43cbc842c2336e835926c2166c28b.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to:
+ * Free Software Foundation, Inc.
+ * 51 Franklin St, Fifth Floor
+ * Boston, MA 02110-1301
+ * USA
*/
static const char my_name[] = "shc";
static const char version[] = "Version 3.8.3";
@@ -125,63 +142,85 @@
"#include <string.h>",
"#include <time.h>",
"#include <unistd.h>",
-"",
-"/**",
-" * 'Alleged RC4' Source Code picked up from the news.",
-" * From: [EMAIL PROTECTED] (John L. Allen)",
-" * Newsgroups: comp.lang.c",
-" * Subject: Shrink this C code for fame and fun",
-" * Date: 21 May 1996 10:49:37 -0400",
+"/*-",
+" * This software contains a clean-room implementation of Alleged RC4.",
+" * The following copyright notice and license apply only to that code.",
+" *",
+" * Copyright (c) 2006 Brian M. Carlson",
+" * ",
+" * This program is free software; you can redistribute it and/or modify",
+" * it under the terms of the GNU General Public License as published by",
+" * the Free Software Foundation; version 2 of the License, dated June",
+" * 1991, with MD5 hash 8ca43cbc842c2336e835926c2166c28b.",
+" * ",
+" * This program is distributed in the hope that it will be useful, but",
+" * WITHOUT ANY WARRANTY; without even the implied warranty of",
+" * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU",
+" * General Public License for more details.",
+" * ",
+" * You should have received a copy of the GNU General Public License",
+" * along with this program; if not, write to:",
+" * Free Software Foundation, Inc.",
+" * 51 Franklin St, Fifth Floor",
+" * Boston, MA 02110-1301",
+" * USA",
+" *",
+" * In addition, as a special exception, you may deal in this software as",
+" * part of a program produced by shc (the shell script compiler) without",
+" * restriction.",
+" *",
+" * Note that people who make modified versions of this software are not",
+" * obligated to grant this special exception for their modified versions;",
+" * it is their choice whether to do so. The GNU General Public License",
+" * gives permission to release a modified version without this exception;",
+" * this exception also makes it possible to release a modified version",
+" * which carries forward this exception.",
" */",
"",
-"static unsigned char stte[256], indx, jndx, kndx;",
+"struct crypto_rc4_s",
+"{",
+" unsigned char s[256];",
+" unsigned char i;",
+" unsigned char j;",
+"} ctxo, *ctx=&ctxo;",
+"",
+"#define SWAP(x, y) do{unsigned char tmp;tmp=(x);(x)=(y);(y)=tmp;}while (0)",
"",
-"/*",
-" * Reset arc4 stte. ",
-" */",
"void stte_0(void)",
"{",
-" indx = jndx = kndx = 0;",
-" do {",
-" stte[indx] = indx;",
-" } while (++indx);",
+" int i;",
+"",
+" for (i=0; i<256; i++)",
+" ctx->s[i]=i;",
+" ctx->i=ctx->j=0;",
"}",
"",
-"/*",
-" * Set key. Can be used more than once. ",
-" */",
-"void key(void * str, int len)",
+"void key(const char *str, int len)",
"{",
-" unsigned char tmp, * ptr = (unsigned char *)str;",
-" while (len > 0) {",
-" do {",
-" tmp = stte[indx];",
-" kndx += tmp;",
-" kndx += ptr[(int)indx % len];",
-" stte[indx] = stte[kndx];",
-" stte[kndx] = tmp;",
-" } while (++indx);",
-" ptr += 256;",
-" len -= 256;",
+" const unsigned char *k=(const unsigned char *)str;",
+" int i;",
+" unsigned char j=0;",
+"",
+" for (i=0; i<256; i++)",
+" {",
+" j+=ctx->s[i]+k[i];",
+" SWAP(ctx->s[i], ctx->s[j]);",
" }",
"}",
"",
-"/*",
-" * Crypt data. ",
-" */",
-"void arc4(void * str, int len)",
+"void rc4(char *data, int sz)",
"{",
-" unsigned char tmp, * ptr = (unsigned char *)str;",
-" while (len > 0) {",
-" indx++;",
-" tmp = stte[indx];",
-" jndx += tmp;",
-" stte[indx] = stte[jndx];",
-" stte[jndx] = tmp;",
-" tmp += stte[indx];",
-" *ptr ^= stte[tmp];",
-" ptr++;",
-" len--;",
+" int idx;",
+" unsigned char t, k;",
+"",
+" for (idx=0; idx<sz; idx++)",
+" {",
+" ctx->i++;",
+" ctx->j+=ctx->s[ctx->i];",
+" SWAP(ctx->s[ctx->i], ctx->s[ctx->j]);",
+" t=ctx->s[ctx->i]+ctx->s[ctx->j];",
+" k=ctx->s[t];",
+" data[idx]^=k;",
" }",
"}",
"",
@@ -206,7 +245,7 @@
" control->st_size = statf->st_size;",
" control->st_mtime = statf->st_mtime;",
" control->st_ctime = statf->st_ctime;",
-" key(control, sizeof(control));",
+" key(\"control\", sizeof(control));",
" return 0;",
"}",
"",
@@ -315,35 +354,35 @@
"",
" stte_0();",
" key(pswd, pswd_z);",
-" arc4(msg1, msg1_z);",
-" arc4(date, date_z);",
+" rc4(msg1, msg1_z);",
+" rc4(date, date_z);",
" if (date[0] && date[0]<time(NULL))",
" return msg1;",
-" arc4(shll, shll_z);",
-" arc4(inlo, inlo_z);",
-" arc4(xecc, xecc_z);",
-" arc4(lsto, lsto_z);",
-" arc4(tst1, tst1_z);",
+" rc4(shll, shll_z);",
+" rc4(inlo, inlo_z);",
+" rc4(xecc, xecc_z);",
+" rc4(lsto, lsto_z);",
+" rc4(tst1, tst1_z);",
" key(tst1, tst1_z);",
-" arc4(chk1, chk1_z);",
+" rc4(chk1, chk1_z);",
" if ((chk1_z != tst1_z) || memcmp(tst1, chk1, tst1_z))",
" return tst1;",
" ret = chkenv(argc);",
-" arc4(msg2, msg2_z);",
+" rc4(msg2, msg2_z);",
" if (ret < 0)",
" return msg2;",
" varg = (char **)calloc(argc + 10, sizeof(char *));",
" if (!varg)",
" return 0;",
" if (ret) {",
-" arc4(rlax, rlax_z);",
+" rc4(rlax, rlax_z);",
" if (!rlax[0] && key_with_file(shll))",
" return shll;",
-" arc4(opts, opts_z);",
-" arc4(text, text_z);",
-" arc4(tst2, tst2_z);",
+" rc4(opts, opts_z);",
+" rc4(text, text_z);",
+" rc4(tst2, tst2_z);",
" key(tst2, tst2_z);",
-" arc4(chk2, chk2_z);",
+" rc4(chk2, chk2_z);",
" if ((chk2_z != tst2_z) || memcmp(tst2, chk2, tst2_z))",
" return tst2;",
" if (text_z < hide_z) {",
@@ -529,63 +568,52 @@
}
}
-/**
- * 'Alleged RC4' Source Code picked up from the news.
- * From: [EMAIL PROTECTED] (John L. Allen)
- * Newsgroups: comp.lang.c
- * Subject: Shrink this C code for fame and fun
- * Date: 21 May 1996 10:49:37 -0400
- */
-
-static unsigned char stte[256], indx, jndx, kndx;
-/*
- * Reset arc4 stte.
- */
-void stte_0(void)
+struct crypto_rc4_s
{
- indx = jndx = kndx = 0;
- do {
- stte[indx] = indx;
- } while (++indx);
+ unsigned char s[256];
+ unsigned char i;
+ unsigned char j;
}
+ ctxo, *ctx=&ctxo;
-/*
- * Set key. Can be used more than once.
- */
-void key(void * str, int len)
-{
- unsigned char tmp, * ptr = (unsigned char *)str;
- while (len > 0) {
- do {
- tmp = stte[indx];
- kndx += tmp;
- kndx += ptr[(int)indx % len];
- stte[indx] = stte[kndx];
- stte[kndx] = tmp;
- } while (++indx);
- ptr += 256;
- len -= 256;
- }
-}
+#define SWAP(x, y) do { unsigned char tmp; tmp=(x); (x)=(y); (y)=tmp; } while (0)
-/*
- * Crypt data.
- */
-void arc4(void * str, int len)
+void stte_0(void)
{
- unsigned char tmp, * ptr = (unsigned char *)str;
- while (len > 0) {
- indx++;
- tmp = stte[indx];
- jndx += tmp;
- stte[indx] = stte[jndx];
- stte[jndx] = tmp;
- tmp += stte[indx];
- *ptr ^= stte[tmp];
- ptr++;
- len--;
- }
+ int i;
+ for (i=0; i<256; i++)
+ ctx->s[i]=i;
+ ctx->i=ctx->j=0;
+}
+
+void key(const char *str, int len)
+{
+
+ const unsigned char *k=(const unsigned char *)str;
+ int i;
+ unsigned char j=0;
+
+ for (i=0; i<256; i++)
+ {
+ j+=ctx->s[i]+k[i];
+ SWAP(ctx->s[i], ctx->s[j]);
+ }
+}
+
+void rc4(char *data, int sz)
+{
+ int idx;
+ unsigned char t, k;
+ for (idx=0; idx<sz; idx++)
+ {
+ ctx->i++;
+ ctx->j+=ctx->s[ctx->i];
+ SWAP(ctx->s[ctx->i], ctx->s[ctx->j]);
+ t=ctx->s[ctx->i]+ctx->s[ctx->j];
+ k=ctx->s[t];
+ data[idx]^=k;
+ }
}
/*
@@ -609,7 +637,7 @@
control->st_size = statf->st_size;
control->st_mtime = statf->st_mtime;
control->st_ctime = statf->st_ctime;
- key(control, sizeof(control));
+ key("control", sizeof(control));
return 0;
}
@@ -802,7 +830,7 @@
void dump_array(FILE * o, void * ptr, char * name, int l, char * cast)
{
- arc4(ptr, l);
+ rc4(ptr, l);
prnt_array(o, ptr, name, l, cast);
}
@@ -844,28 +872,28 @@
key(pswd, pswd_z);
msg1_z += strlen(mail);
msg1 = strcat(realloc(msg1, msg1_z), mail);
- arc4(msg1, msg1_z); numd++;
- arc4(date, date_z); numd++;
- arc4(shll, shll_z); numd++;
- arc4(inlo, inlo_z); numd++;
- arc4(xecc, xecc_z); numd++;
- arc4(lsto, lsto_z); numd++;
- arc4(tst1, tst1_z); numd++;
+ rc4(msg1, msg1_z); numd++;
+ rc4(date, date_z); numd++;
+ rc4(shll, shll_z); numd++;
+ rc4(inlo, inlo_z); numd++;
+ rc4(xecc, xecc_z); numd++;
+ rc4(lsto, lsto_z); numd++;
+ rc4(tst1, tst1_z); numd++;
key(chk1, chk1_z);
- arc4(chk1, chk1_z); numd++;
- arc4(msg2, msg2_z); numd++;
+ rc4(chk1, chk1_z); numd++;
+ rc4(msg2, msg2_z); numd++;
indx = !rlax[0];
- arc4(rlax, rlax_z); numd++;
+ rc4(rlax, rlax_z); numd++;
if (indx && key_with_file(kwsh)) {
fprintf(stderr, "%s: invalid file name: %s", my_name, kwsh);
perror("");
exit(1);
}
- arc4(opts, opts_z); numd++;
- arc4(text, text_z); numd++;
- arc4(tst2, tst2_z); numd++;
+ rc4(opts, opts_z); numd++;
+ rc4(text, text_z); numd++;
+ rc4(tst2, tst2_z); numd++;
key(chk2, chk2_z);
- arc4(chk2, chk2_z); numd++;
+ rc4(chk2, chk2_z); numd++;
/* Output */
name = strcat(realloc(name, strlen(name)+5), ".x.c");
