You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mina.apache.org by gn...@apache.org on 2012/09/12 14:25:37 UTC
svn commit: r1383910 - in /mina/sshd/trunk/sshd-core/src: docs/
main/java/org/apache/sshd/ main/java/org/apache/sshd/common/cipher/
Author: gnodet
Date: Wed Sep 12 12:25:36 2012
New Revision: 1383910
URL: http://svn.apache.org/viewvc?rev=1383910&view=rev
Log:
[SSHD-180] Add support for CTR and RC4 ciphers
Added:
mina/sshd/trunk/sshd-core/src/docs/rfc4345.txt
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/AES128CTR.java
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/AES256CTR.java
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/ARCFOUR128.java
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/ARCFOUR256.java
Modified:
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/SshClient.java
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/SshServer.java
mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/BaseCipher.java
Added: mina/sshd/trunk/sshd-core/src/docs/rfc4345.txt
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/docs/rfc4345.txt?rev=1383910&view=auto
==============================================================================
--- mina/sshd/trunk/sshd-core/src/docs/rfc4345.txt (added)
+++ mina/sshd/trunk/sshd-core/src/docs/rfc4345.txt Wed Sep 12 12:25:36 2012
@@ -0,0 +1,283 @@
+
+
+
+
+
+
+Network Working Group B. Harris
+Request for Comments: 4345 January 2006
+Category: Standards Track
+
+
+ Improved Arcfour Modes for
+ the Secure Shell (SSH) Transport Layer Protocol
+
+Status of This Memo
+
+ This document specifies an Internet standards track protocol for the
+ Internet community, and requests discussion and suggestions for
+ improvements. Please refer to the current edition of the "Internet
+ Official Protocol Standards" (STD 1) for the standardization state
+ and status of this protocol. Distribution of this memo is unlimited.
+
+Copyright Notice
+
+ Copyright (C) The Internet Society (2006).
+
+Abstract
+
+ This document specifies methods of using the Arcfour cipher in the
+ Secure Shell (SSH) protocol that mitigate the weakness of the
+ cipher's key-scheduling algorithm.
+
+1. Introduction
+
+ Secure Shell (SSH) [RFC4251] is a secure remote-login protocol. It
+ allows for the use of an extensible variety of symmetric cipher
+ algorithms to provide confidentiality for data in transit. One of
+ the algorithms specified in the base protocol is "arcfour", which
+ specifies the use of Arcfour (also known as RC4), a fast stream
+ cipher. As [RFC4253] says, though, "Arcfour (and RC4) has problems
+ with weak keys, and should be used with caution." These problems are
+ described in more detail in [MANTIN01], along with a recommendation
+ to discard the first 1536 bytes of keystream so as to ensure that the
+ cipher's internal state is thoroughly mixed. This document specifies
+ new cipher algorithms for SSH that follow this recommendation.
+
+2. Conventions Used in this Document
+
+ The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
+ "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
+ document are to be interpreted as described in [RFC2119].
+
+
+
+
+
+
+Harris Standards Track [Page 1]
+
+RFC 4345 Improved Arcfour Modes for SSH January 2006
+
+
+3. Applicability Statement
+
+ Implementations of Arcfour are typically slightly faster and much
+ smaller than those of any other encryption algorithm currently
+ defined for SSH. This must be balanced, though, against the known
+ security problems with Arcfour described in Section 5. In most
+ cases, where speed and code size are not critical issues, the
+ algorithms specified by [RFC4344] should be used instead.
+
+4. Algorithm Definitions
+
+ The "arcfour128" algorithm is the RC4 cipher, as described in
+ [SCHNEIER], using a 128-bit key. The first 1536 bytes of keystream
+ generated by the cipher MUST be discarded, and the first byte of the
+ first encrypted packet MUST be encrypted using the 1537th byte of
+ keystream.
+
+ The "arcfour256" algorithm is the same, but uses a 256-bit key.
+
+5. Security Considerations
+
+ The security considerations in [RFC4251] apply.
+
+ The discarded bytes of keystream MUST be kept secret and MUST NOT be
+ transmitted over the network. The contents of these bytes could
+ reveal information about the key.
+
+ There are two classes of attack on Arcfour described in [MIRONOV].
+ Strong distinguishers distinguish an Arcfour keystream from
+ randomness at the start of the stream and are defended against by the
+ algorithm defined in this document. Weak distinguishers can operate
+ on any part of the keystream, and the best ones, described in [FMcG]
+ and [MANTIN05], can use data from multiple, different keystreams. A
+ consequence of this is that encrypting the same data (for instance, a
+ password) sufficiently many times in separate Arcfour keystreams can
+ be sufficient to leak information about it to an adversary. It is
+ thus RECOMMENDED that Arcfour (either in the form described here or
+ that described in [RFC4251]) not be used for high-volume password-
+ authenticated connections.
+
+6. IANA Considerations
+
+ The IANA has assigned the Encryption Algorithm Names "arcfour128" and
+ "arcfour256" in accordance with [RFC4250].
+
+
+
+
+
+
+
+Harris Standards Track [Page 2]
+
+RFC 4345 Improved Arcfour Modes for SSH January 2006
+
+
+7. References
+
+7.1. Normative References
+
+ [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
+ Requirement Levels", BCP 14, RFC 2119, March 1997.
+
+ [RFC4250] Lehtinen, S. and C. Lonvick, Ed., "The Secure Shell (SSH)
+ Protocol Assigned Numbers", RFC 4250, January 2006.
+
+ [RFC4251] Ylonen, T. and C. Lonvick, Ed., "The Secure Shell (SSH)
+ Protocol Architecture", RFC 4251, January 2006.
+
+ [RFC4253] Ylonen, T. and C. Lonvick, Ed., "The Secure Shell (SSH)
+ Transport Layer Protocol", RFC 4253, January 2006
+
+ [RFC4344] Bellare, M., Kohno, T., and C. Namprempre, "The Secure
+ Shell (SSH) Transport Layer Encryption Modes", RFC 4344,
+ January 2006.
+
+ [SCHNEIER] Schneier, B., "Applied Cryptography Second Edition:
+ protocols algorithms and source in code in C", John Wiley
+ and Sons, New York, NY, 1996.
+
+7.2. Informative References
+
+ [FMcG] Fluhrer, S. and D. McGrew, "Statistical Analysis of the
+ Alleged RC4 Keystream Generator", Fast Software
+ Encryption: 7th International Workshop, FSE 2000, April
+ 2000, <http://www.mindspring.com/~dmcgrew/rc4-03.pdf>.
+
+ [MANTIN01] Mantin, I., "Analysis of the Stream Cipher RC4", M.Sc.
+ Thesis, Weizmann Institute of Science, 2001, <http://
+ www.wisdom.weizmann.ac.il/~itsik/RC4/Papers/Mantin1.zip>.
+
+ [MIRONOV] Mironov, I., "(Not So) Random Shuffles of RC4", Advances
+ in Cryptology -- CRYPTO 2002: 22nd Annual International
+ Cryptology Conference, August 2002,
+ <http://eprint.iacr.org/2002/067.pdf>.
+
+ [MANTIN05] Mantin, I., "Predicting and Distinguishing Attacks on RC4
+ Keystream Generator", Advances in Cryptology -- EUROCRYPT
+ 2005: 24th Annual International Conference on the Theory
+ and Applications of Cryptographic Techniques, May 2005.
+
+
+
+
+
+
+
+Harris Standards Track [Page 3]
+
+RFC 4345 Improved Arcfour Modes for SSH January 2006
+
+
+Author's Address
+
+ Ben Harris
+ 2a Eachard Road
+ CAMBRIDGE
+ CB3 0HY
+ UNITED KINGDOM
+
+ EMail: bjh21@bjh21.me.uk
+
+Trademark Notice
+
+ "RC4" and "SSH" are registered trademarks in the United States.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Harris Standards Track [Page 4]
+
+RFC 4345 Improved Arcfour Modes for SSH January 2006
+
+
+Full Copyright Statement
+
+ Copyright (C) The Internet Society (2006).
+
+ This document is subject to the rights, licenses and restrictions
+ contained in BCP 78, and except as set forth therein, the authors
+ retain all their rights.
+
+ This document and the information contained herein are provided on an
+ "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
+ OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
+ ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
+ INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
+ INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
+ WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+
+Intellectual Property
+
+ The IETF takes no position regarding the validity or scope of any
+ Intellectual Property Rights or other rights that might be claimed to
+ pertain to the implementation or use of the technology described in
+ this document or the extent to which any license under such rights
+ might or might not be available; nor does it represent that it has
+ made any independent effort to identify any such rights. Information
+ on the procedures with respect to rights in RFC documents can be
+ found in BCP 78 and BCP 79.
+
+ Copies of IPR disclosures made to the IETF Secretariat and any
+ assurances of licenses to be made available, or the result of an
+ attempt made to obtain a general license or permission for the use of
+ such proprietary rights by implementers or users of this
+ specification can be obtained from the IETF on-line IPR repository at
+ http://www.ietf.org/ipr.
+
+ The IETF invites any interested party to bring to its attention any
+ copyrights, patents or patent applications, or other proprietary
+ rights that may cover technology that may be required to implement
+ this standard. Please address the information to the IETF at
+ ietf-ipr@ietf.org.
+
+Acknowledgement
+
+ Funding for the RFC Editor function is provided by the IETF
+ Administrative Support Activity (IASA).
+
+
+
+
+
+
+
+Harris Standards Track [Page 5]
+
\ No newline at end of file
Modified: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/SshClient.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/SshClient.java?rev=1383910&r1=1383909&r2=1383910&view=diff
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/SshClient.java (original)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/SshClient.java Wed Sep 12 12:25:36 2012
@@ -54,8 +54,12 @@ import org.apache.sshd.common.Mac;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.common.Signature;
import org.apache.sshd.common.cipher.AES128CBC;
+import org.apache.sshd.common.cipher.AES128CTR;
import org.apache.sshd.common.cipher.AES192CBC;
import org.apache.sshd.common.cipher.AES256CBC;
+import org.apache.sshd.common.cipher.AES256CTR;
+import org.apache.sshd.common.cipher.ARCFOUR128;
+import org.apache.sshd.common.cipher.ARCFOUR256;
import org.apache.sshd.common.cipher.BlowfishCBC;
import org.apache.sshd.common.cipher.TripleDESCBC;
import org.apache.sshd.common.compression.CompressionNone;
@@ -245,6 +249,10 @@ public class SshClient extends AbstractF
private static void setUpDefaultCiphers(SshClient client) {
List<NamedFactory<Cipher>> avail = new LinkedList<NamedFactory<Cipher>>();
+ avail.add(new AES128CTR.Factory());
+ avail.add(new AES256CTR.Factory());
+ avail.add(new ARCFOUR128.Factory());
+ avail.add(new ARCFOUR256.Factory());
avail.add(new AES128CBC.Factory());
avail.add(new TripleDESCBC.Factory());
avail.add(new BlowfishCBC.Factory());
Modified: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/SshServer.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/SshServer.java?rev=1383910&r1=1383909&r2=1383910&view=diff
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/SshServer.java (original)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/SshServer.java Wed Sep 12 12:25:36 2012
@@ -47,8 +47,12 @@ import org.apache.sshd.common.Mac;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.common.Signature;
import org.apache.sshd.common.cipher.AES128CBC;
+import org.apache.sshd.common.cipher.AES128CTR;
import org.apache.sshd.common.cipher.AES192CBC;
import org.apache.sshd.common.cipher.AES256CBC;
+import org.apache.sshd.common.cipher.AES256CTR;
+import org.apache.sshd.common.cipher.ARCFOUR128;
+import org.apache.sshd.common.cipher.ARCFOUR256;
import org.apache.sshd.common.cipher.BlowfishCBC;
import org.apache.sshd.common.cipher.TripleDESCBC;
import org.apache.sshd.common.compression.CompressionNone;
@@ -68,7 +72,6 @@ import org.apache.sshd.common.util.OsUti
import org.apache.sshd.common.util.SecurityUtils;
import org.apache.sshd.server.Command;
import org.apache.sshd.server.CommandFactory;
-import org.apache.sshd.server.session.DefaultForwardingAcceptorFactory;
import org.apache.sshd.server.FileSystemFactory;
import org.apache.sshd.server.ForwardingAcceptorFactory;
import org.apache.sshd.server.ForwardingFilter;
@@ -87,6 +90,7 @@ import org.apache.sshd.server.kex.DHG1;
import org.apache.sshd.server.kex.DHG14;
import org.apache.sshd.server.keyprovider.PEMGeneratorHostKeyProvider;
import org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider;
+import org.apache.sshd.server.session.DefaultForwardingAcceptorFactory;
import org.apache.sshd.server.session.ServerSession;
import org.apache.sshd.server.session.SessionFactory;
import org.apache.sshd.server.shell.ProcessShellFactory;
@@ -506,6 +510,10 @@ public class SshServer extends AbstractF
private static void setUpDefaultCiphers(SshServer sshd) {
List<NamedFactory<Cipher>> avail = new LinkedList<NamedFactory<Cipher>>();
+ avail.add(new AES128CTR.Factory());
+ avail.add(new AES256CTR.Factory());
+ avail.add(new ARCFOUR128.Factory());
+ avail.add(new ARCFOUR256.Factory());
avail.add(new AES128CBC.Factory());
avail.add(new TripleDESCBC.Factory());
avail.add(new BlowfishCBC.Factory());
Added: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/AES128CTR.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/AES128CTR.java?rev=1383910&view=auto
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/AES128CTR.java (added)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/AES128CTR.java Wed Sep 12 12:25:36 2012
@@ -0,0 +1,47 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sshd.common.cipher;
+
+import org.apache.sshd.common.Cipher;
+import org.apache.sshd.common.NamedFactory;
+
+/**
+ * AES128CTR cipher
+ *
+ * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
+ */
+public class AES128CTR extends BaseCipher {
+
+ /**
+ * Named factory for AES128CTR Cipher
+ */
+ public static class Factory implements NamedFactory<Cipher> {
+ public String getName() {
+ return "aes128-ctr";
+ }
+ public Cipher create() {
+ return new AES128CTR();
+ }
+ }
+
+ public AES128CTR() {
+ super(16, 16, "AES", "AES/CTR/NoPadding");
+ }
+
+}
Added: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/AES256CTR.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/AES256CTR.java?rev=1383910&view=auto
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/AES256CTR.java (added)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/AES256CTR.java Wed Sep 12 12:25:36 2012
@@ -0,0 +1,47 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sshd.common.cipher;
+
+import org.apache.sshd.common.Cipher;
+import org.apache.sshd.common.NamedFactory;
+
+/**
+ * AES256CTR Cipher
+ *
+ * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
+ */
+public class AES256CTR extends BaseCipher {
+
+ /**
+ * Named factory for AES256CTR Cipher
+ */
+ public static class Factory implements NamedFactory<Cipher> {
+ public String getName() {
+ return "aes256-ctr";
+ }
+ public Cipher create() {
+ return new AES256CTR();
+ }
+ }
+
+ public AES256CTR() {
+ super(16, 32, "AES", "AES/CTR/NoPadding");
+ }
+
+}
\ No newline at end of file
Added: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/ARCFOUR128.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/ARCFOUR128.java?rev=1383910&view=auto
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/ARCFOUR128.java (added)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/ARCFOUR128.java Wed Sep 12 12:25:36 2012
@@ -0,0 +1,61 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sshd.common.cipher;
+
+import org.apache.sshd.common.Cipher;
+import org.apache.sshd.common.NamedFactory;
+
+/**
+ * ARCFOUR128 cipher
+ *
+ * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
+ */
+public class ARCFOUR128 extends BaseCipher {
+
+ /**
+ * Named factory for AES128CTR Cipher
+ */
+ public static class Factory implements NamedFactory<Cipher> {
+ public String getName() {
+ return "arcfour128";
+ }
+ public Cipher create() {
+ return new ARCFOUR128();
+ }
+ }
+
+ public ARCFOUR128() {
+ super(8, 16, "ARCFOUR", "RC4");
+ }
+
+ @Override
+ public void init(Mode mode, byte[] key, byte[] iv) throws Exception {
+ super.init(mode, key, iv);
+ try {
+ byte[] foo = new byte[1];
+ for (int i = 0; i < 1536; i++) {
+ cipher.update(foo, 0, 1, foo, 0);
+ }
+ } catch (Exception e) {
+ cipher = null;
+ throw e;
+ }
+ }
+
+}
Added: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/ARCFOUR256.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/ARCFOUR256.java?rev=1383910&view=auto
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/ARCFOUR256.java (added)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/ARCFOUR256.java Wed Sep 12 12:25:36 2012
@@ -0,0 +1,60 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.sshd.common.cipher;
+
+import org.apache.sshd.common.Cipher;
+import org.apache.sshd.common.NamedFactory;
+
+/**
+ * ARCFOUR256 cipher
+ *
+ * @author <a href="mailto:dev@mina.apache.org">Apache MINA SSHD Project</a>
+ */
+public class ARCFOUR256 extends BaseCipher {
+
+ /**
+ * Named factory for AES128CTR Cipher
+ */
+ public static class Factory implements NamedFactory<Cipher> {
+ public String getName() {
+ return "arcfour256";
+ }
+ public Cipher create() {
+ return new ARCFOUR256();
+ }
+ }
+
+ public ARCFOUR256() {
+ super(8, 32, "ARCFOUR", "RC4");
+ }
+
+ @Override
+ public void init(Mode mode, byte[] key, byte[] iv) throws Exception {
+ super.init(mode, key, iv);
+ try {
+ byte[] foo = new byte[1];
+ for (int i = 0; i < 1536; i++) {
+ cipher.update(foo, 0, 1, foo, 0);
+ }
+ } catch (Exception e) {
+ cipher = null;
+ throw e;
+ }
+ }
+}
Modified: mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/BaseCipher.java
URL: http://svn.apache.org/viewvc/mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/BaseCipher.java?rev=1383910&r1=1383909&r2=1383910&view=diff
==============================================================================
--- mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/BaseCipher.java (original)
+++ mina/sshd/trunk/sshd-core/src/main/java/org/apache/sshd/common/cipher/BaseCipher.java Wed Sep 12 12:25:36 2012
@@ -31,11 +31,11 @@ import org.apache.sshd.common.util.Secur
*/
public class BaseCipher implements Cipher {
- private final int ivsize;
- private final int bsize;
- private final String algorithm;
- private final String transformation;
- private javax.crypto.Cipher cipher;
+ protected final int ivsize;
+ protected final int bsize;
+ protected final String algorithm;
+ protected final String transformation;
+ protected javax.crypto.Cipher cipher;
public BaseCipher(int ivsize, int bsize, String algorithm, String transformation) {
this.ivsize = ivsize;