Add encryption selection, and Blowfish as second option

[originally from svn r175]
2025-01-24 08:42:25 +00:00 · 1999-07-06 19:42:57 +00:00 · 1999-07-06 19:42:57 +00:00 · 585c14f365
commit 585c14f365
parent 4b76ca2ab2
5 changed files with 51 additions and 3 deletions
--- a/putty.h
+++ b/putty.h
@ -97,6 +97,7 @@ typedef struct {
    int close_on_exit;
    /* SSH options */
    int nopty;
+    enum { CIPHER_3DES, CIPHER_BLOWFISH } cipher;
    /* Telnet options */
    char termtype[32];
    char termspeed[32];
--- a/ssh.c
+++ b/ssh.c
@ -262,8 +262,11 @@ static void ssh_protocol(unsigned char *in, int inlen, int ispkt) {
    unsigned char cookie[8];
    struct RSAKey servkey, hostkey;
    struct MD5Context md5c;
+    unsigned long supported_ciphers_mask;
+    int cipher_type;

    extern struct ssh_cipher ssh_3des;
+    extern struct ssh_cipher ssh_blowfish;

    crBegin;

@ -283,6 +286,11 @@ static void ssh_protocol(unsigned char *in, int inlen, int ispkt) {

    j = makekey(pktin.body+8+i, &hostkey, &keystr2);

+    supported_ciphers_mask = (pktin.body[12+i+j] << 24) |
+                             (pktin.body[13+i+j] << 16) |
+                             (pktin.body[14+i+j] << 8) |
+                             (pktin.body[15+i+j]);
+
    MD5Update(&md5c, keystr2, hostkey.bytes);
    MD5Update(&md5c, keystr1, servkey.bytes);
    MD5Update(&md5c, pktin.body, 8);
@ -314,8 +322,15 @@ static void ssh_protocol(unsigned char *in, int inlen, int ispkt) {
 	rsaencrypt(rsabuf, hostkey.bytes, &servkey);
    }

+    cipher_type = cfg.cipher == CIPHER_BLOWFISH ? SSH_CIPHER_BLOWFISH :
+                  SSH_CIPHER_3DES;
+    if ((supported_ciphers_mask & (1 << cipher_type)) == 0) {
+	c_write("Selected cipher not supported, falling back to 3DES\r\n", 53);
+	cipher_type = SSH_CIPHER_3DES;
+    }
+
    s_wrpkt_start(3, len+15);
-    pktout.body[0] = 3;		       /* SSH_CIPHER_3DES */
+    pktout.body[0] = cipher_type;
    memcpy(pktout.body+1, cookie, 8);
    pktout.body[9] = (len*8) >> 8;
    pktout.body[10] = (len*8) & 0xFF;
@ -326,7 +341,8 @@ static void ssh_protocol(unsigned char *in, int inlen, int ispkt) {

    free(rsabuf);

-    cipher = &ssh_3des;
+    cipher = cipher_type == SSH_CIPHER_BLOWFISH ? &ssh_blowfish :
+             &ssh_3des;
    cipher->sesskey(session_key);

    do { crReturnV; } while (!ispkt);
--- a/ssh.h
+++ b/ssh.h
@ -1,5 +1,9 @@
 #include <string.h>

+#define SSH_CIPHER_IDEA		1
+#define SSH_CIPHER_3DES		3
+#define SSH_CIPHER_BLOWFISH	6
+
 struct RSAKey {
    int bits;
    int bytes;
--- a/win_res.h
+++ b/win_res.h
@ -96,6 +96,9 @@
 #define IDC3_EMRFC      1017

 #define IDC3_NOPTY      1018
+#define IDC3_CIPHERSTATIC 1019
+#define IDC3_CIPHER3DES	1020
+#define IDC3_CIPHERBLOWF 1021

 #define IDC4_MBSTATIC   1001
 #define IDC4_MBWINDOWS  1002
--- a/windlg.c
+++ b/windlg.c
@ -5,8 +5,8 @@
 #include <stdio.h>
 #include <stdlib.h>

-#include "putty.h"
 #include "ssh.h"
+#include "putty.h"
 #include "win_res.h"

 #define NPANELS 7
@ -149,6 +149,8 @@ static void save_settings (char *section, int do_host) {
    }
    wpps (sesskey, "UserName", cfg.username);
    wppi (sesskey, "NoPTY", cfg.nopty);
+    wpps (sesskey, "Cipher", cfg.cipher == CIPHER_BLOWFISH ? "blowfish" :
+                             "3des");
    wppi (sesskey, "RFCEnviron", cfg.rfc_environ);
    wppi (sesskey, "BackspaceIsDelete", cfg.bksp_is_delete);
    wppi (sesskey, "RXVTHomeEnd", cfg.rxvt_homeend);
@ -224,6 +226,7 @@ static void load_settings (char *section, int do_host) {
    }

    free(p);
+    RegCloseKey(subkey1);

    if (do_host) {
 	char prot[10];
@ -264,6 +267,14 @@ static void load_settings (char *section, int do_host) {
    }
    gpps (sesskey, "UserName", "", cfg.username, sizeof(cfg.username));
    gppi (sesskey, "NoPTY", 0, &cfg.nopty);
+    {
+	char cipher[10];
+	gpps (sesskey, "Cipher", "3des", cipher, 10);
+	if (!strcmp(cipher, "blowfish"))
+	    cfg.cipher = CIPHER_BLOWFISH;
+	else
+	    cfg.cipher = CIPHER_3DES;
+    }
    gppi (sesskey, "RFCEnviron", 0, &cfg.rfc_environ);
    gppi (sesskey, "BackspaceIsDelete", 1, &cfg.bksp_is_delete);
    gppi (sesskey, "RXVTHomeEnd", 0, &cfg.rxvt_homeend);
@ -865,6 +876,9 @@ static int CALLBACK SshProc (HWND hwnd, UINT msg,
 	SetDlgItemText (hwnd, IDC3_TTEDIT, cfg.termtype);
 	SetDlgItemText (hwnd, IDC3_LOGEDIT, cfg.username);
 	CheckDlgButton (hwnd, IDC3_NOPTY, cfg.nopty);
+	CheckRadioButton (hwnd, IDC3_CIPHER3DES, IDC3_CIPHERBLOWF,
+			  cfg.cipher == CIPHER_BLOWFISH ? IDC3_CIPHERBLOWF :
+			  IDC3_CIPHER3DES);
 	break;
      case WM_COMMAND:
 	switch (LOWORD(wParam)) {
@ -883,6 +897,16 @@ static int CALLBACK SshProc (HWND hwnd, UINT msg,
 		HIWORD(wParam) == BN_DOUBLECLICKED)
 		cfg.nopty = IsDlgButtonChecked (hwnd, IDC3_NOPTY);
 	    break;
+	  case IDC3_CIPHER3DES:
+	  case IDC3_CIPHERBLOWF:
+	    if (HIWORD(wParam) == BN_CLICKED ||
+		HIWORD(wParam) == BN_DOUBLECLICKED) {
+		if (IsDlgButtonChecked (hwnd, IDC3_CIPHER3DES))
+		    cfg.cipher = CIPHER_3DES;
+		else if (IsDlgButtonChecked (hwnd, IDC3_CIPHERBLOWF))
+		    cfg.cipher = CIPHER_BLOWFISH;
+	    }
+	    break;
 	}
 	break;
    }