mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-09 17:38:00 +00:00
Add single-DES support in SSH2
[originally from svn r1396]
This commit is contained in:
parent
cf2085eeaf
commit
b49fde9410
9
ssh.c
9
ssh.c
@ -236,15 +236,13 @@ extern void pfd_override_throttle(Socket s, int enable);
|
||||
#define OUR_V2_WINSIZE 16384
|
||||
|
||||
/*
|
||||
* Ciphers for SSH2. We miss out single-DES because it isn't
|
||||
* supported; also 3DES and Blowfish are both done differently from
|
||||
* SSH1. (3DES uses outer chaining; Blowfish has the opposite
|
||||
* endianness and different-sized keys.)
|
||||
* Ciphers for SSH2.
|
||||
*/
|
||||
const static struct ssh2_ciphers *ciphers[] = {
|
||||
&ssh2_aes,
|
||||
&ssh2_blowfish,
|
||||
&ssh2_3des,
|
||||
&ssh2_des,
|
||||
};
|
||||
|
||||
const static struct ssh_kex *kex_algs[] = {
|
||||
@ -3172,7 +3170,8 @@ static int do_ssh2_transport(unsigned char *in, int inlen, int ispkt)
|
||||
n_preferred_ciphers++;
|
||||
break;
|
||||
case CIPHER_DES:
|
||||
/* Not supported in SSH2; silently drop */
|
||||
preferred_ciphers[n_preferred_ciphers] = &ssh2_des;
|
||||
n_preferred_ciphers++;
|
||||
break;
|
||||
case CIPHER_3DES:
|
||||
preferred_ciphers[n_preferred_ciphers] = &ssh2_3des;
|
||||
|
1
ssh.h
1
ssh.h
@ -200,6 +200,7 @@ extern const struct ssh_cipher ssh_3des;
|
||||
extern const struct ssh_cipher ssh_des;
|
||||
extern const struct ssh_cipher ssh_blowfish_ssh1;
|
||||
extern const struct ssh2_ciphers ssh2_3des;
|
||||
extern const struct ssh2_ciphers ssh2_des;
|
||||
extern const struct ssh2_ciphers ssh2_aes;
|
||||
extern const struct ssh2_ciphers ssh2_blowfish;
|
||||
extern const struct ssh_kex ssh_diffiehellman;
|
||||
|
52
sshdes.c
52
sshdes.c
@ -757,6 +757,13 @@ static void des3_cskey(unsigned char *key)
|
||||
logevent("Initialised triple-DES client->server encryption");
|
||||
}
|
||||
|
||||
static void des_cskey(unsigned char *key)
|
||||
{
|
||||
des_key_setup(GET_32BIT_MSB_FIRST(key),
|
||||
GET_32BIT_MSB_FIRST(key + 4), &cskeys[0]);
|
||||
logevent("Initialised single-DES client->server encryption");
|
||||
}
|
||||
|
||||
static void des3_csiv(unsigned char *key)
|
||||
{
|
||||
cskeys[0].eiv0 = GET_32BIT_MSB_FIRST(key);
|
||||
@ -780,6 +787,13 @@ static void des3_sckey(unsigned char *key)
|
||||
logevent("Initialised triple-DES server->client encryption");
|
||||
}
|
||||
|
||||
static void des_sckey(unsigned char *key)
|
||||
{
|
||||
des_key_setup(GET_32BIT_MSB_FIRST(key),
|
||||
GET_32BIT_MSB_FIRST(key + 4), &sckeys[0]);
|
||||
logevent("Initialised single-DES server->client encryption");
|
||||
}
|
||||
|
||||
static void des3_sesskey(unsigned char *key)
|
||||
{
|
||||
des3_cskey(key);
|
||||
@ -806,6 +820,16 @@ static void des3_ssh2_decrypt_blk(unsigned char *blk, int len)
|
||||
des_cbc3_decrypt(blk, blk, len, sckeys);
|
||||
}
|
||||
|
||||
static void des_ssh2_encrypt_blk(unsigned char *blk, int len)
|
||||
{
|
||||
des_cbc_encrypt(blk, blk, len, cskeys);
|
||||
}
|
||||
|
||||
static void des_ssh2_decrypt_blk(unsigned char *blk, int len)
|
||||
{
|
||||
des_cbc_decrypt(blk, blk, len, sckeys);
|
||||
}
|
||||
|
||||
void des3_decrypt_pubkey(unsigned char *key, unsigned char *blk, int len)
|
||||
{
|
||||
DESContext ourkeys[3];
|
||||
@ -839,6 +863,20 @@ static const struct ssh2_cipher ssh_3des_ssh2 = {
|
||||
8, 168
|
||||
};
|
||||
|
||||
/*
|
||||
* Single DES in ssh2. It isn't clear that "des-cbc" is an official
|
||||
* cipher name, but ssh.com support it and apparently aren't the
|
||||
* only people to do so, so we sigh and implement it anyway.
|
||||
*/
|
||||
static const struct ssh2_cipher ssh_des_ssh2 = {
|
||||
des3_csiv, des_cskey, /* iv functions shared with 3des */
|
||||
des3_sciv, des_sckey,
|
||||
des_ssh2_encrypt_blk,
|
||||
des_ssh2_decrypt_blk,
|
||||
"des-cbc",
|
||||
8, 56
|
||||
};
|
||||
|
||||
static const struct ssh2_cipher *const des3_list[] = {
|
||||
&ssh_3des_ssh2
|
||||
};
|
||||
@ -848,6 +886,15 @@ const struct ssh2_ciphers ssh2_3des = {
|
||||
des3_list
|
||||
};
|
||||
|
||||
static const struct ssh2_cipher *const des_list[] = {
|
||||
&ssh_des_ssh2
|
||||
};
|
||||
|
||||
const struct ssh2_ciphers ssh2_des = {
|
||||
sizeof(des3_list) / sizeof(*des_list),
|
||||
des_list
|
||||
};
|
||||
|
||||
const struct ssh_cipher ssh_3des = {
|
||||
des3_sesskey,
|
||||
des3_encrypt_blk,
|
||||
@ -857,9 +904,8 @@ const struct ssh_cipher ssh_3des = {
|
||||
|
||||
static void des_sesskey(unsigned char *key)
|
||||
{
|
||||
des_key_setup(GET_32BIT_MSB_FIRST(key),
|
||||
GET_32BIT_MSB_FIRST(key + 4), &cskeys[0]);
|
||||
logevent("Initialised single-DES encryption");
|
||||
des_cskey(key);
|
||||
des_sckey(key);
|
||||
}
|
||||
|
||||
static void des_encrypt_blk(unsigned char *blk, int len)
|
||||
|
Loading…
Reference in New Issue
Block a user