From bea1ef5fee9d834f22e6b3092815e577dde347cf Mon Sep 17 00:00:00 2001
From: simon <simon@cda61777-01e9-0310-a592-d414129be87e>
Date: Tue, 6 Jul 1999 19:42:57 +0000
Subject: [PATCH] Add encryption selection, and Blowfish as second option

git-svn-id: svn://svn.tartarus.org/sgt/putty@175 cda61777-01e9-0310-a592-d414129be87e
---
 putty.h   |  1 +
 ssh.c     | 20 ++++++++++++++++++--
 ssh.h     |  4 ++++
 win_res.h |  3 +++
 windlg.c  | 26 +++++++++++++++++++++++++-
 5 files changed, 51 insertions(+), 3 deletions(-)

diff --git a/putty.h b/putty.h
index 4fed74d8..85c856ce 100644
--- a/putty.h
+++ b/putty.h
@@ -97,6 +97,7 @@ typedef struct {
     int close_on_exit;
     /* SSH options */
     int nopty;
+    enum { CIPHER_3DES, CIPHER_BLOWFISH } cipher;
     /* Telnet options */
     char termtype[32];
     char termspeed[32];
diff --git a/ssh.c b/ssh.c
index f29f87c4..8f7b7908 100644
--- a/ssh.c
+++ b/ssh.c
@@ -262,8 +262,11 @@ static void ssh_protocol(unsigned char *in, int inlen, int ispkt) {
     unsigned char cookie[8];
     struct RSAKey servkey, hostkey;
     struct MD5Context md5c;
+    unsigned long supported_ciphers_mask;
+    int cipher_type;
 
     extern struct ssh_cipher ssh_3des;
+    extern struct ssh_cipher ssh_blowfish;
 
     crBegin;
 
@@ -283,6 +286,11 @@ static void ssh_protocol(unsigned char *in, int inlen, int ispkt) {
 
     j = makekey(pktin.body+8+i, &hostkey, &keystr2);
 
+    supported_ciphers_mask = (pktin.body[12+i+j] << 24) |
+                             (pktin.body[13+i+j] << 16) |
+                             (pktin.body[14+i+j] << 8) |
+                             (pktin.body[15+i+j]);
+
     MD5Update(&md5c, keystr2, hostkey.bytes);
     MD5Update(&md5c, keystr1, servkey.bytes);
     MD5Update(&md5c, pktin.body, 8);
@@ -314,8 +322,15 @@ static void ssh_protocol(unsigned char *in, int inlen, int ispkt) {
 	rsaencrypt(rsabuf, hostkey.bytes, &servkey);
     }
 
+    cipher_type = cfg.cipher == CIPHER_BLOWFISH ? SSH_CIPHER_BLOWFISH :
+                  SSH_CIPHER_3DES;
+    if ((supported_ciphers_mask & (1 << cipher_type)) == 0) {
+	c_write("Selected cipher not supported, falling back to 3DES\r\n", 53);
+	cipher_type = SSH_CIPHER_3DES;
+    }
+
     s_wrpkt_start(3, len+15);
-    pktout.body[0] = 3;		       /* SSH_CIPHER_3DES */
+    pktout.body[0] = cipher_type;
     memcpy(pktout.body+1, cookie, 8);
     pktout.body[9] = (len*8) >> 8;
     pktout.body[10] = (len*8) & 0xFF;
@@ -326,7 +341,8 @@ static void ssh_protocol(unsigned char *in, int inlen, int ispkt) {
 
     free(rsabuf);
 
-    cipher = &ssh_3des;
+    cipher = cipher_type == SSH_CIPHER_BLOWFISH ? &ssh_blowfish :
+             &ssh_3des;
     cipher->sesskey(session_key);
 
     do { crReturnV; } while (!ispkt);
diff --git a/ssh.h b/ssh.h
index 5c72eeb1..a252ef83 100644
--- a/ssh.h
+++ b/ssh.h
@@ -1,5 +1,9 @@
 #include <string.h>
 
+#define SSH_CIPHER_IDEA		1
+#define SSH_CIPHER_3DES		3
+#define SSH_CIPHER_BLOWFISH	6
+
 struct RSAKey {
     int bits;
     int bytes;
diff --git a/win_res.h b/win_res.h
index b50da6ca..a956cfa7 100644
--- a/win_res.h
+++ b/win_res.h
@@ -96,6 +96,9 @@
 #define IDC3_EMRFC      1017
 
 #define IDC3_NOPTY      1018
+#define IDC3_CIPHERSTATIC 1019
+#define IDC3_CIPHER3DES	1020
+#define IDC3_CIPHERBLOWF 1021
 
 #define IDC4_MBSTATIC   1001
 #define IDC4_MBWINDOWS  1002
diff --git a/windlg.c b/windlg.c
index 757300dc..a1e463ec 100644
--- a/windlg.c
+++ b/windlg.c
@@ -5,8 +5,8 @@
 #include <stdio.h>
 #include <stdlib.h>
 
-#include "putty.h"
 #include "ssh.h"
+#include "putty.h"
 #include "win_res.h"
 
 #define NPANELS 7
@@ -149,6 +149,8 @@ static void save_settings (char *section, int do_host) {
     }
     wpps (sesskey, "UserName", cfg.username);
     wppi (sesskey, "NoPTY", cfg.nopty);
+    wpps (sesskey, "Cipher", cfg.cipher == CIPHER_BLOWFISH ? "blowfish" :
+                             "3des");
     wppi (sesskey, "RFCEnviron", cfg.rfc_environ);
     wppi (sesskey, "BackspaceIsDelete", cfg.bksp_is_delete);
     wppi (sesskey, "RXVTHomeEnd", cfg.rxvt_homeend);
@@ -224,6 +226,7 @@ static void load_settings (char *section, int do_host) {
     }
 
     free(p);
+    RegCloseKey(subkey1);
 
     if (do_host) {
 	char prot[10];
@@ -264,6 +267,14 @@ static void load_settings (char *section, int do_host) {
     }
     gpps (sesskey, "UserName", "", cfg.username, sizeof(cfg.username));
     gppi (sesskey, "NoPTY", 0, &cfg.nopty);
+    {
+	char cipher[10];
+	gpps (sesskey, "Cipher", "3des", cipher, 10);
+	if (!strcmp(cipher, "blowfish"))
+	    cfg.cipher = CIPHER_BLOWFISH;
+	else
+	    cfg.cipher = CIPHER_3DES;
+    }
     gppi (sesskey, "RFCEnviron", 0, &cfg.rfc_environ);
     gppi (sesskey, "BackspaceIsDelete", 1, &cfg.bksp_is_delete);
     gppi (sesskey, "RXVTHomeEnd", 0, &cfg.rxvt_homeend);
@@ -865,6 +876,9 @@ static int CALLBACK SshProc (HWND hwnd, UINT msg,
 	SetDlgItemText (hwnd, IDC3_TTEDIT, cfg.termtype);
 	SetDlgItemText (hwnd, IDC3_LOGEDIT, cfg.username);
 	CheckDlgButton (hwnd, IDC3_NOPTY, cfg.nopty);
+	CheckRadioButton (hwnd, IDC3_CIPHER3DES, IDC3_CIPHERBLOWF,
+			  cfg.cipher == CIPHER_BLOWFISH ? IDC3_CIPHERBLOWF :
+			  IDC3_CIPHER3DES);
 	break;
       case WM_COMMAND:
 	switch (LOWORD(wParam)) {
@@ -883,6 +897,16 @@ static int CALLBACK SshProc (HWND hwnd, UINT msg,
 		HIWORD(wParam) == BN_DOUBLECLICKED)
 		cfg.nopty = IsDlgButtonChecked (hwnd, IDC3_NOPTY);
 	    break;
+	  case IDC3_CIPHER3DES:
+	  case IDC3_CIPHERBLOWF:
+	    if (HIWORD(wParam) == BN_CLICKED ||
+		HIWORD(wParam) == BN_DOUBLECLICKED) {
+		if (IsDlgButtonChecked (hwnd, IDC3_CIPHER3DES))
+		    cfg.cipher = CIPHER_3DES;
+		else if (IsDlgButtonChecked (hwnd, IDC3_CIPHERBLOWF))
+		    cfg.cipher = CIPHER_BLOWFISH;
+	    }
+	    break;
 	}
 	break;
     }
-- 
2.11.0