From 50d144a7305c6f454a8f8f1a10ac7234eac2ceeb Mon Sep 17 00:00:00 2001
From: Iru Cai <mytbk920423@gmail.com>
Date: Tue, 8 Nov 2016 11:40:32 +0800
Subject: add aes-ctr cipher support

---
 src/protocol/internal/fqterm_ssh2_kex.cpp | 39 ++++++++++++++++++++++++++-----
 1 file changed, 33 insertions(+), 6 deletions(-)

(limited to 'src/protocol/internal/fqterm_ssh2_kex.cpp')

diff --git a/src/protocol/internal/fqterm_ssh2_kex.cpp b/src/protocol/internal/fqterm_ssh2_kex.cpp
index e2fd784..59ec85e 100644
--- a/src/protocol/internal/fqterm_ssh2_kex.cpp
+++ b/src/protocol/internal/fqterm_ssh2_kex.cpp
@@ -137,8 +137,38 @@ void FQTermSSH2Kex::negotiateAlgorithms() {
   }
   this->dh = dh();
 
+  // TODO: host key algorithms
+  size_t hk_algo_len = packet_receiver_->getInt();
+  char hk_algo[hk_algo_len+1];
+  packet_receiver_->getRawData(hk_algo, hk_algo_len);
+  hk_algo[hk_algo_len] = '\0';
+
+  // encryption algo c2s
+  size_t el_c2s_len = packet_receiver_->getInt();
+  char el_c2s[el_c2s_len+1];
+  packet_receiver_->getRawData(el_c2s, el_c2s_len);
+  el_c2s[el_c2s_len] = '\0';
+  NEW_CIPHER c2s = search_cipher(el_c2s);
+  if (c2s==NULL) {
+	  emit kexError(tr("No matching c2s cipher algorithms!"));
+	  return;
+  }
+  packet_sender_->cipher = c2s(1);
+
+  // encryption algo s2c
+  size_t el_s2c_len = packet_receiver_->getInt();
+  char el_s2c[el_s2c_len+1];
+  packet_receiver_->getRawData(el_s2c, el_s2c_len);
+  el_s2c[el_s2c_len] = '\0';
+  NEW_CIPHER s2c = search_cipher(el_s2c);
+  if (s2c==NULL) {
+	  emit kexError(tr("No matching s2c cipher algorithms!"));
+	  return;
+  }
+  packet_receiver_->cipher = s2c(0);
+
   std::vector<char> name_lists;
-  for (int i = 1; i < 10; ++i) {
+  for (int i = 4; i < 10; ++i) {
     int name_lists_len = packet_receiver_->getInt();
     if (name_lists_len > 0) {
       name_lists.resize(name_lists_len);
@@ -159,8 +189,8 @@ void FQTermSSH2Kex::negotiateAlgorithms() {
   packet_sender_->putRawData((const char*)cookie_, 16);    // FIXME: generate new cookie_;
   packet_sender_->putString(all_dh_list);
   packet_sender_->putString("ssh-rsa");
-  packet_sender_->putString("3des-cbc");
-  packet_sender_->putString("3des-cbc");
+  packet_sender_->putString(all_ciphers_list);
+  packet_sender_->putString(all_ciphers_list);
   packet_sender_->putString("hmac-sha1");
   packet_sender_->putString("hmac-sha1");
   packet_sender_->putString("none");
@@ -297,9 +327,6 @@ bool FQTermSSH2Kex::changeKeyAlg() {
     memcpy(session_id_, H_, SHA_DIGEST_LENGTH);
   }
 
-  packet_sender_->cipher = new_ssh_cipher_evp(EVP_des_ede3_cbc, 24, 8, 8, 1);
-  packet_receiver_->cipher = new_ssh_cipher_evp(EVP_des_ede3_cbc, 24, 8, 8, 0);
-
   packet_sender_->setMacType(FQTERM_SSH_HMAC_SHA1);
   packet_receiver_->setMacType(FQTERM_SSH_HMAC_SHA1);
 
-- 
cgit v1.2.3