diff --git a/src/internal.c b/src/internal.c index 8c7c773b..a6c5d1d3 100644 --- a/src/internal.c +++ b/src/internal.c @@ -722,6 +722,7 @@ WOLFSSH_CTX* CtxInit(WOLFSSH_CTX* ctx, byte side, void* heap) } ctx->algoListCipher = cannedEncAlgoNames; ctx->algoListMac = cannedMacAlgoNames; + ctx->algoListKeyAccepted = cannedKeyAlgoNames; count = (word32)(sizeof(ctx->privateKey) / sizeof(ctx->privateKey[0])); @@ -894,6 +895,7 @@ WOLFSSH* SshInit(WOLFSSH* ssh, WOLFSSH_CTX* ctx) ssh->algoListKey = ctx->algoListKey; ssh->algoListCipher = ctx->algoListCipher; ssh->algoListMac = ctx->algoListMac; + ssh->algoListKeyAccepted = ctx->algoListKeyAccepted; #ifdef WOLFSSH_SCP ssh->scpRequestState = SCP_PARSE_COMMAND; ssh->scpConfirmMsg = NULL; @@ -11232,7 +11234,7 @@ int SendExtInfo(WOLFSSH* ssh) { byte* output; word32 idx; - word32 cannedKeyAlgoNamesSz = 0; + word32 keyAlgoNamesSz = 0; word32 serverSigAlgsNameSz = 0; int ret = WS_SUCCESS; @@ -11243,10 +11245,10 @@ int SendExtInfo(WOLFSSH* ssh) } if (ret == WS_SUCCESS) { - cannedKeyAlgoNamesSz = AlgoListSz(cannedKeyAlgoNames); + keyAlgoNamesSz = AlgoListSz(ssh->algoListKeyAccepted); serverSigAlgsNameSz = AlgoListSz(serverSigAlgsName); ret = PreparePacket(ssh, MSG_ID_SZ + UINT32_SZ + (LENGTH_SZ * 2) - + serverSigAlgsNameSz + cannedKeyAlgoNamesSz); + + serverSigAlgsNameSz + keyAlgoNamesSz); } if (ret == WS_SUCCESS) { @@ -11262,10 +11264,10 @@ int SendExtInfo(WOLFSSH* ssh) WMEMCPY(output + idx, serverSigAlgsName, serverSigAlgsNameSz); idx += serverSigAlgsNameSz; - c32toa(cannedKeyAlgoNamesSz, output + idx); + c32toa(keyAlgoNamesSz, output + idx); idx += LENGTH_SZ; - WMEMCPY(output + idx, cannedKeyAlgoNames, cannedKeyAlgoNamesSz); - idx += cannedKeyAlgoNamesSz; + WMEMCPY(output + idx, ssh->algoListKeyAccepted, keyAlgoNamesSz); + idx += keyAlgoNamesSz; ssh->outputBuffer.length = idx; diff --git a/src/ssh.c b/src/ssh.c index 5edb6ee9..73ee5fea 100644 --- a/src/ssh.c +++ b/src/ssh.c @@ -2132,6 +2132,56 @@ const char* wolfSSH_GetAlgoListMac(WOLFSSH* ssh) } +int wolfSSH_CTX_SetAlgoListKeyAccepted(WOLFSSH_CTX* ctx, const char* list) +{ + int ret = WS_SSH_CTX_NULL_E; + + if (ctx) { + ctx->algoListKeyAccepted = list; + ret = WS_SUCCESS; + } + + return ret; +} + + +const char* wolfSSH_CTX_GetAlgoListKeyAccepted(WOLFSSH_CTX* ctx) +{ + const char* list = NULL; + + if (ctx) { + list = ctx->algoListKeyAccepted; + } + + return list; +} + + +int wolfSSH_SetAlgoListKeyAccepted(WOLFSSH* ssh, const char* list) +{ + int ret = WS_SSH_NULL_E; + + if (ssh) { + ssh->algoListKeyAccepted = list; + ret = WS_SUCCESS; + } + + return ret; +} + + +const char* wolfSSH_GetAlgoListKeyAccepted(WOLFSSH* ssh) +{ + const char* list = NULL; + + if (ssh) { + list = ssh->algoListKeyAccepted; + } + + return list; +} + + int wolfSSH_CheckAlgoName(const char* name) { int ret = WS_INVALID_ALGO_ID; diff --git a/wolfssh/internal.h b/wolfssh/internal.h index 228854a5..80ffefec 100644 --- a/wolfssh/internal.h +++ b/wolfssh/internal.h @@ -513,6 +513,7 @@ struct WOLFSSH_CTX { const char* algoListKey; const char* algoListCipher; const char* algoListMac; + const char* algoListKeyAccepted; word32 bannerSz; word32 windowSz; word32 maxPacketSz; @@ -653,6 +654,7 @@ struct WOLFSSH { const char* algoListKey; const char* algoListCipher; const char* algoListMac; + const char* algoListKeyAccepted; byte acceptState; byte connectState; byte clientState; diff --git a/wolfssh/ssh.h b/wolfssh/ssh.h index 3941561e..a303ae6c 100644 --- a/wolfssh/ssh.h +++ b/wolfssh/ssh.h @@ -111,6 +111,12 @@ WOLFSSH_API const char* wolfSSH_CTX_GetAlgoListMac(WOLFSSH_CTX* ctx); WOLFSSH_API int wolfSSH_SetAlgoListMac(WOLFSSH* ssh, const char* list); WOLFSSH_API const char* wolfSSH_GetAlgoListMac(WOLFSSH* ssh); +WOLFSSH_API int wolfSSH_CTX_SetAlgoListKeyAccepted(WOLFSSH_CTX* ctx, + const char* list); +WOLFSSH_API const char* wolfSSH_CTX_GetAlgoListKeyAccepted(WOLFSSH_CTX* ctx); +WOLFSSH_API int wolfSSH_SetAlgoListKeyAccepted(WOLFSSH* ssh, const char* list); +WOLFSSH_API const char* wolfSSH_GetAlgoListKeyAccepted(WOLFSSH* ssh); + WOLFSSH_API int wolfSSH_CheckAlgoName(const char* name); WOLFSSH_API const char* wolfSSH_QueryKex(word32* index);