From e6bfa8c131c38ece0a5995f1481c11e64e0692ef Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Thu, 14 Aug 2014 22:34:55 -0700
Subject: [PATCH] 1. Removed the peerId from handshake record. It'll be added
 to the key hash directly. 2. Framing in the private key and certificate
 loading functions.

---
 src/internal.c     | 13 ++++---------
 src/ssh.c          | 38 +++++++++++++++++++++++++++++++++++++-
 wolfssh/internal.h |  1 -
 wolfssh/ssh.h      | 15 +++++++++++----
 4 files changed, 52 insertions(+), 15 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index 739e861..ba063cd 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -656,15 +656,9 @@ int ProcessClientVersion(WOLFSSH* ssh)
         return WS_VERSION_E;
     }
 
-    ssh->handshake->peerId = (char*)WMALLOC(ssh->inputBuffer.length-1, ssh->ctx->heap, WOLFSSH_ID_TYPE);
-    if (ssh->handshake->peerId == NULL) {
-        return WS_MEMORY_E;
-    }
-
-    WMEMCPY(ssh->handshake->peerId, ssh->inputBuffer.buffer, ssh->inputBuffer.length-2);
-    ssh->handshake->peerId[ssh->inputBuffer.length - 1] = 0;
+    ShaUpdate(&ssh->handshake->hash, ssh->inputBuffer.buffer,
+                                                   ssh->inputBuffer.length - 2);
     ssh->inputBuffer.idx += ssh->inputBuffer.length;
-    WLOG(WS_LOG_DEBUG, "%s", ssh->handshake->peerId);
 
     return WS_SUCCESS;
 }
@@ -672,10 +666,11 @@ int ProcessClientVersion(WOLFSSH* ssh)
 
 int SendServerVersion(WOLFSSH* ssh)
 {
-    (void)ssh;
+    uint32_t sshIdStrSz = (uint32_t)WSTRLEN(sshIdStr);
 
     WLOG(WS_LOG_DEBUG, "%s", sshIdStr);
     SendText(ssh, sshIdStr, (uint32_t)WSTRLEN(sshIdStr));
+    ShaUpdate(&ssh->handshake->hash, (const uint8_t*)sshIdStr, sshIdStrSz);
 
     return WS_FATAL_ERROR;
 }
diff --git a/src/ssh.c b/src/ssh.c
index ca1b8da..88b7ab4 100644
--- a/src/ssh.c
+++ b/src/ssh.c
@@ -190,7 +190,6 @@ static void SshResourceFree(WOLFSSH* ssh, void* heap)
     ShrinkBuffer(&ssh->inputBuffer, 1);
     ShrinkBuffer(&ssh->outputBuffer, 1);
     if (ssh->handshake) {
-        XFREE(ssh->handshake->peerId, heap, WOLFSSH_ID_TYPE);
         XMEMSET(ssh->handshake, 0, sizeof(HandshakeInfo));
         XFREE(ssh->handshake, heap, WOLFSSH_HANDSHAKE_TYPE);
     }
@@ -289,3 +288,40 @@ int wolfSSH_accept(WOLFSSH* ssh)
 }
 
 
+static int ProcessBuffer(WOLFSSH_CTX* ctx, const uint8_t* in, uint32_t inSz,
+                                                           int format, int type)
+{
+    (void)ctx;
+    (void)in;
+    (void)inSz;
+    (void)format;
+    (void)type;
+
+    return WS_SUCCESS;
+}
+
+
+int wolfSSH_CTX_use_private_key_buffer(WOLFSSH_CTX* ctx,
+                                   const uint8_t* in, uint32_t inSz, int format)
+{
+    WLOG(WS_LOG_DEBUG, "Enter wolfSSH_CTX_use_private_key_buffer()");
+    return ProcessBuffer(ctx, in, inSz, format, 0); /* 0 should key PRIVATE_KEY_TYPE */
+}
+
+
+int wolfSSH_CTX_use_cert_buffer(WOLFSSH_CTX* ctx,
+                                   const uint8_t* in, uint32_t inSz, int format)
+{
+    WLOG(WS_LOG_DEBUG, "Enter wolfSSH_CTX_use_certificate_buffer()");
+    return ProcessBuffer(ctx, in, inSz, format, 0); /* 0 should key CERT_TYPE */
+}
+
+
+int wolfSSH_CTX_use_ca_cert_buffer(WOLFSSH_CTX* ctx,
+                                   const uint8_t* in, uint32_t inSz, int format)
+{
+    WLOG(WS_LOG_DEBUG, "Enter wolfSSH_CTX_use_ca_certificate_buffer()");
+    return ProcessBuffer(ctx, in, inSz, format, 0); /* 0 should key CA_TYPE */
+}
+
+
diff --git a/wolfssh/internal.h b/wolfssh/internal.h
index 22cc67c..23a0c39 100644
--- a/wolfssh/internal.h
+++ b/wolfssh/internal.h
@@ -122,7 +122,6 @@ struct WOLFSSH_CTX {
 
 
 typedef struct HandshakeInfo {
-    char*          peerId;
     uint8_t        keyExchangeId;
     uint8_t        publicKeyId;
     uint8_t        encryptionId;
diff --git a/wolfssh/ssh.h b/wolfssh/ssh.h
index 564955d..66e741f 100644
--- a/wolfssh/ssh.h
+++ b/wolfssh/ssh.h
@@ -70,11 +70,18 @@ typedef int (*WS_CallbackIOSend)(WOLFSSH*, void*, uint32_t, void*);
 WOLFSSH_API void wolfSSH_SetIORecv(WOLFSSH_CTX*, WS_CallbackIORecv);
 WOLFSSH_API void wolfSSH_SetIOSend(WOLFSSH_CTX*, WS_CallbackIOSend);
 
-WOLFSSH_API void wolfSSH_SetIOReadCtx(WOLFSSH* ssh, void* ctx);
-WOLFSSH_API void wolfSSH_SetIOWriteCtx(WOLFSSH* ssh, void* ctx);
+WOLFSSH_API void wolfSSH_SetIOReadCtx(WOLFSSH*, void*);
+WOLFSSH_API void wolfSSH_SetIOWriteCtx(WOLFSSH*, void*);
 
-WOLFSSH_API void* wolfSSH_GetIOReadCtx(WOLFSSH* ssh);
-WOLFSSH_API void* wolfSSH_GetIOWriteCtx(WOLFSSH* ssh);
+WOLFSSH_API void* wolfSSH_GetIOReadCtx(WOLFSSH*);
+WOLFSSH_API void* wolfSSH_GetIOWriteCtx(WOLFSSH*);
+
+WOLFSSH_API int wolfSSH_CTX_use_private_key_buffer(WOLFSSH_CTX*,
+                                                 const uint8_t*, uint32_t, int);
+WOLFSSH_API int wolfSSH_CTX_use_cert_buffer(WOLFSSH_CTX*,
+                                                 const uint8_t*, uint32_t, int);
+WOLFSSH_API int wolfSSH_CTX_use_ca_cert_buffer(WOLFSSH_CTX*,
+                                                 const uint8_t*, uint32_t, int);
 
 WOLFSSH_API int wolfSSH_accept(WOLFSSH* ssh);