diff --git a/examples/echoserver/echoserver.c b/examples/echoserver/echoserver.c index 0951c13c..48b20686 100644 --- a/examples/echoserver/echoserver.c +++ b/examples/echoserver/echoserver.c @@ -289,6 +289,7 @@ static int callbackReqFailure(WOLFSSH *ssh, void *buf, word32 sz, void *ctx) return WS_SUCCESS; } + static void *global_req(void *ctx) { int ret; @@ -328,6 +329,50 @@ static void *global_req(void *ctx) #endif +static void printKeyCompleteText(WOLFSSH* ssh, WS_Text id, const char* tag) +{ + char str[200]; + size_t strSz = sizeof(str); + size_t ret; + + ret = wolfSSH_GetText(ssh, id, str, strSz); + if (ret == strSz) { + printf("\tString size was not large enough for %s\n", tag); + } + printf("\t%-30s : %s\n", tag, str); +} + + +static void callbackKeyingComplete(void* ctx) +{ + WOLFSSH* ssh = (WOLFSSH*)ctx; + + if (ssh != NULL) { + printf("Keying Complete:\n"); + printKeyCompleteText(ssh, WOLFSSH_TEXT_KEX_ALGO, + "WOLFSSH_TEXT_KEX_ALGO"); + + printKeyCompleteText(ssh, WOLFSSH_TEXT_KEX_CURVE, + "WOLFSSH_TEXT_KEX_CURVE"); + + printKeyCompleteText(ssh, WOLFSSH_TEXT_KEX_HASH, + "WOLFSSH_TEXT_KEX_HASH"); + + printKeyCompleteText(ssh, WOLFSSH_TEXT_CRYPTO_IN_CIPHER, + "WOLFSSH_TEXT_CRYPTO_IN_CIPHER"); + + printKeyCompleteText(ssh, WOLFSSH_TEXT_CRYPTO_IN_MAC, + "WOLFSSH_TEXT_CRYPTO_IN_MAC"); + + printKeyCompleteText(ssh, WOLFSSH_TEXT_CRYPTO_OUT_CIPHER, + "WOLFSSH_TEXT_CRYPTO_OUT_CIPHER"); + + printKeyCompleteText(ssh, WOLFSSH_TEXT_CRYPTO_OUT_MAC, + "WOLFSSH_TEXT_CRYPTO_OUT_MAC"); + } +} + + #ifdef WOLFSSH_AGENT static const char EnvNameAuthPort[] = "SSH_AUTH_SOCK"; @@ -2435,6 +2480,7 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args) ES_ERROR("Couldn't allocate SSH CTX data.\n"); } + wolfSSH_SetKeyingCompletionCb(ctx, callbackKeyingComplete); if (keyList) { if (wolfSSH_CTX_SetAlgoListKey(ctx, keyList) != WS_SUCCESS) { ES_ERROR("Error setting key list.\n"); @@ -2678,6 +2724,7 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args) wolfSSH_MemoryConnPrintStats(heap); #endif wolfSSH_SetUserAuthCtx(ssh, &pwMapList); + wolfSSH_SetKeyingCompletionCbCtx(ssh, (void*)ssh); /* Use the session object for its own highwater callback ctx */ if (defaultHighwater > 0) { wolfSSH_SetHighwaterCtx(ssh, (void*)ssh); diff --git a/src/ssh.c b/src/ssh.c index 468f160d..b17d4a99 100644 --- a/src/ssh.c +++ b/src/ssh.c @@ -2946,7 +2946,8 @@ size_t wolfSSH_GetText(WOLFSSH *ssh, WS_Text id, char *str, size_t strsz) if (!ssh) return 0; - static const char standard_dh_format[] = "%d-bit Diffie-Hellman with standard group %d"; + static const char standard_dh_format[] = + "%d-bit Diffie-Hellman with standard group %d"; switch (id) { case WOLFSSH_TEXT_KEX_HASH: @@ -2958,7 +2959,8 @@ size_t wolfSSH_GetText(WOLFSSH *ssh, WS_Text id, char *str, size_t strsz) break; case WOLFSSH_TEXT_CRYPTO_IN_CIPHER: - ret = WSNPRINTF(str, strsz, "%s", CipherNameForId(ssh->peerEncryptId)); + ret = WSNPRINTF(str, strsz, "%s", + CipherNameForId(ssh->peerEncryptId)); break; case WOLFSSH_TEXT_CRYPTO_OUT_CIPHER: @@ -2966,11 +2968,13 @@ size_t wolfSSH_GetText(WOLFSSH *ssh, WS_Text id, char *str, size_t strsz) break; case WOLFSSH_TEXT_CRYPTO_IN_MAC: - ret = WSNPRINTF(str, strsz, "%s", MacNameForId(ssh->peerMacId, ssh->peerEncryptId)); + ret = WSNPRINTF(str, strsz, "%s", MacNameForId(ssh->peerMacId, + ssh->peerEncryptId)); break; case WOLFSSH_TEXT_CRYPTO_OUT_MAC: - ret = WSNPRINTF(str, strsz, "%s", MacNameForId(ssh->macId, ssh->encryptId)); + ret = WSNPRINTF(str, strsz, "%s", MacNameForId(ssh->macId, + ssh->encryptId)); break; case WOLFSSH_TEXT_KEX_ALGO: @@ -2980,21 +2984,43 @@ size_t wolfSSH_GetText(WOLFSSH *ssh, WS_Text id, char *str, size_t strsz) case ID_ECDH_SHA2_NISTP521: case ID_ECDH_SHA2_ED25519: case ID_ECDH_SHA2_ED25519_LIBSSH: + #ifndef WOLFSSH_NO_CURVE25519_SHA256 + case ID_CURVE25519_SHA256: + #endif ret = WSNPRINTF(str, strsz, "%s", "ECDH"); break; + #ifndef WOLFSSH_NO_ECDH_NISTP256_KYBER_LEVEL1_SHA256 + case ID_ECDH_NISTP256_KYBER_LEVEL1_SHA256: + ret = WSNPRINTF(str, strsz, "%s", "Kyber1"); + break; + #endif + case ID_DH_GROUP1_SHA1: - ret = WSNPRINTF(str, strsz, standard_dh_format, ssh->primeGroupSz*8, 1); + ret = WSNPRINTF(str, strsz, standard_dh_format, + ssh->primeGroupSz*8, 1); break; case ID_DH_GROUP14_SHA1: case ID_DH_GROUP14_SHA256: - ret = WSNPRINTF(str, strsz, standard_dh_format, ssh->primeGroupSz*8, 14); + ret = WSNPRINTF(str, strsz, standard_dh_format, + ssh->primeGroupSz*8, 14); break; case ID_DH_GEX_SHA256: - ret = WSNPRINTF(str, strsz, "%d-bit Diffie-Hellman with server-supplied group", ssh->primeGroupSz*8); + ret = WSNPRINTF(str, strsz, + "%d-bit Diffie-Hellman with server-supplied group", + ssh->primeGroupSz*8); break; + + case ID_EXTINFO_S: + ret = WSNPRINTF(str, strsz, "Server extensions KEX"); + break; + + case ID_EXTINFO_C: + ret = WSNPRINTF(str, strsz, "Client extensions KEX"); + break; + } break; }