WolfSSL
/
wolfssh
mirror of https://github.com/wolfSSL/wolfssh.git
1
0
Fork 0
Code Issues Releases Wiki Activity

add example and account for curve25519 / kyber1

pull/694/head
JacobBarthelmeh 2024-05-17 14:51:46 -06:00
parent b40dfaf498
commit ebfd175bf1
2 changed files with 80 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
examples/echoserver/echoserver.c
View File

@ -289,6 +289,7 @@ static int callbackReqFailure(WOLFSSH *ssh, void *buf, word32 sz, void *ctx)
return WS_SUCCESS; return WS_SUCCESS;
} }
static void *global_req(void *ctx) static void *global_req(void *ctx)
{ {
int ret; int ret;
@ -328,6 +329,50 @@ static void *global_req(void *ctx)
#endif #endif
static void printKeyCompleteText(WOLFSSH* ssh, WS_Text id, const char* tag)
{
char str[200];
size_t strSz = sizeof(str);
size_t ret;
ret = wolfSSH_GetText(ssh, id, str, strSz);
if (ret == strSz) {
printf("\tString size was not large enough for %s\n", tag);
}
printf("\t%-30s : %s\n", tag, str);
}
static void callbackKeyingComplete(void* ctx)
{
WOLFSSH* ssh = (WOLFSSH*)ctx;
if (ssh != NULL) {
printf("Keying Complete:\n");
printKeyCompleteText(ssh, WOLFSSH_TEXT_KEX_ALGO,
"WOLFSSH_TEXT_KEX_ALGO");
printKeyCompleteText(ssh, WOLFSSH_TEXT_KEX_CURVE,
"WOLFSSH_TEXT_KEX_CURVE");
printKeyCompleteText(ssh, WOLFSSH_TEXT_KEX_HASH,
"WOLFSSH_TEXT_KEX_HASH");
printKeyCompleteText(ssh, WOLFSSH_TEXT_CRYPTO_IN_CIPHER,
"WOLFSSH_TEXT_CRYPTO_IN_CIPHER");
printKeyCompleteText(ssh, WOLFSSH_TEXT_CRYPTO_IN_MAC,
"WOLFSSH_TEXT_CRYPTO_IN_MAC");
printKeyCompleteText(ssh, WOLFSSH_TEXT_CRYPTO_OUT_CIPHER,
"WOLFSSH_TEXT_CRYPTO_OUT_CIPHER");
printKeyCompleteText(ssh, WOLFSSH_TEXT_CRYPTO_OUT_MAC,
"WOLFSSH_TEXT_CRYPTO_OUT_MAC");
}
}
#ifdef WOLFSSH_AGENT #ifdef WOLFSSH_AGENT
static const char EnvNameAuthPort[] = "SSH_AUTH_SOCK"; static const char EnvNameAuthPort[] = "SSH_AUTH_SOCK";
@ -2435,6 +2480,7 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
ES_ERROR("Couldn't allocate SSH CTX data.\n"); ES_ERROR("Couldn't allocate SSH CTX data.\n");
} }
wolfSSH_SetKeyingCompletionCb(ctx, callbackKeyingComplete);
if (keyList) { if (keyList) {
if (wolfSSH_CTX_SetAlgoListKey(ctx, keyList) != WS_SUCCESS) { if (wolfSSH_CTX_SetAlgoListKey(ctx, keyList) != WS_SUCCESS) {
ES_ERROR("Error setting key list.\n"); ES_ERROR("Error setting key list.\n");
@ -2678,6 +2724,7 @@ THREAD_RETURN WOLFSSH_THREAD echoserver_test(void* args)
wolfSSH_MemoryConnPrintStats(heap); wolfSSH_MemoryConnPrintStats(heap);
#endif #endif
wolfSSH_SetUserAuthCtx(ssh, &pwMapList); wolfSSH_SetUserAuthCtx(ssh, &pwMapList);
wolfSSH_SetKeyingCompletionCbCtx(ssh, (void*)ssh);
/* Use the session object for its own highwater callback ctx */ /* Use the session object for its own highwater callback ctx */
if (defaultHighwater > 0) { if (defaultHighwater > 0) {
wolfSSH_SetHighwaterCtx(ssh, (void*)ssh); wolfSSH_SetHighwaterCtx(ssh, (void*)ssh);

40
src/ssh.c
View File

@ -2946,7 +2946,8 @@ size_t wolfSSH_GetText(WOLFSSH *ssh, WS_Text id, char *str, size_t strsz)
if (!ssh) if (!ssh)
return 0; return 0;
static const char standard_dh_format[] = "%d-bit Diffie-Hellman with standard group %d"; static const char standard_dh_format[] =
"%d-bit Diffie-Hellman with standard group %d";
switch (id) { switch (id) {
case WOLFSSH_TEXT_KEX_HASH: case WOLFSSH_TEXT_KEX_HASH:
@ -2958,7 +2959,8 @@ size_t wolfSSH_GetText(WOLFSSH *ssh, WS_Text id, char *str, size_t strsz)
break; break;
case WOLFSSH_TEXT_CRYPTO_IN_CIPHER: case WOLFSSH_TEXT_CRYPTO_IN_CIPHER:
ret = WSNPRINTF(str, strsz, "%s", CipherNameForId(ssh->peerEncryptId)); ret = WSNPRINTF(str, strsz, "%s",
CipherNameForId(ssh->peerEncryptId));
break; break;
case WOLFSSH_TEXT_CRYPTO_OUT_CIPHER: case WOLFSSH_TEXT_CRYPTO_OUT_CIPHER:
@ -2966,11 +2968,13 @@ size_t wolfSSH_GetText(WOLFSSH *ssh, WS_Text id, char *str, size_t strsz)
break; break;
case WOLFSSH_TEXT_CRYPTO_IN_MAC: case WOLFSSH_TEXT_CRYPTO_IN_MAC:
ret = WSNPRINTF(str, strsz, "%s", MacNameForId(ssh->peerMacId, ssh->peerEncryptId)); ret = WSNPRINTF(str, strsz, "%s", MacNameForId(ssh->peerMacId,
ssh->peerEncryptId));
break; break;
case WOLFSSH_TEXT_CRYPTO_OUT_MAC: case WOLFSSH_TEXT_CRYPTO_OUT_MAC:
ret = WSNPRINTF(str, strsz, "%s", MacNameForId(ssh->macId, ssh->encryptId)); ret = WSNPRINTF(str, strsz, "%s", MacNameForId(ssh->macId,
ssh->encryptId));
break; break;
case WOLFSSH_TEXT_KEX_ALGO: case WOLFSSH_TEXT_KEX_ALGO:
@ -2980,21 +2984,43 @@ size_t wolfSSH_GetText(WOLFSSH *ssh, WS_Text id, char *str, size_t strsz)
case ID_ECDH_SHA2_NISTP521: case ID_ECDH_SHA2_NISTP521:
case ID_ECDH_SHA2_ED25519: case ID_ECDH_SHA2_ED25519:
case ID_ECDH_SHA2_ED25519_LIBSSH: case ID_ECDH_SHA2_ED25519_LIBSSH:
#ifndef WOLFSSH_NO_CURVE25519_SHA256
case ID_CURVE25519_SHA256:
#endif
ret = WSNPRINTF(str, strsz, "%s", "ECDH"); ret = WSNPRINTF(str, strsz, "%s", "ECDH");
break; break;
#ifndef WOLFSSH_NO_ECDH_NISTP256_KYBER_LEVEL1_SHA256
case ID_ECDH_NISTP256_KYBER_LEVEL1_SHA256:
ret = WSNPRINTF(str, strsz, "%s", "Kyber1");
break;
#endif
case ID_DH_GROUP1_SHA1: case ID_DH_GROUP1_SHA1:
ret = WSNPRINTF(str, strsz, standard_dh_format, ssh->primeGroupSz*8, 1); ret = WSNPRINTF(str, strsz, standard_dh_format,
ssh->primeGroupSz*8, 1);
break; break;
case ID_DH_GROUP14_SHA1: case ID_DH_GROUP14_SHA1:
case ID_DH_GROUP14_SHA256: case ID_DH_GROUP14_SHA256:
ret = WSNPRINTF(str, strsz, standard_dh_format, ssh->primeGroupSz*8, 14); ret = WSNPRINTF(str, strsz, standard_dh_format,
ssh->primeGroupSz*8, 14);
break; break;
case ID_DH_GEX_SHA256: case ID_DH_GEX_SHA256:
ret = WSNPRINTF(str, strsz, "%d-bit Diffie-Hellman with server-supplied group", ssh->primeGroupSz*8); ret = WSNPRINTF(str, strsz,
"%d-bit Diffie-Hellman with server-supplied group",
ssh->primeGroupSz*8);
break; break;
case ID_EXTINFO_S:
ret = WSNPRINTF(str, strsz, "Server extensions KEX");
break;
case ID_EXTINFO_C:
ret = WSNPRINTF(str, strsz, "Client extensions KEX");
break;
} }
break; break;
} }