@@ -4422,6 +4422,21 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
44224422 ret = WS_MATCH_ENC_ALGO_E;
44234423 }
44244424 }
4425+ if (ret == WS_SUCCESS) {
4426+ ssh->handshake->peerEncryptId = algoId;
4427+ ssh->handshake->peerAeadMode = AeadModeForId(algoId);
4428+ ssh->handshake->peerBlockSz = BlockSzForId(algoId);
4429+ ssh->handshake->peerKeys.encKeySz = KeySzForId(algoId);
4430+ if (!ssh->handshake->peerAeadMode) {
4431+ ssh->handshake->peerKeys.ivSz = ssh->handshake->peerBlockSz;
4432+ }
4433+ else {
4434+ #ifndef WOLFSSH_NO_AEAD
4435+ ssh->handshake->peerKeys.ivSz = AEAD_NONCE_SZ;
4436+ ssh->handshake->peerMacSz = ssh->handshake->peerBlockSz;
4437+ #endif
4438+ }
4439+ }
44254440
44264441 /* Enc Algorithms - Server to Client */
44274442 if (ret == WS_SUCCESS) {
@@ -4430,7 +4445,13 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
44304445 ret = GetNameList(list, &listSz, buf, len, &begin);
44314446 }
44324447 if (ret == WS_SUCCESS) {
4433- algoId = MatchIdLists(side, list, listSz, &algoId, 1);
4448+ cannedAlgoNamesSz = AlgoListSz(ssh->algoListCipher);
4449+ cannedListSz = (word32)sizeof(cannedList);
4450+ ret = GetNameListRaw(cannedList, &cannedListSz,
4451+ (const byte*)ssh->algoListCipher, cannedAlgoNamesSz);
4452+ }
4453+ if (ret == WS_SUCCESS) {
4454+ algoId = MatchIdLists(side, list, listSz, cannedList, cannedListSz);
44344455 if (algoId == ID_UNKNOWN) {
44354456 WLOG(WS_LOG_DEBUG, "Unable to negotiate Encryption Algo S2C");
44364457 ret = WS_MATCH_ENC_ALGO_E;
@@ -4440,19 +4461,13 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
44404461 ssh->handshake->encryptId = algoId;
44414462 ssh->handshake->aeadMode = AeadModeForId(algoId);
44424463 ssh->handshake->blockSz = BlockSzForId(algoId);
4443- ssh->handshake->keys.encKeySz =
4444- ssh->handshake->peerKeys.encKeySz =
4445- KeySzForId(algoId);
4464+ ssh->handshake->keys.encKeySz = KeySzForId(algoId);
44464465 if (!ssh->handshake->aeadMode) {
4447- ssh->handshake->keys.ivSz =
4448- ssh->handshake->peerKeys.ivSz =
4449- ssh->handshake->blockSz;
4466+ ssh->handshake->keys.ivSz = ssh->handshake->blockSz;
44504467 }
44514468 else {
44524469#ifndef WOLFSSH_NO_AEAD
4453- ssh->handshake->keys.ivSz =
4454- ssh->handshake->peerKeys.ivSz =
4455- AEAD_NONCE_SZ;
4470+ ssh->handshake->keys.ivSz = AEAD_NONCE_SZ;
44564471 ssh->handshake->macSz = ssh->handshake->blockSz;
44574472#endif
44584473 }
@@ -4464,7 +4479,7 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
44644479 listSz = (word32)sizeof(list);
44654480 ret = GetNameList(list, &listSz, buf, len, &begin);
44664481 }
4467- if (ret == WS_SUCCESS && !ssh->handshake->aeadMode ) {
4482+ if (ret == WS_SUCCESS && !ssh->handshake->peerAeadMode ) {
44684483 cannedAlgoNamesSz = AlgoListSz(ssh->algoListMac);
44694484 cannedListSz = (word32)sizeof(cannedList);
44704485 ret = GetNameListRaw(cannedList, &cannedListSz,
@@ -4476,6 +4491,11 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
44764491 WLOG(WS_LOG_DEBUG, "Unable to negotiate MAC Algo C2S");
44774492 ret = WS_MATCH_MAC_ALGO_E;
44784493 }
4494+ else {
4495+ ssh->handshake->peerMacId = algoId;
4496+ ssh->handshake->peerMacSz = MacSzForId(algoId);
4497+ ssh->handshake->peerKeys.macKeySz = KeySzForId(algoId);
4498+ }
44794499 }
44804500 }
44814501
@@ -4486,17 +4506,21 @@ static int DoKexInit(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
44864506 ret = GetNameList(list, &listSz, buf, len, &begin);
44874507 }
44884508 if (ret == WS_SUCCESS && !ssh->handshake->aeadMode) {
4489- algoId = MatchIdLists(side, list, listSz, &algoId, 1);
4490- if (algoId == ID_UNKNOWN) {
4491- WLOG(WS_LOG_DEBUG, "Unable to negotiate MAC Algo S2C");
4492- ret = WS_MATCH_MAC_ALGO_E;
4493- }
4494- else {
4495- ssh->handshake->macId = algoId;
4496- ssh->handshake->macSz = MacSzForId(algoId);
4497- ssh->handshake->keys.macKeySz =
4498- ssh->handshake->peerKeys.macKeySz =
4499- KeySzForId(algoId);
4509+ cannedAlgoNamesSz = AlgoListSz(ssh->algoListMac);
4510+ cannedListSz = (word32)sizeof(cannedList);
4511+ ret = GetNameListRaw(cannedList, &cannedListSz,
4512+ (const byte*)ssh->algoListMac, cannedAlgoNamesSz);
4513+ if (ret == WS_SUCCESS) {
4514+ algoId = MatchIdLists(side, list, listSz, cannedList, cannedListSz);
4515+ if (algoId == ID_UNKNOWN) {
4516+ WLOG(WS_LOG_DEBUG, "Unable to negotiate MAC Algo S2C");
4517+ ret = WS_MATCH_MAC_ALGO_E;
4518+ }
4519+ else {
4520+ ssh->handshake->macId = algoId;
4521+ ssh->handshake->macSz = MacSzForId(algoId);
4522+ ssh->handshake->keys.macKeySz = KeySzForId(algoId);
4523+ }
45004524 }
45014525 }
45024526
@@ -6238,11 +6262,11 @@ static int DoNewKeys(WOLFSSH* ssh, byte* buf, word32 len, word32* idx)
62386262 }
62396263
62406264 if (ret == WS_SUCCESS) {
6241- ssh->peerEncryptId = ssh->handshake->encryptId ;
6242- ssh->peerMacId = ssh->handshake->macId ;
6243- ssh->peerBlockSz = ssh->handshake->blockSz ;
6244- ssh->peerMacSz = ssh->handshake->macSz ;
6245- ssh->peerAeadMode = ssh->handshake->aeadMode ;
6265+ ssh->peerEncryptId = ssh->handshake->peerEncryptId ;
6266+ ssh->peerMacId = ssh->handshake->peerMacId ;
6267+ ssh->peerBlockSz = ssh->handshake->peerBlockSz ;
6268+ ssh->peerMacSz = ssh->handshake->peerMacSz ;
6269+ ssh->peerAeadMode = ssh->handshake->peerAeadMode ;
62466270 WMEMCPY(&ssh->peerKeys, &ssh->handshake->peerKeys, sizeof(Keys));
62476271
62486272 switch (ssh->peerEncryptId) {
0 commit comments