commit 056763e48d71961566155f089ac0f02f1dda9b5a
author Alex Gaynor <alex.gaynor@gmail.com> Fri Apr 03 16:45:00 2020 +0000
committer Filippo Valsorda <filippo@golang.org> Mon Apr 06 17:35:13 2020 +0000
tree 3f98e551431c09fe25d6e7856883b55a3631f657
parent baeed622b8d86045ff442b324772b0ad306a2b3f

ssh/agent: handle ed25519.PrivateKey by value in AddedKey

Also document that ed25519 is supported.

Change-Id: Ibc4f44069eae4ff1aad27f22fc651a2f7611679d
GitHub-Last-Rev: ee2ce0ae9900b11e1fa891e3587b111168f708c9
GitHub-Pull-Request: golang/crypto#119
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/219506
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>

ssh/agent/client.go

diff --git a/ssh/agent/client.go b/ssh/agent/client.go
index 51f7405..b909471 100644
--- a/ssh/agent/client.go
+++ b/ssh/agent/client.go
@@ -102,8 +102,9 @@
 
 // AddedKey describes an SSH key to be added to an Agent.
 type AddedKey struct {
-	// PrivateKey must be a *rsa.PrivateKey, *dsa.PrivateKey or
-	// *ecdsa.PrivateKey, which will be inserted into the agent.
+	// PrivateKey must be a *rsa.PrivateKey, *dsa.PrivateKey,
+	// ed25519.PrivateKey or *ecdsa.PrivateKey, which will be inserted into the
+	// agent.
 	PrivateKey interface{}
 	// Certificate, if not nil, is communicated to the agent and will be
 	// stored with the key.
@@ -566,6 +567,17 @@
 			Comments:    comment,
 			Constraints: constraints,
 		})
+	case ed25519.PrivateKey:
+		req = ssh.Marshal(ed25519KeyMsg{
+			Type:        ssh.KeyAlgoED25519,
+			Pub:         []byte(k)[32:],
+			Priv:        []byte(k),
+			Comments:    comment,
+			Constraints: constraints,
+		})
+	// This function originally supported only *ed25519.PrivateKey, however the
+	// general idiom is to pass ed25519.PrivateKey by value, not by pointer.
+	// We still support the pointer variant for backwards compatibility.
 	case *ed25519.PrivateKey:
 		req = ssh.Marshal(ed25519KeyMsg{
 			Type:        ssh.KeyAlgoED25519,
@@ -683,6 +695,18 @@
 			Comments:    comment,
 			Constraints: constraints,
 		})
+	case ed25519.PrivateKey:
+		req = ssh.Marshal(ed25519CertMsg{
+			Type:        cert.Type(),
+			CertBytes:   cert.Marshal(),
+			Pub:         []byte(k)[32:],
+			Priv:        []byte(k),
+			Comments:    comment,
+			Constraints: constraints,
+		})
+	// This function originally supported only *ed25519.PrivateKey, however the
+	// general idiom is to pass ed25519.PrivateKey by value, not by pointer.
+	// We still support the pointer variant for backwards compatibility.
 	case *ed25519.PrivateKey:
 		req = ssh.Marshal(ed25519CertMsg{
 			Type:        cert.Type(),