ssh/agent: handle ed25519.PrivateKey by value in AddedKey
Also document that ed25519 is supported.
Change-Id: Ibc4f44069eae4ff1aad27f22fc651a2f7611679d
GitHub-Last-Rev: ee2ce0ae9900b11e1fa891e3587b111168f708c9
GitHub-Pull-Request: golang/crypto#119
Reviewed-on: https://go-review.googlesource.com/c/crypto/+/219506
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
diff --git a/ssh/agent/client.go b/ssh/agent/client.go
index 51f7405..b909471 100644
--- a/ssh/agent/client.go
+++ b/ssh/agent/client.go
@@ -102,8 +102,9 @@
// AddedKey describes an SSH key to be added to an Agent.
type AddedKey struct {
- // PrivateKey must be a *rsa.PrivateKey, *dsa.PrivateKey or
- // *ecdsa.PrivateKey, which will be inserted into the agent.
+ // PrivateKey must be a *rsa.PrivateKey, *dsa.PrivateKey,
+ // ed25519.PrivateKey or *ecdsa.PrivateKey, which will be inserted into the
+ // agent.
PrivateKey interface{}
// Certificate, if not nil, is communicated to the agent and will be
// stored with the key.
@@ -566,6 +567,17 @@
Comments: comment,
Constraints: constraints,
})
+ case ed25519.PrivateKey:
+ req = ssh.Marshal(ed25519KeyMsg{
+ Type: ssh.KeyAlgoED25519,
+ Pub: []byte(k)[32:],
+ Priv: []byte(k),
+ Comments: comment,
+ Constraints: constraints,
+ })
+ // This function originally supported only *ed25519.PrivateKey, however the
+ // general idiom is to pass ed25519.PrivateKey by value, not by pointer.
+ // We still support the pointer variant for backwards compatibility.
case *ed25519.PrivateKey:
req = ssh.Marshal(ed25519KeyMsg{
Type: ssh.KeyAlgoED25519,
@@ -683,6 +695,18 @@
Comments: comment,
Constraints: constraints,
})
+ case ed25519.PrivateKey:
+ req = ssh.Marshal(ed25519CertMsg{
+ Type: cert.Type(),
+ CertBytes: cert.Marshal(),
+ Pub: []byte(k)[32:],
+ Priv: []byte(k),
+ Comments: comment,
+ Constraints: constraints,
+ })
+ // This function originally supported only *ed25519.PrivateKey, however the
+ // general idiom is to pass ed25519.PrivateKey by value, not by pointer.
+ // We still support the pointer variant for backwards compatibility.
case *ed25519.PrivateKey:
req = ssh.Marshal(ed25519CertMsg{
Type: cert.Type(),