Google Git
Sign in
go / crypto / 5bcd134fee4dd1475da17714aac19c0aa0142e2f^! / .
commit5bcd134fee4dd1475da17714aac19c0aa0142e2f[log] [tgz]
authorNiall Sheridan <nsheridan@gmail.com>Tue May 17 00:05:56 2016 +0100
committerBrad Fitzpatrick <bradfitz@golang.org>Wed May 18 16:22:55 2016 +0000
tree1408aa14d70c256e47cd5b856f0edc954f3b7b39
parent0a4e4d451b03d07d8e92e07f8d9e1db84e6e89ac [diff]
ssh: allow adding ed25519 keys to the agent

Fixes golang/go#15701

Change-Id: I561701e38b9d434ef44448bdbcfab203f3c31d99
Reviewed-on: https://go-review.googlesource.com/23141
Reviewed-by: Han-Wen Nienhuys <hanwen@google.com>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>

diff --git a/ssh/agent/client.go b/ssh/agent/client.go
index 3f798e7..11d3094 100644
--- a/ssh/agent/client.go
+++ b/ssh/agent/client.go

@@ -25,6 +25,7 @@
 	"math/big"
 	"sync"
 
+	"golang.org/x/crypto/ed25519"
 	"golang.org/x/crypto/ssh"
 )
 
@@ -423,6 +424,14 @@
 	Constraints []byte `ssh:"rest"`
 }
 
+type ed25519KeyMsg struct {
+	Type        string `sshtype:"17|25"`
+	Pub         []byte
+	Priv        []byte
+	Comments    string
+	Constraints []byte `ssh:"rest"`
+}
+
 // Insert adds a private key to the agent.
 func (c *client) insertKey(s interface{}, comment string, constraints []byte) error {
 	var req []byte
@@ -464,6 +473,14 @@
 			Comments:    comment,
 			Constraints: constraints,
 		})
+	case *ed25519.PrivateKey:
+		req = ssh.Marshal(ed25519KeyMsg{
+			Type:        ssh.KeyAlgoED25519,
+			Pub:         []byte(*k)[32:],
+			Priv:        []byte(*k),
+			Comments:    comment,
+			Constraints: constraints,
+		})
 	default:
 		return fmt.Errorf("agent: unsupported key type %T", s)
 	}
@@ -510,6 +527,15 @@
 	Constraints []byte `ssh:"rest"`
 }
 
+type ed25519CertMsg struct {
+	Type        string `sshtype:"17|25"`
+	CertBytes   []byte
+	Pub         []byte
+	Priv        []byte
+	Comments    string
+	Constraints []byte `ssh:"rest"`
+}
+
 // Insert adds a private key to the agent. If a certificate is given,
 // that certificate is added instead as public key.
 func (c *client) Add(key AddedKey) error {
@@ -566,6 +592,14 @@
 			D:         k.D,
 			Comments:  comment,
 		})
+	case ed25519.PrivateKey:
+		req = ssh.Marshal(ed25519CertMsg{
+			Type:      cert.Type(),
+			CertBytes: cert.Marshal(),
+			Pub:       []byte(k)[32:],
+			Priv:      []byte(k),
+			Comments:  comment,
+		})
 	default:
 		return fmt.Errorf("agent: unsupported key type %T", s)
 	}

diff --git a/ssh/agent/client_test.go b/ssh/agent/client_test.go
index ec7198d..51a3e03 100644
--- a/ssh/agent/client_test.go
+++ b/ssh/agent/client_test.go

@@ -139,7 +139,7 @@
 }
 
 func TestAgent(t *testing.T) {
-	for _, keyType := range []string{"rsa", "dsa", "ecdsa"} {
+	for _, keyType := range []string{"rsa", "dsa", "ecdsa", "ed25519"} {
 		testAgent(t, testPrivateKeys[keyType], nil, 0)
 	}
 }