From 1dc27c58a7571ac2be63e31b63acfe3eaf61f561 Mon Sep 17 00:00:00 2001 From: Niall Sheridan Date: Mon, 27 Jun 2016 23:33:36 +0100 Subject: Updated agent lib accepts *ed25519.PrivateKey --- vendor/golang.org/x/crypto/ssh/agent/client.go | 8 +++---- vendor/golang.org/x/crypto/ssh/agent/server.go | 31 ++++++++++++++++++++++++++ 2 files changed, 35 insertions(+), 4 deletions(-) (limited to 'vendor/golang.org') diff --git a/vendor/golang.org/x/crypto/ssh/agent/client.go b/vendor/golang.org/x/crypto/ssh/agent/client.go index 6d1dca5..ecfd7c5 100644 --- a/vendor/golang.org/x/crypto/ssh/agent/client.go +++ b/vendor/golang.org/x/crypto/ssh/agent/client.go @@ -536,7 +536,7 @@ type ed25519CertMsg struct { Constraints []byte `ssh:"rest"` } -// Insert adds a private key to the agent. If a certificate is given, +// Add adds a private key to the agent. If a certificate is given, // that certificate is added instead as public key. func (c *client) Add(key AddedKey) error { var constraints []byte @@ -594,12 +594,12 @@ func (c *client) insertCert(s interface{}, cert *ssh.Certificate, comment string Comments: comment, Constraints: constraints, }) - case ed25519.PrivateKey: + case *ed25519.PrivateKey: req = ssh.Marshal(ed25519CertMsg{ Type: cert.Type(), CertBytes: cert.Marshal(), - Pub: []byte(k)[32:], - Priv: []byte(k), + Pub: []byte(*k)[32:], + Priv: []byte(*k), Comments: comment, Constraints: constraints, }) diff --git a/vendor/golang.org/x/crypto/ssh/agent/server.go b/vendor/golang.org/x/crypto/ssh/agent/server.go index c562fa6..092fd8f 100644 --- a/vendor/golang.org/x/crypto/ssh/agent/server.go +++ b/vendor/golang.org/x/crypto/ssh/agent/server.go @@ -16,6 +16,7 @@ import ( "log" "math/big" + "golang.org/x/crypto/ed25519" "golang.org/x/crypto/ssh" ) @@ -175,6 +176,15 @@ func parseRSAKey(req []byte) (*AddedKey, error) { return &AddedKey{PrivateKey: priv, Comment: k.Comments}, nil } +func parseEd25519Key(req []byte) (*AddedKey, error) { + var k ed25519KeyMsg + if err := ssh.Unmarshal(req, &k); err != nil { + return nil, err + } + priv := ed25519.PrivateKey(k.Priv) + return &AddedKey{PrivateKey: &priv, Comment: k.Comments}, nil +} + func parseDSAKey(req []byte) (*AddedKey, error) { var k dsaKeyMsg if err := ssh.Unmarshal(req, &k); err != nil { @@ -219,6 +229,23 @@ func unmarshalECDSA(curveName string, keyBytes []byte, privScalar *big.Int) (pri return priv, nil } +func parseEd25519Cert(req []byte) (*AddedKey, error) { + var k ed25519CertMsg + if err := ssh.Unmarshal(req, &k); err != nil { + return nil, err + } + pubKey, err := ssh.ParsePublicKey(k.CertBytes) + if err != nil { + return nil, err + } + priv := ed25519.PrivateKey(k.Priv) + cert, ok := pubKey.(*ssh.Certificate) + if !ok { + return nil, errors.New("agent: bad ED25519 certificate") + } + return &AddedKey{PrivateKey: &priv, Certificate: cert, Comment: k.Comments}, nil +} + func parseECDSAKey(req []byte) (*AddedKey, error) { var k ecdsaKeyMsg if err := ssh.Unmarshal(req, &k); err != nil { @@ -367,12 +394,16 @@ func (s *server) insertIdentity(req []byte) error { addedKey, err = parseDSAKey(req) case ssh.KeyAlgoECDSA256, ssh.KeyAlgoECDSA384, ssh.KeyAlgoECDSA521: addedKey, err = parseECDSACert(req) + case ssh.KeyAlgoED25519: + addedKey, err = parseEd25519Key(req) case ssh.CertAlgoRSAv01: addedKey, err = parseRSACert(req) case ssh.CertAlgoDSAv01: addedKey, err = parseDSACert(req) case ssh.CertAlgoECDSA256v01, ssh.CertAlgoECDSA384v01, ssh.CertAlgoECDSA521v01: addedKey, err = parseECDSACert(req) + case ssh.CertAlgoED25519v01: + addedKey, err = parseEd25519Cert(req) default: return fmt.Errorf("agent: not implemented: %q", record.Type) } -- cgit v1.2.3