Attachment #2579 for bug #2376

View | Details | Raw Unified | Return to bug 2376
Collapse All | Expand All

Lines 152-158 $(SSHDOBJS): Makefile.in config.h Link Here

(-)old/Makefile.in (-1 / +1 lines)
152	$(CC) $(CFLAGS) $(CPPFLAGS) -c $< -o $@	152	$(CC) $(CFLAGS) $(CPPFLAGS) -c $< -o $@
153		153
154	LIBCOMPAT=openbsd-compat/libopenbsd-compat.a	154	LIBCOMPAT=openbsd-compat/libopenbsd-compat.a
155	$(LIBCOMPAT): always	155	$(LIBCOMPAT): always libssh.a
156	(cd openbsd-compat && $(MAKE))	156	(cd openbsd-compat && $(MAKE))
157	always:	157	always:
158		158

Lines 569-576 ssh_add_identity_constrained(int sock, s Link Here

(-)old/authfd.c (+2 lines)
569	case KEY_ECDSA:	569	case KEY_ECDSA:
570	case KEY_ECDSA_CERT:	570	case KEY_ECDSA_CERT:
571	#endif	571	#endif
		572	#ifndef WITHOUT_ED25519
572	case KEY_ED25519:	573	case KEY_ED25519:
573	case KEY_ED25519_CERT:	574	case KEY_ED25519_CERT:
		575	#endif /* WITHOUT_ED25519 */
574	type = constrained ?	576	type = constrained ?
575	SSH2_AGENTC_ADD_ID_CONSTRAINED :	577	SSH2_AGENTC_ADD_ID_CONSTRAINED :
576	SSH2_AGENTC_ADD_IDENTITY;	578	SSH2_AGENTC_ADD_IDENTITY;

Lines 446-453 sshkey_load_private_cert(int type, const Link Here

(-)old/authfile.c (-1 / +3 lines)
446	case KEY_RSA:	446	case KEY_RSA:
447	case KEY_DSA:	447	case KEY_DSA:
448	case KEY_ECDSA:	448	case KEY_ECDSA:
449	case KEY_ED25519:
450	#endif /* WITH_OPENSSL */	449	#endif /* WITH_OPENSSL */
		450	#ifndef WITHOUT_ED25519
		451	case KEY_ED25519:
		452	#endif /* WITHOUT_ED25519 */
451	case KEY_UNSPEC:	453	case KEY_UNSPEC:
452	break;	454	break;
453	default:	455	default:




		if (!*digest_type)
			*digest_type = SSHFP_HASH_SHA256;
		break;
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
		*algorithm = SSHFP_KEY_ED25519;
		if (!*digest_type)
			*digest_type = SSHFP_HASH_SHA256;
		break;
#endif /* WITHOUT_ED25519 */
	default:
		*algorithm = SSHFP_KEY_RESERVED; /* 0 */
		*digest_type = SSHFP_HASH_RESERVED; /* 0 */

Lines 33-39 enum sshfp_types { Link Here

(-)old/dns.h (+2 lines)
33	SSHFP_KEY_RSA = 1,	33	SSHFP_KEY_RSA = 1,
34	SSHFP_KEY_DSA = 2,	34	SSHFP_KEY_DSA = 2,
35	SSHFP_KEY_ECDSA = 3,	35	SSHFP_KEY_ECDSA = 3,
		36	#ifndef WITHOUT_ED25519
36	SSHFP_KEY_ED25519 = 4	37	SSHFP_KEY_ED25519 = 4
		38	#endif /* WITHOUT_ED25519 */
37	};	39	};
38		40
39	enum sshfp_hashes {	41	enum sshfp_hashes {

Lines 7-12 Link Here

(-)old/ed25519.c (+2 lines)
7	*/	7	*/
8		8
9	#include "includes.h"	9	#include "includes.h"
		10	#ifndef WITHOUT_ED25519
10	#include "crypto_api.h"	11	#include "crypto_api.h"
11		12
12	#include "ge25519.h"	13	#include "ge25519.h"
Lines 142-144 int crypto_sign_ed25519_open( Link Here
142	}	143	}
143	return ret;	144	return ret;
144	}	145	}
		146	#endif /* WITHOUT_ED25519 */

Lines 8-13 Link Here

(-)old/fe25519.c (+2 lines)
8		8
9	#include "includes.h"	9	#include "includes.h"
10		10
		11	#ifndef WITHOUT_ED25519
11	#define WINDOWSIZE 1 /* Should be 1,2, or 4 */	12	#define WINDOWSIZE 1 /* Should be 1,2, or 4 */
12	#define WINDOWMASK ((1<<WINDOWSIZE)-1)	13	#define WINDOWMASK ((1<<WINDOWSIZE)-1)
13		14
Lines 335-337 void fe25519_pow2523(fe25519 *r, const f Link Here
335	/* 2^252 - 2^2 */ fe25519_square(&t,&t);	336	/* 2^252 - 2^2 */ fe25519_square(&t,&t);
336	/* 2^252 - 3 */ fe25519_mul(r,&t,x);	337	/* 2^252 - 3 */ fe25519_mul(r,&t,x);
337	}	338	}
		339	#endif /* WITHOUT_ED25519 */

Lines 8-13 Link Here

(-)old/fe25519.h (+2 lines)
8		8
9	#ifndef FE25519_H	9	#ifndef FE25519_H
10	#define FE25519_H	10	#define FE25519_H
		11	#ifndef WITHOUT_ED25519
11		12
12	#include "crypto_api.h"	13	#include "crypto_api.h"
13		14
Lines 67-70 void fe25519_invert(fe25519 *r, const fe Link Here
67		68
68	void fe25519_pow2523(fe25519 r, const fe25519 x);	69	void fe25519_pow2523(fe25519 r, const fe25519 x);
69		70
		71	#endif /* WITHOUT_ED25519 */
70	#endif	72	#endif

Lines 7-12 Link Here

(-)old/ge25519.c (+2 lines)
7	*/	7	*/
8		8
9	#include "includes.h"	9	#include "includes.h"
		10	#ifndef WITHOUT_ED25519
10		11
11	#include "fe25519.h"	12	#include "fe25519.h"
12	#include "sc25519.h"	13	#include "sc25519.h"
Lines 319-321 void ge25519_scalarmult_base(ge25519_p3 Link Here
319	ge25519_mixadd2(r, &t);	320	ge25519_mixadd2(r, &t);
320	}	321	}
321	}	322	}
		323	#endif /* WITHOUT_ED25519 */

Lines 8-13 Link Here

(-)old/ge25519.h (+2 lines)
8		8
9	#ifndef GE25519_H	9	#ifndef GE25519_H
10	#define GE25519_H	10	#define GE25519_H
		11	#ifndef WITHOUT_ED25519
11		12
12	#include "fe25519.h"	13	#include "fe25519.h"
13	#include "sc25519.h"	14	#include "sc25519.h"
Lines 40-43 void ge25519_double_scalarmult_vartime(g Link Here
40		41
41	void ge25519_scalarmult_base(ge25519 r, const sc25519 s);	42	void ge25519_scalarmult_base(ge25519 r, const sc25519 s);
42		43
		44	#endif /* WITHOUT_ED25519 */
43	#endif	45	#endif

Lines 92-100 static const struct kexalg kexalgs[] = { Link Here

(-)old/kex.c (+2 lines)
92	# endif /* OPENSSL_HAS_NISTP521 */	92	# endif /* OPENSSL_HAS_NISTP521 */
93	#endif /* OPENSSL_HAS_ECC */	93	#endif /* OPENSSL_HAS_ECC */
94	#endif /* WITH_OPENSSL */	94	#endif /* WITH_OPENSSL */
		95	#ifndef WITHOUT_ED25519
95	#if defined(HAVE_EVP_SHA256) \|\| !defined(WITH_OPENSSL)	96	#if defined(HAVE_EVP_SHA256) \|\| !defined(WITH_OPENSSL)
96	{ KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 },	97	{ KEX_CURVE25519_SHA256, KEX_C25519_SHA256, 0, SSH_DIGEST_SHA256 },
97	#endif /* HAVE_EVP_SHA256 \|\| !WITH_OPENSSL */	98	#endif /* HAVE_EVP_SHA256 \|\| !WITH_OPENSSL */
		99	#endif /* WITHOUT_ED25519 */
98	{ NULL, -1, -1, -1},	100	{ NULL, -1, -1, -1},
99	};	101	};
100		102




#define	KEX_ECDH_SHA2_NISTP256	"ecdh-sha2-nistp256"
#define	KEX_ECDH_SHA2_NISTP384	"ecdh-sha2-nistp384"
#define	KEX_ECDH_SHA2_NISTP521	"ecdh-sha2-nistp521"
#ifndef WITHOUT_ED25519
#define	KEX_CURVE25519_SHA256	"curve25519-sha256@libssh.org"
#endif /* WITHOUT_ED25519 */

#define COMP_NONE	0
#define COMP_ZLIB	1
#define COMP_DELAYED	2

#ifndef WITHOUT_ED25519
#define CURVE25519_SIZE 32
#endif /* WITHOUT_ED25519 */

enum kex_init_proposals {
	PROPOSAL_KEX_ALGS,

	KEX_DH_GEX_SHA1,
	KEX_DH_GEX_SHA256,
	KEX_ECDH_SHA2,
#ifndef WITHOUT_ED25519
	KEX_C25519_SHA256,
#endif /* WITHOUT_ED25519 */
	KEX_MAX
};


	u_int	min, max, nbits;	/* GEX */
	EC_KEY	*ec_client_key;		/* ECDH */
	const EC_GROUP *ec_group;	/* ECDH */
#ifndef WITHOUT_ED25519
	u_char c25519_client_key[CURVE25519_SIZE]; /* 25519 */
	u_char c25519_client_pubkey[CURVE25519_SIZE]; /* 25519 */
#endif /* WITHOUT_ED25519 */
};

int	 kex_names_valid(const char *);

int	 kexgex_server(struct ssh *);
int	 kexecdh_client(struct ssh *);
int	 kexecdh_server(struct ssh *);
#ifndef WITHOUT_ED25519
int	 kexc25519_client(struct ssh *);
int	 kexc25519_server(struct ssh *);
#endif /* WITHOUT_ED25519 */

int	 kex_dh_hash(const char *, const char *,
    const u_char *, size_t, const u_char *, size_t, const u_char *, size_t,

    const u_char *, size_t, const u_char *, size_t, const u_char *, size_t,
    const EC_POINT *, const EC_POINT *, const BIGNUM *, u_char *, size_t *);

#ifndef WITHOUT_ED25519
int	 kex_c25519_hash(int, const char *, const char *, const char *, size_t,
    const char *, size_t, const u_char *, size_t, const u_char *, const u_char *,
    const u_char *, size_t, u_char *, size_t *);

    const u_char pub[CURVE25519_SIZE], struct sshbuf *out)
	__attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE)))
	__attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE)));
#endif /* WITHOUT_ED25519 */

int
derive_ssh1_session_id(BIGNUM *, BIGNUM *, u_int8_t[8], u_int8_t[16]);

Lines 27-32 Link Here

(-)old/kexc25519.c (+2 lines)
27		27
28	#include "includes.h"	28	#include "includes.h"
29		29
		30	#ifndef WITHOUT_ED25519
30	#include <sys/types.h>	31	#include <sys/types.h>
31		32
32	#include <signal.h>	33	#include <signal.h>
Lines 126-128 kex_c25519_hash( Link Here
126	#endif	127	#endif
127	return 0;	128	return 0;
128	}	129	}
		130	#endif /* WITHOUT_ED25519 */

Lines 27-32 Link Here

(-)old/kexc25519c.c (+2 lines)
27		27
28	#include "includes.h"	28	#include "includes.h"
29		29
		30	#ifndef WITHOUT_ED25519
30	#include <sys/types.h>	31	#include <sys/types.h>
31		32
32	#include <stdio.h>	33	#include <stdio.h>
Lines 168-170 out: Link Here
168	sshbuf_free(shared_secret);	169	sshbuf_free(shared_secret);
169	return r;	170	return r;
170	}	171	}
		172	#endif /* WITHOUT_ED25519 */

Lines 26-31 Link Here

(-)old/kexc25519s.c (+3 lines)
26		26
27	#include "includes.h"	27	#include "includes.h"
28		28
		29	#ifndef WITHOUT_ED25519
		30
29	#include <sys/types.h>	31	#include <sys/types.h>
30	#include <string.h>	32	#include <string.h>
31	#include <signal.h>	33	#include <signal.h>
Lines 156-158 out: Link Here
156	sshbuf_free(shared_secret);	158	sshbuf_free(shared_secret);
157	return r;	159	return r;
158	}	160	}
		161	#endif /* WITHOUT_ED25519 */

Lines 1859-1865 monitor_apply_keystate(struct monitor *p Link Here

(-)old/monitor.c (+2 lines)
1859	kex->kex[KEX_ECDH_SHA2] = kexecdh_server;	1859	kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
1860	# endif	1860	# endif
1861	#endif /* WITH_OPENSSL */	1861	#endif /* WITH_OPENSSL */
		1862	#ifndef WITHOUT_ED25519
1862	kex->kex[KEX_C25519_SHA256] = kexc25519_server;	1863	kex->kex[KEX_C25519_SHA256] = kexc25519_server;
		1864	#endif /* WITHOUT_ED25519 */
1863	kex->load_host_public_key=&get_hostkey_public_by_type;	1865	kex->load_host_public_key=&get_hostkey_public_by_type;
1864	kex->load_host_private_key=&get_hostkey_private_by_type;	1866	kex->load_host_private_key=&get_hostkey_private_by_type;
1865	kex->host_key_index=&get_hostkey_index;	1867	kex->host_key_index=&get_hostkey_index;




# define HOSTKEY_ECDSA_METHODS
#endif

#ifndef WITHOUT_ED25519
# if !defined(WITH_OPENSSL) || defined(HAVE_EVP_SHA256)
#  define KEX_CURVE25519_METHODS "curve25519-sha256@libssh.org,"
# endif
# define HOSTKEY_CURVE25519_CERT_METHODS "ssh-ed25519-cert-v01@openssh.com,"
# define HOSTKEY_CURVE25519_METHODS "ssh-ed25519,"
#else
# define KEX_CURVE25519_METHODS
# define HOSTKEY_CURVE25519_CERT_METHODS
# define HOSTKEY_CURVE25519_METHODS
#endif /* WITHOUT_ED25519 */

#ifdef OPENSSL_HAVE_EVPGCM
# define AESGCM_CIPHER_MODES \
	"aes128-gcm@openssh.com,aes256-gcm@openssh.com,"

#endif

#ifdef WITH_OPENSSL
# ifdef HAVE_EVP_SHA256
#  define KEX_CURVE25519_METHODS "curve25519-sha256@libssh.org,"
# else
#  define KEX_CURVE25519_METHODS ""
# endif
#define KEX_SERVER_KEX \
	KEX_CURVE25519_METHODS \
	KEX_ECDH_METHODS \


#define	KEX_DEFAULT_PK_ALG	\
	HOSTKEY_ECDSA_CERT_METHODS \
	HOSTKEY_CURVE25519_CERT_METHODS \
	"ssh-rsa-cert-v01@openssh.com," \
	"ssh-dss-cert-v01@openssh.com," \
	"ssh-rsa-cert-v00@openssh.com," \
	"ssh-dss-cert-v00@openssh.com," \
	HOSTKEY_ECDSA_METHODS \
	HOSTKEY_CURVE25519_METHODS \
	"ssh-rsa," \
	"ssh-dss"


#else

#define KEX_SERVER_KEX		\
	KEX_CURVE25519_METHODS
#define	KEX_DEFAULT_PK_ALG	\
	HOSTKEY_CURVE25519_CERT_METHODS \
	HOSTKEY_CURVE25519_METHODS
#define	KEX_SERVER_ENCRYPT \
	"aes128-ctr,aes192-ctr,aes256-ctr," \
	"chacha20-poly1305@openssh.com"

Lines 32-38 $(OPENBSD): ../config.h Link Here

(-)old/openbsd-compat/Makefile.in (-1 / +1 lines)
32	$(PORTS): ../config.h	32	$(PORTS): ../config.h
33		33
34	libopenbsd-compat.a: $(COMPAT) $(OPENBSD) $(PORTS)	34	libopenbsd-compat.a: $(COMPAT) $(OPENBSD) $(PORTS)
35	$(AR) rv $@ $(COMPAT) $(OPENBSD) $(PORTS)	35	$(AR) rv $@ $(COMPAT) $(OPENBSD) $(PORTS) ../hash.o ../blocks.o
36	$(RANLIB) $@	36	$(RANLIB) $@
37		37
38	clean:	38	clean:




#define _PATH_HOST_KEY_FILE		SSHDIR "/ssh_host_key"
#define _PATH_HOST_DSA_KEY_FILE		SSHDIR "/ssh_host_dsa_key"
#define _PATH_HOST_ECDSA_KEY_FILE	SSHDIR "/ssh_host_ecdsa_key"
#ifndef WITHOUT_ED25519
#define _PATH_HOST_ED25519_KEY_FILE	SSHDIR "/ssh_host_ed25519_key"
#endif /* WITHOUT_ED25519 */
#define _PATH_HOST_RSA_KEY_FILE		SSHDIR "/ssh_host_rsa_key"
#define _PATH_DH_MODULI			SSHDIR "/moduli"
/* Backwards compatibility */

#define _PATH_SSH_CLIENT_ID_DSA		_PATH_SSH_USER_DIR "/id_dsa"
#define _PATH_SSH_CLIENT_ID_ECDSA	_PATH_SSH_USER_DIR "/id_ecdsa"
#define _PATH_SSH_CLIENT_ID_RSA		_PATH_SSH_USER_DIR "/id_rsa"
#ifndef WITHOUT_ED25519
#define _PATH_SSH_CLIENT_ID_ED25519	_PATH_SSH_USER_DIR "/id_ed25519"
#endif /* WITHOUT_ED25519 */

/*
 * Configuration file in user's home directory.  This file need not be

Lines 1781-1788 fill_default_options(Options * options) Link Here

(-)old/readconf.c (+2 lines)
1781	add_identity_file(options, "~/",	1781	add_identity_file(options, "~/",
1782	_PATH_SSH_CLIENT_ID_ECDSA, 0);	1782	_PATH_SSH_CLIENT_ID_ECDSA, 0);
1783	#endif	1783	#endif
		1784	#ifndef WITHOUT_ED25519
1784	add_identity_file(options, "~/",	1785	add_identity_file(options, "~/",
1785	_PATH_SSH_CLIENT_ID_ED25519, 0);	1786	_PATH_SSH_CLIENT_ID_ED25519, 0);
		1787	#endif /* WITHOUT_ED25519 */
1786	}	1788	}
1787	}	1789	}
1788	if (options->escape_char == -1)	1790	if (options->escape_char == -1)

Lines 198-205 fill_default_server_options(ServerOption Link Here

(-)old/servconf.c (+2 lines)
198	options->host_key_files[options->num_host_key_files++] =	198	options->host_key_files[options->num_host_key_files++] =
199	_PATH_HOST_ECDSA_KEY_FILE;	199	_PATH_HOST_ECDSA_KEY_FILE;
200	#endif	200	#endif
		201	#ifndef WITHOUT_ED25519
201	options->host_key_files[options->num_host_key_files++] =	202	options->host_key_files[options->num_host_key_files++] =
202	_PATH_HOST_ED25519_KEY_FILE;	203	_PATH_HOST_ED25519_KEY_FILE;
		204	#endif /* WITHOUT_ED25519 */
203	}	205	}
204	}	206	}
205	/* No certificates by default */	207	/* No certificates by default */

Lines 6-11 Public domain. Link Here

(-)old/smult_curve25519_ref.c (+3 lines)
6	Derived from public domain code by D. J. Bernstein.	6	Derived from public domain code by D. J. Bernstein.
7	*/	7	*/
8		8
		9	#ifndef WITHOUT_ED25519
		10
9	int crypto_scalarmult_curve25519(unsigned char , const unsigned char , const unsigned char *);	11	int crypto_scalarmult_curve25519(unsigned char , const unsigned char , const unsigned char *);
10		12
11	static void add(unsigned int out[32],const unsigned int a[32],const unsigned int b[32])	13	static void add(unsigned int out[32],const unsigned int a[32],const unsigned int b[32])
Lines 263-265 int crypto_scalarmult_curve25519(unsigne Link Here
263	for (i = 0;i < 32;++i) q[i] = work[64 + i];	265	for (i = 0;i < 32;++i) q[i] = work[64 + i];
264	return 0;	266	return 0;
265	}	267	}
		268	#endif /* WITHOUT_ED25519 */

Lines 78-84 static char *default_files[] = { Link Here

(-)old/ssh-add.c (+2 lines)
78	_PATH_SSH_CLIENT_ID_ECDSA,	78	_PATH_SSH_CLIENT_ID_ECDSA,
79	#endif	79	#endif
80	#endif /* WITH_OPENSSL */	80	#endif /* WITH_OPENSSL */
		81	#ifndef WITHOUT_ED25519
81	_PATH_SSH_CLIENT_ID_ED25519,	82	_PATH_SSH_CLIENT_ID_ED25519,
		83	#endif /* WITHOUT_ED25519 */
82	_PATH_SSH_CLIENT_IDENTITY,	84	_PATH_SSH_CLIENT_IDENTITY,
83	NULL	85	NULL
84	};	86	};

Lines 17-22 Link Here

(-)old/ssh-ed25519.c (+3 lines)
17		17
18	#include "includes.h"	18	#include "includes.h"
19		19
		20	#ifndef WITHOUT_ED25519
		21
20	#include <sys/types.h>	22	#include <sys/types.h>
21	#include <limits.h>	23	#include <limits.h>
22		24
Lines 164-166 ssh_ed25519_verify(const struct sshkey * Link Here
164	free(ktype);	166	free(ktype);
165	return r;	167	return r;
166	}	168	}
		169	#endif /* WITHOUT_ED25519 */

Lines 214-220 type_bits_valid(int type, const char *na Link Here

(-)old/ssh-keygen.c (-2 / +15 lines)
214	}	214	}
215	if (type == KEY_DSA && *bitsp != 1024)	215	if (type == KEY_DSA && *bitsp != 1024)
216	fatal("DSA keys must be 1024 bits");	216	fatal("DSA keys must be 1024 bits");
217	else if (type != KEY_ECDSA && type != KEY_ED25519 && *bitsp < 768)	217	else if (type != KEY_ECDSA &&
		218	#ifndef WITHOUT_ED25519
		219	type != KEY_ED25519 &&
		220	#endif /* WITHOUT_ED25519 */
		221	*bitsp < 768)
218	fatal("Key must at least be 768 bits");	222	fatal("Key must at least be 768 bits");
219	else if (type == KEY_ECDSA && sshkey_ecdsa_bits_to_nid(*bitsp) == -1)	223	else if (type == KEY_ECDSA && sshkey_ecdsa_bits_to_nid(*bitsp) == -1)
220	fatal("Invalid ECDSA key length - valid lengths are "	224	fatal("Invalid ECDSA key length - valid lengths are "
Lines 251-260 ask_filename(struct passwd *pw, const ch Link Here
251	case KEY_RSA:	255	case KEY_RSA:
252	name = _PATH_SSH_CLIENT_ID_RSA;	256	name = _PATH_SSH_CLIENT_ID_RSA;
253	break;	257	break;
		258	#ifndef WITHOUT_ED25519
254	case KEY_ED25519:	259	case KEY_ED25519:
255	case KEY_ED25519_CERT:	260	case KEY_ED25519_CERT:
256	name = _PATH_SSH_CLIENT_ID_ED25519;	261	name = _PATH_SSH_CLIENT_ID_ED25519;
257	break;	262	break;
		263	#endif /* WITHOUT_ED25519 */
258	default:	264	default:
259	fprintf(stderr, "bad key type\n");	265	fprintf(stderr, "bad key type\n");
260	exit(1);	266	exit(1);
Lines 954-960 do_gen_all_hostkeys(struct passwd *pw) Link Here
954	#ifdef OPENSSL_HAS_ECC	960	#ifdef OPENSSL_HAS_ECC
955	{ "ecdsa", "ECDSA",_PATH_HOST_ECDSA_KEY_FILE },	961	{ "ecdsa", "ECDSA",_PATH_HOST_ECDSA_KEY_FILE },
956	#endif	962	#endif
		963	#ifndef WITHOUT_ED25519
957	{ "ed25519", "ED25519",_PATH_HOST_ED25519_KEY_FILE },	964	{ "ed25519", "ED25519",_PATH_HOST_ED25519_KEY_FILE },
		965	#endif /* WITHOUT_ED25519 */
958	{ NULL, NULL, NULL }	966	{ NULL, NULL, NULL }
959	};	967	};
960		968
Lines 1643-1649 do_ca_sign(struct passwd *pw, int argc, Link Here
1643	fatal("%s: unable to open \"%s\": %s",	1651	fatal("%s: unable to open \"%s\": %s",
1644	__func__, tmp, ssh_err(r));	1652	__func__, tmp, ssh_err(r));
1645	if (public->type != KEY_RSA && public->type != KEY_DSA &&	1653	if (public->type != KEY_RSA && public->type != KEY_DSA &&
1646	public->type != KEY_ECDSA && public->type != KEY_ED25519)	1654	#ifndef WITHOUT_ED25519
		1655	public->type != KEY_ED25519 &&
		1656	#endif /* WITHOUT_ED25519 */
		1657	public->type != KEY_ECDSA)
1647	fatal("%s: key \"%s\" type %s cannot be certified",	1658	fatal("%s: key \"%s\" type %s cannot be certified",
1648	__func__, tmp, sshkey_type(public));	1659	__func__, tmp, sshkey_type(public));
1649		1660
Lines 2558-2565 main(int argc, char **argv) Link Here
2558	_PATH_HOST_DSA_KEY_FILE, rr_hostname);	2569	_PATH_HOST_DSA_KEY_FILE, rr_hostname);
2559	n += do_print_resource_record(pw,	2570	n += do_print_resource_record(pw,
2560	_PATH_HOST_ECDSA_KEY_FILE, rr_hostname);	2571	_PATH_HOST_ECDSA_KEY_FILE, rr_hostname);
		2572	#ifndef WITHOUT_ED25519
2561	n += do_print_resource_record(pw,	2573	n += do_print_resource_record(pw,
2562	_PATH_HOST_ED25519_KEY_FILE, rr_hostname);	2574	_PATH_HOST_ED25519_KEY_FILE, rr_hostname);
		2575	#endif /* WITHOUT_ED25519 */
2563	if (n == 0)	2576	if (n == 0)
2564	fatal("no keys found.");	2577	fatal("no keys found.");
2565	exit(0);	2578	exit(0);

Lines 286-292 keygrab_ssh2(con *c) Link Here

(-)old/ssh-keyscan.c (-1 / +10 lines)
286	c->c_ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client;	286	c->c_ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
287	# endif	287	# endif
288	#endif	288	#endif
		289	#ifndef WITHOUT_ED25519
289	c->c_ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client;	290	c->c_ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client;
		291	#endif /* WITHOUT_ED25519 */
290	ssh_set_verify_host_key_callback(c->c_ssh, key_print_wrapper);	292	ssh_set_verify_host_key_callback(c->c_ssh, key_print_wrapper);
291	/*	293	/*
292	* do the key-exchange until an error occurs or until	294	* do the key-exchange until an error occurs or until
Lines 609-618 do_host(char *host) Link Here
609	{	611	{
610	char *name = strnnsep(&host, " \t\n");	612	char *name = strnnsep(&host, " \t\n");
611	int j;	613	int j;
		614	#ifndef WITHOUT_ED25519
		615	int max_kt = KT_ED25519;
		616	#else
		617	int max_kt = KT_ECDSA;
		618	#endif /* WITHOUT_ED25519 */
612		619
613	if (name == NULL)	620	if (name == NULL)
614	return;	621	return;
615	for (j = KT_RSA1; j <= KT_ED25519; j *= 2) {	622	for (j = KT_RSA1; j <= max_kt; j *= 2) {
616	if (get_keytypes & j) {	623	if (get_keytypes & j) {
617	while (ncon >= MAXCON)	624	while (ncon >= MAXCON)
618	conloop();	625	conloop();
Lines 716-724 main(int argc, char **argv) Link Here
716	case KEY_RSA:	723	case KEY_RSA:
717	get_keytypes \|= KT_RSA;	724	get_keytypes \|= KT_RSA;
718	break;	725	break;
		726	#ifndef WITHOUT_ED25519
719	case KEY_ED25519:	727	case KEY_ED25519:
720	get_keytypes \|= KT_ED25519;	728	get_keytypes \|= KT_ED25519;
721	break;	729	break;
		730	#endif /* WITHOUT_ED25519 */
722	case KEY_UNSPEC:	731	case KEY_UNSPEC:
723	fatal("unknown key type %s", tname);	732	fatal("unknown key type %s", tname);
724	}	733	}

Lines 189-195 main(int argc, char **argv) Link Here

(-)old/ssh-keysign.c (+2 lines)
189	i = 0;	189	i = 0;
190	key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY);	190	key_fd[i++] = open(_PATH_HOST_DSA_KEY_FILE, O_RDONLY);
191	key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY);	191	key_fd[i++] = open(_PATH_HOST_ECDSA_KEY_FILE, O_RDONLY);
		192	#ifndef WITHOUT_ED25519
192	key_fd[i++] = open(_PATH_HOST_ED25519_KEY_FILE, O_RDONLY);	193	key_fd[i++] = open(_PATH_HOST_ED25519_KEY_FILE, O_RDONLY);
		194	#endif /* WITHOUT_ED25519 */
193	key_fd[i++] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY);	195	key_fd[i++] = open(_PATH_HOST_RSA_KEY_FILE, O_RDONLY);
194		196
195	original_real_uid = getuid(); /* XXX readconf.c needs this */	197	original_real_uid = getuid(); /* XXX readconf.c needs this */




		sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA,
		    _PATH_HOST_ECDSA_KEY_FILE, "", NULL);
#endif
#ifndef WITHOUT_ED25519
		sensitive_data.keys[2] = key_load_private_cert(KEY_ED25519,
		    _PATH_HOST_ED25519_KEY_FILE, "", NULL);
#endif /* WITHOUT_ED25519 */
		sensitive_data.keys[3] = key_load_private_cert(KEY_RSA,
		    _PATH_HOST_RSA_KEY_FILE, "", NULL);
		sensitive_data.keys[4] = key_load_private_cert(KEY_DSA,

		sensitive_data.keys[5] = key_load_private_type(KEY_ECDSA,
		    _PATH_HOST_ECDSA_KEY_FILE, "", NULL, NULL);
#endif
#ifndef WITHOUT_ED25519
		sensitive_data.keys[6] = key_load_private_type(KEY_ED25519,
		    _PATH_HOST_ED25519_KEY_FILE, "", NULL, NULL);
#endif /* WITHOUT_ED25519 */
		sensitive_data.keys[7] = key_load_private_type(KEY_RSA,
		    _PATH_HOST_RSA_KEY_FILE, "", NULL, NULL);
		sensitive_data.keys[8] = key_load_private_type(KEY_DSA,

			sensitive_data.keys[1] = key_load_cert(
			    _PATH_HOST_ECDSA_KEY_FILE);
#endif
#ifndef WITHOUT_ED25519
			sensitive_data.keys[2] = key_load_cert(
			    _PATH_HOST_ED25519_KEY_FILE);
#endif /* WITHOUT_ED25519 */
			sensitive_data.keys[3] = key_load_cert(
			    _PATH_HOST_RSA_KEY_FILE);
			sensitive_data.keys[4] = key_load_cert(

			sensitive_data.keys[5] = key_load_public(
			    _PATH_HOST_ECDSA_KEY_FILE, NULL);
#endif
#ifndef WITHOUT_ED25519
			sensitive_data.keys[6] = key_load_public(
			    _PATH_HOST_ED25519_KEY_FILE, NULL);
#endif /* WITHOUT_ED25519 */
			sensitive_data.keys[7] = key_load_public(
			    _PATH_HOST_RSA_KEY_FILE, NULL);
			sensitive_data.keys[8] = key_load_public(




		ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
# endif
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
		ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_server;
#endif /* WITHOUT_ED25519 */
		ssh->kex->load_host_public_key=&_ssh_host_public_key;
		ssh->kex->load_host_private_key=&_ssh_host_private_key;
		ssh->kex->sign=&_ssh_host_key_sign;

		ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
# endif
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
		ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client;
#endif /* WITHOUT_ED25519 */
		ssh->kex->verify_host_key =&_ssh_verify_host_key;
	}
	*sshp = ssh;

Lines 1391-1397 show_other_keys(struct hostkeys *hostkey Link Here

(-)old/sshconnect.c (+2 lines)
1391	KEY_RSA,	1391	KEY_RSA,
1392	KEY_DSA,	1392	KEY_DSA,
1393	KEY_ECDSA,	1393	KEY_ECDSA,
		1394	#ifndef WITHOUT_ED25519
1394	KEY_ED25519,	1395	KEY_ED25519,
		1396	#endif /* WITHOUT_ED25519 */
1395	-1	1397	-1
1396	};	1398	};
1397	int i, ret = 0;	1399	int i, ret = 0;

Lines 217-223 ssh_kex2(char host, struct sockaddr ho Link Here

(-)old/sshconnect2.c (+2 lines)
217	kex->kex[KEX_ECDH_SHA2] = kexecdh_client;	217	kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
218	# endif	218	# endif
219	#endif	219	#endif
		220	#ifndef WITHOUT_ED25519
220	kex->kex[KEX_C25519_SHA256] = kexc25519_client;	221	kex->kex[KEX_C25519_SHA256] = kexc25519_client;
		222	#endif /* WITHOUT_ED25519 */
221	kex->client_version_string=client_version_string;	223	kex->client_version_string=client_version_string;
222	kex->server_version_string=server_version_string;	224	kex->server_version_string=server_version_string;
223	kex->verify_host_key=&verify_host_key_callback;	225	kex->verify_host_key=&verify_host_key_callback;




		case KEY_RSA:
		case KEY_DSA:
		case KEY_ECDSA:
#ifndef WITHOUT_ED25519
		case KEY_ED25519:
#endif /* WITHOUT_ED25519 */
			if (buffer_len(&b) > 0)
				buffer_append(&b, ",", 1);
			p = key_ssh_name(key);

		case KEY_RSA_CERT:
		case KEY_DSA_CERT:
		case KEY_ECDSA_CERT:
#ifndef WITHOUT_ED25519
		case KEY_ED25519_CERT:
#endif /* WITHOUT_ED25519 */
			if (buffer_len(&b) > 0)
				buffer_append(&b, ",", 1);
			p = key_ssh_name(key);

		case KEY_RSA_CERT:
		case KEY_DSA_CERT:
		case KEY_ECDSA_CERT:
#ifndef WITHOUT_ED25519
		case KEY_ED25519_CERT:
#endif /* WITHOUT_ED25519 */
			key = sensitive_data.host_certificates[i];
			break;
		default:

		case KEY_RSA:
		case KEY_DSA:
		case KEY_ECDSA:
#ifndef WITHOUT_ED25519
		case KEY_ED25519:
#endif /* WITHOUT_ED25519 */
			if (have_agent || key != NULL)
				sensitive_data.have_ssh2_key = 1;
			break;

	kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
# endif
#endif
#ifndef WITHOUT_ED25519
	kex->kex[KEX_C25519_SHA256] = kexc25519_server;
#endif /* WITHOUT_ED25519 */
	kex->server = 1;
	kex->client_version_string=client_version_string;
	kex->server_version_string=server_version_string;




	int cert;
};
static const struct keytype keytypes[] = {
#ifndef WITHOUT_ED25519
	{ "ssh-ed25519", "ED25519", KEY_ED25519, 0, 0 },
	{ "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT",
	    KEY_ED25519_CERT, 0, 1 },
#endif /* WITHOUT_ED25519 */
#ifdef WITH_OPENSSL
	{ NULL, "RSA1", KEY_RSA1, 0, 0 },
	{ "ssh-rsa", "RSA", KEY_RSA, 0, 0 },

	case KEY_ECDSA_CERT:
		return sshkey_curve_nid_to_bits(k->ecdsa_nid);
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
	case KEY_ED25519_CERT:
#endif /* WITHOUT_ED25519 */
		return 256;	/* XXX */
	}
	return 0;

	case KEY_RSA:
	case KEY_DSA:
	case KEY_ECDSA:
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
#endif /* WITHOUT_ED25519 */
		return 1;
	default:
		return 0;

		return KEY_DSA;
	case KEY_ECDSA_CERT:
		return KEY_ECDSA;
#ifndef WITHOUT_ED25519
	case KEY_ED25519_CERT:
		return KEY_ED25519;
#endif /* WITHOUT_ED25519 */
	default:
		return type;
	}

	k->dsa = NULL;
	k->rsa = NULL;
	k->cert = NULL;
#ifndef WITHOUT_ED25519
	k->ed25519_sk = NULL;
	k->ed25519_pk = NULL;
#endif /* WITHOUT_ED25519 */
	switch (k->type) {
#ifdef WITH_OPENSSL
	case KEY_RSA1:

		/* Cannot do anything until we know the group */
		break;
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
	case KEY_ED25519_CERT:
		/* no need to prealloc */
		break;
#endif /* WITHOUT_ED25519 */
	case KEY_UNSPEC:
		break;
	default:

		/* Cannot do anything until we know the group */
		break;
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
	case KEY_ED25519_CERT:
		/* no need to prealloc */
		break;
#endif /* WITHOUT_ED25519 */
	case KEY_UNSPEC:
		break;
	default:

		break;
# endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
	case KEY_ED25519_CERT:
		if (k->ed25519_pk) {

			k->ed25519_sk = NULL;
		}
		break;
#endif /* WITHOUT_ED25519 */
	case KEY_UNSPEC:
		break;
	default:

		return 1;
# endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
	case KEY_ED25519_CERT:
		return a->ed25519_pk != NULL && b->ed25519_pk != NULL &&
		    memcmp(a->ed25519_pk, b->ed25519_pk, ED25519_PK_SZ) == 0;
#endif /* WITHOUT_ED25519 */
	default:
		return 0;
	}

	case KEY_ECDSA_CERT:
	case KEY_RSA_CERT:
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519_CERT:
		/* Use the existing blob */
		/* XXX modified flag? */
		if ((ret = sshbuf_putb(b, key->cert->certblob)) != 0)
			return ret;
		break;
#endif /* WITHOUT_ED25519 */
#ifdef WITH_OPENSSL
	case KEY_DSA:
		if (key->dsa == NULL)

			return ret;
		break;
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
		if (key->ed25519_pk == NULL)
			return SSH_ERR_INVALID_ARGUMENT;

		    key->ed25519_pk, ED25519_PK_SZ)) != 0)
			return ret;
		break;
#endif /* WITHOUT_ED25519 */
	default:
		return SSH_ERR_KEY_TYPE_UNKNOWN;
	}

	case KEY_RSA:
	case KEY_DSA:
	case KEY_ECDSA:
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
#endif /* WITHOUT_ED25519 */
	case KEY_DSA_CERT_V00:
	case KEY_RSA_CERT_V00:
	case KEY_DSA_CERT:
	case KEY_ECDSA_CERT:
	case KEY_RSA_CERT:
#ifndef WITHOUT_ED25519
	case KEY_ED25519_CERT:
#endif /* WITHOUT_ED25519 */
		space = strchr(cp, ' ');
		if (space == NULL)
			return SSH_ERR_INVALID_FORMAT;

		}
# endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
		if (sshkey_type_plain(ret->type) == KEY_ED25519) {
			free(ret->ed25519_pk);
			ret->ed25519_pk = k->ed25519_pk;

			/* XXX */
#endif
		}
#endif /* WITHOUT_ED25519 */
		retval = 0;
/*XXXX*/
		sshkey_free(k);

	case KEY_RSA_CERT_V00:
	case KEY_RSA_CERT:
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
	case KEY_ED25519_CERT:
#endif /* WITHOUT_ED25519 */
		if ((bb = sshbuf_new()) == NULL) {
			ret = SSH_ERR_ALLOC_FAIL;
			goto out;

	if ((k = sshkey_new(KEY_UNSPEC)) == NULL)
		return SSH_ERR_ALLOC_FAIL;
	switch (type) {
#ifndef WITHOUT_ED25519
		case KEY_ED25519:
		if ((k->ed25519_pk = malloc(ED25519_PK_SZ)) == NULL ||
		    (k->ed25519_sk = malloc(ED25519_SK_SZ)) == NULL) {
			ret = SSH_ERR_ALLOC_FAIL;

		crypto_sign_ed25519_keypair(k->ed25519_pk, k->ed25519_sk);
		ret = 0;
		break;
#endif /* WITHOUT_ED25519 */
#ifdef WITH_OPENSSL
	case KEY_DSA:
		ret = dsa_generate_private_key(bits, &k->dsa);

		}
		break;
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
	case KEY_ED25519_CERT:
		if ((n = sshkey_new(k->type)) == NULL)

			memcpy(n->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ);
		}
		break;
#endif /* WITHOUT_ED25519 */
	default:
		return SSH_ERR_KEY_TYPE_UNKNOWN;
	}

		break;
# endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519_CERT:
		/* Skip nonce */
		if (sshbuf_get_string_direct(b, NULL, NULL) != 0) {

		key->ed25519_pk = pk;
		pk = NULL;
		break;
#endif /* WITHOUT_ED25519 */
	case KEY_UNSPEC:
		if ((key = sshkey_new(type)) == NULL) {
			ret = SSH_ERR_ALLOC_FAIL;

	case KEY_RSA:
		return ssh_rsa_sign(key, sigp, lenp, data, datalen, compat);
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
	case KEY_ED25519_CERT:
		return ssh_ed25519_sign(key, sigp, lenp, data, datalen, compat);
#endif /* WITHOUT_ED25519 */
	default:
		return SSH_ERR_KEY_TYPE_UNKNOWN;
	}

	case KEY_RSA:
		return ssh_rsa_verify(key, sig, siglen, data, dlen, compat);
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
	case KEY_ED25519_CERT:
		return ssh_ed25519_verify(key, sig, siglen, data, dlen, compat);
#endif /* WITHOUT_ED25519 */
	default:
		return SSH_ERR_KEY_TYPE_UNKNOWN;
	}

	pk->dsa = NULL;
	pk->ecdsa = NULL;
	pk->rsa = NULL;
#ifndef WITHOUT_ED25519
	pk->ed25519_pk = NULL;
	pk->ed25519_sk = NULL;
#endif /* WITHOUT_ED25519 */

	switch (k->type) {
#ifdef WITH_OPENSSL

		break;
# endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519_CERT:
		if ((ret = sshkey_cert_copy(k, pk)) != 0)
			goto fail;

			memcpy(pk->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ);
		}
		break;
#endif /* WITHOUT_ED25519 */
	default:
		ret = SSH_ERR_KEY_TYPE_UNKNOWN;
 fail:

		newtype = KEY_ECDSA_CERT;
		break;
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
		if (legacy)
			return SSH_ERR_INVALID_ARGUMENT;
		newtype = KEY_ED25519_CERT;
		break;
#endif /* WITHOUT_ED25519 */
	default:
		return SSH_ERR_INVALID_ARGUMENT;
	}

			goto out;
		break;
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519_CERT:
		if ((ret = sshbuf_put_string(cert,
		    k->ed25519_pk, ED25519_PK_SZ)) != 0)
			goto out;
		break;
#endif /* WITHOUT_ED25519 */
	default:
		ret = SSH_ERR_INVALID_ARGUMENT;
		goto out;

		break;
# endif /* OPENSSL_HAS_ECC */
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
		if ((r = sshbuf_put_string(b, key->ed25519_pk,
		    ED25519_PK_SZ)) != 0 ||

		    ED25519_SK_SZ)) != 0)
			goto out;
		break;
#endif /* WITHOUT_ED25519 */
	default:
		r = SSH_ERR_INVALID_ARGUMENT;
		goto out;

			goto out;
		break;
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
		if ((k = sshkey_new_private(type)) == NULL) {
			r = SSH_ERR_ALLOC_FAIL;

		k->ed25519_sk = ed25519_sk;
		ed25519_pk = ed25519_sk = NULL;
		break;
#endif /* WITHOUT_ED25519 */
	default:
		r = SSH_ERR_KEY_TYPE_UNKNOWN;
		goto out;

		return sshkey_private_pem_to_blob(key, blob,
		    passphrase, comment);
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
		return sshkey_private_to_blob2(key, blob, passphrase,
		    comment, new_format_cipher, new_format_rounds);
#endif /* WITHOUT_ED25519 */
	default:
		return SSH_ERR_KEY_TYPE_UNKNOWN;
	}

		return sshkey_parse_private_pem_fileblob(blob, type,
		    passphrase, keyp);
#endif /* WITH_OPENSSL */
#ifndef WITHOUT_ED25519
	case KEY_ED25519:
		return sshkey_parse_private2(blob, type, passphrase,
		    keyp, commentp);
#endif /* WITHOUT_ED25519 */
	case KEY_UNSPEC:
		if ((r = sshkey_parse_private2(blob, type, passphrase, keyp,
		    commentp)) == 0)




	KEY_RSA,
	KEY_DSA,
	KEY_ECDSA,
#ifndef WITHOUT_ED25519
	KEY_ED25519,
#endif /* WITHOUT_ED25519 */
	KEY_RSA_CERT,
	KEY_DSA_CERT,
	KEY_ECDSA_CERT,
#ifndef WITHOUT_ED25519
	KEY_ED25519_CERT,
#endif /* WITHOUT_ED25519 */
	KEY_RSA_CERT_V00,
	KEY_DSA_CERT_V00,
	KEY_UNSPEC

	DSA	*dsa;
	int	 ecdsa_nid;	/* NID of curve */
	EC_KEY	*ecdsa;
#ifndef WITHOUT_ED25519
	u_char	*ed25519_sk;
	u_char	*ed25519_pk;
#endif /* WITHOUT_ED25519 */
	struct sshkey_cert *cert;
};

#ifndef WITHOUT_ED25519
#define	ED25519_SK_SZ	crypto_sign_ed25519_SECRETKEYBYTES
#define	ED25519_PK_SZ	crypto_sign_ed25519_PUBLICKEYBYTES
#endif /* WITHOUT_ED25519 */

struct sshkey	*sshkey_new(int);
int		 sshkey_add_private(struct sshkey *);

int ssh_ecdsa_verify(const struct sshkey *key,
    const u_char *signature, size_t signaturelen,
    const u_char *data, size_t datalen, u_int compat);
#ifndef WITHOUT_ED25519
int ssh_ed25519_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
    const u_char *data, size_t datalen, u_int compat);
int ssh_ed25519_verify(const struct sshkey *key,
    const u_char *signature, size_t signaturelen,
    const u_char *data, size_t datalen, u_int compat);
#endif /* WITHOUT_ED25519 */
#endif

#if !defined(WITH_OPENSSL)

Return to bug 2376

Lines 1234-1241 main(int ac, char **av) Link Here

(-)old/ssh.c (+8 lines)
1234	sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA,	1234	sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA,
1235	_PATH_HOST_ECDSA_KEY_FILE, "", NULL);	1235	_PATH_HOST_ECDSA_KEY_FILE, "", NULL);
1236	#endif	1236	#endif
		1237	#ifndef WITHOUT_ED25519
1237	sensitive_data.keys[2] = key_load_private_cert(KEY_ED25519,	1238	sensitive_data.keys[2] = key_load_private_cert(KEY_ED25519,
1238	_PATH_HOST_ED25519_KEY_FILE, "", NULL);	1239	_PATH_HOST_ED25519_KEY_FILE, "", NULL);
		1240	#endif /* WITHOUT_ED25519 */
1239	sensitive_data.keys[3] = key_load_private_cert(KEY_RSA,	1241	sensitive_data.keys[3] = key_load_private_cert(KEY_RSA,
1240	_PATH_HOST_RSA_KEY_FILE, "", NULL);	1242	_PATH_HOST_RSA_KEY_FILE, "", NULL);
1241	sensitive_data.keys[4] = key_load_private_cert(KEY_DSA,	1243	sensitive_data.keys[4] = key_load_private_cert(KEY_DSA,
Lines 1244-1251 main(int ac, char **av) Link Here
1244	sensitive_data.keys[5] = key_load_private_type(KEY_ECDSA,	1246	sensitive_data.keys[5] = key_load_private_type(KEY_ECDSA,
1245	_PATH_HOST_ECDSA_KEY_FILE, "", NULL, NULL);	1247	_PATH_HOST_ECDSA_KEY_FILE, "", NULL, NULL);
1246	#endif	1248	#endif
		1249	#ifndef WITHOUT_ED25519
1247	sensitive_data.keys[6] = key_load_private_type(KEY_ED25519,	1250	sensitive_data.keys[6] = key_load_private_type(KEY_ED25519,
1248	_PATH_HOST_ED25519_KEY_FILE, "", NULL, NULL);	1251	_PATH_HOST_ED25519_KEY_FILE, "", NULL, NULL);
		1252	#endif /* WITHOUT_ED25519 */
1249	sensitive_data.keys[7] = key_load_private_type(KEY_RSA,	1253	sensitive_data.keys[7] = key_load_private_type(KEY_RSA,
1250	_PATH_HOST_RSA_KEY_FILE, "", NULL, NULL);	1254	_PATH_HOST_RSA_KEY_FILE, "", NULL, NULL);
1251	sensitive_data.keys[8] = key_load_private_type(KEY_DSA,	1255	sensitive_data.keys[8] = key_load_private_type(KEY_DSA,
Lines 1262-1269 main(int ac, char **av) Link Here
1262	sensitive_data.keys[1] = key_load_cert(	1266	sensitive_data.keys[1] = key_load_cert(
1263	_PATH_HOST_ECDSA_KEY_FILE);	1267	_PATH_HOST_ECDSA_KEY_FILE);
1264	#endif	1268	#endif
		1269	#ifndef WITHOUT_ED25519
1265	sensitive_data.keys[2] = key_load_cert(	1270	sensitive_data.keys[2] = key_load_cert(
1266	_PATH_HOST_ED25519_KEY_FILE);	1271	_PATH_HOST_ED25519_KEY_FILE);
		1272	#endif /* WITHOUT_ED25519 */
1267	sensitive_data.keys[3] = key_load_cert(	1273	sensitive_data.keys[3] = key_load_cert(
1268	_PATH_HOST_RSA_KEY_FILE);	1274	_PATH_HOST_RSA_KEY_FILE);
1269	sensitive_data.keys[4] = key_load_cert(	1275	sensitive_data.keys[4] = key_load_cert(
Lines 1272-1279 main(int ac, char **av) Link Here
1272	sensitive_data.keys[5] = key_load_public(	1278	sensitive_data.keys[5] = key_load_public(
1273	_PATH_HOST_ECDSA_KEY_FILE, NULL);	1279	_PATH_HOST_ECDSA_KEY_FILE, NULL);
1274	#endif	1280	#endif
		1281	#ifndef WITHOUT_ED25519
1275	sensitive_data.keys[6] = key_load_public(	1282	sensitive_data.keys[6] = key_load_public(
1276	_PATH_HOST_ED25519_KEY_FILE, NULL);	1283	_PATH_HOST_ED25519_KEY_FILE, NULL);
		1284	#endif /* WITHOUT_ED25519 */
1277	sensitive_data.keys[7] = key_load_public(	1285	sensitive_data.keys[7] = key_load_public(
1278	_PATH_HOST_RSA_KEY_FILE, NULL);	1286	_PATH_HOST_RSA_KEY_FILE, NULL);
1279	sensitive_data.keys[8] = key_load_public(	1287	sensitive_data.keys[8] = key_load_public(

Lines 100-110 dns_read_key(u_int8_t *algorithm, u_int8 Link Here

(-)old/dns.c (+2 lines)
100	if (!*digest_type)	100	if (!*digest_type)
101	*digest_type = SSHFP_HASH_SHA256;	101	*digest_type = SSHFP_HASH_SHA256;
102	break;	102	break;
		103	#ifndef WITHOUT_ED25519
103	case KEY_ED25519:	104	case KEY_ED25519:
104	*algorithm = SSHFP_KEY_ED25519;	105	*algorithm = SSHFP_KEY_ED25519;
105	if (!*digest_type)	106	if (!*digest_type)
106	*digest_type = SSHFP_HASH_SHA256;	107	*digest_type = SSHFP_HASH_SHA256;
107	break;	108	break;
		109	#endif /* WITHOUT_ED25519 */
108	default:	110	default:
109	algorithm = SSHFP_KEY_RESERVED; / 0 */	111	algorithm = SSHFP_KEY_RESERVED; / 0 */
110	digest_type = SSHFP_HASH_RESERVED; / 0 */	112	digest_type = SSHFP_HASH_RESERVED; / 0 */

Lines 58-70 Link Here

(-)old/kex.h (+12 lines)
58	#define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256"	58	#define KEX_ECDH_SHA2_NISTP256 "ecdh-sha2-nistp256"
59	#define KEX_ECDH_SHA2_NISTP384 "ecdh-sha2-nistp384"	59	#define KEX_ECDH_SHA2_NISTP384 "ecdh-sha2-nistp384"
60	#define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521"	60	#define KEX_ECDH_SHA2_NISTP521 "ecdh-sha2-nistp521"
		61	#ifndef WITHOUT_ED25519
61	#define KEX_CURVE25519_SHA256 "curve25519-sha256@libssh.org"	62	#define KEX_CURVE25519_SHA256 "curve25519-sha256@libssh.org"
		63	#endif /* WITHOUT_ED25519 */
62		64
63	#define COMP_NONE 0	65	#define COMP_NONE 0
64	#define COMP_ZLIB 1	66	#define COMP_ZLIB 1
65	#define COMP_DELAYED 2	67	#define COMP_DELAYED 2
66		68
		69	#ifndef WITHOUT_ED25519
67	#define CURVE25519_SIZE 32	70	#define CURVE25519_SIZE 32
		71	#endif /* WITHOUT_ED25519 */
68		72
69	enum kex_init_proposals {	73	enum kex_init_proposals {
70	PROPOSAL_KEX_ALGS,	74	PROPOSAL_KEX_ALGS,
Lines 92-98 enum kex_exchange { Link Here
92	KEX_DH_GEX_SHA1,	96	KEX_DH_GEX_SHA1,
93	KEX_DH_GEX_SHA256,	97	KEX_DH_GEX_SHA256,
94	KEX_ECDH_SHA2,	98	KEX_ECDH_SHA2,
		99	#ifndef WITHOUT_ED25519
95	KEX_C25519_SHA256,	100	KEX_C25519_SHA256,
		101	#endif /* WITHOUT_ED25519 */
96	KEX_MAX	102	KEX_MAX
97	};	103	};
98		104
Lines 153-160 struct kex { Link Here
153	u_int min, max, nbits; /* GEX */	159	u_int min, max, nbits; /* GEX */
154	EC_KEY ec_client_key; / ECDH */	160	EC_KEY ec_client_key; / ECDH */
155	const EC_GROUP ec_group; / ECDH */	161	const EC_GROUP ec_group; / ECDH */
		162	#ifndef WITHOUT_ED25519
156	u_char c25519_client_key[CURVE25519_SIZE]; /* 25519 */	163	u_char c25519_client_key[CURVE25519_SIZE]; /* 25519 */
157	u_char c25519_client_pubkey[CURVE25519_SIZE]; /* 25519 */	164	u_char c25519_client_pubkey[CURVE25519_SIZE]; /* 25519 */
		165	#endif /* WITHOUT_ED25519 */
158	};	166	};
159		167
160	int kex_names_valid(const char *);	168	int kex_names_valid(const char *);
Lines 181-188 int kexgex_client(struct ssh *); Link Here
181	int kexgex_server(struct ssh *);	189	int kexgex_server(struct ssh *);
182	int kexecdh_client(struct ssh *);	190	int kexecdh_client(struct ssh *);
183	int kexecdh_server(struct ssh *);	191	int kexecdh_server(struct ssh *);
		192	#ifndef WITHOUT_ED25519
184	int kexc25519_client(struct ssh *);	193	int kexc25519_client(struct ssh *);
185	int kexc25519_server(struct ssh *);	194	int kexc25519_server(struct ssh *);
		195	#endif /* WITHOUT_ED25519 */
186		196
187	int kex_dh_hash(const char , const char ,	197	int kex_dh_hash(const char , const char ,
188	const u_char , size_t, const u_char , size_t, const u_char *, size_t,	198	const u_char , size_t, const u_char , size_t, const u_char *, size_t,
Lines 199-204 int kex_ecdh_hash(int, const EC_GROUP *, Link Here
199	const u_char , size_t, const u_char , size_t, const u_char *, size_t,	209	const u_char , size_t, const u_char , size_t, const u_char *, size_t,
200	const EC_POINT , const EC_POINT , const BIGNUM , u_char , size_t *);	210	const EC_POINT , const EC_POINT , const BIGNUM , u_char , size_t *);
201		211
		212	#ifndef WITHOUT_ED25519
202	int kex_c25519_hash(int, const char , const char , const char *, size_t,	213	int kex_c25519_hash(int, const char , const char , const char *, size_t,
203	const char , size_t, const u_char , size_t, const u_char , const u_char ,	214	const char , size_t, const u_char , size_t, const u_char , const u_char ,
204	const u_char , size_t, u_char , size_t *);	215	const u_char , size_t, u_char , size_t *);
Lines 210-215 int kexc25519_shared_key(const u_char ke Link Here
210	const u_char pub[CURVE25519_SIZE], struct sshbuf *out)	221	const u_char pub[CURVE25519_SIZE], struct sshbuf *out)
211	__attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE)))	222	__attribute__((__bounded__(__minbytes__, 1, CURVE25519_SIZE)))
212	__attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE)));	223	__attribute__((__bounded__(__minbytes__, 2, CURVE25519_SIZE)));
		224	#endif /* WITHOUT_ED25519 */
213		225
214	int	226	int
215	derive_ssh1_session_id(BIGNUM , BIGNUM , u_int8_t[8], u_int8_t[16]);	227	derive_ssh1_session_id(BIGNUM , BIGNUM , u_int8_t[8], u_int8_t[16]);

Lines 59-64 Link Here

(-)old/myproposal.h (-10 / +17 lines)
59	# define HOSTKEY_ECDSA_METHODS	59	# define HOSTKEY_ECDSA_METHODS
60	#endif	60	#endif
61		61
		62	#ifndef WITHOUT_ED25519
		63	# if !defined(WITH_OPENSSL) \|\| defined(HAVE_EVP_SHA256)
		64	# define KEX_CURVE25519_METHODS "curve25519-sha256@libssh.org,"
		65	# endif
		66	# define HOSTKEY_CURVE25519_CERT_METHODS "ssh-ed25519-cert-v01@openssh.com,"
		67	# define HOSTKEY_CURVE25519_METHODS "ssh-ed25519,"
		68	#else
		69	# define KEX_CURVE25519_METHODS
		70	# define HOSTKEY_CURVE25519_CERT_METHODS
		71	# define HOSTKEY_CURVE25519_METHODS
		72	#endif /* WITHOUT_ED25519 */
		73
62	#ifdef OPENSSL_HAVE_EVPGCM	74	#ifdef OPENSSL_HAVE_EVPGCM
63	# define AESGCM_CIPHER_MODES \	75	# define AESGCM_CIPHER_MODES \
64	"aes128-gcm@openssh.com,aes256-gcm@openssh.com,"	76	"aes128-gcm@openssh.com,aes256-gcm@openssh.com,"
Lines 78-88 Link Here
78	#endif	90	#endif
79		91
80	#ifdef WITH_OPENSSL	92	#ifdef WITH_OPENSSL
81	# ifdef HAVE_EVP_SHA256
82	# define KEX_CURVE25519_METHODS "curve25519-sha256@libssh.org,"
83	# else
84	# define KEX_CURVE25519_METHODS ""
85	# endif
86	#define KEX_SERVER_KEX \	93	#define KEX_SERVER_KEX \
87	KEX_CURVE25519_METHODS \	94	KEX_CURVE25519_METHODS \
88	KEX_ECDH_METHODS \	95	KEX_ECDH_METHODS \
Lines 95-107 Link Here
95		102
96	#define KEX_DEFAULT_PK_ALG \	103	#define KEX_DEFAULT_PK_ALG \
97	HOSTKEY_ECDSA_CERT_METHODS \	104	HOSTKEY_ECDSA_CERT_METHODS \
98	"ssh-ed25519-cert-v01@openssh.com," \	105	HOSTKEY_CURVE25519_CERT_METHODS \
99	"ssh-rsa-cert-v01@openssh.com," \	106	"ssh-rsa-cert-v01@openssh.com," \
100	"ssh-dss-cert-v01@openssh.com," \	107	"ssh-dss-cert-v01@openssh.com," \
101	"ssh-rsa-cert-v00@openssh.com," \	108	"ssh-rsa-cert-v00@openssh.com," \
102	"ssh-dss-cert-v00@openssh.com," \	109	"ssh-dss-cert-v00@openssh.com," \
103	HOSTKEY_ECDSA_METHODS \	110	HOSTKEY_ECDSA_METHODS \
104	"ssh-ed25519," \	111	HOSTKEY_CURVE25519_METHODS \
105	"ssh-rsa," \	112	"ssh-rsa," \
106	"ssh-dss"	113	"ssh-dss"
107		114
Lines 143-152 Link Here
143	#else	150	#else
144		151
145	#define KEX_SERVER_KEX \	152	#define KEX_SERVER_KEX \
146	"curve25519-sha256@libssh.org"	153	KEX_CURVE25519_METHODS
147	#define KEX_DEFAULT_PK_ALG \	154	#define KEX_DEFAULT_PK_ALG \
148	"ssh-ed25519-cert-v01@openssh.com," \	155	HOSTKEY_CURVE25519_CERT_METHODS \
149	"ssh-ed25519"	156	HOSTKEY_CURVE25519_METHODS
150	#define KEX_SERVER_ENCRYPT \	157	#define KEX_SERVER_ENCRYPT \
151	"aes128-ctr,aes192-ctr,aes256-ctr," \	158	"aes128-ctr,aes192-ctr,aes256-ctr," \
152	"chacha20-poly1305@openssh.com"	159	"chacha20-poly1305@openssh.com"

Lines 39-45 Link Here

(-)old/pathnames.h (+4 lines)
39	#define _PATH_HOST_KEY_FILE SSHDIR "/ssh_host_key"	39	#define _PATH_HOST_KEY_FILE SSHDIR "/ssh_host_key"
40	#define _PATH_HOST_DSA_KEY_FILE SSHDIR "/ssh_host_dsa_key"	40	#define _PATH_HOST_DSA_KEY_FILE SSHDIR "/ssh_host_dsa_key"
41	#define _PATH_HOST_ECDSA_KEY_FILE SSHDIR "/ssh_host_ecdsa_key"	41	#define _PATH_HOST_ECDSA_KEY_FILE SSHDIR "/ssh_host_ecdsa_key"
		42	#ifndef WITHOUT_ED25519
42	#define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key"	43	#define _PATH_HOST_ED25519_KEY_FILE SSHDIR "/ssh_host_ed25519_key"
		44	#endif /* WITHOUT_ED25519 */
43	#define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key"	45	#define _PATH_HOST_RSA_KEY_FILE SSHDIR "/ssh_host_rsa_key"
44	#define _PATH_DH_MODULI SSHDIR "/moduli"	46	#define _PATH_DH_MODULI SSHDIR "/moduli"
45	/* Backwards compatibility */	47	/* Backwards compatibility */
Lines 78-84 Link Here
78	#define _PATH_SSH_CLIENT_ID_DSA _PATH_SSH_USER_DIR "/id_dsa"	80	#define _PATH_SSH_CLIENT_ID_DSA _PATH_SSH_USER_DIR "/id_dsa"
79	#define _PATH_SSH_CLIENT_ID_ECDSA _PATH_SSH_USER_DIR "/id_ecdsa"	81	#define _PATH_SSH_CLIENT_ID_ECDSA _PATH_SSH_USER_DIR "/id_ecdsa"
80	#define _PATH_SSH_CLIENT_ID_RSA _PATH_SSH_USER_DIR "/id_rsa"	82	#define _PATH_SSH_CLIENT_ID_RSA _PATH_SSH_USER_DIR "/id_rsa"
		83	#ifndef WITHOUT_ED25519
81	#define _PATH_SSH_CLIENT_ID_ED25519 _PATH_SSH_USER_DIR "/id_ed25519"	84	#define _PATH_SSH_CLIENT_ID_ED25519 _PATH_SSH_USER_DIR "/id_ed25519"
		85	#endif /* WITHOUT_ED25519 */
82		86
83	/*	87	/*
84	* Configuration file in user's home directory. This file need not be	88	* Configuration file in user's home directory. This file need not be

Lines 109-115 ssh_init(struct ssh **sshp, int is_serve Link Here

(-)old/ssh_api.c (+4 lines)
109	ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_server;	109	ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
110	# endif	110	# endif
111	#endif /* WITH_OPENSSL */	111	#endif /* WITH_OPENSSL */
		112	#ifndef WITHOUT_ED25519
112	ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_server;	113	ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_server;
		114	#endif /* WITHOUT_ED25519 */
113	ssh->kex->load_host_public_key=&_ssh_host_public_key;	115	ssh->kex->load_host_public_key=&_ssh_host_public_key;
114	ssh->kex->load_host_private_key=&_ssh_host_private_key;	116	ssh->kex->load_host_private_key=&_ssh_host_private_key;
115	ssh->kex->sign=&_ssh_host_key_sign;	117	ssh->kex->sign=&_ssh_host_key_sign;
Lines 123-129 ssh_init(struct ssh **sshp, int is_serve Link Here
123	ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client;	125	ssh->kex->kex[KEX_ECDH_SHA2] = kexecdh_client;
124	# endif	126	# endif
125	#endif /* WITH_OPENSSL */	127	#endif /* WITH_OPENSSL */
		128	#ifndef WITHOUT_ED25519
126	ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client;	129	ssh->kex->kex[KEX_C25519_SHA256] = kexc25519_client;
		130	#endif /* WITHOUT_ED25519 */
127	ssh->kex->verify_host_key =&_ssh_verify_host_key;	131	ssh->kex->verify_host_key =&_ssh_verify_host_key;
128	}	132	}
129	*sshp = ssh;	133	*sshp = ssh;

Lines 803-809 list_hostkey_types(void) Link Here

(-)old/sshd.c (+10 lines)
803	case KEY_RSA:	803	case KEY_RSA:
804	case KEY_DSA:	804	case KEY_DSA:
805	case KEY_ECDSA:	805	case KEY_ECDSA:
		806	#ifndef WITHOUT_ED25519
806	case KEY_ED25519:	807	case KEY_ED25519:
		808	#endif /* WITHOUT_ED25519 */
807	if (buffer_len(&b) > 0)	809	if (buffer_len(&b) > 0)
808	buffer_append(&b, ",", 1);	810	buffer_append(&b, ",", 1);
809	p = key_ssh_name(key);	811	p = key_ssh_name(key);
Lines 820-826 list_hostkey_types(void) Link Here
820	case KEY_RSA_CERT:	822	case KEY_RSA_CERT:
821	case KEY_DSA_CERT:	823	case KEY_DSA_CERT:
822	case KEY_ECDSA_CERT:	824	case KEY_ECDSA_CERT:
		825	#ifndef WITHOUT_ED25519
823	case KEY_ED25519_CERT:	826	case KEY_ED25519_CERT:
		827	#endif /* WITHOUT_ED25519 */
824	if (buffer_len(&b) > 0)	828	if (buffer_len(&b) > 0)
825	buffer_append(&b, ",", 1);	829	buffer_append(&b, ",", 1);
826	p = key_ssh_name(key);	830	p = key_ssh_name(key);
Lines 848-854 get_hostkey_by_type(int type, int nid, i Link Here
848	case KEY_RSA_CERT:	852	case KEY_RSA_CERT:
849	case KEY_DSA_CERT:	853	case KEY_DSA_CERT:
850	case KEY_ECDSA_CERT:	854	case KEY_ECDSA_CERT:
		855	#ifndef WITHOUT_ED25519
851	case KEY_ED25519_CERT:	856	case KEY_ED25519_CERT:
		857	#endif /* WITHOUT_ED25519 */
852	key = sensitive_data.host_certificates[i];	858	key = sensitive_data.host_certificates[i];
853	break;	859	break;
854	default:	860	default:
Lines 1798-1804 main(int ac, char **av) Link Here
1798	case KEY_RSA:	1804	case KEY_RSA:
1799	case KEY_DSA:	1805	case KEY_DSA:
1800	case KEY_ECDSA:	1806	case KEY_ECDSA:
		1807	#ifndef WITHOUT_ED25519
1801	case KEY_ED25519:	1808	case KEY_ED25519:
		1809	#endif /* WITHOUT_ED25519 */
1802	if (have_agent \|\| key != NULL)	1810	if (have_agent \|\| key != NULL)
1803	sensitive_data.have_ssh2_key = 1;	1811	sensitive_data.have_ssh2_key = 1;
1804	break;	1812	break;
Lines 2574-2580 do_ssh2_kex(void) Link Here
2574	kex->kex[KEX_ECDH_SHA2] = kexecdh_server;	2582	kex->kex[KEX_ECDH_SHA2] = kexecdh_server;
2575	# endif	2583	# endif
2576	#endif	2584	#endif
		2585	#ifndef WITHOUT_ED25519
2577	kex->kex[KEX_C25519_SHA256] = kexc25519_server;	2586	kex->kex[KEX_C25519_SHA256] = kexc25519_server;
		2587	#endif /* WITHOUT_ED25519 */
2578	kex->server = 1;	2588	kex->server = 1;
2579	kex->client_version_string=client_version_string;	2589	kex->client_version_string=client_version_string;
2580	kex->server_version_string=server_version_string;	2590	kex->server_version_string=server_version_string;

Lines 85-93 struct keytype { Link Here

(-)old/sshkey.c (-1 / +57 lines)
85	int cert;	85	int cert;
86	};	86	};
87	static const struct keytype keytypes[] = {	87	static const struct keytype keytypes[] = {
		88	#ifndef WITHOUT_ED25519
88	{ "ssh-ed25519", "ED25519", KEY_ED25519, 0, 0 },	89	{ "ssh-ed25519", "ED25519", KEY_ED25519, 0, 0 },
89	{ "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT",	90	{ "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT",
90	KEY_ED25519_CERT, 0, 1 },	91	KEY_ED25519_CERT, 0, 1 },
		92	#endif /* WITHOUT_ED25519 */
91	#ifdef WITH_OPENSSL	93	#ifdef WITH_OPENSSL
92	{ NULL, "RSA1", KEY_RSA1, 0, 0 },	94	{ NULL, "RSA1", KEY_RSA1, 0, 0 },
93	{ "ssh-rsa", "RSA", KEY_RSA, 0, 0 },	95	{ "ssh-rsa", "RSA", KEY_RSA, 0, 0 },
Lines 283-290 sshkey_size(const struct sshkey *k) Link Here
283	case KEY_ECDSA_CERT:	285	case KEY_ECDSA_CERT:
284	return sshkey_curve_nid_to_bits(k->ecdsa_nid);	286	return sshkey_curve_nid_to_bits(k->ecdsa_nid);
285	#endif /* WITH_OPENSSL */	287	#endif /* WITH_OPENSSL */
		288	#ifndef WITHOUT_ED25519
286	case KEY_ED25519:	289	case KEY_ED25519:
287	case KEY_ED25519_CERT:	290	case KEY_ED25519_CERT:
		291	#endif /* WITHOUT_ED25519 */
288	return 256; /* XXX */	292	return 256; /* XXX */
289	}	293	}
290	return 0;	294	return 0;
Lines 309-315 sshkey_type_is_valid_ca(int type) Link Here
309	case KEY_RSA:	313	case KEY_RSA:
310	case KEY_DSA:	314	case KEY_DSA:
311	case KEY_ECDSA:	315	case KEY_ECDSA:
		316	#ifndef WITHOUT_ED25519
312	case KEY_ED25519:	317	case KEY_ED25519:
		318	#endif /* WITHOUT_ED25519 */
313	return 1;	319	return 1;
314	default:	320	default:
315	return 0;	321	return 0;
Lines 337-344 sshkey_type_plain(int type) Link Here
337	return KEY_DSA;	343	return KEY_DSA;
338	case KEY_ECDSA_CERT:	344	case KEY_ECDSA_CERT:
339	return KEY_ECDSA;	345	return KEY_ECDSA;
		346	#ifndef WITHOUT_ED25519
340	case KEY_ED25519_CERT:	347	case KEY_ED25519_CERT:
341	return KEY_ED25519;	348	return KEY_ED25519;
		349	#endif /* WITHOUT_ED25519 */
342	default:	350	default:
343	return type;	351	return type;
344	}	352	}
Lines 491-498 sshkey_new(int type) Link Here
491	k->dsa = NULL;	499	k->dsa = NULL;
492	k->rsa = NULL;	500	k->rsa = NULL;
493	k->cert = NULL;	501	k->cert = NULL;
		502	#ifndef WITHOUT_ED25519
494	k->ed25519_sk = NULL;	503	k->ed25519_sk = NULL;
495	k->ed25519_pk = NULL;	504	k->ed25519_pk = NULL;
		505	#endif /* WITHOUT_ED25519 */
496	switch (k->type) {	506	switch (k->type) {
497	#ifdef WITH_OPENSSL	507	#ifdef WITH_OPENSSL
498	case KEY_RSA1:	508	case KEY_RSA1:
Lines 529-538 sshkey_new(int type) Link Here
529	/* Cannot do anything until we know the group */	539	/* Cannot do anything until we know the group */
530	break;	540	break;
531	#endif /* WITH_OPENSSL */	541	#endif /* WITH_OPENSSL */
		542	#ifndef WITHOUT_ED25519
532	case KEY_ED25519:	543	case KEY_ED25519:
533	case KEY_ED25519_CERT:	544	case KEY_ED25519_CERT:
534	/* no need to prealloc */	545	/* no need to prealloc */
535	break;	546	break;
		547	#endif /* WITHOUT_ED25519 */
536	case KEY_UNSPEC:	548	case KEY_UNSPEC:
537	break;	549	break;
538	default:	550	default:
Lines 581-590 sshkey_add_private(struct sshkey *k) Link Here
581	/* Cannot do anything until we know the group */	593	/* Cannot do anything until we know the group */
582	break;	594	break;
583	#endif /* WITH_OPENSSL */	595	#endif /* WITH_OPENSSL */
		596	#ifndef WITHOUT_ED25519
584	case KEY_ED25519:	597	case KEY_ED25519:
585	case KEY_ED25519_CERT:	598	case KEY_ED25519_CERT:
586	/* no need to prealloc */	599	/* no need to prealloc */
587	break;	600	break;
		601	#endif /* WITHOUT_ED25519 */
588	case KEY_UNSPEC:	602	case KEY_UNSPEC:
589	break;	603	break;
590	default:	604	default:
Lines 638-643 sshkey_free(struct sshkey *k) Link Here
638	break;	652	break;
639	# endif /* OPENSSL_HAS_ECC */	653	# endif /* OPENSSL_HAS_ECC */
640	#endif /* WITH_OPENSSL */	654	#endif /* WITH_OPENSSL */
		655	#ifndef WITHOUT_ED25519
641	case KEY_ED25519:	656	case KEY_ED25519:
642	case KEY_ED25519_CERT:	657	case KEY_ED25519_CERT:
643	if (k->ed25519_pk) {	658	if (k->ed25519_pk) {
Lines 651-656 sshkey_free(struct sshkey *k) Link Here
651	k->ed25519_sk = NULL;	666	k->ed25519_sk = NULL;
652	}	667	}
653	break;	668	break;
		669	#endif /* WITHOUT_ED25519 */
654	case KEY_UNSPEC:	670	case KEY_UNSPEC:
655	break;	671	break;
656	default:	672	default:
Lines 730-739 sshkey_equal_public(const struct sshkey Link Here
730	return 1;	746	return 1;
731	# endif /* OPENSSL_HAS_ECC */	747	# endif /* OPENSSL_HAS_ECC */
732	#endif /* WITH_OPENSSL */	748	#endif /* WITH_OPENSSL */
		749	#ifndef WITHOUT_ED25519
733	case KEY_ED25519:	750	case KEY_ED25519:
734	case KEY_ED25519_CERT:	751	case KEY_ED25519_CERT:
735	return a->ed25519_pk != NULL && b->ed25519_pk != NULL &&	752	return a->ed25519_pk != NULL && b->ed25519_pk != NULL &&
736	memcmp(a->ed25519_pk, b->ed25519_pk, ED25519_PK_SZ) == 0;	753	memcmp(a->ed25519_pk, b->ed25519_pk, ED25519_PK_SZ) == 0;
		754	#endif /* WITHOUT_ED25519 */
737	default:	755	default:
738	return 0;	756	return 0;
739	}	757	}
Lines 772-783 to_blob_buf(const struct sshkey *key, st Link Here
772	case KEY_ECDSA_CERT:	790	case KEY_ECDSA_CERT:
773	case KEY_RSA_CERT:	791	case KEY_RSA_CERT:
774	#endif /* WITH_OPENSSL */	792	#endif /* WITH_OPENSSL */
		793	#ifndef WITHOUT_ED25519
775	case KEY_ED25519_CERT:	794	case KEY_ED25519_CERT:
776	/* Use the existing blob */	795	/* Use the existing blob */
777	/* XXX modified flag? */	796	/* XXX modified flag? */
778	if ((ret = sshbuf_putb(b, key->cert->certblob)) != 0)	797	if ((ret = sshbuf_putb(b, key->cert->certblob)) != 0)
779	return ret;	798	return ret;
780	break;	799	break;
		800	#endif /* WITHOUT_ED25519 */
781	#ifdef WITH_OPENSSL	801	#ifdef WITH_OPENSSL
782	case KEY_DSA:	802	case KEY_DSA:
783	if (key->dsa == NULL)	803	if (key->dsa == NULL)
Lines 809-814 to_blob_buf(const struct sshkey *key, st Link Here
809	return ret;	829	return ret;
810	break;	830	break;
811	#endif /* WITH_OPENSSL */	831	#endif /* WITH_OPENSSL */
		832	#ifndef WITHOUT_ED25519
812	case KEY_ED25519:	833	case KEY_ED25519:
813	if (key->ed25519_pk == NULL)	834	if (key->ed25519_pk == NULL)
814	return SSH_ERR_INVALID_ARGUMENT;	835	return SSH_ERR_INVALID_ARGUMENT;
Lines 817-822 to_blob_buf(const struct sshkey *key, st Link Here
817	key->ed25519_pk, ED25519_PK_SZ)) != 0)	838	key->ed25519_pk, ED25519_PK_SZ)) != 0)
818	return ret;	839	return ret;
819	break;	840	break;
		841	#endif /* WITHOUT_ED25519 */
820	default:	842	default:
821	return SSH_ERR_KEY_TYPE_UNKNOWN;	843	return SSH_ERR_KEY_TYPE_UNKNOWN;
822	}	844	}
Lines 1290-1302 sshkey_read(struct sshkey ret, char *c Link Here
1290	case KEY_RSA:	1312	case KEY_RSA:
1291	case KEY_DSA:	1313	case KEY_DSA:
1292	case KEY_ECDSA:	1314	case KEY_ECDSA:
		1315	#ifndef WITHOUT_ED25519
1293	case KEY_ED25519:	1316	case KEY_ED25519:
		1317	#endif /* WITHOUT_ED25519 */
1294	case KEY_DSA_CERT_V00:	1318	case KEY_DSA_CERT_V00:
1295	case KEY_RSA_CERT_V00:	1319	case KEY_RSA_CERT_V00:
1296	case KEY_DSA_CERT:	1320	case KEY_DSA_CERT:
1297	case KEY_ECDSA_CERT:	1321	case KEY_ECDSA_CERT:
1298	case KEY_RSA_CERT:	1322	case KEY_RSA_CERT:
		1323	#ifndef WITHOUT_ED25519
1299	case KEY_ED25519_CERT:	1324	case KEY_ED25519_CERT:
		1325	#endif /* WITHOUT_ED25519 */
1300	space = strchr(cp, ' ');	1326	space = strchr(cp, ' ');
1301	if (space == NULL)	1327	if (space == NULL)
1302	return SSH_ERR_INVALID_FORMAT;	1328	return SSH_ERR_INVALID_FORMAT;
Lines 1388-1393 sshkey_read(struct sshkey ret, char *c Link Here
1388	}	1414	}
1389	# endif /* OPENSSL_HAS_ECC */	1415	# endif /* OPENSSL_HAS_ECC */
1390	#endif /* WITH_OPENSSL */	1416	#endif /* WITH_OPENSSL */
		1417	#ifndef WITHOUT_ED25519
1391	if (sshkey_type_plain(ret->type) == KEY_ED25519) {	1418	if (sshkey_type_plain(ret->type) == KEY_ED25519) {
1392	free(ret->ed25519_pk);	1419	free(ret->ed25519_pk);
1393	ret->ed25519_pk = k->ed25519_pk;	1420	ret->ed25519_pk = k->ed25519_pk;
Lines 1396-1401 sshkey_read(struct sshkey ret, char *c Link Here
1396	/* XXX */	1423	/* XXX */
1397	#endif	1424	#endif
1398	}	1425	}
		1426	#endif /* WITHOUT_ED25519 */
1399	retval = 0;	1427	retval = 0;
1400	/XXXX/	1428	/XXXX/
1401	sshkey_free(k);	1429	sshkey_free(k);
Lines 1459-1466 sshkey_write(const struct sshkey *key, F Link Here
1459	case KEY_RSA_CERT_V00:	1487	case KEY_RSA_CERT_V00:
1460	case KEY_RSA_CERT:	1488	case KEY_RSA_CERT:
1461	#endif /* WITH_OPENSSL */	1489	#endif /* WITH_OPENSSL */
		1490	#ifndef WITHOUT_ED25519
1462	case KEY_ED25519:	1491	case KEY_ED25519:
1463	case KEY_ED25519_CERT:	1492	case KEY_ED25519_CERT:
		1493	#endif /* WITHOUT_ED25519 */
1464	if ((bb = sshbuf_new()) == NULL) {	1494	if ((bb = sshbuf_new()) == NULL) {
1465	ret = SSH_ERR_ALLOC_FAIL;	1495	ret = SSH_ERR_ALLOC_FAIL;
1466	goto out;	1496	goto out;
Lines 1670-1676 sshkey_generate(int type, u_int bits, st Link Here
1670	if ((k = sshkey_new(KEY_UNSPEC)) == NULL)	1700	if ((k = sshkey_new(KEY_UNSPEC)) == NULL)
1671	return SSH_ERR_ALLOC_FAIL;	1701	return SSH_ERR_ALLOC_FAIL;
1672	switch (type) {	1702	switch (type) {
1673	case KEY_ED25519:	1703	#ifndef WITHOUT_ED25519
		1704	case KEY_ED25519:
1674	if ((k->ed25519_pk = malloc(ED25519_PK_SZ)) == NULL \|\|	1705	if ((k->ed25519_pk = malloc(ED25519_PK_SZ)) == NULL \|\|
1675	(k->ed25519_sk = malloc(ED25519_SK_SZ)) == NULL) {	1706	(k->ed25519_sk = malloc(ED25519_SK_SZ)) == NULL) {
1676	ret = SSH_ERR_ALLOC_FAIL;	1707	ret = SSH_ERR_ALLOC_FAIL;
Lines 1679-1684 sshkey_generate(int type, u_int bits, st Link Here
1679	crypto_sign_ed25519_keypair(k->ed25519_pk, k->ed25519_sk);	1710	crypto_sign_ed25519_keypair(k->ed25519_pk, k->ed25519_sk);
1680	ret = 0;	1711	ret = 0;
1681	break;	1712	break;
		1713	#endif /* WITHOUT_ED25519 */
1682	#ifdef WITH_OPENSSL	1714	#ifdef WITH_OPENSSL
1683	case KEY_DSA:	1715	case KEY_DSA:
1684	ret = dsa_generate_private_key(bits, &k->dsa);	1716	ret = dsa_generate_private_key(bits, &k->dsa);
Lines 1816-1821 sshkey_from_private(const struct sshkey Link Here
1816	}	1848	}
1817	break;	1849	break;
1818	#endif /* WITH_OPENSSL */	1850	#endif /* WITH_OPENSSL */
		1851	#ifndef WITHOUT_ED25519
1819	case KEY_ED25519:	1852	case KEY_ED25519:
1820	case KEY_ED25519_CERT:	1853	case KEY_ED25519_CERT:
1821	if ((n = sshkey_new(k->type)) == NULL)	1854	if ((n = sshkey_new(k->type)) == NULL)
Lines 1828-1833 sshkey_from_private(const struct sshkey Link Here
1828	memcpy(n->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ);	1861	memcpy(n->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ);
1829	}	1862	}
1830	break;	1863	break;
		1864	#endif /* WITHOUT_ED25519 */
1831	default:	1865	default:
1832	return SSH_ERR_KEY_TYPE_UNKNOWN;	1866	return SSH_ERR_KEY_TYPE_UNKNOWN;
1833	}	1867	}
Lines 2099-2104 sshkey_from_blob_internal(struct sshbuf Link Here
2099	break;	2133	break;
2100	# endif /* OPENSSL_HAS_ECC */	2134	# endif /* OPENSSL_HAS_ECC */
2101	#endif /* WITH_OPENSSL */	2135	#endif /* WITH_OPENSSL */
		2136	#ifndef WITHOUT_ED25519
2102	case KEY_ED25519_CERT:	2137	case KEY_ED25519_CERT:
2103	/* Skip nonce */	2138	/* Skip nonce */
2104	if (sshbuf_get_string_direct(b, NULL, NULL) != 0) {	2139	if (sshbuf_get_string_direct(b, NULL, NULL) != 0) {
Lines 2120-2125 sshkey_from_blob_internal(struct sshbuf Link Here
2120	key->ed25519_pk = pk;	2155	key->ed25519_pk = pk;
2121	pk = NULL;	2156	pk = NULL;
2122	break;	2157	break;
		2158	#endif /* WITHOUT_ED25519 */
2123	case KEY_UNSPEC:	2159	case KEY_UNSPEC:
2124	if ((key = sshkey_new(type)) == NULL) {	2160	if ((key = sshkey_new(type)) == NULL) {
2125	ret = SSH_ERR_ALLOC_FAIL;	2161	ret = SSH_ERR_ALLOC_FAIL;
Lines 2214-2222 sshkey_sign(const struct sshkey *key, Link Here
2214	case KEY_RSA:	2250	case KEY_RSA:
2215	return ssh_rsa_sign(key, sigp, lenp, data, datalen, compat);	2251	return ssh_rsa_sign(key, sigp, lenp, data, datalen, compat);
2216	#endif /* WITH_OPENSSL */	2252	#endif /* WITH_OPENSSL */
		2253	#ifndef WITHOUT_ED25519
2217	case KEY_ED25519:	2254	case KEY_ED25519:
2218	case KEY_ED25519_CERT:	2255	case KEY_ED25519_CERT:
2219	return ssh_ed25519_sign(key, sigp, lenp, data, datalen, compat);	2256	return ssh_ed25519_sign(key, sigp, lenp, data, datalen, compat);
		2257	#endif /* WITHOUT_ED25519 */
2220	default:	2258	default:
2221	return SSH_ERR_KEY_TYPE_UNKNOWN;	2259	return SSH_ERR_KEY_TYPE_UNKNOWN;
2222	}	2260	}
Lines 2248-2256 sshkey_verify(const struct sshkey *key, Link Here
2248	case KEY_RSA:	2286	case KEY_RSA:
2249	return ssh_rsa_verify(key, sig, siglen, data, dlen, compat);	2287	return ssh_rsa_verify(key, sig, siglen, data, dlen, compat);
2250	#endif /* WITH_OPENSSL */	2288	#endif /* WITH_OPENSSL */
		2289	#ifndef WITHOUT_ED25519
2251	case KEY_ED25519:	2290	case KEY_ED25519:
2252	case KEY_ED25519_CERT:	2291	case KEY_ED25519_CERT:
2253	return ssh_ed25519_verify(key, sig, siglen, data, dlen, compat);	2292	return ssh_ed25519_verify(key, sig, siglen, data, dlen, compat);
		2293	#endif /* WITHOUT_ED25519 */
2254	default:	2294	default:
2255	return SSH_ERR_KEY_TYPE_UNKNOWN;	2295	return SSH_ERR_KEY_TYPE_UNKNOWN;
2256	}	2296	}
Lines 2274-2281 sshkey_demote(const struct sshkey *k, st Link Here
2274	pk->dsa = NULL;	2314	pk->dsa = NULL;
2275	pk->ecdsa = NULL;	2315	pk->ecdsa = NULL;
2276	pk->rsa = NULL;	2316	pk->rsa = NULL;
		2317	#ifndef WITHOUT_ED25519
2277	pk->ed25519_pk = NULL;	2318	pk->ed25519_pk = NULL;
2278	pk->ed25519_sk = NULL;	2319	pk->ed25519_sk = NULL;
		2320	#endif /* WITHOUT_ED25519 */
2279		2321
2280	switch (k->type) {	2322	switch (k->type) {
2281	#ifdef WITH_OPENSSL	2323	#ifdef WITH_OPENSSL
Lines 2327-2332 sshkey_demote(const struct sshkey *k, st Link Here
2327	break;	2369	break;
2328	# endif /* OPENSSL_HAS_ECC */	2370	# endif /* OPENSSL_HAS_ECC */
2329	#endif /* WITH_OPENSSL */	2371	#endif /* WITH_OPENSSL */
		2372	#ifndef WITHOUT_ED25519
2330	case KEY_ED25519_CERT:	2373	case KEY_ED25519_CERT:
2331	if ((ret = sshkey_cert_copy(k, pk)) != 0)	2374	if ((ret = sshkey_cert_copy(k, pk)) != 0)
2332	goto fail;	2375	goto fail;
Lines 2340-2345 sshkey_demote(const struct sshkey *k, st Link Here
2340	memcpy(pk->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ);	2383	memcpy(pk->ed25519_pk, k->ed25519_pk, ED25519_PK_SZ);
2341	}	2384	}
2342	break;	2385	break;
		2386	#endif /* WITHOUT_ED25519 */
2343	default:	2387	default:
2344	ret = SSH_ERR_KEY_TYPE_UNKNOWN;	2388	ret = SSH_ERR_KEY_TYPE_UNKNOWN;
2345	fail:	2389	fail:
Lines 2370-2380 sshkey_to_certified(struct sshkey *k, in Link Here
2370	newtype = KEY_ECDSA_CERT;	2414	newtype = KEY_ECDSA_CERT;
2371	break;	2415	break;
2372	#endif /* WITH_OPENSSL */	2416	#endif /* WITH_OPENSSL */
		2417	#ifndef WITHOUT_ED25519
2373	case KEY_ED25519:	2418	case KEY_ED25519:
2374	if (legacy)	2419	if (legacy)
2375	return SSH_ERR_INVALID_ARGUMENT;	2420	return SSH_ERR_INVALID_ARGUMENT;
2376	newtype = KEY_ED25519_CERT;	2421	newtype = KEY_ED25519_CERT;
2377	break;	2422	break;
		2423	#endif /* WITHOUT_ED25519 */
2378	default:	2424	default:
2379	return SSH_ERR_INVALID_ARGUMENT;	2425	return SSH_ERR_INVALID_ARGUMENT;
2380	}	2426	}
Lines 2457-2467 sshkey_certify(struct sshkey *k, struct Link Here
2457	goto out;	2503	goto out;
2458	break;	2504	break;
2459	#endif /* WITH_OPENSSL */	2505	#endif /* WITH_OPENSSL */
		2506	#ifndef WITHOUT_ED25519
2460	case KEY_ED25519_CERT:	2507	case KEY_ED25519_CERT:
2461	if ((ret = sshbuf_put_string(cert,	2508	if ((ret = sshbuf_put_string(cert,
2462	k->ed25519_pk, ED25519_PK_SZ)) != 0)	2509	k->ed25519_pk, ED25519_PK_SZ)) != 0)
2463	goto out;	2510	goto out;
2464	break;	2511	break;
		2512	#endif /* WITHOUT_ED25519 */
2465	default:	2513	default:
2466	ret = SSH_ERR_INVALID_ARGUMENT;	2514	ret = SSH_ERR_INVALID_ARGUMENT;
2467	goto out;	2515	goto out;
Lines 2656-2661 sshkey_private_serialize(const struct ss Link Here
2656	break;	2704	break;
2657	# endif /* OPENSSL_HAS_ECC */	2705	# endif /* OPENSSL_HAS_ECC */
2658	#endif /* WITH_OPENSSL */	2706	#endif /* WITH_OPENSSL */
		2707	#ifndef WITHOUT_ED25519
2659	case KEY_ED25519:	2708	case KEY_ED25519:
2660	if ((r = sshbuf_put_string(b, key->ed25519_pk,	2709	if ((r = sshbuf_put_string(b, key->ed25519_pk,
2661	ED25519_PK_SZ)) != 0 \|\|	2710	ED25519_PK_SZ)) != 0 \|\|
Lines 2675-2680 sshkey_private_serialize(const struct ss Link Here
2675	ED25519_SK_SZ)) != 0)	2724	ED25519_SK_SZ)) != 0)
2676	goto out;	2725	goto out;
2677	break;	2726	break;
		2727	#endif /* WITHOUT_ED25519 */
2678	default:	2728	default:
2679	r = SSH_ERR_INVALID_ARGUMENT;	2729	r = SSH_ERR_INVALID_ARGUMENT;
2680	goto out;	2730	goto out;
Lines 2801-2806 sshkey_private_deserialize(struct sshbuf Link Here
2801	goto out;	2851	goto out;
2802	break;	2852	break;
2803	#endif /* WITH_OPENSSL */	2853	#endif /* WITH_OPENSSL */
		2854	#ifndef WITHOUT_ED25519
2804	case KEY_ED25519:	2855	case KEY_ED25519:
2805	if ((k = sshkey_new_private(type)) == NULL) {	2856	if ((k = sshkey_new_private(type)) == NULL) {
2806	r = SSH_ERR_ALLOC_FAIL;	2857	r = SSH_ERR_ALLOC_FAIL;
Lines 2831-2836 sshkey_private_deserialize(struct sshbuf Link Here
2831	k->ed25519_sk = ed25519_sk;	2882	k->ed25519_sk = ed25519_sk;
2832	ed25519_pk = ed25519_sk = NULL;	2883	ed25519_pk = ed25519_sk = NULL;
2833	break;	2884	break;
		2885	#endif /* WITHOUT_ED25519 */
2834	default:	2886	default:
2835	r = SSH_ERR_KEY_TYPE_UNKNOWN;	2887	r = SSH_ERR_KEY_TYPE_UNKNOWN;
2836	goto out;	2888	goto out;
Lines 3590-3598 sshkey_private_to_fileblob(struct sshkey Link Here
3590	return sshkey_private_pem_to_blob(key, blob,	3642	return sshkey_private_pem_to_blob(key, blob,
3591	passphrase, comment);	3643	passphrase, comment);
3592	#endif /* WITH_OPENSSL */	3644	#endif /* WITH_OPENSSL */
		3645	#ifndef WITHOUT_ED25519
3593	case KEY_ED25519:	3646	case KEY_ED25519:
3594	return sshkey_private_to_blob2(key, blob, passphrase,	3647	return sshkey_private_to_blob2(key, blob, passphrase,
3595	comment, new_format_cipher, new_format_rounds);	3648	comment, new_format_cipher, new_format_rounds);
		3649	#endif /* WITHOUT_ED25519 */
3596	default:	3650	default:
3597	return SSH_ERR_KEY_TYPE_UNKNOWN;	3651	return SSH_ERR_KEY_TYPE_UNKNOWN;
3598	}	3652	}
Lines 3898-3906 sshkey_parse_private_fileblob_type(struc Link Here
3898	return sshkey_parse_private_pem_fileblob(blob, type,	3952	return sshkey_parse_private_pem_fileblob(blob, type,
3899	passphrase, keyp);	3953	passphrase, keyp);
3900	#endif /* WITH_OPENSSL */	3954	#endif /* WITH_OPENSSL */
		3955	#ifndef WITHOUT_ED25519
3901	case KEY_ED25519:	3956	case KEY_ED25519:
3902	return sshkey_parse_private2(blob, type, passphrase,	3957	return sshkey_parse_private2(blob, type, passphrase,
3903	keyp, commentp);	3958	keyp, commentp);
		3959	#endif /* WITHOUT_ED25519 */
3904	case KEY_UNSPEC:	3960	case KEY_UNSPEC:
3905	if ((r = sshkey_parse_private2(blob, type, passphrase, keyp,	3961	if ((r = sshkey_parse_private2(blob, type, passphrase, keyp,
3906	commentp)) == 0)	3962	commentp)) == 0)

Lines 57-67 enum sshkey_types { Link Here

(-)old/sshkey.h (+10 lines)
57	KEY_RSA,	57	KEY_RSA,
58	KEY_DSA,	58	KEY_DSA,
59	KEY_ECDSA,	59	KEY_ECDSA,
		60	#ifndef WITHOUT_ED25519
60	KEY_ED25519,	61	KEY_ED25519,
		62	#endif /* WITHOUT_ED25519 */
61	KEY_RSA_CERT,	63	KEY_RSA_CERT,
62	KEY_DSA_CERT,	64	KEY_DSA_CERT,
63	KEY_ECDSA_CERT,	65	KEY_ECDSA_CERT,
		66	#ifndef WITHOUT_ED25519
64	KEY_ED25519_CERT,	67	KEY_ED25519_CERT,
		68	#endif /* WITHOUT_ED25519 */
65	KEY_RSA_CERT_V00,	69	KEY_RSA_CERT_V00,
66	KEY_DSA_CERT_V00,	70	KEY_DSA_CERT_V00,
67	KEY_UNSPEC	71	KEY_UNSPEC
Lines 105-117 struct sshkey { Link Here
105	DSA *dsa;	109	DSA *dsa;
106	int ecdsa_nid; /* NID of curve */	110	int ecdsa_nid; /* NID of curve */
107	EC_KEY *ecdsa;	111	EC_KEY *ecdsa;
		112	#ifndef WITHOUT_ED25519
108	u_char *ed25519_sk;	113	u_char *ed25519_sk;
109	u_char *ed25519_pk;	114	u_char *ed25519_pk;
		115	#endif /* WITHOUT_ED25519 */
110	struct sshkey_cert *cert;	116	struct sshkey_cert *cert;
111	};	117	};
112		118
		119	#ifndef WITHOUT_ED25519
113	#define ED25519_SK_SZ crypto_sign_ed25519_SECRETKEYBYTES	120	#define ED25519_SK_SZ crypto_sign_ed25519_SECRETKEYBYTES
114	#define ED25519_PK_SZ crypto_sign_ed25519_PUBLICKEYBYTES	121	#define ED25519_PK_SZ crypto_sign_ed25519_PUBLICKEYBYTES
		122	#endif /* WITHOUT_ED25519 */
115		123
116	struct sshkey *sshkey_new(int);	124	struct sshkey *sshkey_new(int);
117	int sshkey_add_private(struct sshkey *);	125	int sshkey_add_private(struct sshkey *);
Lines 209-219 int ssh_ecdsa_sign(const struct sshkey * Link Here
209	int ssh_ecdsa_verify(const struct sshkey *key,	217	int ssh_ecdsa_verify(const struct sshkey *key,
210	const u_char *signature, size_t signaturelen,	218	const u_char *signature, size_t signaturelen,
211	const u_char *data, size_t datalen, u_int compat);	219	const u_char *data, size_t datalen, u_int compat);
		220	#ifndef WITHOUT_ED25519
212	int ssh_ed25519_sign(const struct sshkey key, u_char sigp, size_t lenp,	221	int ssh_ed25519_sign(const struct sshkey key, u_char sigp, size_t lenp,
213	const u_char *data, size_t datalen, u_int compat);	222	const u_char *data, size_t datalen, u_int compat);
214	int ssh_ed25519_verify(const struct sshkey *key,	223	int ssh_ed25519_verify(const struct sshkey *key,
215	const u_char *signature, size_t signaturelen,	224	const u_char *signature, size_t signaturelen,
216	const u_char *data, size_t datalen, u_int compat);	225	const u_char *data, size_t datalen, u_int compat);
		226	#endif /* WITHOUT_ED25519 */
217	#endif	227	#endif
218		228
219	#if !defined(WITH_OPENSSL)	229	#if !defined(WITH_OPENSSL)