commit 44600f40d623d815fd089eb071e13c6eb2bffc22
author roman <xjanot04@fit.vutbr.cz> Fri Apr 28 15:54:27 2023 +0200
committer Michal Vasko <mvasko@cesnet.cz> Fri Nov 03 15:03:11 2023 +0100
tree ab82ec1305463be833624dd846418c5272f1f72b
parent 456f92d0e6d2b7590028461575a8e0558079dc08

server ssh UPDATE client auth with ED25519 keys

src/config_new.c

diff --git a/src/config_new.c b/src/config_new.c
index f8db1da..e08c58d 100644
--- a/src/config_new.c
+++ b/src/config_new.c
@@ -251,6 +251,8 @@
         ret = lyd_new_term(new_tree, NULL, "private-key-format", "ietf-crypto-types:rsa-private-key-format", 0, NULL);
     } else if (EVP_PKEY_is_a(priv_pkey, "EC")) {
         ret = lyd_new_term(new_tree, NULL, "private-key-format", "ietf-crypto-types:ec-private-key-format", 0, NULL);
+    } else if (EVP_PKEY_is_a(priv_pkey, "ED25519")) {
+        ret = lyd_new_term(new_tree, NULL, "private-key-format", "libnetconf2-netconf-server:ed25519-private-key-format", 0, NULL);
     } else {
         ERR(NULL, "Private key type not supported.");
         ret = 1;
@@ -619,6 +621,8 @@
         start += strlen("ecdsa-sha2-nistp384 ");
     } else if (!strncmp(buffer, "ecdsa-sha2-nistp521 ", 20)) {
         start += strlen("ecdsa-sha2-nistp521 ");
+    } else if (!strncmp(buffer, "ssh-ed25519 ", 12)) {
+        start += strlen("ssh-ed25519 ");
     } else {
         ERR(NULL, "Unknown public key type.");
         ret = 1;

src/server_config.c

diff --git a/src/server_config.c b/src/server_config.c
index 9d4479d..16a635e 100644
--- a/src/server_config.c
+++ b/src/server_config.c
@@ -1178,6 +1178,8 @@
             hostkey->key.privkey_type = NC_SSH_KEY_RSA;
         } else if (!strcmp(format, "ec-private-key-format")) {
             hostkey->key.privkey_type = NC_SSH_KEY_ECDSA;
+        } else if (!strcmp(format, "ed25519-private-key-format")) {
+            hostkey->key.privkey_type = NC_SSH_KEY_ED25519;
         } else {
             ERR(NULL, "Private key format (%s) not supported.", format);
         }

src/session.c

diff --git a/src/session.c b/src/session.c
index d5d4886..91f996e 100644
--- a/src/session.c
+++ b/src/session.c
@@ -131,6 +131,8 @@
         return "ECDSA_P384";
     case NC_SSH_KEY_ECDSA_P521:
         return "ECDSA_P521";
+    case NC_SSH_KEY_ED25519:
+        return NULL;
     default:
         break;
     }

src/session.h

diff --git a/src/session.h b/src/session.h
index d487ea4..aab4cac 100644
--- a/src/session.h
+++ b/src/session.h
@@ -119,7 +119,8 @@
     NC_SSH_KEY_ECDSA,       /**< only for private key */
     NC_SSH_KEY_ECDSA_P256,
     NC_SSH_KEY_ECDSA_P384,
-    NC_SSH_KEY_ECDSA_P521
+    NC_SSH_KEY_ECDSA_P521,
+    NC_SSH_KEY_ED25519
 } NC_SSH_KEY_TYPE;
 
 /**