Support public keys using the "ssh-ed25519" method.

[PuTTY.git] / sshecdsag.c

diff --git a/sshecdsag.c b/sshecdsag.c
index 4bd9e8f74a394bc1e0fd02094d6d9bdae4d3b854..61376d886047fc13fe878f4a9881355db6b2561b 100644 (file)
--- a/sshecdsag.c
+++ b/sshecdsag.c
@@ -39,3 +39,41 @@ int ec_generate(struct ec_key *key, int bits, progfn_t pfn,
 
     return 1;
 }
+
+int ec_edgenerate(struct ec_key *key, int bits, progfn_t pfn,
+                  void *pfnparam)
+{
+    struct ec_point *publicKey;
+
+    if (bits == 256) {
+        key->publicKey.curve = ec_ed25519();
+    } else {
+        return 0;
+    }
+
+    {
+        /* EdDSA secret keys are just 32 bytes of hash preimage; the
+         * 64-byte SHA-512 hash of that key will be used when signing,
+         * but the form of the key stored on disk is the preimage
+         * only. */
+        Bignum privMax = bn_power_2(bits);
+        if (!privMax) return 0;
+        key->privateKey = bignum_random_in_range(Zero, privMax);
+        freebn(privMax);
+        if (!key->privateKey) return 0;
+    }
+
+    publicKey = ec_public(key->privateKey, key->publicKey.curve);
+    if (!publicKey) {
+        freebn(key->privateKey);
+        key->privateKey = NULL;
+        return 0;
+    }
+
+    key->publicKey.x = publicKey->x;
+    key->publicKey.y = publicKey->y;
+    key->publicKey.z = NULL;
+    sfree(publicKey);
+
+    return 1;
+}