server: Add support for ed25519 keys in the server.

Signed-off-by: Aris Adamantiadis <aris@0xbadc0de.be>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>

include/libssh/bind.h

@@ -36,9 +36,11 @@ struct ssh_bind_struct {
   char *ecdsakey;
   char *dsakey;
   char *rsakey;
+  char *ed25519key;
   ssh_key ecdsa;
   ssh_key dsa;
   ssh_key rsa;
+  ssh_key ed25519;
   char *bindaddr;
   socket_t bindfd;
   unsigned int bindport;

include/libssh/session.h

@@ -156,7 +156,7 @@ struct ssh_session_struct {
         ssh_key rsa_key;
         ssh_key dsa_key;
         ssh_key ecdsa_key;
-
+        ssh_key ed25519_key;
         /* The type of host key wanted by client */
         enum ssh_keytypes_e hostkey;
     } srv;

src/bind.c

@@ -365,6 +365,7 @@ void ssh_bind_free(ssh_bind sshbind){
   SAFE_FREE(sshbind->dsakey);
   SAFE_FREE(sshbind->rsakey);
   SAFE_FREE(sshbind->ecdsakey);
+  SAFE_FREE(sshbind->ed25519key);
 
   ssh_key_free(sshbind->dsa);
   sshbind->dsa = NULL;
@@ -372,6 +373,8 @@ void ssh_bind_free(ssh_bind sshbind){
   sshbind->rsa = NULL;
   ssh_key_free(sshbind->ecdsa);
   sshbind->ecdsa = NULL;
+  ssh_key_free(sshbind->ed25519);
+  sshbind->ed25519 = NULL;
 
   for (i = 0; i < 10; i++) {
     if (sshbind->wanted_methods[i]) {
@@ -459,6 +462,14 @@ int ssh_bind_accept_fd(ssh_bind sshbind, ssh_session session, socket_t fd){
           return SSH_ERROR;
         }
     }
+    if (sshbind->ed25519 != NULL) {
+        session->srv.ed25519_key = ssh_key_dup(sshbind->ed25519);
+        if (session->srv.ed25519_key == NULL){
+            ssh_set_error_oom(sshbind);
+            return SSH_ERROR;
+        }
+    }
+
     /* force PRNG to change state in case we fork after ssh_bind_accept */
     ssh_reseed();
     return SSH_OK;

src/options.c

@@ -1436,6 +1436,10 @@ int ssh_bind_options_set(ssh_bind sshbind, enum ssh_bind_options_e type,
               bind_key_loc = &sshbind->rsa;
               bind_key_path_loc = &sshbind->rsakey;
               break;
+          case SSH_KEYTYPE_ED25519:
+		  bind_key_loc = &sshbind->ed25519;
+		  bind_key_path_loc = &sshbind->ed25519key;
+		  break;
           default:
               ssh_set_error(sshbind,
                             SSH_FATAL,

src/server.c

@@ -94,10 +94,17 @@ static int server_set_kex(ssh_session session) {
   ZERO_STRUCTP(server);
   ssh_get_random(server->cookie, 16, 0);
 
+  if (session->srv.ed25519_key != NULL) {
+      snprintf(hostkeys,
+               sizeof(hostkeys),
+               "%s",
+               ssh_key_type_to_char(ssh_key_type(session->srv.ed25519_key)));
+  }
 #ifdef HAVE_ECC
   if (session->srv.ecdsa_key != NULL) {
-      snprintf(hostkeys, sizeof(hostkeys),
-               "%s", session->srv.ecdsa_key->type_c);
+	  len = strlen(hostkeys);
+      snprintf(hostkeys + len, sizeof(hostkeys) - len,
+               ",%s", session->srv.ecdsa_key->type_c);
   }
 #endif
   if (session->srv.dsa_key != NULL) {
@@ -225,6 +232,9 @@ int ssh_get_key_params(ssh_session session, ssh_key *privkey){
       case SSH_KEYTYPE_ECDSA:
         *privkey = session->srv.ecdsa_key;
         break;
+      case SSH_KEYTYPE_ED25519:
+	*privkey = session->srv.ed25519_key;
+	break;
       case SSH_KEYTYPE_UNKNOWN:
       default:
         *privkey = NULL;

src/session.c

@@ -231,6 +231,8 @@ void ssh_free(ssh_session session) {
   session->srv.rsa_key = NULL;
   ssh_key_free(session->srv.ecdsa_key);
   session->srv.ecdsa_key = NULL;
+  ssh_key_free(session->srv.ed25519_key);
+  session->srv.ed25519_key = NULL;
 
   if (session->ssh_message_list) {
       ssh_message msg;