From 1dc27c58a7571ac2be63e31b63acfe3eaf61f561 Mon Sep 17 00:00:00 2001
From: Niall Sheridan <nsheridan@gmail.com>
Date: Mon, 27 Jun 2016 23:33:36 +0100
Subject: [PATCH] Updated agent lib accepts *ed25519.PrivateKey

---
 cmd/cashier/keys.go                           |  2 +-
 .../golang.org/x/crypto/ssh/agent/client.go   |  8 ++---
 .../golang.org/x/crypto/ssh/agent/server.go   | 31 +++++++++++++++++++
 vendor/vendor.json                            | 10 +++---
 4 files changed, 41 insertions(+), 10 deletions(-)

diff --git a/cmd/cashier/keys.go b/cmd/cashier/keys.go
index a2f95e95..ac0a9f7e 100644
--- a/cmd/cashier/keys.go
+++ b/cmd/cashier/keys.go
@@ -31,7 +31,7 @@ func generateED25519Key(bits int) (key, ssh.PublicKey, error) {
 	if err != nil {
 		return nil, nil, err
 	}
-	return k, pub, nil
+	return &k, pub, nil
 }
 
 func generateRSAKey(bits int) (key, ssh.PublicKey, error) {
diff --git a/vendor/golang.org/x/crypto/ssh/agent/client.go b/vendor/golang.org/x/crypto/ssh/agent/client.go
index 6d1dca5e..ecfd7c58 100644
--- a/vendor/golang.org/x/crypto/ssh/agent/client.go
+++ b/vendor/golang.org/x/crypto/ssh/agent/client.go
@@ -536,7 +536,7 @@ type ed25519CertMsg struct {
 	Constraints []byte `ssh:"rest"`
 }
 
-// Insert adds a private key to the agent. If a certificate is given,
+// Add adds a private key to the agent. If a certificate is given,
 // that certificate is added instead as public key.
 func (c *client) Add(key AddedKey) error {
 	var constraints []byte
@@ -594,12 +594,12 @@ func (c *client) insertCert(s interface{}, cert *ssh.Certificate, comment string
 			Comments:    comment,
 			Constraints: constraints,
 		})
-	case ed25519.PrivateKey:
+	case *ed25519.PrivateKey:
 		req = ssh.Marshal(ed25519CertMsg{
 			Type:        cert.Type(),
 			CertBytes:   cert.Marshal(),
-			Pub:         []byte(k)[32:],
-			Priv:        []byte(k),
+			Pub:         []byte(*k)[32:],
+			Priv:        []byte(*k),
 			Comments:    comment,
 			Constraints: constraints,
 		})
diff --git a/vendor/golang.org/x/crypto/ssh/agent/server.go b/vendor/golang.org/x/crypto/ssh/agent/server.go
index c562fa6e..092fd8f9 100644
--- a/vendor/golang.org/x/crypto/ssh/agent/server.go
+++ b/vendor/golang.org/x/crypto/ssh/agent/server.go
@@ -16,6 +16,7 @@ import (
 	"log"
 	"math/big"
 
+	"golang.org/x/crypto/ed25519"
 	"golang.org/x/crypto/ssh"
 )
 
@@ -175,6 +176,15 @@ func parseRSAKey(req []byte) (*AddedKey, error) {
 	return &AddedKey{PrivateKey: priv, Comment: k.Comments}, nil
 }
 
+func parseEd25519Key(req []byte) (*AddedKey, error) {
+	var k ed25519KeyMsg
+	if err := ssh.Unmarshal(req, &k); err != nil {
+		return nil, err
+	}
+	priv := ed25519.PrivateKey(k.Priv)
+	return &AddedKey{PrivateKey: &priv, Comment: k.Comments}, nil
+}
+
 func parseDSAKey(req []byte) (*AddedKey, error) {
 	var k dsaKeyMsg
 	if err := ssh.Unmarshal(req, &k); err != nil {
@@ -219,6 +229,23 @@ func unmarshalECDSA(curveName string, keyBytes []byte, privScalar *big.Int) (pri
 	return priv, nil
 }
 
+func parseEd25519Cert(req []byte) (*AddedKey, error) {
+	var k ed25519CertMsg
+	if err := ssh.Unmarshal(req, &k); err != nil {
+		return nil, err
+	}
+	pubKey, err := ssh.ParsePublicKey(k.CertBytes)
+	if err != nil {
+		return nil, err
+	}
+	priv := ed25519.PrivateKey(k.Priv)
+	cert, ok := pubKey.(*ssh.Certificate)
+	if !ok {
+		return nil, errors.New("agent: bad ED25519 certificate")
+	}
+	return &AddedKey{PrivateKey: &priv, Certificate: cert, Comment: k.Comments}, nil
+}
+
 func parseECDSAKey(req []byte) (*AddedKey, error) {
 	var k ecdsaKeyMsg
 	if err := ssh.Unmarshal(req, &k); err != nil {
@@ -367,12 +394,16 @@ func (s *server) insertIdentity(req []byte) error {
 		addedKey, err = parseDSAKey(req)
 	case ssh.KeyAlgoECDSA256, ssh.KeyAlgoECDSA384, ssh.KeyAlgoECDSA521:
 		addedKey, err = parseECDSACert(req)
+	case ssh.KeyAlgoED25519:
+		addedKey, err = parseEd25519Key(req)
 	case ssh.CertAlgoRSAv01:
 		addedKey, err = parseRSACert(req)
 	case ssh.CertAlgoDSAv01:
 		addedKey, err = parseDSACert(req)
 	case ssh.CertAlgoECDSA256v01, ssh.CertAlgoECDSA384v01, ssh.CertAlgoECDSA521v01:
 		addedKey, err = parseECDSACert(req)
+	case ssh.CertAlgoED25519v01:
+		addedKey, err = parseEd25519Cert(req)
 	default:
 		return fmt.Errorf("agent: not implemented: %q", record.Type)
 	}
diff --git a/vendor/vendor.json b/vendor/vendor.json
index 0c5e8c93..59b1be34 100644
--- a/vendor/vendor.json
+++ b/vendor/vendor.json
@@ -364,14 +364,14 @@
 		{
 			"checksumSHA1": "3dxfePz1LkJB7x0nIiTI88o/fFY=",
 			"path": "golang.org/x/crypto/ssh",
-			"revision": "5bcd134fee4dd1475da17714aac19c0aa0142e2f",
-			"revisionTime": "2016-05-16T23:05:56Z"
+			"revision": "811831de4c4dd03a0b8737233af3b36852386373",
+			"revisionTime": "2016-06-21T01:10:02Z"
 		},
 		{
-			"checksumSHA1": "EcKMEjHXZnW85PGnmiVGLknf8HU=",
+			"checksumSHA1": "pSECJ5r90CMX5V05qPZnJhi2zso=",
 			"path": "golang.org/x/crypto/ssh/agent",
-			"revision": "89d9e62992539701a49a19c52ebb33e84cbbe80f",
-			"revisionTime": "2016-06-03T20:06:38Z"
+			"revision": "811831de4c4dd03a0b8737233af3b36852386373",
+			"revisionTime": "2016-06-21T01:10:02Z"
 		},
 		{
 			"checksumSHA1": "9jjO5GjLa0XF/nfWihF02RoH4qc=",
-- 
GitLab