From 619724652b1aa77045722d87019e46cc23e3c492 Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Fri, 10 May 2024 11:30:58 -0700
Subject: [PATCH] Add Ed25519

1. Add testing key for user barney.
2. Remove some instances of the incorrect macro guard WOLFSSH_NO_ECC. We
   deal in ECDSA or ECDHE separately only.
3. Add WIP function for decoding the OpenSSH format Ed25519 key.
---
 src/internal.c     | 41 ++++++++++++++++++++++++++++++++++++++---
 wolfssh/internal.h |  3 +--
 2 files changed, 39 insertions(+), 5 deletions(-)

diff --git a/src/internal.c b/src/internal.c
index d82fdd7fe..789729c6c 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -1375,8 +1375,7 @@ static int GetOpenSshKeyRsa(RsaKey* key,
 }
 #endif
 
-
-#if !defined(WOLFSSH_NO_ECDSA) && !defined(WOLFSSH_NO_ECC)
+#ifndef WOLFSSH_NO_ECDSA
 /*
  * Utility for GetOpenSshKey() to read in ECDSA keys.
  */
@@ -1406,6 +1405,35 @@ static int GetOpenSshKeyEcc(ecc_key* key,
 }
 #endif
 
+#ifndef WOLFSSH_NO_ED25519
+/*
+ * Utility for GetOpenSshKey() to read in Ed25519 keys.
+ */
+static int GetOpenSshKeyEd25519(ed25519_key* key,
+        const byte* buf, word32 len, word32* idx)
+{
+    const byte *name = NULL, *priv = NULL, *pub = NULL;
+    word32 nameSz = 0, privSz = 0, pubSz = 0;
+    int ret;
+
+    ret = wc_ed25519_init_ex(key, ssh->ctx->heap, INVALID_DEVID);
+    if (ret == WS_SUCCESS)
+        ret = GetStringRef(&nameSz, &name, buf, len, idx); /* curve name */
+    if (ret == WS_SUCCESS)
+        ret = GetStringRef(&pubSz, &pub, buf, len, idx); /* ENC(A) */
+    if (ret == WS_SUCCESS)
+        ret = GetMpint(&privSz, &priv, buf, len, idx); /* k || ENC(A) */
+
+    if (ret == WS_SUCCESS)
+        ret = wc_ecc_import_private_key_ex(priv, privSz, pub, pubSz,
+                key, ECC_CURVE_DEF);
+
+    if (ret != WS_SUCCESS)
+        ret = WS_ECC_E;
+
+    return ret;
+}
+#endif
 /*
  * Decodes an OpenSSH format key.
  */
@@ -1488,11 +1516,18 @@ static int GetOpenSshKey(WS_KeySignature *key,
                                         str, strSz, &subIdx);
                                 break;
                         #endif
-                        #if !defined(WOLFSSH_NO_ECDSA) && !defined(WOLFSSH_NO_ECC)
+                        #ifndef WOLFSSH_NO_ECDSA
                             case ID_ECDSA_SHA2_NISTP256:
+                            case ID_ECDSA_SHA2_NISTP384:
+                            case ID_ECDSA_SHA2_NISTP521:
                                 ret = GetOpenSshKeyEcc(&key->ks.ecc.key,
                                         str, strSz, &subIdx);
                                 break;
+                        #endif
+                        #ifndef WOLFSSH_NO_ED25519
+                                ret = GetOpenSshKeyEd25519(&key->ks.ed25519.key,
+                                        str, strSz, &subIdx);
+                                break;
                         #endif
                             default:
                                 ret = WS_UNIMPLEMENTED_E;
diff --git a/wolfssh/internal.h b/wolfssh/internal.h
index a7f854071..e617a4cf7 100644
--- a/wolfssh/internal.h
+++ b/wolfssh/internal.h
@@ -239,8 +239,7 @@ extern "C" {
 #endif
 #if defined(WOLFSSH_NO_ECDSA_SHA2_NISTP256) && \
     defined(WOLFSSH_NO_ECDSA_SHA2_NISTP384) && \
-    defined(WOLFSSH_NO_ECDSA_SHA2_NISTP521) && \
-    !defined(HAVE_ED25519)
+    defined(WOLFSSH_NO_ECDSA_SHA2_NISTP521)
     #undef WOLFSSH_NO_ECDSA
     #define WOLFSSH_NO_ECDSA
 #endif