botan: Add support for Ed25519 keys
authorTobias Brunner <tobias@strongswan.org>
Mon, 22 Oct 2018 15:55:13 +0000 (17:55 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 26 Oct 2018 09:06:45 +0000 (11:06 +0200)
scripts/test.sh
src/libstrongswan/plugins/botan/Makefile.am
src/libstrongswan/plugins/botan/botan_ed_private_key.c [new file with mode: 0644]
src/libstrongswan/plugins/botan/botan_ed_private_key.h [new file with mode: 0644]
src/libstrongswan/plugins/botan/botan_ed_public_key.c [new file with mode: 0644]
src/libstrongswan/plugins/botan/botan_ed_public_key.h [new file with mode: 0644]
src/libstrongswan/plugins/botan/botan_plugin.c
src/libstrongswan/plugins/botan/botan_util_keys.c
src/libstrongswan/utils/leak_detective.c

index 1f90b7d..fbb09e2 100755 (executable)
@@ -80,7 +80,7 @@ gcrypt)
        DEPS="libgcrypt11-dev"
        ;;
 botan)
-       CONFIG="--disable-defaults --enable-pki --enable-botan"
+       CONFIG="--disable-defaults --enable-pki --enable-botan --enable-pem"
        # we can't use the old package that comes with Ubuntu so we build from
        # the current master until 2.8.0 is released and then probably switch to
        # that unless we need newer features (at least 2.7.0 plus PKCS#1 patch is
index c116014..6e5af36 100644 (file)
@@ -23,6 +23,8 @@ libstrongswan_botan_la_SOURCES = \
        botan_ec_diffie_hellman.h botan_ec_diffie_hellman.c \
        botan_ec_public_key.h botan_ec_public_key.c \
        botan_ec_private_key.h botan_ec_private_key.c \
+       botan_ed_public_key.h botan_ed_public_key.c \
+       botan_ed_private_key.h botan_ed_private_key.c \
        botan_util.h botan_util.c \
        botan_util_keys.h botan_util_keys.c \
        botan_gcm.h botan_gcm.c \
diff --git a/src/libstrongswan/plugins/botan/botan_ed_private_key.c b/src/libstrongswan/plugins/botan/botan_ed_private_key.c
new file mode 100644 (file)
index 0000000..3f0f542
--- /dev/null
@@ -0,0 +1,279 @@
+/*
+ * Copyright (C) 2018 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "botan_ed_private_key.h"
+#include "botan_ed_public_key.h"
+#include "botan_util.h"
+
+#include <botan/build.h>
+
+#ifdef BOTAN_HAS_ED25519
+
+#include <asn1/asn1.h>
+#include <utils/debug.h>
+
+typedef struct private_private_key_t private_private_key_t;
+
+#define ED25519_KEY_LEN 32
+
+/**
+ * Private data
+ */
+struct private_private_key_t {
+
+       /**
+        * Public interface
+        */
+       private_key_t public;
+
+       /**
+        * Botan private key object
+        */
+       botan_privkey_t key;
+
+       /**
+        * Reference count
+        */
+       refcount_t ref;
+};
+
+METHOD(private_key_t, sign, bool,
+       private_private_key_t *this, signature_scheme_t scheme,
+       void *params, chunk_t data, chunk_t *signature)
+{
+       switch (scheme)
+       {
+               case SIGN_ED25519:
+                       return botan_get_signature(this->key, "Pure", data, signature);
+               default:
+                       DBG1(DBG_LIB, "signature scheme %N not supported via botan",
+                                signature_scheme_names, scheme);
+                       return FALSE;
+       }
+}
+
+METHOD(private_key_t, decrypt, bool,
+       private_private_key_t *this, encryption_scheme_t scheme,
+       chunk_t crypto, chunk_t *plain)
+{
+       DBG1(DBG_LIB, "EdDSA private key decryption not implemented");
+       return FALSE;
+}
+
+METHOD(private_key_t, get_keysize, int,
+       private_private_key_t *this)
+{
+       return ED25519_KEY_LEN * 8;
+}
+
+METHOD(private_key_t, get_type, key_type_t,
+       private_private_key_t *this)
+{
+       return KEY_ED25519;
+}
+
+METHOD(private_key_t, get_public_key, public_key_t*,
+       private_private_key_t *this)
+{
+       botan_pubkey_t pubkey;
+
+       if (botan_privkey_export_pubkey(&pubkey, this->key))
+       {
+               return NULL;
+       }
+       return botan_ed_public_key_adopt(pubkey);
+}
+
+METHOD(private_key_t, get_fingerprint, bool,
+       private_private_key_t *this, cred_encoding_type_t type,
+       chunk_t *fingerprint)
+{
+       botan_pubkey_t pubkey;
+       bool success = FALSE;
+
+       /* check the cache before doing the export */
+       if (lib->encoding->get_cache(lib->encoding, type, this, fingerprint))
+       {
+               return TRUE;
+       }
+
+       if (botan_privkey_export_pubkey(&pubkey, this->key))
+       {
+               return FALSE;
+       }
+       success = botan_get_fingerprint(pubkey, this, type, fingerprint);
+       botan_pubkey_destroy(pubkey);
+       return success;
+}
+
+METHOD(private_key_t, get_encoding, bool,
+       private_private_key_t *this, cred_encoding_type_t type,
+       chunk_t *encoding)
+{
+       return botan_get_privkey_encoding(this->key, type, encoding);
+}
+
+METHOD(private_key_t, get_ref, private_key_t*,
+       private_private_key_t *this)
+{
+       ref_get(&this->ref);
+       return &this->public;
+}
+
+METHOD(private_key_t, destroy, void,
+       private_private_key_t *this)
+{
+       if (ref_put(&this->ref))
+       {
+               lib->encoding->clear_cache(lib->encoding, this);
+               botan_privkey_destroy(this->key);
+               free(this);
+       }
+}
+
+/**
+ * Internal generic constructor
+ */
+static private_private_key_t *create_empty()
+{
+       private_private_key_t *this;
+
+       INIT(this,
+               .public = {
+                       .get_type = _get_type,
+                       .sign = _sign,
+                       .decrypt = _decrypt,
+                       .get_keysize = _get_keysize,
+                       .get_public_key = _get_public_key,
+                       .equals = private_key_equals,
+                       .belongs_to = private_key_belongs_to,
+                       .get_fingerprint = _get_fingerprint,
+                       .has_fingerprint = private_key_has_fingerprint,
+                       .get_encoding = _get_encoding,
+                       .get_ref = _get_ref,
+                       .destroy = _destroy,
+               },
+               .ref = 1,
+       );
+
+       return this;
+}
+
+/*
+ * Described in header
+ */
+private_key_t *botan_ed_private_key_adopt(botan_privkey_t key)
+{
+       private_private_key_t *this;
+
+       this = create_empty();
+       this->key = key;
+
+       return &this->public;
+}
+
+/*
+ * Described in header
+ */
+private_key_t *botan_ed_private_key_gen(key_type_t type, va_list args)
+{
+       private_private_key_t *this;
+       botan_rng_t rng;
+
+       while (TRUE)
+       {
+               switch (va_arg(args, builder_part_t))
+               {
+                       case BUILD_KEY_SIZE:
+                               /* just ignore the key size */
+                               va_arg(args, u_int);
+                               continue;
+                       case BUILD_END:
+                               break;
+                       default:
+                               return NULL;
+               }
+               break;
+       }
+
+       if (botan_rng_init(&rng, "system"))
+       {
+               return NULL;
+       }
+
+       this = create_empty();
+
+       if (botan_privkey_create(&this->key, "Ed25519", NULL, rng))
+       {
+               DBG1(DBG_LIB, "EdDSA private key generation failed");
+               botan_rng_destroy(rng);
+               free(this);
+               return NULL;
+       }
+
+       botan_rng_destroy(rng);
+       return &this->public;
+}
+
+/*
+ * Described in header
+ */
+private_key_t *botan_ed_private_key_load(key_type_t type, va_list args)
+{
+       private_private_key_t *this;
+       chunk_t key = chunk_empty;
+
+       while (TRUE)
+       {
+               switch (va_arg(args, builder_part_t))
+               {
+                       case BUILD_EDDSA_PRIV_ASN1_DER:
+                               key = va_arg(args, chunk_t);
+                               continue;
+                       case BUILD_END:
+                               break;
+                       default:
+                               return NULL;
+               }
+               break;
+       }
+
+       /* PKCS#8-encoded keys are handled generically, so we only handle the
+        * explicit case */
+       if (asn1_unwrap(&key, &key) != ASN1_OCTET_STRING ||
+               key.len != ED25519_KEY_LEN)
+       {
+               return NULL;
+       }
+
+       this = create_empty();
+
+       if (botan_privkey_load_ed25519(&this->key, key.ptr))
+       {
+               free(this);
+               return NULL;
+       }
+       return &this->public;
+}
+
+#endif
diff --git a/src/libstrongswan/plugins/botan/botan_ed_private_key.h b/src/libstrongswan/plugins/botan/botan_ed_private_key.h
new file mode 100644 (file)
index 0000000..f7f32e8
--- /dev/null
@@ -0,0 +1,63 @@
+/*
+ * Copyright (C) 2018 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+/**
+ * @defgroup botan_ed_private_key botan_ed_private_key
+ * @{ @ingroup botan_p
+ */
+
+#ifndef BOTAN_ED_PRIVATE_KEY_H_
+#define BOTAN_ED_PRIVATE_KEY_H_
+
+#include <botan/ffi.h>
+
+#include <credentials/builder.h>
+#include <credentials/keys/private_key.h>
+
+/**
+ * Generate an EdDSA private key using Botan.
+ *
+ * @param type         type of the key, must be KEY_ED25519
+ * @param args         builder_part_t argument list
+ * @return                     generated key, NULL on failure
+ */
+private_key_t *botan_ed_private_key_gen(key_type_t type, va_list args);
+
+/**
+ * Load an EdDSA private key using Botan.
+ *
+ * @param type         type of the key, must be KEY_ED25519
+ * @param args         builder_part_t argument list
+ * @return                     loaded key, NULL on failure
+ */
+private_key_t *botan_ed_private_key_load(key_type_t type, va_list args);
+
+/**
+ * Load an EdDSA private key by adopting a botan_privkey_t object.
+ *
+ * @param key          private key object (adopted)
+ * @return                     loaded key, NULL on failure
+ */
+private_key_t *botan_ed_private_key_adopt(botan_privkey_t key);
+
+#endif /** BOTAN_ED_PRIVATE_KEY_H_ @}*/
diff --git a/src/libstrongswan/plugins/botan/botan_ed_public_key.c b/src/libstrongswan/plugins/botan/botan_ed_public_key.c
new file mode 100644 (file)
index 0000000..41d2baa
--- /dev/null
@@ -0,0 +1,202 @@
+/*
+ * Copyright (C) 2018 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#include "botan_ed_public_key.h"
+#include "botan_util.h"
+
+#include <botan/build.h>
+
+#ifdef BOTAN_HAS_ED25519
+
+#include <utils/debug.h>
+
+typedef struct private_public_key_t private_public_key_t;
+
+/**
+ * Private data
+ */
+struct private_public_key_t {
+
+       /**
+        * Public interface
+        */
+       public_key_t public;
+
+       /**
+        * Botan public key object
+        */
+       botan_pubkey_t key;
+
+       /**
+        * Reference counter
+        */
+       refcount_t ref;
+};
+
+METHOD(public_key_t, get_type, key_type_t,
+       private_public_key_t *this)
+{
+       return KEY_ED25519;
+}
+
+METHOD(public_key_t, get_keysize, int,
+       private_public_key_t *this)
+{
+       return ED25519_KEY_LEN * 8;
+}
+
+METHOD(public_key_t, verify, bool,
+       private_public_key_t *this, signature_scheme_t scheme,
+       void *params, chunk_t data, chunk_t signature)
+{
+       switch (scheme)
+       {
+               case SIGN_ED25519:
+                       return botan_verify_signature(this->key, "Pure", data, signature);
+               default:
+                       DBG1(DBG_LIB, "signature scheme %N not supported via botan",
+                                signature_scheme_names, scheme);
+                       return FALSE;
+       }
+}
+
+METHOD(public_key_t, encrypt, bool,
+       private_public_key_t *this, encryption_scheme_t scheme,
+       chunk_t crypto, chunk_t *plain)
+{
+       DBG1(DBG_LIB, "EdDSA public key encryption not implemented");
+       return FALSE;
+}
+
+METHOD(public_key_t, get_fingerprint, bool,
+       private_public_key_t *this, cred_encoding_type_t type,
+       chunk_t *fingerprint)
+{
+       return botan_get_fingerprint(this->key, this, type, fingerprint);
+}
+
+METHOD(public_key_t, get_encoding, bool,
+       private_public_key_t *this, cred_encoding_type_t type,
+       chunk_t *encoding)
+{
+       return botan_get_encoding(this->key, type, encoding);
+}
+
+METHOD(public_key_t, get_ref, public_key_t*,
+       private_public_key_t *this)
+{
+       ref_get(&this->ref);
+       return &this->public;
+}
+
+METHOD(public_key_t, destroy, void,
+       private_public_key_t *this)
+{
+       if (ref_put(&this->ref))
+       {
+               lib->encoding->clear_cache(lib->encoding, this);
+               botan_pubkey_destroy(this->key);
+               free(this);
+       }
+}
+
+/**
+ * Internal generic constructor
+ */
+static private_public_key_t *create_empty()
+{
+       private_public_key_t *this;
+
+       INIT(this,
+               .public = {
+                       .get_type = _get_type,
+                       .verify = _verify,
+                       .encrypt = _encrypt,
+                       .get_keysize = _get_keysize,
+                       .equals = public_key_equals,
+                       .get_fingerprint = _get_fingerprint,
+                       .has_fingerprint = public_key_has_fingerprint,
+                       .get_encoding = _get_encoding,
+                       .get_ref = _get_ref,
+                       .destroy = _destroy,
+               },
+               .ref = 1,
+       );
+
+       return this;
+}
+
+/*
+ * Described in header
+ */
+public_key_t *botan_ed_public_key_adopt(botan_pubkey_t key)
+{
+       private_public_key_t *this;
+
+       this = create_empty();
+       this->key = key;
+
+       return &this->public;
+}
+
+/*
+ * Described in header
+ */
+public_key_t *botan_ed_public_key_load(key_type_t type, va_list args)
+{
+       private_public_key_t *this;
+       chunk_t key = chunk_empty;
+
+       while (TRUE)
+       {
+               switch (va_arg(args, builder_part_t))
+               {
+                       case BUILD_EDDSA_PUB:
+                               key = va_arg(args, chunk_t);
+                               continue;
+                       case BUILD_END:
+                               break;
+                       default:
+                               return NULL;
+               }
+               break;
+       }
+
+       /* ASN.1-encoded keys are handled generically, so we only handle the
+        * explicit case */
+       if (key.len != ED25519_KEY_LEN)
+       {
+               return NULL;
+       }
+
+       this = create_empty();
+
+       if (botan_pubkey_load_ed25519(&this->key, key.ptr))
+       {
+               free(this);
+               return NULL;
+       }
+       return &this->public;
+}
+
+#endif
diff --git a/src/libstrongswan/plugins/botan/botan_ed_public_key.h b/src/libstrongswan/plugins/botan/botan_ed_public_key.h
new file mode 100644 (file)
index 0000000..0f44b1a
--- /dev/null
@@ -0,0 +1,51 @@
+/*
+ * Copyright (C) 2018 Tobias Brunner
+ * HSR Hochschule fuer Technik Rapperswil
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+#ifndef BOTAN_ED_PUBLIC_KEY_H_
+#define BOTAN_ED_PUBLIC_KEY_H_
+
+#include <botan/ffi.h>
+
+#include <credentials/builder.h>
+#include <credentials/keys/public_key.h>
+
+#define ED25519_KEY_LEN 32
+
+/**
+ * Load an EdDSA public key by adopting a botan_pubkey_t object.
+ *
+ * @param key          public key object (adopted)
+ * @return                     loaded key, NULL on failure
+ */
+public_key_t *botan_ed_public_key_adopt(botan_pubkey_t key);
+
+/**
+ * Load an EdDSA public key using Botan.
+ *
+ * @param type         type of the key, must be KEY_ED25519
+ * @param args         builder_part_t argument list
+ * @return                     loaded key, NULL on failure
+ */
+public_key_t *botan_ed_public_key_load(key_type_t type, va_list args);
+
+#endif /** BOTAN_ED_PUBLIC_KEY_H_ @}*/
index fd8e5f5..e21cf06 100644 (file)
@@ -36,6 +36,8 @@
 #include "botan_ec_diffie_hellman.h"
 #include "botan_ec_public_key.h"
 #include "botan_ec_private_key.h"
+#include "botan_ed_public_key.h"
+#include "botan_ed_private_key.h"
 #include "botan_gcm.h"
 #include "botan_util_keys.h"
 #include "botan_x25519.h"
@@ -168,7 +170,8 @@ METHOD(plugin_t, get_features, int,
 #endif /* BOTAN_HAS_HMAC */
 
                /* generic key loaders */
-#if defined (BOTAN_HAS_RSA) || defined(BOTAN_HAS_ECDSA)
+#if defined (BOTAN_HAS_RSA) || defined(BOTAN_HAS_ECDSA) || \
+       defined(BOTAN_HAS_ED25519)
                PLUGIN_REGISTER(PUBKEY, botan_public_key_load, TRUE),
                        PLUGIN_PROVIDE(PUBKEY, KEY_ANY),
 #ifdef BOTAN_HAS_RSA
@@ -177,6 +180,9 @@ METHOD(plugin_t, get_features, int,
 #ifdef BOTAN_HAS_ECDSA
                        PLUGIN_PROVIDE(PUBKEY, KEY_ECDSA),
 #endif
+#ifdef BOTAN_HAS_ED25519
+                       PLUGIN_PROVIDE(PUBKEY, KEY_ED25519),
+#endif
                PLUGIN_REGISTER(PRIVKEY, botan_private_key_load, TRUE),
                        PLUGIN_PROVIDE(PRIVKEY, KEY_ANY),
 #ifdef BOTAN_HAS_RSA
@@ -185,6 +191,9 @@ METHOD(plugin_t, get_features, int,
 #ifdef BOTAN_HAS_ECDSA
                        PLUGIN_PROVIDE(PRIVKEY, KEY_ECDSA),
 #endif
+#ifdef BOTAN_HAS_ED25519
+                       PLUGIN_PROVIDE(PRIVKEY, KEY_ED25519),
+#endif
 #endif
                /* RSA */
 #ifdef BOTAN_HAS_RSA
@@ -272,6 +281,21 @@ METHOD(plugin_t, get_features, int,
 #endif /* BOTAN_HAS_EMSA1 */
 #endif /* BOTAN_HAS_ECDSA */
 
+#ifdef BOTAN_HAS_ED25519
+               /* EdDSA private/public key loading */
+               PLUGIN_REGISTER(PUBKEY, botan_ed_public_key_load, TRUE),
+                       PLUGIN_PROVIDE(PUBKEY, KEY_ED25519),
+               PLUGIN_REGISTER(PRIVKEY, botan_ed_private_key_load, TRUE),
+                       PLUGIN_PROVIDE(PRIVKEY, KEY_ED25519),
+               PLUGIN_REGISTER(PRIVKEY_GEN, botan_ed_private_key_gen, FALSE),
+                       PLUGIN_PROVIDE(PRIVKEY_GEN, KEY_ED25519),
+               PLUGIN_PROVIDE(PRIVKEY_SIGN, SIGN_ED25519),
+               PLUGIN_PROVIDE(PUBKEY_VERIFY, SIGN_ED25519),
+               /* register a pro forma identity hasher, never instantiated */
+               PLUGIN_REGISTER(HASHER, return_null),
+                       PLUGIN_PROVIDE(HASHER, HASH_IDENTITY),
+#endif
+
                /* random numbers */
 #if BOTAN_HAS_SYSTEM_RNG
 #if BOTAN_HAS_HMAC_DRBG
index 176c2ca..016c683 100644 (file)
@@ -24,6 +24,8 @@
 #include "botan_util_keys.h"
 #include "botan_ec_public_key.h"
 #include "botan_ec_private_key.h"
+#include "botan_ed_public_key.h"
+#include "botan_ed_private_key.h"
 #include "botan_rsa_public_key.h"
 #include "botan_rsa_private_key.h"
 
@@ -112,6 +114,10 @@ public_key_t *botan_public_key_load(key_type_t type, va_list args)
        {
                this = (public_key_t*)botan_ec_public_key_adopt(pubkey);
        }
+       else if (streq(name, "Ed25519") && (type == KEY_ANY || type == KEY_ED25519))
+       {
+               this = botan_ed_public_key_adopt(pubkey);
+       }
        else
        {
                botan_pubkey_destroy(pubkey);
@@ -188,6 +194,7 @@ private_key_t *botan_private_key_load(key_type_t type, va_list args)
        botan_pubkey_destroy(pubkey);
        if (!name)
        {
+               botan_privkey_destroy(key);
                return NULL;
        }
        if (streq(name, "RSA") && (type == KEY_ANY || type == KEY_RSA))
@@ -202,6 +209,10 @@ private_key_t *botan_private_key_load(key_type_t type, va_list args)
                        this = (private_key_t*)botan_ec_private_key_adopt(key, oid);
                }
        }
+       else if (streq(name, "Ed25519") && (type == KEY_ANY || type == KEY_ED25519))
+       {
+               this = botan_ed_private_key_adopt(key);
+       }
        if (!this)
        {
                botan_privkey_destroy(key);
index efeb0f4..66c07b8 100644 (file)
@@ -619,6 +619,7 @@ static char *whitelist[] = {
        "botan_privkey_create_ecdsa",
        "botan_privkey_create_ecdh",
        "botan_privkey_load_ecdh",
+       "botan_privkey_load",
 };
 
 /**