From 802b94ccf2e00ac33a3863300d0769f02b62d807 Mon Sep 17 00:00:00 2001
From: z4yx <z4yx@users.noreply.github.com>
Date: Sun, 20 Feb 2022 11:37:32 +0800
Subject: [PATCH 1/2] define public key and signature format for hardware
 security key

---
 src/proto/public_key.rs | 34 ++++++++++++++++++++++++++++++++--
 src/proto/signature.rs  |  8 ++++++++
 2 files changed, 40 insertions(+), 2 deletions(-)

diff --git a/src/proto/public_key.rs b/src/proto/public_key.rs
index 7c40b36..b2dd899 100644
--- a/src/proto/public_key.rs
+++ b/src/proto/public_key.rs
@@ -27,17 +27,33 @@ pub struct EcDsaPublicKey {
     pub q: MpInt
 }
 
+#[derive(Clone, Debug, Eq, Hash, PartialEq, Serialize, Deserialize)]
+pub struct SkEcDsaPublicKey {
+    pub identifier: String,
+    pub q: MpInt,
+    pub application: String,
+}
+
+
 #[derive(Clone, Debug, Eq, Hash, PartialEq, Serialize, Deserialize)]
 pub struct Ed25519PublicKey {
     pub enc_a: Vec<u8>
 }
 
+#[derive(Clone, Debug, Eq, Hash, PartialEq, Serialize, Deserialize)]
+pub struct SkEd25519PublicKey {
+    pub enc_a: Vec<u8>,
+    pub application: String,
+}
+
 #[derive(Clone, Debug, Eq, Hash, PartialEq)]
 pub enum PublicKey {
     Dss(DssPublicKey),
     Ed25519(Ed25519PublicKey),
+    SkEd25519(SkEd25519PublicKey),
     Rsa(RsaPublicKey),
-    EcDsa(EcDsaPublicKey)
+    EcDsa(EcDsaPublicKey),
+    SkEcDsa(SkEcDsaPublicKey),
 }
 
 impl KeyType for RsaPublicKey {
@@ -60,6 +76,18 @@ impl KeyType for EcDsaPublicKey {
     }
 }
 
+impl KeyType for SkEd25519PublicKey {
+    const KEY_TYPE: &'static str = "sk-ssh-ed25519@openssh.com";
+}
+
+impl KeyType for SkEcDsaPublicKey {
+    const KEY_TYPE: &'static str = "sk-ecdsa-sha2";
+    
+    fn key_type(&self) -> String {
+        format!("{}-{}@openssh.com", Self::KEY_TYPE, self.identifier)
+    }
+}
+
 impl From<PrivateKey> for PublicKey {
     fn from(key: PrivateKey) -> Self {
         match key {
@@ -143,7 +171,9 @@ impl_key_type_enum_ser_de!(
     (PublicKey::Dss, DssPublicKey),
     (PublicKey::Rsa, RsaPublicKey),
     (PublicKey::EcDsa, EcDsaPublicKey),
-    (PublicKey::Ed25519, Ed25519PublicKey)
+    (PublicKey::SkEcDsa, SkEcDsaPublicKey),
+    (PublicKey::Ed25519, Ed25519PublicKey),
+    (PublicKey::SkEd25519, SkEd25519PublicKey)
 );
 
 
diff --git a/src/proto/signature.rs b/src/proto/signature.rs
index 0a315c6..d5260e2 100644
--- a/src/proto/signature.rs
+++ b/src/proto/signature.rs
@@ -15,6 +15,14 @@ pub struct Signature {
     pub blob: Vec<u8>
 }
 
+#[derive(Clone, PartialEq, Debug, Serialize, Deserialize)]
+pub struct SkSignature {
+    pub algorithm: String,
+    pub blob: Vec<u8>,
+    pub flags: u8,
+    pub counter: u32
+}
+
 #[derive(Clone, PartialEq, Debug, Serialize, Deserialize)]
 pub struct EcDsaSignature {
     pub identifier: String,

From 91894139966e01941f17386a84c6b35e6ea155b8 Mon Sep 17 00:00:00 2001
From: z4yx <z4yx@users.noreply.github.com>
Date: Tue, 22 Feb 2022 20:56:59 +0800
Subject: [PATCH 2/2] define PrivateKey types for SK

---
 src/proto/private_key.rs | 39 +++++++++++++++++++++++++++++++++++++--
 src/proto/public_key.rs  | 24 ++++++++++++++++++++++--
 2 files changed, 59 insertions(+), 4 deletions(-)

diff --git a/src/proto/private_key.rs b/src/proto/private_key.rs
index ef07a60..cf44124 100644
--- a/src/proto/private_key.rs
+++ b/src/proto/private_key.rs
@@ -21,6 +21,15 @@ pub struct Ed25519PrivateKey {
     pub k_enc_a: Vec<u8>
 }
 
+#[derive(Clone, Debug, Eq, Hash, PartialEq, Serialize, Deserialize)]
+pub struct SkEd25519PrivateKey {
+    pub enc_a: Vec<u8>,
+    pub application: String,
+    pub flags: u8,
+    pub key_handle: Vec<u8>,
+    pub reserved: Vec<u8>
+}
+
 #[derive(Clone, Debug, Eq, Hash, PartialEq, Serialize, Deserialize)]
 pub struct RsaPrivateKey {
     pub n: MpInt,
@@ -38,12 +47,24 @@ pub struct EcDsaPrivateKey {
     pub d: MpInt
 }
 
+#[derive(Clone, Debug, Eq, Hash, PartialEq, Serialize, Deserialize)]
+pub struct SkEcDsaPrivateKey {
+    pub identifier: String,
+    pub q: MpInt,
+    pub application: String,
+    pub flags: u8,
+    pub key_handle: Vec<u8>,
+    pub reserved: Vec<u8>
+}
+
 #[derive(Clone, Debug, Eq, Hash, PartialEq)]
 pub enum PrivateKey {
     Dss(DssPrivateKey),
     Ed25519(Ed25519PrivateKey),
+    SkEd25519(SkEd25519PrivateKey),
     Rsa(RsaPrivateKey),
-    EcDsa(EcDsaPrivateKey)
+    EcDsa(EcDsaPrivateKey),
+    SkEcDsa(SkEcDsaPrivateKey)
 }
 
 impl KeyType for RsaPrivateKey {
@@ -58,6 +79,10 @@ impl KeyType for Ed25519PrivateKey {
     const KEY_TYPE: &'static str = "ssh-ed25519";
 }
 
+impl KeyType for SkEd25519PrivateKey {
+    const KEY_TYPE: &'static str = "sk-ssh-ed25519@openssh.com";
+}
+
 impl KeyType for EcDsaPrivateKey {
     const KEY_TYPE: &'static str = "ecdsa-sha2";
     
@@ -66,10 +91,20 @@ impl KeyType for EcDsaPrivateKey {
     }
 }
 
+impl KeyType for SkEcDsaPrivateKey {
+    const KEY_TYPE: &'static str = "sk-ecdsa-sha2";
+
+    fn key_type(&self) -> String {
+        format!("{}-{}@openssh.com", Self::KEY_TYPE, self.identifier)
+    }
+}
+
 impl_key_type_enum_ser_de!(
     PrivateKey,
     (PrivateKey::Dss, DssPrivateKey),
     (PrivateKey::Rsa, RsaPrivateKey),
     (PrivateKey::EcDsa, EcDsaPrivateKey),
-    (PrivateKey::Ed25519, Ed25519PrivateKey)
+    (PrivateKey::SkEcDsa, SkEcDsaPrivateKey),
+    (PrivateKey::Ed25519, Ed25519PrivateKey),
+    (PrivateKey::SkEd25519, SkEd25519PrivateKey)
 );
diff --git a/src/proto/public_key.rs b/src/proto/public_key.rs
index b2dd899..b386209 100644
--- a/src/proto/public_key.rs
+++ b/src/proto/public_key.rs
@@ -34,7 +34,6 @@ pub struct SkEcDsaPublicKey {
     pub application: String,
 }
 
-
 #[derive(Clone, Debug, Eq, Hash, PartialEq, Serialize, Deserialize)]
 pub struct Ed25519PublicKey {
     pub enc_a: Vec<u8>
@@ -82,7 +81,7 @@ impl KeyType for SkEd25519PublicKey {
 
 impl KeyType for SkEcDsaPublicKey {
     const KEY_TYPE: &'static str = "sk-ecdsa-sha2";
-    
+
     fn key_type(&self) -> String {
         format!("{}-{}@openssh.com", Self::KEY_TYPE, self.identifier)
     }
@@ -93,8 +92,10 @@ impl From<PrivateKey> for PublicKey {
         match key {
             PrivateKey::Dss(key) => PublicKey::Dss(DssPublicKey::from(key)),
             PrivateKey::Ed25519(key) => PublicKey::Ed25519(Ed25519PublicKey::from(key)),
+            PrivateKey::SkEd25519(key) => PublicKey::SkEd25519(SkEd25519PublicKey::from(key)),
             PrivateKey::Rsa(key) => PublicKey::Rsa(RsaPublicKey::from(key)),
             PrivateKey::EcDsa(key) => PublicKey::EcDsa(EcDsaPublicKey::from(key)),
+            PrivateKey::SkEcDsa(key) => PublicKey::SkEcDsa(SkEcDsaPublicKey::from(key)),
         }
     }
 }
@@ -128,6 +129,16 @@ impl From<EcDsaPrivateKey> for EcDsaPublicKey {
     }
 }
 
+impl From<SkEcDsaPrivateKey> for SkEcDsaPublicKey {
+    fn from(key: SkEcDsaPrivateKey) -> Self {
+        Self {
+            identifier: key.identifier,
+            q: key.q,
+            application: key.application
+        }
+    }
+}
+
 impl From<Ed25519PrivateKey> for Ed25519PublicKey {
     fn from(key: Ed25519PrivateKey) -> Self {
         Self {
@@ -136,6 +147,15 @@ impl From<Ed25519PrivateKey> for Ed25519PublicKey {
     }
 }
 
+impl From<SkEd25519PrivateKey> for SkEd25519PublicKey {
+    fn from(key: SkEd25519PrivateKey) -> Self {
+        Self {
+            enc_a: key.enc_a,
+            application: key.application
+        }
+    }
+}
+
 impl From<&PrivateKey> for PublicKey {
     fn from(key: &PrivateKey) -> Self {
         Self::from(key.clone())