From a269b1e8431c4fb47bcdc31623b01e8236fb360e Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Fri, 25 Sep 2020 14:45:12 -0700
Subject: [PATCH 1/3] ECC Key Reading Update wolfSSH_ReadKey_buffer() to handle
 P-384 and P-521 when reading a key from a buffer.

---
 src/ssh.c | 35 +++++++++++++++++++----------------
 1 file changed, 19 insertions(+), 16 deletions(-)

diff --git a/src/ssh.c b/src/ssh.c
index fd6a2ea..a18d41c 100644
--- a/src/ssh.c
+++ b/src/ssh.c
@@ -1413,24 +1413,13 @@ int wolfSSH_ReadKey_buffer(const byte* in, word32 inSz, int format,
         if (type != NULL && key != NULL) {
             const char* name;
             word32 typeSz;
+            byte nameId;
 
             typeSz = (word32)WSTRLEN(type);
 
-            name = IdToName(ID_SSH_RSA);
-            if (WSTRNCMP(type, name, typeSz) == 0) {
-                *outType = (const byte*)name;
-            }
-            else {
-                name = IdToName(ID_ECDSA_SHA2_NISTP256);
-                if (WSTRNCMP(type, name, typeSz) == 0) {
-                    *outType = (const byte*)name;
-                }
-                else {
-                    name = IdToName(ID_UNKNOWN);
-                    *outType = (const byte*)name;
-                    typeSz = (word32)WSTRLEN(name);
-                }
-            }
+            nameId = NameToId(type, typeSz);
+            name = IdToName(nameId);
+            *outType = (const byte*)name;
             *outTypeSz = typeSz;
 
             ret = Base64_Decode((byte*)key, (word32)WSTRLEN(key), *out, outSz);
@@ -1480,6 +1469,8 @@ int wolfSSH_ReadKey_buffer(const byte* in, word32 inSz, int format,
         }
         else {
 #endif
+            byte curveId = ID_UNKNOWN;
+
             /* Couldn't decode as RSA testKey. Try decoding as ECC testKey. */
             scratch = 0;
             if (wc_ecc_init_ex(&testKey.ecc, heap, INVALID_DEVID) != 0)
@@ -1487,11 +1478,23 @@ int wolfSSH_ReadKey_buffer(const byte* in, word32 inSz, int format,
 
             ret = wc_EccPrivateKeyDecode(in, &scratch,
                                          &testKey.ecc, inSz);
+            switch (wc_ecc_get_curve_id(testKey.ecc.idx)) {
+                case ECC_SECP256R1:
+                    curveId = ID_ECDSA_SHA2_NISTP256;
+                    break;
+                case ECC_SECP384R1:
+                    curveId = ID_ECDSA_SHA2_NISTP384;
+                    break;
+                case ECC_SECP521R1:
+                    curveId = ID_ECDSA_SHA2_NISTP521;
+                    break;
+            }
             wc_ecc_free(&testKey.ecc);
 
             if (ret == 0) {
-                *outType = (const byte*)IdToName(ID_ECDH_SHA2_NISTP256);
+                *outType = (const byte*)IdToName(curveId);
                 *outTypeSz = (word32)WSTRLEN((const char*)*outType);
+                printf("%s\n", *outType);
             }
             else
                 return WS_BAD_FILE_E;

From 82c69b975873813ecd480488286e4ab010e321b4 Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Fri, 25 Sep 2020 16:59:05 -0700
Subject: [PATCH 2/3] Keys 1. Add P-384 and P-521 sample user public and
 private keys. 2. Add DER format versions of the sample user private keys. 3.
 Add the sample user public keys for P-256 and RSA-2048. 4. Fix a bug where
 the user authentication signing would fail if using an ECDSA curve other than
 P-256.

---
 keys/gretel-key-ecc-384.der | Bin 0 -> 167 bytes
 keys/gretel-key-ecc-384.pem |  11 +++++++++++
 keys/gretel-key-ecc-384.pub |   1 +
 keys/gretel-key-ecc-521.der | Bin 0 -> 223 bytes
 keys/gretel-key-ecc-521.pem |  12 ++++++++++++
 keys/gretel-key-ecc-521.pub |   1 +
 keys/gretel-key-ecc.der     | Bin 0 -> 121 bytes
 keys/gretel-key-ecc.pub     |   1 +
 keys/gretel-key-rsa.der     | Bin 0 -> 1191 bytes
 keys/gretel-key-rsa.pub     |   1 +
 keys/hansel-key-ecc-384.der | Bin 0 -> 167 bytes
 keys/hansel-key-ecc-384.pem |  11 +++++++++++
 keys/hansel-key-ecc-384.pub |   1 +
 keys/hansel-key-ecc-521.der | Bin 0 -> 223 bytes
 keys/hansel-key-ecc-521.pem |  12 ++++++++++++
 keys/hansel-key-ecc-521.pub |   1 +
 keys/hansel-key-ecc.der     | Bin 0 -> 121 bytes
 keys/hansel-key-ecc.pub     |   1 +
 keys/hansel-key-rsa.der     | Bin 0 -> 1191 bytes
 keys/hansel-key-rsa.pub     |   1 +
 keys/include.am             |  29 ++++++++++++++---------------
 keys/pubkeys-ecc-384.txt    |   2 ++
 keys/pubkeys-ecc-521.txt    |   2 ++
 src/internal.c              |   2 +-
 24 files changed, 73 insertions(+), 16 deletions(-)
 create mode 100644 keys/gretel-key-ecc-384.der
 create mode 100644 keys/gretel-key-ecc-384.pem
 create mode 100644 keys/gretel-key-ecc-384.pub
 create mode 100644 keys/gretel-key-ecc-521.der
 create mode 100644 keys/gretel-key-ecc-521.pem
 create mode 100644 keys/gretel-key-ecc-521.pub
 create mode 100644 keys/gretel-key-ecc.der
 create mode 100644 keys/gretel-key-ecc.pub
 create mode 100644 keys/gretel-key-rsa.der
 create mode 100644 keys/gretel-key-rsa.pub
 create mode 100644 keys/hansel-key-ecc-384.der
 create mode 100644 keys/hansel-key-ecc-384.pem
 create mode 100644 keys/hansel-key-ecc-384.pub
 create mode 100644 keys/hansel-key-ecc-521.der
 create mode 100644 keys/hansel-key-ecc-521.pem
 create mode 100644 keys/hansel-key-ecc-521.pub
 create mode 100644 keys/hansel-key-ecc.der
 create mode 100644 keys/hansel-key-ecc.pub
 create mode 100644 keys/hansel-key-rsa.der
 create mode 100644 keys/hansel-key-rsa.pub
 create mode 100644 keys/pubkeys-ecc-384.txt
 create mode 100644 keys/pubkeys-ecc-521.txt

diff --git a/keys/gretel-key-ecc-384.der b/keys/gretel-key-ecc-384.der
new file mode 100644
index 0000000000000000000000000000000000000000..1692b1cf3c97f0ddb9ff91cb51fe04c47adc5456
GIT binary patch
literal 167
zcmV;Y09gMpfusTf0R%9cCILapJkD*C$g$UhSeR(K$kE}{zDDa4df*nnJ!d8|grBJ9
zoWmb3d3!Lf{sKv$2L=Tzfdl{|p=1MM00a!jX<D$`0Zs%_%5p<CmJuQ({iEDGKm6}s
zA>M`(3AEaI(H<;HqE1=D$Ht>*sI~JiJ%>oNG_DxFZ7&*~faf|EkMvSFC_9wW1Z5)W
V5d^L2Z55Bj|E=kQ&L7kC#QLeROWObd

literal 0
HcmV?d00001

diff --git a/keys/gretel-key-ecc-384.pem b/keys/gretel-key-ecc-384.pem
new file mode 100644
index 0000000..f14311b
--- /dev/null
+++ b/keys/gretel-key-ecc-384.pem
@@ -0,0 +1,11 @@
+ASN1 OID: secp384r1
+NIST CURVE: P-384
+-----BEGIN EC PARAMETERS-----
+BgUrgQQAIg==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MIGkAgEBBDCbJgFByjzObZPIsdeDWJhousjR4dS+RusTeuAWvz1nJjKEn6jmnMMf
+Lnl7MK7+AkmgBwYFK4EEACKhZANiAAQMx2lasNsBTgRRynJDNpYRIiT9o9w8P/zv
+XyHehhIJtNp50R4sSqJOWcLHxqNoqLXzLz2HSLQ0rhi+bS8anYDnOhaP9FI4KDuU
+0gRlIukRBK3pbRWPxf+t6YLOH9P0xPo=
+-----END EC PRIVATE KEY-----
diff --git a/keys/gretel-key-ecc-384.pub b/keys/gretel-key-ecc-384.pub
new file mode 100644
index 0000000..449ab25
--- /dev/null
+++ b/keys/gretel-key-ecc-384.pub
@@ -0,0 +1 @@
+ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBAzHaVqw2wFOBFHKckM2lhEiJP2j3Dw//O9fId6GEgm02nnRHixKok5ZwsfGo2iotfMvPYdItDSuGL5tLxqdgOc6Fo/0UjgoO5TSBGUi6REEreltFY/F/63pgs4f0/TE+g== gretel
diff --git a/keys/gretel-key-ecc-521.der b/keys/gretel-key-ecc-521.der
new file mode 100644
index 0000000000000000000000000000000000000000..1dd406417fe04a05bb0edcd9571c50cf9c94a63a
GIT binary patch
literal 223
zcmV<503iP`f!qQC0R%z-7X)U;deo&X>&x7=fIapC8v0imwKT5aB|%`B`(m$t@_ySg
zxyG}+v7Dq41Y&D)lp#kcuXz>Bv{c+c0i_>TBcKNc1uKCB03)G+i35R#00aQ{fCFaE
z`7t;Xd@+m>1%tW=|NBiatpjWD8}+$vsFhb7=Ur&@#vyBgtbnHR`xH7$9wL1C&2Lh~
zRS~ZbW0ViF0cgYQZ_xdgO0;C3kJM7DpS1fmWOLzmy*e&5we;riSkEyPmK5rJBHP6l
Z2}F6QPk{+M*$rkB@m;uJKNN<Rm?Ij(Wdr~K

literal 0
HcmV?d00001

diff --git a/keys/gretel-key-ecc-521.pem b/keys/gretel-key-ecc-521.pem
new file mode 100644
index 0000000..a55b580
--- /dev/null
+++ b/keys/gretel-key-ecc-521.pem
@@ -0,0 +1,12 @@
+ASN1 OID: secp521r1
+NIST CURVE: P-521
+-----BEGIN EC PARAMETERS-----
+BgUrgQQAIw==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MIHcAgEBBEIAFwRmxnrUpSzry9y1gD32Ahr6Vxm1NK7gJUFgmftir37yftsyucaz
+vLGcpBEEYmtylCFHKa95Fcy0VNxAAaUfVyOgBwYFK4EEACOhgYkDgYYABAD3gANm
+zvkxOBN8MYwRBYO6B//7TTCtA2vwG/W5bqiVVxznXWj0xiFrgayApvH7FDpLHiJ8
++c1vUsRVEa8PY5QPsgFow+xv0P2WSrRkn4/UUquftPs1ZHPhdr06LjS19ObvWM8x
+FZYU6n0i28UWCUR5qE+BCTzZDWYT8V24YD8UhpaYIw==
+-----END EC PRIVATE KEY-----
diff --git a/keys/gretel-key-ecc-521.pub b/keys/gretel-key-ecc-521.pub
new file mode 100644
index 0000000..b31a027
--- /dev/null
+++ b/keys/gretel-key-ecc-521.pub
@@ -0,0 +1 @@
+ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAD3gANmzvkxOBN8MYwRBYO6B//7TTCtA2vwG/W5bqiVVxznXWj0xiFrgayApvH7FDpLHiJ8+c1vUsRVEa8PY5QPsgFow+xv0P2WSrRkn4/UUquftPs1ZHPhdr06LjS19ObvWM8xFZYU6n0i28UWCUR5qE+BCTzZDWYT8V24YD8UhpaYIw== gretel
diff --git a/keys/gretel-key-ecc.der b/keys/gretel-key-ecc.der
new file mode 100644
index 0000000000000000000000000000000000000000..02bb63755e7c612a748893ab429cb85751e412e7
GIT binary patch
literal 121
zcmV-<0EYiCcLD(c1RzzNNFJ##`WVi$`gcYE#M{%0KArDx%{NAeBRqGRt9YOa1_&yK
zNX|V20SBQ(13~}<pe-NADrh$CBv|dfBIs;zW{fLF=b+4x{(#`khxax1{eYm>A6sEA
b)*ateKs*;aQQ;w+(P8HohqQ+D{sx5>>A5w@

literal 0
HcmV?d00001

diff --git a/keys/gretel-key-ecc.pub b/keys/gretel-key-ecc.pub
new file mode 100644
index 0000000..996a254
--- /dev/null
+++ b/keys/gretel-key-ecc.pub
@@ -0,0 +1 @@
+ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKAtH8cqaDbtJFjtviLobHBmjCtG56DMkP6A4M2H9zX2/YCg1h9bYS7WHd9UQDwXO1HhIZzRYecXh7SG9P4GhRY= gretel
diff --git a/keys/gretel-key-rsa.der b/keys/gretel-key-rsa.der
new file mode 100644
index 0000000000000000000000000000000000000000..529a0269a97842d80cebc533a832dcc472589a1b
GIT binary patch
literal 1191
zcmV;Y1X%kpf&`-i0RRGm0RaH24+K?B6=eSi&xVRR>*F)Fw>Q+QF%6%j0bMoU)5k;X
zEV<)pZLXs>erW1t6A<e0uRRMgz{xlhI|^a6_s!%Nh!G+vL<*ENt;o(lpi+IcQxn;r
zAg)NUNSPVm5};3HNnNQYVQ*#NP!QSx#6e`!HcR%`Aw4gS2|=4HgoBSejb>l>(8n{g
zz0KUfbBm&Np!z$oS!&E4o^Tk-*s5c?&KTCV1*Q^bQyWUW9W4498fn_@ZXr4C(z*t*
z`H7qrEi?+d9rd^(OFkH+w2k5|w`CcT9JHAeYRA<|#UjrINXZ!CRH>VEghs+eH}E|;
z+yr%pNtB>qk07h6a8n-w0|5X50)hbmG~~9_QAKt{T-h&Qk2DWf=3UlbuU~R~ROOer
zN(J=Pi-6tGecC^lL_5tU8j16nAJYMenjf5YbcD#2+f%p}S-V)6=Pg2=7DabYuR4xx
z%NQ&4WGW^LHW>bet$cl;Gw~hJpAQc=0IlYa=j|ft*+=RaypZ}9@OH3~GS}pj27)@y
zaL6s9bDK*M>42wbeK~RUQwQ}jHY+ml;0PwTLHdY?{1;ZqfZ<fl#M9e_x5oMUvQ?@S
zJ{#vn%@b@)vcSv$##-EK-HCc$(c?5RKOTn6f;mU%DHlDSSv!0rQ200!<l0MCt(B}+
zsCudYbDw-4D?Dsq(BG%S(@}2$0)c@5)J}kcAeA~k-yl~ro`DHU?X7Xs+z3C9qLres
z)r}Lb{AQ_Cus`_hTyxumRG;mBr0x}s4KJ8EA%M@0+sFxZ-A?;?XolZ@hjJd<@5E7b
zE_Q0H?!(paFfN5^=c=>1TaV{E{)`d_7bBR7$}g@6*Cj9nLpN0SZXUEzw;uva0)c@5
z%?_u;U}TU9wt$OdjnXA#RZ1o)5~Qe0odtOhPBQ&2XTw#&c243i%GM&LRbo*-?#S0n
z9v}&OMHP_KoX;OiG!*2G;DU}##$u}d4k4Fjg-G!V-189Ni8zkueCD}sg)zKY8%UP+
z>PV#0isRd5aR0_+w-CP<f8}<;vcJv!0)c@5vhbT_k{Z;d%ODZ|V%POT9|Lj@6U8g_
zUmj_yOT&d!mQCE~kx0q_MTji>;_Hl?l3h&lzN=r%zfCtId|;%2pb!G;cuYMp0`3pa
zWzPJpM8NO%W24c$h>x8~){4x-1dB{%2aSDTR)bvpz1iddb$wNIGDiQYFgjM(4AtoK
z0)c=hFQLcTQ{G~{$(z}~aAi#6FQijF2+~l1)kf(t+;p9#o}!4c|0yC+^wRQ9X4iMy
zQSLI)p7pTg=GG!wSqgRNq6K?LXe*(aL&?EPE(t8cQ_385RL$tx&_EvKvx3AZ7xfZi
zFkuN6go9e>$J%LZO0=^Qc+|_h*)a5*AS6)&fq+)%A1wFSym<c*bbQqE!<RU=Y41b8
zbp%o;U0wdk^7_3J6$}UC=3^&WLuk}@d+y=OxE<%=Jk;>48y8!{*`NY0P3idMQLU+r
z%Kv<xxqRM$OgP+BhtwM<Q$fH<9gV7_`p>J~B&F@E)g+UZh(WL#dgjrtqyQ&*&lh9I
FOXPR$Nt^%x

literal 0
HcmV?d00001

diff --git a/keys/gretel-key-rsa.pub b/keys/gretel-key-rsa.pub
new file mode 100644
index 0000000..328f09c
--- /dev/null
+++ b/keys/gretel-key-rsa.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqDwRVTRVk/wjPhoo66+Mztrc31KsxDZ+kAV0139PHQ+wsueNpba6jNn5o6mUTEOrxrz0LMsDJOBM7CmG0983kF4gRIihECpQ0rcjOP6BSfbVTE9mfIK5IsUiZGd8SoE9kSV2pJ2FvZeBQENoAxEFk0zZL9tchPS+OCUGbK4SDjzuNZl/30Mczs73N3MBzi6J1oPo7sFlqzB6ecBjK2Kpjus4Y1rYFphJnUxtKvB0s+hoaadrubiE57dK6BrH5iZwVLTQKux31uCJLPhiktI3iLbdlGZEctJkTasfVSsUizwVIyRjhVKmbdIRGwkU38D043AR1h0mUoGCPIKuqcFMf gretel
diff --git a/keys/hansel-key-ecc-384.der b/keys/hansel-key-ecc-384.der
new file mode 100644
index 0000000000000000000000000000000000000000..fe22faa01559facf56e1b77a25c94204385ed0f8
GIT binary patch
literal 167
zcmV;Y09gMpfusTf0R%8w#;%bNAnJC1gg>EVp{ong$-%RSKYQukzU8wa=~3#?1`NGm
zQr}ZzLb#n)x5Blc2L=Tzfdl{|p=1MM00b-9iJqd^jPcM_y#0Hi?>sDO8U%8q1ddV<
z6x<P`e>onMaMEmTZC!I^iQ%+Pw;J#k8VcbLm99+@!v|b+j*=X6b=zoo_@a^FJ<c17
VN^;D-bi+$Sqx4M0=ITjqQNr0^P6Pk|

literal 0
HcmV?d00001

diff --git a/keys/hansel-key-ecc-384.pem b/keys/hansel-key-ecc-384.pem
new file mode 100644
index 0000000..808c45d
--- /dev/null
+++ b/keys/hansel-key-ecc-384.pem
@@ -0,0 +1,11 @@
+ASN1 OID: secp384r1
+NIST CURVE: P-384
+-----BEGIN EC PARAMETERS-----
+BgUrgQQAIg==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MIGkAgEBBDBaxq6RECDqdn+EP6FkoasL0cnBs4c/e+nevuWzIelR6tAGDL1gUt9T
+YkK4nVa3wrWgBwYFK4EEACKhZANiAAQr2YmeotiM8dBVvP17oO88LGoaBHKjBI5S
+DxTcEaN/OR6UcNJsbW1dc2WJ4bROtxrwFhoK4Q+Vrk0RwwdcdI6SHHN122h4+KKR
+4T3OG4pKcsy9dMNLQ6P0TMXm6kluUcI=
+-----END EC PRIVATE KEY-----
diff --git a/keys/hansel-key-ecc-384.pub b/keys/hansel-key-ecc-384.pub
new file mode 100644
index 0000000..7243e46
--- /dev/null
+++ b/keys/hansel-key-ecc-384.pub
@@ -0,0 +1 @@
+ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBCvZiZ6i2Izx0FW8/Xug7zwsahoEcqMEjlIPFNwRo385HpRw0mxtbV1zZYnhtE63GvAWGgrhD5WuTRHDB1x0jpIcc3XbaHj4opHhPc4bikpyzL10w0tDo/RMxebqSW5Rwg== hansel
diff --git a/keys/hansel-key-ecc-521.der b/keys/hansel-key-ecc-521.der
new file mode 100644
index 0000000000000000000000000000000000000000..014210216c695f5267ff3754bc88bbc657404d52
GIT binary patch
literal 223
zcmV<503iP`f!qQC0R%z;c|f=`<x^Xp{q4SdXymrTPyh`%WCiwGT|uj}*{91KeKbZ~
zEmkI=YR5fKcvuu>Z2X2ii(6DFiIYg#RExfyk)Q_#1uKCB03)G+i35R#00aRO{1dYU
zze&f|`Potj6#gLo={YIKgQq==`|{`YXoHT!A8&(TG#~-^Lk%TG|4h(J6j`dTw>tYZ
z2l)Uf+N&+S0PIEVg^)zi2W#06|K|yp+yU(oGSZov3s5Yj^GaBzQZ>OdkMk3ma1%~i
ZTmb3w$b6pWll^`hmS0?0nMcv}GLWaaWv&1K

literal 0
HcmV?d00001

diff --git a/keys/hansel-key-ecc-521.pem b/keys/hansel-key-ecc-521.pem
new file mode 100644
index 0000000..8d4cd1c
--- /dev/null
+++ b/keys/hansel-key-ecc-521.pem
@@ -0,0 +1,12 @@
+ASN1 OID: secp521r1
+NIST CURVE: P-521
+-----BEGIN EC PARAMETERS-----
+BgUrgQQAIw==
+-----END EC PARAMETERS-----
+-----BEGIN EC PRIVATE KEY-----
+MIHcAgEBBEIBeUC4M+VTW5797b58aOS2w1AADTlkBfZaXUGrs9mnyxx9NEZcLVYm
+oGrHPU94WBRmbPyGPItbVCmJk0jZVIu+nZGgBwYFK4EEACOhgYkDgYYABAET/BOz
+Bb9Jx9b52VIHFP4g/uk5KceDpz2M+/Ln9WiDjsMfb4NgNCAB+EMNJUX/TNBLFFmq
+r7c6+zUH+QAo2qstvQDsReyFkETRB2vZD//nCZfcAe0RMtKZmgtQLKXzSlimUjXB
+M4/zE5lwE05aXADp88h8nuaT/X4bll9cWJlH0fUykA==
+-----END EC PRIVATE KEY-----
diff --git a/keys/hansel-key-ecc-521.pub b/keys/hansel-key-ecc-521.pub
new file mode 100644
index 0000000..696ebe3
--- /dev/null
+++ b/keys/hansel-key-ecc-521.pub
@@ -0,0 +1 @@
+ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAET/BOzBb9Jx9b52VIHFP4g/uk5KceDpz2M+/Ln9WiDjsMfb4NgNCAB+EMNJUX/TNBLFFmqr7c6+zUH+QAo2qstvQDsReyFkETRB2vZD//nCZfcAe0RMtKZmgtQLKXzSlimUjXBM4/zE5lwE05aXADp88h8nuaT/X4bll9cWJlH0fUykA== hansel
diff --git a/keys/hansel-key-ecc.der b/keys/hansel-key-ecc.der
new file mode 100644
index 0000000000000000000000000000000000000000..ad0a4186049cee126cb77d60ca1e4836bfd48d3f
GIT binary patch
literal 121
zcmV-<0EYiCcLD(c1Rw)$7t^`8tH}8u@hwD5I})*^ci8O?YQA8?_KWA!hl8LB1_&yK
zNX|V20SBQ(13~}<*$Cv6&*(iR7mclN74`MOJnkIrQ7(l@ItIM=;!{ANc+{IC=7n^k
bGfe(MKtfW!ZMmsT;11FIqb86<<tH}zX683W

literal 0
HcmV?d00001

diff --git a/keys/hansel-key-ecc.pub b/keys/hansel-key-ecc.pub
new file mode 100644
index 0000000..d333621
--- /dev/null
+++ b/keys/hansel-key-ecc.pub
@@ -0,0 +1 @@
+ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBNkI5JTP6D0lF42tbxX19cE87hztUS6FSDoGvPfiU0CgeNSbI+aFdKIzTP5CQEJSvm25qUzgDtH7oyaQROUnNvk= hansel
diff --git a/keys/hansel-key-rsa.der b/keys/hansel-key-rsa.der
new file mode 100644
index 0000000000000000000000000000000000000000..968191d8a6c19cd63c2492a4d31dbe5700a6dd52
GIT binary patch
literal 1191
zcmV;Y1X%kpf&`-i0RRGm0RaHLKXyf<1FSgJ#}AV*S|FT>e60l*Muvk8iYpdM1uW!u
zM{oeH9fRW8Zkg2ZMVJ+n_J>ZaWMiR~$$T*AJ};y3B%cgx9R3>una#$hY=nhIR1!ep
zwB_=uIqcRaBn#1@;_ozRC2hcTXC;_@#Q0LHn@c(p9pU5p*3X*eoFh&-#Do@zJwi^{
zFU-=BXPvfjDgtF+yLAqXyN8#T#`v<B;xA|>N>l84I*MP+&+ryUvd}};Hf+e}FaD=B
zIcfVHctxFw0LVelG#{h$@%tzg``ActtmFJM(c7-?C!SYUDWV!W<(mGaNyvY<PS76&
zZdew#>z(+LJi@Rcd`>X}0|5X50)hbn0F9(!1~0=v^lbEpFt`BB<-B!=9tM>ZdL#KH
z)RN>Hyoi<jJ60AOF8^dJSl8H&!k@C`gt@$pVN^A+aQ<=xz$9%iX<-H%9p)`<d0@Bn
z+qX`aHr{u^pM_4tcWGuWK4EtAXZyyQ#c!Ga=7~d+M0L_mRFPP+NGj&~4NA(?6rT1c
zXSXGKL%S<y(f-kBBL*;hzhFt;%zh?XJN~Ao=cwJRxvzqnIzfJ6AvdE4<ixxY^*fGD
zQS-gpy0XRY`_JElp@IS7QJn``UD(H4KbI3~O&*OotU#55Y@(seikl%aI#|r-EgE^G
zF;KBfb|V|JKs`Njax&~+IJJ$kjRJvz0PR|Sj-g_GCR}*LhjGb4S9g??lO}k`qZPeb
z%Nw+^YY*pu^7{OaGN~ILf8i$Y043Pn$r>X7CObwWz)<JTVzM@}m<bj%7@kJFuPi8(
zFW_CtvdH^g6V*1V6%UD}7Fk^)bfiaJ`uhxCfWHsIoRtsfs(%(6)Y~|HST0w1F9Lyq
z0L&eKbT)0Yk|korP_SH~+Visg9+(Y_1!-W8Uebw>N)1MS;#6s_7Us*<y?Zb#dtC05
z63=6aoIS`b<a%KVUV!^N1G971n9zg_S)WdT^G59hoz>in=dtLjSKQG-RR_o4XFPIv
zuwajcp^%vjrDv<~wsepKReN5{#lPOCp8|n^K!I+NuGENhtA6^@V4pON<L1&Zl&uiL
z8NX{T;_12Xl+*IumQR}rv!S*rMD&8u#CK}fBd$$#7I@llg3N61uf=1=Bl-`}eEW8O
z82>Up%(zg0u~l~$Q^VGGfY5}vO*0*l8?besCn;8Gp#xNXpP51Vxh^&YBun<}$1`Ya
z0)c>FHOoBE=Jy3CARSkNIk$xe_oqF>cqYC-L}vFT5BPQ;Im%ZKXx+&tvW}(*snq2P
z5#Bp6i~n*c;PF_`qHB{Q0?6<Qry)?-fK`3%3`o`D>6aPLlWbC=)<bNx#o?fx(M4%k
z;jkx~>?@Vi9f1pa30|e~-D~9F2>3>U!3K*0fq($^^6MqKcm%Bu4KAl?)>q~>GEma;
z>#Z?HWxxlQgKTCeK9np40bg9;F)-|5(sVVqpE&1^XR%NSXwJ{r?uh+e#LeP{JxUG)
zf9{Itn--z`34-Ec13c&@e>|G1gZS8!(Ny`)wE8tR%otRv@{qTDmkTE^uKdH3uNrmi
F7~233O8Ec)

literal 0
HcmV?d00001

diff --git a/keys/hansel-key-rsa.pub b/keys/hansel-key-rsa.pub
new file mode 100644
index 0000000..81a850d
--- /dev/null
+++ b/keys/hansel-key-rsa.pub
@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9P3ZFowOsONXHD5MwWiCciXytBRZGhoMNiisWSgUs5HdHcACuHYPi2W6Z1PBFmBWT9odOrGRjoZXJfDDoPi+j8SSfDGsc/hsCmc3Gp2yEhUZUEkDhtOXyqjns1ickC9Gh4u80aSVtwHRnJZh9xPhSq5tLOhId4eP61s+a5pwjTjnEhBaIPUJO2C/M0pFnnbZxKgJlX7t1Doy7h5eXxviymOIvaCZKU+x5OopfzM/wFkey0EPWNmzI5y/+pzU5afsdeEWdiQDIQc80H6Pz8fsoFPvYSG+s4/wz0duu7yeeV1Ypoho65Zr+pEnIf7dO0B8EblgWt+ud+JI8wrAhfE4x hansel
diff --git a/keys/include.am b/keys/include.am
index e07693d..3cbf036 100644
--- a/keys/include.am
+++ b/keys/include.am
@@ -4,18 +4,17 @@
 
 
 EXTRA_DIST+= \
-            keys/server-key-ecc.der \
-            keys/server-key-ecc.pem \
-            keys/server-key-ecc-384.der \
-            keys/server-key-ecc-384.pem \
-            keys/server-key-ecc-521.der \
-            keys/server-key-ecc-521.pem \
-            keys/server-key-rsa.der \
-            keys/server-key-rsa.pem \
-            keys/hansel-key-ecc.pem \
-            keys/hansel-key-rsa.pem \
-            keys/gretel-key-ecc.pem \
-            keys/gretel-key-rsa.pem \
-            keys/pubkeys-ecc.txt \
-            keys/pubkeys-rsa.txt \
-            keys/passwd.txt
+            keys/server-key-ecc.der keys/server-key-ecc.pem \
+            keys/server-key-ecc-384.der keys/server-key-ecc-384.pem \
+            keys/server-key-ecc-521.der keys/server-key-ecc-521.pem \
+            keys/server-key-rsa.der keys/server-key-rsa.pem \
+            keys/hansel-key-ecc.der keys/hansel-key-ecc.pem keys/hansel-key-ecc.pub \
+            keys/hansel-key-ecc-384.der keys/hansel-key-ecc-384.pem keys/hansel-key-ecc-384.pub \
+            keys/hansel-key-ecc-521.der keys/hansel-key-ecc-521.pem keys/hansel-key-ecc-521.pub \
+            keys/hansel-key-rsa.der keys/hansel-key-rsa.pem keys/hansel-key-rsa.pub \
+            keys/gretel-key-ecc.der keys/gretel-key-ecc.pem keys/gretel-key-ecc.pub \
+            keys/gretel-key-ecc-384.der keys/gretel-key-ecc-384.pem keys/gretel-key-ecc-384.pub \
+            keys/gretel-key-ecc-521.der keys/gretel-key-ecc-521.pem keys/gretel-key-ecc-521.pub \
+            keys/gretel-key-rsa.der keys/gretel-key-rsa.pem keys/gretel-key-rsa.pub \
+            keys/pubkeys-ecc.txt keys/pubkeys-ecc-384.txt keys/pubkeys-ecc-521.txt \
+            keys/pubkeys-rsa.txt keys/passwd.txt
diff --git a/keys/pubkeys-ecc-384.txt b/keys/pubkeys-ecc-384.txt
new file mode 100644
index 0000000..bfb379e
--- /dev/null
+++ b/keys/pubkeys-ecc-384.txt
@@ -0,0 +1,2 @@
+ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBCvZiZ6i2Izx0FW8/Xug7zwsahoEcqMEjlIPFNwRo385HpRw0mxtbV1zZYnhtE63GvAWGgrhD5WuTRHDB1x0jpIcc3XbaHj4opHhPc4bikpyzL10w0tDo/RMxebqSW5Rwg== hansel
+ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBAzHaVqw2wFOBFHKckM2lhEiJP2j3Dw//O9fId6GEgm02nnRHixKok5ZwsfGo2iotfMvPYdItDSuGL5tLxqdgOc6Fo/0UjgoO5TSBGUi6REEreltFY/F/63pgs4f0/TE+g== gretel
diff --git a/keys/pubkeys-ecc-521.txt b/keys/pubkeys-ecc-521.txt
new file mode 100644
index 0000000..7c86df3
--- /dev/null
+++ b/keys/pubkeys-ecc-521.txt
@@ -0,0 +1,2 @@
+ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAET/BOzBb9Jx9b52VIHFP4g/uk5KceDpz2M+/Ln9WiDjsMfb4NgNCAB+EMNJUX/TNBLFFmqr7c6+zUH+QAo2qstvQDsReyFkETRB2vZD//nCZfcAe0RMtKZmgtQLKXzSlimUjXBM4/zE5lwE05aXADp88h8nuaT/X4bll9cWJlH0fUykA== hansel
+ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAD3gANmzvkxOBN8MYwRBYO6B//7TTCtA2vwG/W5bqiVVxznXWj0xiFrgayApvH7FDpLHiJ8+c1vUsRVEa8PY5QPsgFow+xv0P2WSrRkn4/UUquftPs1ZHPhdr06LjS19ObvWM8xFZYU6n0i28UWCUR5qE+BCTzZDWYT8V24YD8UhpaYIw== gretel
diff --git a/src/internal.c b/src/internal.c
index 53f1c00..1ec5315 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -7650,7 +7650,7 @@ static int BuildUserAuthRequestEcc(WOLFSSH* ssh,
     int ret = WS_SUCCESS;
     byte* r;
     byte* s;
-    byte sig[72]; /* wc_ecc_sig_size() for a prime256 key. */
+    byte sig[139]; /* wc_ecc_sig_size() for a prime521 key. */
     word32 sigSz = sizeof(sig), rSz, sSz;
     byte* checkData = NULL;
     word32 checkDataSz = 0;

From b44ba5b1e3cee08f821c5cf49131ec01f3e8c5a1 Mon Sep 17 00:00:00 2001
From: John Safranek <john@wolfssl.com>
Date: Tue, 29 Sep 2020 08:54:23 -0700
Subject: [PATCH 3/3] Remove redundant printf() from testing.

---
 src/ssh.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/ssh.c b/src/ssh.c
index a18d41c..38f1f07 100644
--- a/src/ssh.c
+++ b/src/ssh.c
@@ -1494,7 +1494,6 @@ int wolfSSH_ReadKey_buffer(const byte* in, word32 inSz, int format,
             if (ret == 0) {
                 *outType = (const byte*)IdToName(curveId);
                 *outTypeSz = (word32)WSTRLEN((const char*)*outType);
-                printf("%s\n", *outType);
             }
             else
                 return WS_BAD_FILE_E;