===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh-ecdsa.c,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- src/usr.bin/ssh/ssh-ecdsa.c	2022/10/28 00:35:40	1.17
+++ src/usr.bin/ssh/ssh-ecdsa.c	2022/10/28 00:36:31	1.18
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-ecdsa.c,v 1.17 2022/10/28 00:35:40 djm Exp $ */
+/* $OpenBSD: ssh-ecdsa.c,v 1.18 2022/10/28 00:36:31 djm Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2010 Damien Miller.  All rights reserved.
@@ -61,6 +61,27 @@
 	k->ecdsa = NULL;
 }
 
+static int
+ssh_ecdsa_equal(const struct sshkey *a, const struct sshkey *b)
+{
+	const EC_GROUP *grp_a, *grp_b;
+	const EC_POINT *pub_a, *pub_b;
+
+	if (a->ecdsa == NULL || b->ecdsa == NULL)
+		return 0;
+	if ((grp_a = EC_KEY_get0_group(a->ecdsa)) == NULL ||
+	    (grp_b = EC_KEY_get0_group(b->ecdsa)) == NULL)
+		return 0;
+	if ((pub_a = EC_KEY_get0_public_key(a->ecdsa)) == NULL ||
+	    (pub_b = EC_KEY_get0_public_key(b->ecdsa)) == NULL)
+		return 0;
+	if (EC_GROUP_cmp(grp_a, grp_b, NULL) != 0)
+		return 0;
+	if (EC_POINT_cmp(grp_a, pub_a, pub_b, NULL) != 0)
+		return 0;
+	return 1;
+}
+
 /* ARGSUSED */
 int
 ssh_ecdsa_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
@@ -213,10 +234,12 @@
 	return ret;
 }
 
-static const struct sshkey_impl_funcs sshkey_ecdsa_funcs = {
+/* NB. not static; used by ECDSA-SK */
+const struct sshkey_impl_funcs sshkey_ecdsa_funcs = {
 	/* .size = */		ssh_ecdsa_size,
 	/* .alloc = */		NULL,
 	/* .cleanup = */	ssh_ecdsa_cleanup,
+	/* .equal = */		ssh_ecdsa_equal,
 };
 
 const struct sshkey_impl sshkey_ecdsa_nistp256_impl = {