Clean up elliptic curve selection and naming.

The ec_name_to_curve and ec_curve_to_name functions shouldn't really
have had to exist at all: whenever any part of the PuTTY codebase
starts using sshecc.c, it's starting from an ssh_signkey or ssh_kex
pointer already found by some other means. So if we make sure not to
lose that pointer, we should never need to do any string-based lookups
to find the curve we want, and conversely, when we need to know the
name of our curve or our algorithm, we should be able to look it up as
a straightforward const char * starting from the algorithm pointer.

This commit cleans things up so that that is indeed what happens. The
ssh_signkey and ssh_kex structures defined in sshecc.c now have
'extra' fields containing pointers to all the necessary stuff;
ec_name_to_curve and ec_curve_to_name have been completely removed;
struct ec_curve has a string field giving the curve's name (but only
for those curves which _have_ a name exposed in the wire protocol,
i.e. the three NIST ones); struct ec_key keeps a pointer to the
ssh_signkey it started from, and uses that to remember the algorithm
name rather than reconstructing it from the curve. And I think I've
got rid of all the ad-hockery scattered around the code that switches
on curve->fieldBits or manually constructs curve names using stuff
like sprintf("nistp%d"); the only remaining switch on fieldBits
(necessary because that's the UI for choosing a curve in PuTTYgen) is
at least centralised into one place in sshecc.c.

One user-visible result is that the format of ed25519 host keys in the
registry has changed: there's now no curve name prefix on them,
because I think it's not really right to make up a name to use. So any
early adopters who've been using snapshot PuTTY in the last week will
be inconvenienced; sorry about that.

ssh.h

@@ -133,6 +133,7 @@ struct ec_ecurve
 
 struct ec_curve {
     enum { EC_WEIERSTRASS, EC_MONTGOMERY, EC_EDWARDS } type;
+    const char *name;
     unsigned int fieldBits;
     Bignum p;
     union {
@@ -142,21 +143,20 @@ struct ec_curve {
     };
 };
 
-extern unsigned char nistp256_oid[];
-extern unsigned char nistp384_oid[];
-extern unsigned char nistp521_oid[];
-extern unsigned char curve25519_oid[];
-extern int nistp256_oid_len;
-extern int nistp384_oid_len;
-extern int nistp521_oid_len;
-extern int curve25519_oid_len;
-struct ec_curve *ec_p256(void);
-struct ec_curve *ec_p384(void);
-struct ec_curve *ec_p521(void);
-struct ec_curve *ec_ed25519(void);
-struct ec_curve *ec_curve25519(void);
+const struct ssh_signkey *ec_alg_by_oid(int len, const void *oid,
+                                        const struct ec_curve **curve);
+const unsigned char *ec_alg_oid(const struct ssh_signkey *alg, int *oidlen);
+const int ec_nist_alg_and_curve_by_bits(int bits,
+                                        const struct ec_curve **curve,
+                                        const struct ssh_signkey **alg);
+const int ec_ed_alg_and_curve_by_bits(int bits,
+                                      const struct ec_curve **curve,
+                                      const struct ssh_signkey **alg);
+
+struct ssh_signkey;
 
 struct ec_key {
+    const struct ssh_signkey *signalg;
     struct ec_point publicKey;
     Bignum privateKey;
 };
@@ -208,7 +208,8 @@ void ssh_rsakex_encrypt(const struct ssh_hash *h, unsigned char *in, int inlen,
 /*
  * SSH2 ECDH key exchange functions
  */
-void *ssh_ecdhkex_newkey(const char *name);
+struct ssh_kex;
+void *ssh_ecdhkex_newkey(const struct ssh_kex *kex);
 void ssh_ecdhkex_freekey(void *key);
 char *ssh_ecdhkex_getpublic(void *key, int *len);
 Bignum ssh_ecdhkex_getkey(void *key, char *remoteKey, int remoteKeyLen);