[openssh.git] / authfd.h

/*
 * 
 * authfd.h
 * 
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * 
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
 * 
 * Created: Wed Mar 29 01:17:41 1995 ylo
 * 
 * Functions to interface with the SSH_AUTHENTICATION_FD socket.
 * 
 */

/* RCSID("$Id$"); */

#ifndef AUTHFD_H
#define AUTHFD_H

#include "buffer.h"

/* Messages for the authentication agent connection. */
#define SSH_AGENTC_REQUEST_RSA_IDENTITIES	1
#define SSH_AGENT_RSA_IDENTITIES_ANSWER		2
#define SSH_AGENTC_RSA_CHALLENGE		3
#define SSH_AGENT_RSA_RESPONSE			4
#define SSH_AGENT_FAILURE			5
#define SSH_AGENT_SUCCESS			6
#define SSH_AGENTC_ADD_RSA_IDENTITY		7
#define SSH_AGENTC_REMOVE_RSA_IDENTITY		8
#define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES	9

typedef struct {
	int     fd;
	Buffer  packet;
	Buffer  identities;
	int     howmany;
}       AuthenticationConnection;
/* Returns the number of the authentication fd, or -1 if there is none. */
int     ssh_get_authentication_socket();

/* This should be called for any descriptor returned by
   ssh_get_authentication_socket().  Depending on the way the descriptor was
   obtained, this may close the descriptor. */
void    ssh_close_authentication_socket(int authfd);

/* Opens and connects a private socket for communication with the
   authentication agent.  Returns NULL if an error occurred and the
   connection could not be opened.  The connection should be closed by
   the caller by calling ssh_close_authentication_connection(). */
AuthenticationConnection *ssh_get_authentication_connection();

/* Closes the connection to the authentication agent and frees any associated
   memory. */
void    ssh_close_authentication_connection(AuthenticationConnection * ac);

/* Returns the first authentication identity held by the agent.
   Returns true if an identity is available, 0 otherwise.
   The caller must initialize the integers before the call, and free the
   comment after a successful call (before calling ssh_get_next_identity). */
int 
ssh_get_first_identity(AuthenticationConnection * connection,
    BIGNUM * e, BIGNUM * n, char **comment);

/* Returns the next authentication identity for the agent.  Other functions
   can be called between this and ssh_get_first_identity or two calls of this
   function.  This returns 0 if there are no more identities.  The caller
   must free comment after a successful return. */
int 
ssh_get_next_identity(AuthenticationConnection * connection,
    BIGNUM * e, BIGNUM * n, char **comment);

/* Requests the agent to decrypt the given challenge.  Returns true if
   the agent claims it was able to decrypt it. */
int 
ssh_decrypt_challenge(AuthenticationConnection * auth,
    BIGNUM * e, BIGNUM * n, BIGNUM * challenge,
    unsigned char session_id[16],
    unsigned int response_type,
    unsigned char response[16]);

/* Adds an identity to the authentication server.  This call is not meant to
   be used by normal applications.  This returns true if the identity
   was successfully added. */
	int     ssh_add_identity(AuthenticationConnection * connection,
            RSA * key, const char *comment);

/* Removes the identity from the authentication server.  This call is
   not meant to be used by normal applications.  This returns true if the
   identity was successfully added. */
	int     ssh_remove_identity(AuthenticationConnection * connection,
            RSA * key);

/* Removes all identities from the authentication agent.  This call is not
   meant to be used by normal applications.  This returns true if the
   operation was successful. */
	int     ssh_remove_all_identities(AuthenticationConnection * connection);

/* Closes the connection to the authentication agent. */
	void    ssh_close_authentication(AuthenticationConnection * connection);

#endif				/* AUTHFD_H */
Commit	Line	Data
8efc0c15	1	/*
5260325f	2	*
	3	* authfd.h
	4	*
	5	* Author: Tatu Ylonen <ylo@cs.hut.fi>
	6	*
	7	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	8	* All rights reserved
	9	*
	10	* Created: Wed Mar 29 01:17:41 1995 ylo
	11	*
	12	* Functions to interface with the SSH_AUTHENTICATION_FD socket.
	13	*
	14	*/
8efc0c15	15
	16	/* RCSID("$Id$"); */
	17
	18	#ifndef AUTHFD_H
	19	#define AUTHFD_H
	20
	21	#include "buffer.h"
	22
	23	/* Messages for the authentication agent connection. */
	24	#define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1
	25	#define SSH_AGENT_RSA_IDENTITIES_ANSWER 2
	26	#define SSH_AGENTC_RSA_CHALLENGE 3
	27	#define SSH_AGENT_RSA_RESPONSE 4
	28	#define SSH_AGENT_FAILURE 5
	29	#define SSH_AGENT_SUCCESS 6
	30	#define SSH_AGENTC_ADD_RSA_IDENTITY 7
	31	#define SSH_AGENTC_REMOVE_RSA_IDENTITY 8
	32	#define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9
	33
5260325f	34	typedef struct {
	35	int fd;
	36	Buffer packet;
	37	Buffer identities;
	38	int howmany;
	39	} AuthenticationConnection;
8efc0c15	40	/* Returns the number of the authentication fd, or -1 if there is none. */
5260325f	41	int ssh_get_authentication_socket();
8efc0c15	42
5260325f	43	/* This should be called for any descriptor returned by
8efc0c15	44	ssh_get_authentication_socket(). Depending on the way the descriptor was
8efc0c15	45	obtained, this may close the descriptor. */
5260325f	46	void ssh_close_authentication_socket(int authfd);
8efc0c15	47
8efc0c15	48	/* Opens and connects a private socket for communication with the
5260325f	49	authentication agent. Returns NULL if an error occurred and the
8efc0c15	50	connection could not be opened. The connection should be closed by
	51	the caller by calling ssh_close_authentication_connection(). */
	52	AuthenticationConnection *ssh_get_authentication_connection();
	53
	54	/* Closes the connection to the authentication agent and frees any associated
	55	memory. */
5260325f	56	void ssh_close_authentication_connection(AuthenticationConnection * ac);
8efc0c15	57
	58	/* Returns the first authentication identity held by the agent.
	59	Returns true if an identity is available, 0 otherwise.
	60	The caller must initialize the integers before the call, and free the
	61	comment after a successful call (before calling ssh_get_next_identity). */
5260325f	62	int
	63	ssh_get_first_identity(AuthenticationConnection * connection,
	64	BIGNUM * e, BIGNUM * n, char **comment);
8efc0c15	65
	66	/* Returns the next authentication identity for the agent. Other functions
	67	can be called between this and ssh_get_first_identity or two calls of this
	68	function. This returns 0 if there are no more identities. The caller
	69	must free comment after a successful return. */
5260325f	70	int
	71	ssh_get_next_identity(AuthenticationConnection * connection,
	72	BIGNUM * e, BIGNUM * n, char **comment);
8efc0c15	73
	74	/* Requests the agent to decrypt the given challenge. Returns true if
	75	the agent claims it was able to decrypt it. */
5260325f	76	int
	77	ssh_decrypt_challenge(AuthenticationConnection * auth,
	78	BIGNUM * e, BIGNUM * n, BIGNUM * challenge,
	79	unsigned char session_id[16],
	80	unsigned int response_type,
	81	unsigned char response[16]);
8efc0c15	82
	83	/* Adds an identity to the authentication server. This call is not meant to
	84	be used by normal applications. This returns true if the identity
	85	was successfully added. */
5260325f	86	int ssh_add_identity(AuthenticationConnection * connection,
5260325f	87	RSA * key, const char *comment);
8efc0c15	88
	89	/* Removes the identity from the authentication server. This call is
	90	not meant to be used by normal applications. This returns true if the
	91	identity was successfully added. */
5260325f	92	int ssh_remove_identity(AuthenticationConnection * connection,
5260325f	93	RSA * key);
8efc0c15	94
	95	/* Removes all identities from the authentication agent. This call is not
	96	meant to be used by normal applications. This returns true if the
	97	operation was successful. */
5260325f	98	int ssh_remove_all_identities(AuthenticationConnection * connection);
8efc0c15	99
8efc0c15	100	/* Closes the connection to the authentication agent. */
5260325f	101	void ssh_close_authentication(AuthenticationConnection * connection);
8efc0c15	102
5260325f	103	#endif /* AUTHFD_H */