[openssh.git] / authfd.h

/*

authfd.h

Author: Tatu Ylonen <ylo@cs.hut.fi>

Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
                   All rights reserved

Created: Wed Mar 29 01:17:41 1995 ylo

Functions to interface with the SSH_AUTHENTICATION_FD socket.

*/

/* RCSID("$Id$"); */

#ifndef AUTHFD_H
#define AUTHFD_H

#include "buffer.h"

/* Messages for the authentication agent connection. */
#define SSH_AGENTC_REQUEST_RSA_IDENTITIES	1
#define SSH_AGENT_RSA_IDENTITIES_ANSWER		2
#define SSH_AGENTC_RSA_CHALLENGE		3
#define SSH_AGENT_RSA_RESPONSE			4
#define SSH_AGENT_FAILURE			5
#define SSH_AGENT_SUCCESS			6
#define SSH_AGENTC_ADD_RSA_IDENTITY		7
#define SSH_AGENTC_REMOVE_RSA_IDENTITY		8
#define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES	9

typedef struct
{
  int fd;
  Buffer packet;
  Buffer identities;
  int howmany;
} AuthenticationConnection;

/* Returns the number of the authentication fd, or -1 if there is none. */
int ssh_get_authentication_socket();

/* This should be called for any descriptor returned by 
   ssh_get_authentication_socket().  Depending on the way the descriptor was
   obtained, this may close the descriptor. */
void ssh_close_authentication_socket(int authfd);

/* Opens and connects a private socket for communication with the
   authentication agent.  Returns NULL if an error occurred and the 
   connection could not be opened.  The connection should be closed by
   the caller by calling ssh_close_authentication_connection(). */
AuthenticationConnection *ssh_get_authentication_connection();

/* Closes the connection to the authentication agent and frees any associated
   memory. */
void ssh_close_authentication_connection(AuthenticationConnection *ac);

/* Returns the first authentication identity held by the agent.
   Returns true if an identity is available, 0 otherwise.
   The caller must initialize the integers before the call, and free the
   comment after a successful call (before calling ssh_get_next_identity). */
int ssh_get_first_identity(AuthenticationConnection *connection,
			   BIGNUM *e, BIGNUM *n, char **comment);

/* Returns the next authentication identity for the agent.  Other functions
   can be called between this and ssh_get_first_identity or two calls of this
   function.  This returns 0 if there are no more identities.  The caller
   must free comment after a successful return. */
int ssh_get_next_identity(AuthenticationConnection *connection,
			  BIGNUM *e, BIGNUM *n, char **comment);

/* Requests the agent to decrypt the given challenge.  Returns true if
   the agent claims it was able to decrypt it. */
int ssh_decrypt_challenge(AuthenticationConnection *auth,
			  BIGNUM *e, BIGNUM *n, BIGNUM *challenge,
			  unsigned char session_id[16], 
			  unsigned int response_type,
			  unsigned char response[16]);

/* Adds an identity to the authentication server.  This call is not meant to
   be used by normal applications.  This returns true if the identity
   was successfully added. */
int ssh_add_identity(AuthenticationConnection *connection,
		     RSA *key, const char *comment);

/* Removes the identity from the authentication server.  This call is
   not meant to be used by normal applications.  This returns true if the
   identity was successfully added. */
int ssh_remove_identity(AuthenticationConnection *connection,
			RSA *key);

/* Removes all identities from the authentication agent.  This call is not
   meant to be used by normal applications.  This returns true if the
   operation was successful. */
int ssh_remove_all_identities(AuthenticationConnection *connection);

/* Closes the connection to the authentication agent. */
void ssh_close_authentication(AuthenticationConnection *connection);

#endif /* AUTHFD_H */
Commit	Line	Data
8efc0c15	1	/*
	2
	3	authfd.h
	4
	5	Author: Tatu Ylonen <ylo@cs.hut.fi>
	6
	7	Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	8	All rights reserved
	9
	10	Created: Wed Mar 29 01:17:41 1995 ylo
	11
	12	Functions to interface with the SSH_AUTHENTICATION_FD socket.
	13
	14	*/
	15
	16	/* RCSID("$Id$"); */
	17
	18	#ifndef AUTHFD_H
	19	#define AUTHFD_H
	20
	21	#include "buffer.h"
	22
	23	/* Messages for the authentication agent connection. */
	24	#define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1
	25	#define SSH_AGENT_RSA_IDENTITIES_ANSWER 2
	26	#define SSH_AGENTC_RSA_CHALLENGE 3
	27	#define SSH_AGENT_RSA_RESPONSE 4
	28	#define SSH_AGENT_FAILURE 5
	29	#define SSH_AGENT_SUCCESS 6
	30	#define SSH_AGENTC_ADD_RSA_IDENTITY 7
	31	#define SSH_AGENTC_REMOVE_RSA_IDENTITY 8
	32	#define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9
	33
	34	typedef struct
	35	{
	36	int fd;
	37	Buffer packet;
	38	Buffer identities;
	39	int howmany;
	40	} AuthenticationConnection;
	41
	42	/* Returns the number of the authentication fd, or -1 if there is none. */
	43	int ssh_get_authentication_socket();
	44
	45	/* This should be called for any descriptor returned by
	46	ssh_get_authentication_socket(). Depending on the way the descriptor was
	47	obtained, this may close the descriptor. */
	48	void ssh_close_authentication_socket(int authfd);
	49
	50	/* Opens and connects a private socket for communication with the
	51	authentication agent. Returns NULL if an error occurred and the
	52	connection could not be opened. The connection should be closed by
	53	the caller by calling ssh_close_authentication_connection(). */
	54	AuthenticationConnection *ssh_get_authentication_connection();
	55
	56	/* Closes the connection to the authentication agent and frees any associated
	57	memory. */
	58	void ssh_close_authentication_connection(AuthenticationConnection *ac);
	59
	60	/* Returns the first authentication identity held by the agent.
	61	Returns true if an identity is available, 0 otherwise.
	62	The caller must initialize the integers before the call, and free the
	63	comment after a successful call (before calling ssh_get_next_identity). */
	64	int ssh_get_first_identity(AuthenticationConnection *connection,
4d195447	65	BIGNUM e, BIGNUM n, char **comment);
8efc0c15	66
	67	/* Returns the next authentication identity for the agent. Other functions
	68	can be called between this and ssh_get_first_identity or two calls of this
	69	function. This returns 0 if there are no more identities. The caller
	70	must free comment after a successful return. */
	71	int ssh_get_next_identity(AuthenticationConnection *connection,
4d195447	72	BIGNUM e, BIGNUM n, char **comment);
8efc0c15	73
	74	/* Requests the agent to decrypt the given challenge. Returns true if
	75	the agent claims it was able to decrypt it. */
	76	int ssh_decrypt_challenge(AuthenticationConnection *auth,
4d195447	77	BIGNUM e, BIGNUM n, BIGNUM *challenge,
8efc0c15	78	unsigned char session_id[16],
	79	unsigned int response_type,
	80	unsigned char response[16]);
	81
	82	/* Adds an identity to the authentication server. This call is not meant to
	83	be used by normal applications. This returns true if the identity
	84	was successfully added. */
	85	int ssh_add_identity(AuthenticationConnection *connection,
	86	RSA key, const char comment);
	87
	88	/* Removes the identity from the authentication server. This call is
	89	not meant to be used by normal applications. This returns true if the
	90	identity was successfully added. */
	91	int ssh_remove_identity(AuthenticationConnection *connection,
	92	RSA *key);
	93
	94	/* Removes all identities from the authentication agent. This call is not
	95	meant to be used by normal applications. This returns true if the
	96	operation was successful. */
	97	int ssh_remove_all_identities(AuthenticationConnection *connection);
	98
	99	/* Closes the connection to the authentication agent. */
	100	void ssh_close_authentication(AuthenticationConnection *connection);
	101
	102	#endif /* AUTHFD_H */