]>
Commit | Line | Data |
---|---|---|
1 | /* $OpenBSD: authfd.h,v 1.37 2009/08/27 17:44:52 djm Exp $ */ | |
2 | ||
3 | /* | |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | |
5 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | |
6 | * All rights reserved | |
7 | * Functions to interface with the SSH_AUTHENTICATION_FD socket. | |
8 | * | |
9 | * As far as I am concerned, the code I have written for this software | |
10 | * can be used freely for any purpose. Any derived versions of this | |
11 | * software must be clearly marked as such, and if the derived work is | |
12 | * incompatible with the protocol description in the RFC file, it must be | |
13 | * called by a name other than "ssh" or "Secure Shell". | |
14 | */ | |
15 | ||
16 | #ifndef AUTHFD_H | |
17 | #define AUTHFD_H | |
18 | ||
19 | /* Messages for the authentication agent connection. */ | |
20 | #define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1 | |
21 | #define SSH_AGENT_RSA_IDENTITIES_ANSWER 2 | |
22 | #define SSH_AGENTC_RSA_CHALLENGE 3 | |
23 | #define SSH_AGENT_RSA_RESPONSE 4 | |
24 | #define SSH_AGENT_FAILURE 5 | |
25 | #define SSH_AGENT_SUCCESS 6 | |
26 | #define SSH_AGENTC_ADD_RSA_IDENTITY 7 | |
27 | #define SSH_AGENTC_REMOVE_RSA_IDENTITY 8 | |
28 | #define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9 | |
29 | ||
30 | /* private OpenSSH extensions for SSH2 */ | |
31 | #define SSH2_AGENTC_REQUEST_IDENTITIES 11 | |
32 | #define SSH2_AGENT_IDENTITIES_ANSWER 12 | |
33 | #define SSH2_AGENTC_SIGN_REQUEST 13 | |
34 | #define SSH2_AGENT_SIGN_RESPONSE 14 | |
35 | #define SSH2_AGENTC_ADD_IDENTITY 17 | |
36 | #define SSH2_AGENTC_REMOVE_IDENTITY 18 | |
37 | #define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19 | |
38 | ||
39 | /* smartcard */ | |
40 | #define SSH_AGENTC_ADD_SMARTCARD_KEY 20 | |
41 | #define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21 | |
42 | ||
43 | /* lock/unlock the agent */ | |
44 | #define SSH_AGENTC_LOCK 22 | |
45 | #define SSH_AGENTC_UNLOCK 23 | |
46 | ||
47 | /* add key with constraints */ | |
48 | #define SSH_AGENTC_ADD_RSA_ID_CONSTRAINED 24 | |
49 | #define SSH2_AGENTC_ADD_ID_CONSTRAINED 25 | |
50 | #define SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 26 | |
51 | ||
52 | #define SSH_AGENT_CONSTRAIN_LIFETIME 1 | |
53 | #define SSH_AGENT_CONSTRAIN_CONFIRM 2 | |
54 | ||
55 | /* extended failure messages */ | |
56 | #define SSH2_AGENT_FAILURE 30 | |
57 | ||
58 | /* additional error code for ssh.com's ssh-agent2 */ | |
59 | #define SSH_COM_AGENT2_FAILURE 102 | |
60 | ||
61 | #define SSH_AGENT_OLD_SIGNATURE 0x01 | |
62 | ||
63 | typedef struct { | |
64 | int fd; | |
65 | Buffer identities; | |
66 | int howmany; | |
67 | } AuthenticationConnection; | |
68 | ||
69 | int ssh_agent_present(void); | |
70 | int ssh_get_authentication_socket(void); | |
71 | void ssh_close_authentication_socket(int); | |
72 | ||
73 | AuthenticationConnection *ssh_get_authentication_connection(void); | |
74 | void ssh_close_authentication_connection(AuthenticationConnection *); | |
75 | int ssh_get_num_identities(AuthenticationConnection *, int); | |
76 | Key *ssh_get_first_identity(AuthenticationConnection *, char **, int); | |
77 | Key *ssh_get_next_identity(AuthenticationConnection *, char **, int); | |
78 | int ssh_add_identity_constrained(AuthenticationConnection *, Key *, | |
79 | const char *, u_int, u_int); | |
80 | int ssh_remove_identity(AuthenticationConnection *, Key *); | |
81 | int ssh_remove_all_identities(AuthenticationConnection *, int); | |
82 | int ssh_lock_agent(AuthenticationConnection *, int, const char *); | |
83 | int ssh_update_card(AuthenticationConnection *, int, const char *, | |
84 | const char *, u_int, u_int); | |
85 | ||
86 | int | |
87 | ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16], | |
88 | u_int, u_char[16]); | |
89 | ||
90 | int | |
91 | ssh_agent_sign(AuthenticationConnection *, Key *, u_char **, u_int *, u_char *, | |
92 | u_int); | |
93 | ||
94 | #endif /* AUTHFD_H */ |