5 * Author: Tatu Ylonen <ylo@cs.hut.fi>
7 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
10 * Created: Wed Mar 29 01:17:41 1995 ylo
12 * Functions to interface with the SSH_AUTHENTICATION_FD socket.
23 /* Messages for the authentication agent connection. */
24 #define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1
25 #define SSH_AGENT_RSA_IDENTITIES_ANSWER 2
26 #define SSH_AGENTC_RSA_CHALLENGE 3
27 #define SSH_AGENT_RSA_RESPONSE 4
28 #define SSH_AGENT_FAILURE 5
29 #define SSH_AGENT_SUCCESS 6
30 #define SSH_AGENTC_ADD_RSA_IDENTITY 7
31 #define SSH_AGENTC_REMOVE_RSA_IDENTITY 8
32 #define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9
39 } AuthenticationConnection;
40 /* Returns the number of the authentication fd, or -1 if there is none. */
41 int ssh_get_authentication_socket();
43 /* This should be called for any descriptor returned by
44 ssh_get_authentication_socket(). Depending on the way the descriptor was
45 obtained, this may close the descriptor. */
46 void ssh_close_authentication_socket(int authfd);
48 /* Opens and connects a private socket for communication with the
49 authentication agent. Returns NULL if an error occurred and the
50 connection could not be opened. The connection should be closed by
51 the caller by calling ssh_close_authentication_connection(). */
52 AuthenticationConnection *ssh_get_authentication_connection();
54 /* Closes the connection to the authentication agent and frees any associated
56 void ssh_close_authentication_connection(AuthenticationConnection * ac);
58 /* Returns the first authentication identity held by the agent.
59 Returns true if an identity is available, 0 otherwise.
60 The caller must initialize the integers before the call, and free the
61 comment after a successful call (before calling ssh_get_next_identity). */
63 ssh_get_first_identity(AuthenticationConnection * connection,
64 BIGNUM * e, BIGNUM * n, char **comment);
66 /* Returns the next authentication identity for the agent. Other functions
67 can be called between this and ssh_get_first_identity or two calls of this
68 function. This returns 0 if there are no more identities. The caller
69 must free comment after a successful return. */
71 ssh_get_next_identity(AuthenticationConnection * connection,
72 BIGNUM * e, BIGNUM * n, char **comment);
74 /* Requests the agent to decrypt the given challenge. Returns true if
75 the agent claims it was able to decrypt it. */
77 ssh_decrypt_challenge(AuthenticationConnection * auth,
78 BIGNUM * e, BIGNUM * n, BIGNUM * challenge,
79 unsigned char session_id[16],
80 unsigned int response_type,
81 unsigned char response[16]);
83 /* Adds an identity to the authentication server. This call is not meant to
84 be used by normal applications. This returns true if the identity
85 was successfully added. */
86 int ssh_add_identity(AuthenticationConnection * connection,
87 RSA * key, const char *comment);
89 /* Removes the identity from the authentication server. This call is
90 not meant to be used by normal applications. This returns true if the
91 identity was successfully added. */
92 int ssh_remove_identity(AuthenticationConnection * connection,
95 /* Removes all identities from the authentication agent. This call is not
96 meant to be used by normal applications. This returns true if the
97 operation was successful. */
98 int ssh_remove_all_identities(AuthenticationConnection * connection);
100 /* Closes the connection to the authentication agent. */
101 void ssh_close_authentication(AuthenticationConnection * connection);
103 #endif /* AUTHFD_H */