-/* $OpenBSD: authfd.h,v 1.26 2002/06/05 21:55:44 markus Exp $ */
+/* $OpenBSD: authfd.h,v 1.37 2009/08/27 17:44:52 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
#ifndef AUTHFD_H
#define AUTHFD_H
-#include "buffer.h"
-
/* Messages for the authentication agent connection. */
#define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1
#define SSH_AGENT_RSA_IDENTITIES_ANSWER 2
/* smartcard */
#define SSH_AGENTC_ADD_SMARTCARD_KEY 20
-#define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21
+#define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21
/* lock/unlock the agent */
#define SSH_AGENTC_LOCK 22
-#define SSH_AGENTC_UNLOCK 23
+#define SSH_AGENTC_UNLOCK 23
+
+/* add key with constraints */
+#define SSH_AGENTC_ADD_RSA_ID_CONSTRAINED 24
+#define SSH2_AGENTC_ADD_ID_CONSTRAINED 25
+#define SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 26
-/* set key lifetime */
-#define SSH_AGENTC_LIFETIME_IDENTITY1 24
-#define SSH_AGENTC_LIFETIME_IDENTITY 25
+#define SSH_AGENT_CONSTRAIN_LIFETIME 1
+#define SSH_AGENT_CONSTRAIN_CONFIRM 2
/* extended failure messages */
#define SSH2_AGENT_FAILURE 30
/* additional error code for ssh.com's ssh-agent2 */
-#define SSH_COM_AGENT2_FAILURE 102
+#define SSH_COM_AGENT2_FAILURE 102
#define SSH_AGENT_OLD_SIGNATURE 0x01
typedef struct {
- int fd;
- Buffer identities;
- int howmany;
-} AuthenticationConnection;
+ int fd;
+ Buffer identities;
+ int howmany;
+} AuthenticationConnection;
-int ssh_get_authentication_socket(void);
-void ssh_close_authentication_socket(int);
+int ssh_agent_present(void);
+int ssh_get_authentication_socket(void);
+void ssh_close_authentication_socket(int);
AuthenticationConnection *ssh_get_authentication_connection(void);
-void ssh_close_authentication_connection(AuthenticationConnection *);
+void ssh_close_authentication_connection(AuthenticationConnection *);
int ssh_get_num_identities(AuthenticationConnection *, int);
Key *ssh_get_first_identity(AuthenticationConnection *, char **, int);
Key *ssh_get_next_identity(AuthenticationConnection *, char **, int);
-int ssh_add_identity(AuthenticationConnection *, Key *, const char *);
-int ssh_lifetime_identity(AuthenticationConnection *, Key *, u_int);
+int ssh_add_identity_constrained(AuthenticationConnection *, Key *,
+ const char *, u_int, u_int);
int ssh_remove_identity(AuthenticationConnection *, Key *);
int ssh_remove_all_identities(AuthenticationConnection *, int);
int ssh_lock_agent(AuthenticationConnection *, int, const char *);
-int ssh_update_card(AuthenticationConnection *, int, const char *, const char *);
+int ssh_update_card(AuthenticationConnection *, int, const char *,
+ const char *, u_int, u_int);
int
ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16],