| version 1.41, 2014/01/09 23:20:00 |
version 1.42, 2014/06/24 01:13:21 |
|
|
| #ifndef KEY_H |
#ifndef KEY_H |
| #define KEY_H |
#define KEY_H |
| |
|
| #include "buffer.h" |
#include "sshkey.h" |
| #include <openssl/rsa.h> |
|
| #include <openssl/dsa.h> |
|
| #include <openssl/ec.h> |
|
| |
|
| typedef struct Key Key; |
typedef struct sshkey Key; |
| enum types { |
|
| KEY_RSA1, |
|
| KEY_RSA, |
|
| KEY_DSA, |
|
| KEY_ECDSA, |
|
| KEY_ED25519, |
|
| KEY_RSA_CERT, |
|
| KEY_DSA_CERT, |
|
| KEY_ECDSA_CERT, |
|
| KEY_ED25519_CERT, |
|
| KEY_RSA_CERT_V00, |
|
| KEY_DSA_CERT_V00, |
|
| KEY_UNSPEC |
|
| }; |
|
| enum fp_type { |
|
| SSH_FP_SHA1, |
|
| SSH_FP_MD5, |
|
| SSH_FP_SHA256 |
|
| }; |
|
| enum fp_rep { |
|
| SSH_FP_HEX, |
|
| SSH_FP_BUBBLEBABBLE, |
|
| SSH_FP_RANDOMART |
|
| }; |
|
| |
|
| /* key is stored in external hardware */ |
#define types sshkey_types |
| #define KEY_FLAG_EXT 0x0001 |
#define fp_type sshkey_fp_type |
| |
#define fp_rep sshkey_fp_rep |
| |
|
| #define CERT_MAX_PRINCIPALS 256 |
#ifndef SSH_KEY_NO_DEFINE |
| struct KeyCert { |
#define key_new sshkey_new |
| Buffer certblob; /* Kept around for use on wire */ |
#define key_free sshkey_free |
| u_int type; /* SSH2_CERT_TYPE_USER or SSH2_CERT_TYPE_HOST */ |
#define key_equal_public sshkey_equal_public |
| u_int64_t serial; |
#define key_equal sshkey_equal |
| char *key_id; |
#define key_fingerprint sshkey_fingerprint |
| u_int nprincipals; |
#define key_type sshkey_type |
| char **principals; |
#define key_cert_type sshkey_cert_type |
| u_int64_t valid_after, valid_before; |
#define key_ssh_name sshkey_ssh_name |
| Buffer critical; |
#define key_ssh_name_plain sshkey_ssh_name_plain |
| Buffer extensions; |
#define key_type_from_name sshkey_type_from_name |
| Key *signature_key; |
#define key_ecdsa_nid_from_name sshkey_ecdsa_nid_from_name |
| }; |
#define key_type_is_cert sshkey_type_is_cert |
| |
#define key_size sshkey_size |
| |
#define key_ecdsa_bits_to_nid sshkey_ecdsa_bits_to_nid |
| |
#define key_ecdsa_key_to_nid sshkey_ecdsa_key_to_nid |
| |
#define key_names_valid2 sshkey_names_valid2 |
| |
#define key_is_cert sshkey_is_cert |
| |
#define key_type_plain sshkey_type_plain |
| |
#define key_cert_is_legacy sshkey_cert_is_legacy |
| |
#define key_curve_name_to_nid sshkey_curve_name_to_nid |
| |
#define key_curve_nid_to_bits sshkey_curve_nid_to_bits |
| |
#define key_curve_nid_to_name sshkey_curve_nid_to_name |
| |
#define key_ec_nid_to_hash_alg sshkey_ec_nid_to_hash_alg |
| |
#define key_dump_ec_point sshkey_dump_ec_point |
| |
#define key_dump_ec_key sshkey_dump_ec_key |
| |
#define key_fingerprint sshkey_fingerprint |
| |
#endif |
| |
|
| struct Key { |
void key_add_private(Key *); |
| int type; |
Key *key_new_private(int); |
| int flags; |
void key_free(Key *); |
| RSA *rsa; |
Key *key_demote(const Key *); |
| DSA *dsa; |
u_char *key_fingerprint_raw(const Key *, enum fp_type, u_int *); |
| int ecdsa_nid; /* NID of curve */ |
int key_write(const Key *, FILE *); |
| EC_KEY *ecdsa; |
int key_read(Key *, char **); |
| struct KeyCert *cert; |
|
| u_char *ed25519_sk; |
|
| u_char *ed25519_pk; |
|
| }; |
|
| |
|
| #define ED25519_SK_SZ crypto_sign_ed25519_SECRETKEYBYTES |
|
| #define ED25519_PK_SZ crypto_sign_ed25519_PUBLICKEYBYTES |
|
| |
|
| Key *key_new(int); |
|
| void key_add_private(Key *); |
|
| Key *key_new_private(int); |
|
| void key_free(Key *); |
|
| Key *key_demote(const Key *); |
|
| int key_equal_public(const Key *, const Key *); |
|
| int key_equal(const Key *, const Key *); |
|
| char *key_fingerprint(const Key *, enum fp_type, enum fp_rep); |
|
| u_char *key_fingerprint_raw(const Key *, enum fp_type, u_int *); |
|
| const char *key_type(const Key *); |
|
| const char *key_cert_type(const Key *); |
|
| int key_write(const Key *, FILE *); |
|
| int key_read(Key *, char **); |
|
| u_int key_size(const Key *); |
|
| |
|
| Key *key_generate(int, u_int); |
Key *key_generate(int, u_int); |
| Key *key_from_private(const Key *); |
Key *key_from_private(const Key *); |
| int key_type_from_name(char *); |
|
| int key_is_cert(const Key *); |
|
| int key_type_is_cert(int); |
|
| int key_type_plain(int); |
|
| int key_to_certified(Key *, int); |
int key_to_certified(Key *, int); |
| int key_drop_cert(Key *); |
int key_drop_cert(Key *); |
| int key_certify(Key *, Key *); |
int key_certify(Key *, Key *); |
| void key_cert_copy(const Key *, struct Key *); |
void key_cert_copy(const Key *, Key *); |
| int key_cert_check_authority(const Key *, int, int, const char *, |
int key_cert_check_authority(const Key *, int, int, const char *, |
| const char **); |
const char **); |
| int key_cert_is_legacy(const Key *); |
char *key_alg_list(int, int); |
| |
|
| int key_ecdsa_nid_from_name(const char *); |
#ifdef WITH_OPENSSL |
| int key_curve_name_to_nid(const char *); |
int key_ec_validate_public(const EC_GROUP *, const EC_POINT *); |
| const char *key_curve_nid_to_name(int); |
int key_ec_validate_private(const EC_KEY *); |
| u_int key_curve_nid_to_bits(int); |
#endif /* WITH_OPENSSL */ |
| int key_ecdsa_bits_to_nid(int); |
|
| int key_ecdsa_key_to_nid(EC_KEY *); |
|
| int key_ec_nid_to_hash_alg(int nid); |
|
| int key_ec_validate_public(const EC_GROUP *, const EC_POINT *); |
|
| int key_ec_validate_private(const EC_KEY *); |
|
| char *key_alg_list(int, int); |
|
| |
|
| Key *key_from_blob(const u_char *, u_int); |
Key *key_from_blob(const u_char *, u_int); |
| int key_to_blob(const Key *, u_char **, u_int *); |
int key_to_blob(const Key *, u_char **, u_int *); |
| const char *key_ssh_name(const Key *); |
|
| const char *key_ssh_name_plain(const Key *); |
|
| int key_names_valid2(const char *); |
|
| |
|
| int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int); |
int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int); |
| int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int); |
int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int); |
| |
|
| int ssh_dss_sign(const Key *, u_char **, u_int *, const u_char *, u_int); |
void key_private_serialize(const Key *, struct sshbuf *); |
| int ssh_dss_verify(const Key *, const u_char *, u_int, const u_char *, u_int); |
Key *key_private_deserialize(struct sshbuf *); |
| int ssh_ecdsa_sign(const Key *, u_char **, u_int *, const u_char *, u_int); |
|
| int ssh_ecdsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int); |
|
| int ssh_rsa_sign(const Key *, u_char **, u_int *, const u_char *, u_int); |
|
| int ssh_rsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int); |
|
| int ssh_ed25519_sign(const Key *, u_char **, u_int *, const u_char *, u_int); |
|
| int ssh_ed25519_verify(const Key *, const u_char *, u_int, const u_char *, u_int); |
|
| |
|
| #if defined(DEBUG_KEXECDH) || defined(DEBUG_PK) |
/* authfile.c */ |
| void key_dump_ec_point(const EC_GROUP *, const EC_POINT *); |
int key_save_private(Key *, const char *, const char *, const char *, |
| void key_dump_ec_key(const EC_KEY *); |
int, const char *, int); |
| #endif |
int key_load_file(int, const char *, struct sshbuf *); |
| |
Key *key_load_cert(const char *); |
| void key_private_serialize(const Key *, Buffer *); |
Key *key_load_public(const char *, char **); |
| Key *key_private_deserialize(Buffer *); |
Key *key_load_private(const char *, const char *, char **); |
| |
Key *key_load_private_cert(int, const char *, const char *, int *); |
| |
Key *key_load_private_type(int, const char *, const char *, char **, int *); |
| |
Key *key_load_private_pem(int, int, const char *, char **); |
| |
int key_perm_ok(int, const char *); |
| |
int key_in_file(Key *, const char *, int); |
| |
|
| #endif |
#endif |
![[BACK]](/icons/back.gif){kind=icon}
Return to key.h CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh