Return to key.h CVS log

Up to [local] / src / usr.bin / ssh

Annotation of src/usr.bin/ssh/key.h, Revision 1.30

1.30    ! djm         1: /* $OpenBSD: key.h,v 1.29 2010/03/15 19:40:02 stevesk Exp $ */
1.9       niklas      2:
1.5       deraadt     3: /*
1.13      markus      4:  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
1.5       deraadt     5:  *
                      6:  * Redistribution and use in source and binary forms, with or without
                      7:  * modification, are permitted provided that the following conditions
                      8:  * are met:
                      9:  * 1. Redistributions of source code must retain the above copyright
                     10:  *    notice, this list of conditions and the following disclaimer.
                     11:  * 2. Redistributions in binary form must reproduce the above copyright
                     12:  *    notice, this list of conditions and the following disclaimer in the
                     13:  *    documentation and/or other materials provided with the distribution.
                     14:  *
                     15:  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
                     16:  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
                     17:  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
                     18:  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
                     19:  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
                     20:  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
                     21:  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
                     22:  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
                     23:  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
                     24:  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
                     25:  */
1.1       markus     26: #ifndef KEY_H
                     27: #define KEY_H
                     28:
1.28      djm        29: #include "buffer.h"
1.8       markus     30: #include <openssl/rsa.h>
                     31: #include <openssl/dsa.h>
                     32:
1.1       markus     33: typedef struct Key Key;
                     34: enum types {
1.6       markus     35:        KEY_RSA1,
1.1       markus     36:        KEY_RSA,
                     37:        KEY_DSA,
1.28      djm        38:        KEY_RSA_CERT,
                     39:        KEY_DSA_CERT,
1.30    ! djm        40:        KEY_RSA_CERT_V00,
        !            41:        KEY_DSA_CERT_V00,
1.6       markus     42:        KEY_UNSPEC
1.1       markus     43: };
1.10      jakob      44: enum fp_type {
                     45:        SSH_FP_SHA1,
                     46:        SSH_FP_MD5
                     47: };
                     48: enum fp_rep {
                     49:        SSH_FP_HEX,
1.27      grunk      50:        SSH_FP_BUBBLEBABBLE,
                     51:        SSH_FP_RANDOMART
1.10      jakob      52: };
1.16      markus     53:
                     54: /* key is stored in external hardware */
                     55: #define KEY_FLAG_EXT           0x0001
                     56:
1.28      djm        57: #define CERT_MAX_PRINCIPALS    256
                     58: struct KeyCert {
                     59:        Buffer           certblob; /* Kept around for use on wire */
                     60:        u_int            type; /* SSH2_CERT_TYPE_USER or SSH2_CERT_TYPE_HOST */
1.30    ! djm        61:        u_int64_t        serial;
1.28      djm        62:        char            *key_id;
                     63:        u_int            nprincipals;
                     64:        char            **principals;
                     65:        u_int64_t        valid_after, valid_before;
1.30    ! djm        66:        Buffer           critical;
        !            67:        Buffer           extensions;
1.28      djm        68:        Key             *signature_key;
                     69: };
                     70:
1.1       markus     71: struct Key {
1.16      markus     72:        int      type;
                     73:        int      flags;
1.1       markus     74:        RSA     *rsa;
                     75:        DSA     *dsa;
1.28      djm        76:        struct KeyCert *cert;
1.1       markus     77: };
                     78:
1.23      jakob      79: Key            *key_new(int);
1.28      djm        80: void            key_add_private(Key *);
1.23      jakob      81: Key            *key_new_private(int);
                     82: void            key_free(Key *);
                     83: Key            *key_demote(const Key *);
1.28      djm        84: int             key_equal_public(const Key *, const Key *);
1.23      jakob      85: int             key_equal(const Key *, const Key *);
1.28      djm        86: char           *key_fingerprint(Key *, enum fp_type, enum fp_rep);
                     87: u_char         *key_fingerprint_raw(Key *, enum fp_type, u_int *);
1.23      jakob      88: const char     *key_type(const Key *);
1.29      stevesk    89: const char     *key_cert_type(const Key *);
1.23      jakob      90: int             key_write(const Key *, FILE *);
                     91: int             key_read(Key *, char **);
                     92: u_int           key_size(const Key *);
1.14      itojun     93:
                     94: Key    *key_generate(int, u_int);
1.23      jakob      95: Key    *key_from_private(const Key *);
1.15      markus     96: int     key_type_from_name(char *);
1.28      djm        97: int     key_is_cert(const Key *);
                     98: int     key_type_plain(int);
1.30    ! djm        99: int     key_to_certified(Key *, int);
1.28      djm       100: int     key_drop_cert(Key *);
                    101: int     key_certify(Key *, Key *);
                    102: void    key_cert_copy(const Key *, struct Key *);
                    103: int     key_cert_check_authority(const Key *, int, int, const char *,
                    104:            const char **);
1.30    ! djm       105: int     key_cert_is_legacy(Key *);
1.14      itojun    106:
1.23      jakob     107: Key            *key_from_blob(const u_char *, u_int);
                    108: int             key_to_blob(const Key *, u_char **, u_int *);
                    109: const char     *key_ssh_name(const Key *);
                    110: int             key_names_valid2(const char *);
                    111:
                    112: int     key_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
                    113: int     key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
                    114:
                    115: int     ssh_dss_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
                    116: int     ssh_dss_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
                    117: int     ssh_rsa_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
                    118: int     ssh_rsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
1.1       markus    119:
                    120: #endif