Annotation of src/usr.bin/ssh/key.h, Revision 1.37
1.37 ! djm 1: /* $OpenBSD: key.h,v 1.36 2013/04/19 01:06:50 djm Exp $ */
1.9 niklas 2:
1.5 deraadt 3: /*
1.13 markus 4: * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
1.5 deraadt 5: *
6: * Redistribution and use in source and binary forms, with or without
7: * modification, are permitted provided that the following conditions
8: * are met:
9: * 1. Redistributions of source code must retain the above copyright
10: * notice, this list of conditions and the following disclaimer.
11: * 2. Redistributions in binary form must reproduce the above copyright
12: * notice, this list of conditions and the following disclaimer in the
13: * documentation and/or other materials provided with the distribution.
14: *
15: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25: */
1.1 markus 26: #ifndef KEY_H
27: #define KEY_H
28:
1.28 djm 29: #include "buffer.h"
1.8 markus 30: #include <openssl/rsa.h>
31: #include <openssl/dsa.h>
1.31 djm 32: #include <openssl/ec.h>
1.8 markus 33:
1.1 markus 34: typedef struct Key Key;
35: enum types {
1.6 markus 36: KEY_RSA1,
1.1 markus 37: KEY_RSA,
38: KEY_DSA,
1.31 djm 39: KEY_ECDSA,
1.28 djm 40: KEY_RSA_CERT,
41: KEY_DSA_CERT,
1.31 djm 42: KEY_ECDSA_CERT,
1.30 djm 43: KEY_RSA_CERT_V00,
44: KEY_DSA_CERT_V00,
1.6 markus 45: KEY_UNSPEC
1.1 markus 46: };
1.10 jakob 47: enum fp_type {
48: SSH_FP_SHA1,
1.34 djm 49: SSH_FP_MD5,
50: SSH_FP_SHA256
1.10 jakob 51: };
52: enum fp_rep {
53: SSH_FP_HEX,
1.27 grunk 54: SSH_FP_BUBBLEBABBLE,
55: SSH_FP_RANDOMART
1.10 jakob 56: };
1.16 markus 57:
58: /* key is stored in external hardware */
59: #define KEY_FLAG_EXT 0x0001
60:
1.28 djm 61: #define CERT_MAX_PRINCIPALS 256
62: struct KeyCert {
63: Buffer certblob; /* Kept around for use on wire */
64: u_int type; /* SSH2_CERT_TYPE_USER or SSH2_CERT_TYPE_HOST */
1.30 djm 65: u_int64_t serial;
1.28 djm 66: char *key_id;
67: u_int nprincipals;
68: char **principals;
69: u_int64_t valid_after, valid_before;
1.30 djm 70: Buffer critical;
71: Buffer extensions;
1.28 djm 72: Key *signature_key;
73: };
74:
1.1 markus 75: struct Key {
1.16 markus 76: int type;
77: int flags;
1.1 markus 78: RSA *rsa;
79: DSA *dsa;
1.31 djm 80: int ecdsa_nid; /* NID of curve */
81: EC_KEY *ecdsa;
1.28 djm 82: struct KeyCert *cert;
1.1 markus 83: };
84:
1.23 jakob 85: Key *key_new(int);
1.28 djm 86: void key_add_private(Key *);
1.23 jakob 87: Key *key_new_private(int);
88: void key_free(Key *);
89: Key *key_demote(const Key *);
1.28 djm 90: int key_equal_public(const Key *, const Key *);
1.23 jakob 91: int key_equal(const Key *, const Key *);
1.37 ! djm 92: char *key_fingerprint(const Key *, enum fp_type, enum fp_rep);
1.35 djm 93: u_char *key_fingerprint_raw(const Key *, enum fp_type, u_int *);
1.23 jakob 94: const char *key_type(const Key *);
1.29 stevesk 95: const char *key_cert_type(const Key *);
1.23 jakob 96: int key_write(const Key *, FILE *);
97: int key_read(Key *, char **);
98: u_int key_size(const Key *);
1.14 itojun 99:
100: Key *key_generate(int, u_int);
1.23 jakob 101: Key *key_from_private(const Key *);
1.15 markus 102: int key_type_from_name(char *);
1.28 djm 103: int key_is_cert(const Key *);
104: int key_type_plain(int);
1.30 djm 105: int key_to_certified(Key *, int);
1.28 djm 106: int key_drop_cert(Key *);
107: int key_certify(Key *, Key *);
108: void key_cert_copy(const Key *, struct Key *);
109: int key_cert_check_authority(const Key *, int, int, const char *,
110: const char **);
1.35 djm 111: int key_cert_is_legacy(const Key *);
1.14 itojun 112:
1.31 djm 113: int key_ecdsa_nid_from_name(const char *);
114: int key_curve_name_to_nid(const char *);
1.36 djm 115: const char *key_curve_nid_to_name(int);
1.32 djm 116: u_int key_curve_nid_to_bits(int);
1.31 djm 117: int key_ecdsa_bits_to_nid(int);
1.33 djm 118: int key_ecdsa_key_to_nid(EC_KEY *);
1.36 djm 119: const EVP_MD *key_ec_nid_to_evpmd(int nid);
1.31 djm 120: int key_ec_validate_public(const EC_GROUP *, const EC_POINT *);
121: int key_ec_validate_private(const EC_KEY *);
1.36 djm 122: char *key_alg_list(void);
1.31 djm 123:
1.23 jakob 124: Key *key_from_blob(const u_char *, u_int);
125: int key_to_blob(const Key *, u_char **, u_int *);
126: const char *key_ssh_name(const Key *);
1.31 djm 127: const char *key_ssh_name_plain(const Key *);
1.23 jakob 128: int key_names_valid2(const char *);
129:
130: int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
131: int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
132:
133: int ssh_dss_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
134: int ssh_dss_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
1.31 djm 135: int ssh_ecdsa_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
136: int ssh_ecdsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
1.23 jakob 137: int ssh_rsa_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
138: int ssh_rsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
1.31 djm 139:
140: #if defined(DEBUG_KEXECDH) || defined(DEBUG_PK)
141: void key_dump_ec_point(const EC_GROUP *, const EC_POINT *);
142: void key_dump_ec_key(const EC_KEY *);
143: #endif
1.1 markus 144:
145: #endif
![[BACK]](/icons/back.gif){kind=icon}
Return to key.h CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh