Annotation of src/usr.bin/ssh/key.h, Revision 1.41
1.41 ! djm 1: /* $OpenBSD: key.h,v 1.40 2013/12/06 13:39:49 markus Exp $ */
1.9 niklas 2:
1.5 deraadt 3: /*
1.13 markus 4: * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
1.5 deraadt 5: *
6: * Redistribution and use in source and binary forms, with or without
7: * modification, are permitted provided that the following conditions
8: * are met:
9: * 1. Redistributions of source code must retain the above copyright
10: * notice, this list of conditions and the following disclaimer.
11: * 2. Redistributions in binary form must reproduce the above copyright
12: * notice, this list of conditions and the following disclaimer in the
13: * documentation and/or other materials provided with the distribution.
14: *
15: * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16: * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18: * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20: * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21: * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22: * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23: * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24: * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25: */
1.1 markus 26: #ifndef KEY_H
27: #define KEY_H
28:
1.28 djm 29: #include "buffer.h"
1.8 markus 30: #include <openssl/rsa.h>
31: #include <openssl/dsa.h>
1.31 djm 32: #include <openssl/ec.h>
1.8 markus 33:
1.1 markus 34: typedef struct Key Key;
35: enum types {
1.6 markus 36: KEY_RSA1,
1.1 markus 37: KEY_RSA,
38: KEY_DSA,
1.31 djm 39: KEY_ECDSA,
1.40 markus 40: KEY_ED25519,
1.28 djm 41: KEY_RSA_CERT,
42: KEY_DSA_CERT,
1.31 djm 43: KEY_ECDSA_CERT,
1.40 markus 44: KEY_ED25519_CERT,
1.30 djm 45: KEY_RSA_CERT_V00,
46: KEY_DSA_CERT_V00,
1.6 markus 47: KEY_UNSPEC
1.1 markus 48: };
1.10 jakob 49: enum fp_type {
50: SSH_FP_SHA1,
1.34 djm 51: SSH_FP_MD5,
52: SSH_FP_SHA256
1.10 jakob 53: };
54: enum fp_rep {
55: SSH_FP_HEX,
1.27 grunk 56: SSH_FP_BUBBLEBABBLE,
57: SSH_FP_RANDOMART
1.10 jakob 58: };
1.16 markus 59:
60: /* key is stored in external hardware */
61: #define KEY_FLAG_EXT 0x0001
62:
1.28 djm 63: #define CERT_MAX_PRINCIPALS 256
64: struct KeyCert {
65: Buffer certblob; /* Kept around for use on wire */
66: u_int type; /* SSH2_CERT_TYPE_USER or SSH2_CERT_TYPE_HOST */
1.30 djm 67: u_int64_t serial;
1.28 djm 68: char *key_id;
69: u_int nprincipals;
70: char **principals;
71: u_int64_t valid_after, valid_before;
1.30 djm 72: Buffer critical;
73: Buffer extensions;
1.28 djm 74: Key *signature_key;
75: };
76:
1.1 markus 77: struct Key {
1.16 markus 78: int type;
79: int flags;
1.1 markus 80: RSA *rsa;
81: DSA *dsa;
1.31 djm 82: int ecdsa_nid; /* NID of curve */
83: EC_KEY *ecdsa;
1.28 djm 84: struct KeyCert *cert;
1.40 markus 85: u_char *ed25519_sk;
86: u_char *ed25519_pk;
1.1 markus 87: };
88:
1.40 markus 89: #define ED25519_SK_SZ crypto_sign_ed25519_SECRETKEYBYTES
90: #define ED25519_PK_SZ crypto_sign_ed25519_PUBLICKEYBYTES
91:
1.23 jakob 92: Key *key_new(int);
1.28 djm 93: void key_add_private(Key *);
1.23 jakob 94: Key *key_new_private(int);
95: void key_free(Key *);
96: Key *key_demote(const Key *);
1.28 djm 97: int key_equal_public(const Key *, const Key *);
1.23 jakob 98: int key_equal(const Key *, const Key *);
1.37 djm 99: char *key_fingerprint(const Key *, enum fp_type, enum fp_rep);
1.35 djm 100: u_char *key_fingerprint_raw(const Key *, enum fp_type, u_int *);
1.23 jakob 101: const char *key_type(const Key *);
1.29 stevesk 102: const char *key_cert_type(const Key *);
1.23 jakob 103: int key_write(const Key *, FILE *);
104: int key_read(Key *, char **);
105: u_int key_size(const Key *);
1.14 itojun 106:
107: Key *key_generate(int, u_int);
1.23 jakob 108: Key *key_from_private(const Key *);
1.15 markus 109: int key_type_from_name(char *);
1.28 djm 110: int key_is_cert(const Key *);
1.38 djm 111: int key_type_is_cert(int);
1.28 djm 112: int key_type_plain(int);
1.30 djm 113: int key_to_certified(Key *, int);
1.28 djm 114: int key_drop_cert(Key *);
115: int key_certify(Key *, Key *);
116: void key_cert_copy(const Key *, struct Key *);
117: int key_cert_check_authority(const Key *, int, int, const char *,
118: const char **);
1.35 djm 119: int key_cert_is_legacy(const Key *);
1.14 itojun 120:
1.31 djm 121: int key_ecdsa_nid_from_name(const char *);
122: int key_curve_name_to_nid(const char *);
1.36 djm 123: const char *key_curve_nid_to_name(int);
1.32 djm 124: u_int key_curve_nid_to_bits(int);
1.31 djm 125: int key_ecdsa_bits_to_nid(int);
1.33 djm 126: int key_ecdsa_key_to_nid(EC_KEY *);
1.41 ! djm 127: int key_ec_nid_to_hash_alg(int nid);
1.31 djm 128: int key_ec_validate_public(const EC_GROUP *, const EC_POINT *);
129: int key_ec_validate_private(const EC_KEY *);
1.40 markus 130: char *key_alg_list(int, int);
1.31 djm 131:
1.23 jakob 132: Key *key_from_blob(const u_char *, u_int);
133: int key_to_blob(const Key *, u_char **, u_int *);
134: const char *key_ssh_name(const Key *);
1.31 djm 135: const char *key_ssh_name_plain(const Key *);
1.23 jakob 136: int key_names_valid2(const char *);
137:
138: int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
139: int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
140:
141: int ssh_dss_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
142: int ssh_dss_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
1.31 djm 143: int ssh_ecdsa_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
144: int ssh_ecdsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
1.23 jakob 145: int ssh_rsa_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
146: int ssh_rsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
1.40 markus 147: int ssh_ed25519_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
148: int ssh_ed25519_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
1.31 djm 149:
150: #if defined(DEBUG_KEXECDH) || defined(DEBUG_PK)
151: void key_dump_ec_point(const EC_GROUP *, const EC_POINT *);
152: void key_dump_ec_key(const EC_KEY *);
153: #endif
1.39 markus 154:
155: void key_private_serialize(const Key *, Buffer *);
156: Key *key_private_deserialize(Buffer *);
1.1 markus 157:
158: #endif
![[BACK]](/icons/back.gif){kind=icon}
Return to key.h CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh