Annotation of src/usr.bin/ssh/authfd.h, Revision 1.34.10.1
1.34.10.1! brad 1: /* $OpenBSD: authfd.h,v 1.36 2006/08/03 03:34:41 deraadt Exp $ */
1.23 stevesk 2:
1.1 deraadt 3: /*
1.5 deraadt 4: * Author: Tatu Ylonen <ylo@cs.hut.fi>
5: * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
6: * All rights reserved
7: * Functions to interface with the SSH_AUTHENTICATION_FD socket.
1.7 markus 8: *
1.11 deraadt 9: * As far as I am concerned, the code I have written for this software
10: * can be used freely for any purpose. Any derived versions of this
11: * software must be clearly marked as such, and if the derived work is
12: * incompatible with the protocol description in the RFC file, it must be
13: * called by a name other than "ssh" or "Secure Shell".
1.5 deraadt 14: */
1.1 deraadt 15:
16: #ifndef AUTHFD_H
17: #define AUTHFD_H
18:
19: /* Messages for the authentication agent connection. */
20: #define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1
21: #define SSH_AGENT_RSA_IDENTITIES_ANSWER 2
22: #define SSH_AGENTC_RSA_CHALLENGE 3
23: #define SSH_AGENT_RSA_RESPONSE 4
24: #define SSH_AGENT_FAILURE 5
25: #define SSH_AGENT_SUCCESS 6
26: #define SSH_AGENTC_ADD_RSA_IDENTITY 7
27: #define SSH_AGENTC_REMOVE_RSA_IDENTITY 8
28: #define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9
29:
1.13 markus 30: /* private OpenSSH extensions for SSH2 */
1.9 markus 31: #define SSH2_AGENTC_REQUEST_IDENTITIES 11
32: #define SSH2_AGENT_IDENTITIES_ANSWER 12
33: #define SSH2_AGENTC_SIGN_REQUEST 13
34: #define SSH2_AGENT_SIGN_RESPONSE 14
35: #define SSH2_AGENTC_ADD_IDENTITY 17
36: #define SSH2_AGENTC_REMOVE_IDENTITY 18
37: #define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19
1.13 markus 38:
1.17 markus 39: /* smartcard */
40: #define SSH_AGENTC_ADD_SMARTCARD_KEY 20
1.30 deraadt 41: #define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21
1.21 markus 42:
1.25 markus 43: /* lock/unlock the agent */
44: #define SSH_AGENTC_LOCK 22
1.30 deraadt 45: #define SSH_AGENTC_UNLOCK 23
1.25 markus 46:
1.29 markus 47: /* add key with constraints */
48: #define SSH_AGENTC_ADD_RSA_ID_CONSTRAINED 24
49: #define SSH2_AGENTC_ADD_ID_CONSTRAINED 25
1.33 djm 50: #define SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 26
1.27 markus 51:
1.28 markus 52: #define SSH_AGENT_CONSTRAIN_LIFETIME 1
1.32 markus 53: #define SSH_AGENT_CONSTRAIN_CONFIRM 2
1.26 markus 54:
1.21 markus 55: /* extended failure messages */
56: #define SSH2_AGENT_FAILURE 30
1.17 markus 57:
1.13 markus 58: /* additional error code for ssh.com's ssh-agent2 */
1.30 deraadt 59: #define SSH_COM_AGENT2_FAILURE 102
1.12 markus 60:
61: #define SSH_AGENT_OLD_SIGNATURE 0x01
62:
1.5 deraadt 63: typedef struct {
1.30 deraadt 64: int fd;
65: Buffer identities;
66: int howmany;
67: } AuthenticationConnection;
1.10 markus 68:
1.31 stevesk 69: int ssh_agent_present(void);
1.30 deraadt 70: int ssh_get_authentication_socket(void);
71: void ssh_close_authentication_socket(int);
1.1 deraadt 72:
1.16 markus 73: AuthenticationConnection *ssh_get_authentication_connection(void);
1.30 deraadt 74: void ssh_close_authentication_connection(AuthenticationConnection *);
1.19 markus 75: int ssh_get_num_identities(AuthenticationConnection *, int);
1.18 itojun 76: Key *ssh_get_first_identity(AuthenticationConnection *, char **, int);
77: Key *ssh_get_next_identity(AuthenticationConnection *, char **, int);
1.19 markus 78: int ssh_add_identity(AuthenticationConnection *, Key *, const char *);
1.32 markus 79: int ssh_add_identity_constrained(AuthenticationConnection *, Key *,
80: const char *, u_int, u_int);
1.20 markus 81: int ssh_remove_identity(AuthenticationConnection *, Key *);
1.19 markus 82: int ssh_remove_all_identities(AuthenticationConnection *, int);
1.25 markus 83: int ssh_lock_agent(AuthenticationConnection *, int, const char *);
1.34 djm 84: int ssh_update_card(AuthenticationConnection *, int, const char *,
1.33 djm 85: const char *, u_int, u_int);
1.1 deraadt 86:
1.7 markus 87: int
1.18 itojun 88: ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16],
89: u_int, u_char[16]);
1.1 deraadt 90:
1.10 markus 91: int
1.22 markus 92: ssh_agent_sign(AuthenticationConnection *, Key *, u_char **, u_int *, u_char *,
93: u_int);
1.1 deraadt 94:
1.5 deraadt 95: #endif /* AUTHFD_H */