- jmc@cvs.openbsd.org 2006/07/18 08:03:09
[openssh-git.git] / authfd.h
blob8ad8f2e712c1b9ab5be2c12d5688a6b6d48e4b2f
1 /* $OpenBSD: authfd.h,v 1.35 2006/03/25 22:22:42 djm Exp $ */
3 /*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
5 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
6 * All rights reserved
7 * Functions to interface with the SSH_AUTHENTICATION_FD socket.
9 * As far as I am concerned, the code I have written for this software
10 * can be used freely for any purpose. Any derived versions of this
11 * software must be clearly marked as such, and if the derived work is
12 * incompatible with the protocol description in the RFC file, it must be
13 * called by a name other than "ssh" or "Secure Shell".
16 #ifndef AUTHFD_H
17 #define AUTHFD_H
19 #include "buffer.h"
21 /* Messages for the authentication agent connection. */
22 #define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1
23 #define SSH_AGENT_RSA_IDENTITIES_ANSWER 2
24 #define SSH_AGENTC_RSA_CHALLENGE 3
25 #define SSH_AGENT_RSA_RESPONSE 4
26 #define SSH_AGENT_FAILURE 5
27 #define SSH_AGENT_SUCCESS 6
28 #define SSH_AGENTC_ADD_RSA_IDENTITY 7
29 #define SSH_AGENTC_REMOVE_RSA_IDENTITY 8
30 #define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9
32 /* private OpenSSH extensions for SSH2 */
33 #define SSH2_AGENTC_REQUEST_IDENTITIES 11
34 #define SSH2_AGENT_IDENTITIES_ANSWER 12
35 #define SSH2_AGENTC_SIGN_REQUEST 13
36 #define SSH2_AGENT_SIGN_RESPONSE 14
37 #define SSH2_AGENTC_ADD_IDENTITY 17
38 #define SSH2_AGENTC_REMOVE_IDENTITY 18
39 #define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19
41 /* smartcard */
42 #define SSH_AGENTC_ADD_SMARTCARD_KEY 20
43 #define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21
45 /* lock/unlock the agent */
46 #define SSH_AGENTC_LOCK 22
47 #define SSH_AGENTC_UNLOCK 23
49 /* add key with constraints */
50 #define SSH_AGENTC_ADD_RSA_ID_CONSTRAINED 24
51 #define SSH2_AGENTC_ADD_ID_CONSTRAINED 25
52 #define SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 26
54 #define SSH_AGENT_CONSTRAIN_LIFETIME 1
55 #define SSH_AGENT_CONSTRAIN_CONFIRM 2
57 /* extended failure messages */
58 #define SSH2_AGENT_FAILURE 30
60 /* additional error code for ssh.com's ssh-agent2 */
61 #define SSH_COM_AGENT2_FAILURE 102
63 #define SSH_AGENT_OLD_SIGNATURE 0x01
65 typedef struct {
66 int fd;
67 Buffer identities;
68 int howmany;
69 } AuthenticationConnection;
71 int ssh_agent_present(void);
72 int ssh_get_authentication_socket(void);
73 void ssh_close_authentication_socket(int);
75 AuthenticationConnection *ssh_get_authentication_connection(void);
76 void ssh_close_authentication_connection(AuthenticationConnection *);
77 int ssh_get_num_identities(AuthenticationConnection *, int);
78 Key *ssh_get_first_identity(AuthenticationConnection *, char **, int);
79 Key *ssh_get_next_identity(AuthenticationConnection *, char **, int);
80 int ssh_add_identity(AuthenticationConnection *, Key *, const char *);
81 int ssh_add_identity_constrained(AuthenticationConnection *, Key *,
82 const char *, u_int, u_int);
83 int ssh_remove_identity(AuthenticationConnection *, Key *);
84 int ssh_remove_all_identities(AuthenticationConnection *, int);
85 int ssh_lock_agent(AuthenticationConnection *, int, const char *);
86 int ssh_update_card(AuthenticationConnection *, int, const char *,
87 const char *, u_int, u_int);
89 int
90 ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16],
91 u_int, u_char[16]);
93 int
94 ssh_agent_sign(AuthenticationConnection *, Key *, u_char **, u_int *, u_char *,
95 u_int);
97 #endif /* AUTHFD_H */