- jmc@cvs.openbsd.org 2009/08/13 13:39:54
[openssh-git.git] / authfd.h
blob3da2561127e6b5f15cdf61dd361e99ecb40b35d3
1 /* $OpenBSD: authfd.h,v 1.36 2006/08/03 03:34:41 deraadt Exp $ */
3 /*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
5 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
6 * All rights reserved
7 * Functions to interface with the SSH_AUTHENTICATION_FD socket.
9 * As far as I am concerned, the code I have written for this software
10 * can be used freely for any purpose. Any derived versions of this
11 * software must be clearly marked as such, and if the derived work is
12 * incompatible with the protocol description in the RFC file, it must be
13 * called by a name other than "ssh" or "Secure Shell".
16 #ifndef AUTHFD_H
17 #define AUTHFD_H
19 /* Messages for the authentication agent connection. */
20 #define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1
21 #define SSH_AGENT_RSA_IDENTITIES_ANSWER 2
22 #define SSH_AGENTC_RSA_CHALLENGE 3
23 #define SSH_AGENT_RSA_RESPONSE 4
24 #define SSH_AGENT_FAILURE 5
25 #define SSH_AGENT_SUCCESS 6
26 #define SSH_AGENTC_ADD_RSA_IDENTITY 7
27 #define SSH_AGENTC_REMOVE_RSA_IDENTITY 8
28 #define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9
30 /* private OpenSSH extensions for SSH2 */
31 #define SSH2_AGENTC_REQUEST_IDENTITIES 11
32 #define SSH2_AGENT_IDENTITIES_ANSWER 12
33 #define SSH2_AGENTC_SIGN_REQUEST 13
34 #define SSH2_AGENT_SIGN_RESPONSE 14
35 #define SSH2_AGENTC_ADD_IDENTITY 17
36 #define SSH2_AGENTC_REMOVE_IDENTITY 18
37 #define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19
39 /* smartcard */
40 #define SSH_AGENTC_ADD_SMARTCARD_KEY 20
41 #define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21
43 /* lock/unlock the agent */
44 #define SSH_AGENTC_LOCK 22
45 #define SSH_AGENTC_UNLOCK 23
47 /* add key with constraints */
48 #define SSH_AGENTC_ADD_RSA_ID_CONSTRAINED 24
49 #define SSH2_AGENTC_ADD_ID_CONSTRAINED 25
50 #define SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 26
52 #define SSH_AGENT_CONSTRAIN_LIFETIME 1
53 #define SSH_AGENT_CONSTRAIN_CONFIRM 2
55 /* extended failure messages */
56 #define SSH2_AGENT_FAILURE 30
58 /* additional error code for ssh.com's ssh-agent2 */
59 #define SSH_COM_AGENT2_FAILURE 102
61 #define SSH_AGENT_OLD_SIGNATURE 0x01
63 typedef struct {
64 int fd;
65 Buffer identities;
66 int howmany;
67 } AuthenticationConnection;
69 int ssh_agent_present(void);
70 int ssh_get_authentication_socket(void);
71 void ssh_close_authentication_socket(int);
73 AuthenticationConnection *ssh_get_authentication_connection(void);
74 void ssh_close_authentication_connection(AuthenticationConnection *);
75 int ssh_get_num_identities(AuthenticationConnection *, int);
76 Key *ssh_get_first_identity(AuthenticationConnection *, char **, int);
77 Key *ssh_get_next_identity(AuthenticationConnection *, char **, int);
78 int ssh_add_identity(AuthenticationConnection *, Key *, const char *);
79 int ssh_add_identity_constrained(AuthenticationConnection *, Key *,
80 const char *, u_int, u_int);
81 int ssh_remove_identity(AuthenticationConnection *, Key *);
82 int ssh_remove_all_identities(AuthenticationConnection *, int);
83 int ssh_lock_agent(AuthenticationConnection *, int, const char *);
84 int ssh_update_card(AuthenticationConnection *, int, const char *,
85 const char *, u_int, u_int);
87 int
88 ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16],
89 u_int, u_char[16]);
91 int
92 ssh_agent_sign(AuthenticationConnection *, Key *, u_char **, u_int *, u_char *,
93 u_int);
95 #endif /* AUTHFD_H */