1204917Sdes/* $OpenBSD: authfd.h,v 1.37 2009/08/27 17:44:52 djm Exp $ */ 292555Sdes 357429Smarkm/* 457429Smarkm * Author: Tatu Ylonen <ylo@cs.hut.fi> 557429Smarkm * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 657429Smarkm * All rights reserved 757429Smarkm * Functions to interface with the SSH_AUTHENTICATION_FD socket. 860573Skris * 965668Skris * As far as I am concerned, the code I have written for this software 1065668Skris * can be used freely for any purpose. Any derived versions of this 1165668Skris * software must be clearly marked as such, and if the derived work is 1265668Skris * incompatible with the protocol description in the RFC file, it must be 1365668Skris * called by a name other than "ssh" or "Secure Shell". 1457429Smarkm */ 1557429Smarkm 1657429Smarkm#ifndef AUTHFD_H 1757429Smarkm#define AUTHFD_H 1857429Smarkm 1957429Smarkm/* Messages for the authentication agent connection. */ 2057429Smarkm#define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1 2157429Smarkm#define SSH_AGENT_RSA_IDENTITIES_ANSWER 2 2257429Smarkm#define SSH_AGENTC_RSA_CHALLENGE 3 2357429Smarkm#define SSH_AGENT_RSA_RESPONSE 4 2457429Smarkm#define SSH_AGENT_FAILURE 5 2557429Smarkm#define SSH_AGENT_SUCCESS 6 2657429Smarkm#define SSH_AGENTC_ADD_RSA_IDENTITY 7 2757429Smarkm#define SSH_AGENTC_REMOVE_RSA_IDENTITY 8 2857429Smarkm#define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9 2957429Smarkm 3069587Sgreen/* private OpenSSH extensions for SSH2 */ 3165668Skris#define SSH2_AGENTC_REQUEST_IDENTITIES 11 3265668Skris#define SSH2_AGENT_IDENTITIES_ANSWER 12 3365668Skris#define SSH2_AGENTC_SIGN_REQUEST 13 3465668Skris#define SSH2_AGENT_SIGN_RESPONSE 14 3565668Skris#define SSH2_AGENTC_ADD_IDENTITY 17 3665668Skris#define SSH2_AGENTC_REMOVE_IDENTITY 18 3765668Skris#define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19 3865668Skris 3992555Sdes/* smartcard */ 4092555Sdes#define SSH_AGENTC_ADD_SMARTCARD_KEY 20 4198675Sdes#define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21 4292555Sdes 4398675Sdes/* lock/unlock the agent */ 4498675Sdes#define SSH_AGENTC_LOCK 22 4598675Sdes#define SSH_AGENTC_UNLOCK 23 4698675Sdes 4798675Sdes/* add key with constraints */ 4898675Sdes#define SSH_AGENTC_ADD_RSA_ID_CONSTRAINED 24 4998675Sdes#define SSH2_AGENTC_ADD_ID_CONSTRAINED 25 50124208Sdes#define SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 26 5198675Sdes 5298675Sdes#define SSH_AGENT_CONSTRAIN_LIFETIME 1 53113908Sdes#define SSH_AGENT_CONSTRAIN_CONFIRM 2 5498675Sdes 5592555Sdes/* extended failure messages */ 5692555Sdes#define SSH2_AGENT_FAILURE 30 5792555Sdes 5869587Sgreen/* additional error code for ssh.com's ssh-agent2 */ 5998675Sdes#define SSH_COM_AGENT2_FAILURE 102 6069587Sgreen 6169587Sgreen#define SSH_AGENT_OLD_SIGNATURE 0x01 6269587Sgreen 6357429Smarkmtypedef struct { 6498675Sdes int fd; 6598675Sdes Buffer identities; 6698675Sdes int howmany; 6798675Sdes} AuthenticationConnection; 6865668Skris 69106121Sdesint ssh_agent_present(void); 7098675Sdesint ssh_get_authentication_socket(void); 7198675Sdesvoid ssh_close_authentication_socket(int); 7257429Smarkm 7376259SgreenAuthenticationConnection *ssh_get_authentication_connection(void); 7498675Sdesvoid ssh_close_authentication_connection(AuthenticationConnection *); 7592555Sdesint ssh_get_num_identities(AuthenticationConnection *, int); 7692555SdesKey *ssh_get_first_identity(AuthenticationConnection *, char **, int); 7792555SdesKey *ssh_get_next_identity(AuthenticationConnection *, char **, int); 78113908Sdesint ssh_add_identity_constrained(AuthenticationConnection *, Key *, 79113908Sdes const char *, u_int, u_int); 8092555Sdesint ssh_remove_identity(AuthenticationConnection *, Key *); 8192555Sdesint ssh_remove_all_identities(AuthenticationConnection *, int); 8298675Sdesint ssh_lock_agent(AuthenticationConnection *, int, const char *); 83126274Sdesint ssh_update_card(AuthenticationConnection *, int, const char *, 84124208Sdes const char *, u_int, u_int); 8557429Smarkm 8660573Skrisint 8792555Sdesssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16], 8892555Sdes u_int, u_char[16]); 8957429Smarkm 9065668Skrisint 9192555Sdesssh_agent_sign(AuthenticationConnection *, Key *, u_char **, u_int *, u_char *, 9292555Sdes u_int); 9365668Skris 9457429Smarkm#endif /* AUTHFD_H */ 95