authfd.h revision 113908 
1/*	$OpenBSD: authfd.h,v 1.32 2003/01/23 13:50:27 markus Exp $	*/
2
3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
5 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
6 *                    All rights reserved
7 * Functions to interface with the SSH_AUTHENTICATION_FD socket.
8 *
9 * As far as I am concerned, the code I have written for this software
10 * can be used freely for any purpose.  Any derived versions of this
11 * software must be clearly marked as such, and if the derived work is
12 * incompatible with the protocol description in the RFC file, it must be
13 * called by a name other than "ssh" or "Secure Shell".
14 */
15
16#ifndef AUTHFD_H
17#define AUTHFD_H
18
19#include "buffer.h"
20
21/* Messages for the authentication agent connection. */
22#define SSH_AGENTC_REQUEST_RSA_IDENTITIES	1
23#define SSH_AGENT_RSA_IDENTITIES_ANSWER		2
24#define SSH_AGENTC_RSA_CHALLENGE		3
25#define SSH_AGENT_RSA_RESPONSE			4
26#define SSH_AGENT_FAILURE			5
27#define SSH_AGENT_SUCCESS			6
28#define SSH_AGENTC_ADD_RSA_IDENTITY		7
29#define SSH_AGENTC_REMOVE_RSA_IDENTITY		8
30#define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES	9
31
32/* private OpenSSH extensions for SSH2 */
33#define SSH2_AGENTC_REQUEST_IDENTITIES		11
34#define SSH2_AGENT_IDENTITIES_ANSWER		12
35#define SSH2_AGENTC_SIGN_REQUEST		13
36#define SSH2_AGENT_SIGN_RESPONSE		14
37#define SSH2_AGENTC_ADD_IDENTITY		17
38#define SSH2_AGENTC_REMOVE_IDENTITY		18
39#define SSH2_AGENTC_REMOVE_ALL_IDENTITIES	19
40
41/* smartcard */
42#define SSH_AGENTC_ADD_SMARTCARD_KEY		20
43#define SSH_AGENTC_REMOVE_SMARTCARD_KEY		21
44
45/* lock/unlock the agent */
46#define SSH_AGENTC_LOCK				22
47#define SSH_AGENTC_UNLOCK			23
48
49/* add key with constraints */
50#define SSH_AGENTC_ADD_RSA_ID_CONSTRAINED	24
51#define SSH2_AGENTC_ADD_ID_CONSTRAINED		25
52
53#define	SSH_AGENT_CONSTRAIN_LIFETIME		1
54#define	SSH_AGENT_CONSTRAIN_CONFIRM		2
55
56/* extended failure messages */
57#define SSH2_AGENT_FAILURE			30
58
59/* additional error code for ssh.com's ssh-agent2 */
60#define SSH_COM_AGENT2_FAILURE			102
61
62#define	SSH_AGENT_OLD_SIGNATURE			0x01
63
64typedef struct {
65	int	fd;
66	Buffer	identities;
67	int	howmany;
68}	AuthenticationConnection;
69
70int	ssh_agent_present(void);
71int	ssh_get_authentication_socket(void);
72void	ssh_close_authentication_socket(int);
73
74AuthenticationConnection *ssh_get_authentication_connection(void);
75void	ssh_close_authentication_connection(AuthenticationConnection *);
76int	 ssh_get_num_identities(AuthenticationConnection *, int);
77Key	*ssh_get_first_identity(AuthenticationConnection *, char **, int);
78Key	*ssh_get_next_identity(AuthenticationConnection *, char **, int);
79int	 ssh_add_identity(AuthenticationConnection *, Key *, const char *);
80int	 ssh_add_identity_constrained(AuthenticationConnection *, Key *,
81    const char *, u_int, u_int);
82int	 ssh_remove_identity(AuthenticationConnection *, Key *);
83int	 ssh_remove_all_identities(AuthenticationConnection *, int);
84int	 ssh_lock_agent(AuthenticationConnection *, int, const char *);
85int	 ssh_update_card(AuthenticationConnection *, int, const char *, const char *);
86
87int
88ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16],
89    u_int, u_char[16]);
90
91int
92ssh_agent_sign(AuthenticationConnection *, Key *, u_char **, u_int *, u_char *,
93    u_int);
94
95#endif				/* AUTHFD_H */
96