authfd.h revision 259065
189099Sfjoe/* $OpenBSD: authfd.h,v 1.37 2009/08/27 17:44:52 djm Exp $ */ 289099Sfjoe 3119418Sobrien/* 4119418Sobrien * Author: Tatu Ylonen <ylo@cs.hut.fi> 5119418Sobrien * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 689099Sfjoe * All rights reserved 789099Sfjoe * Functions to interface with the SSH_AUTHENTICATION_FD socket. 889099Sfjoe * 989099Sfjoe * As far as I am concerned, the code I have written for this software 1089099Sfjoe * can be used freely for any purpose. Any derived versions of this 1189099Sfjoe * software must be clearly marked as such, and if the derived work is 1289099Sfjoe * incompatible with the protocol description in the RFC file, it must be 1389099Sfjoe * called by a name other than "ssh" or "Secure Shell". 1489099Sfjoe */ 1589099Sfjoe 1689099Sfjoe#ifndef AUTHFD_H 1789099Sfjoe#define AUTHFD_H 1889099Sfjoe 1989099Sfjoe/* Messages for the authentication agent connection. */ 2089099Sfjoe#define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1 2189099Sfjoe#define SSH_AGENT_RSA_IDENTITIES_ANSWER 2 2289099Sfjoe#define SSH_AGENTC_RSA_CHALLENGE 3 2389099Sfjoe#define SSH_AGENT_RSA_RESPONSE 4 2489099Sfjoe#define SSH_AGENT_FAILURE 5 2589099Sfjoe#define SSH_AGENT_SUCCESS 6 2689099Sfjoe#define SSH_AGENTC_ADD_RSA_IDENTITY 7 2789099Sfjoe#define SSH_AGENTC_REMOVE_RSA_IDENTITY 8 2889099Sfjoe#define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9 2989099Sfjoe 3089099Sfjoe/* private OpenSSH extensions for SSH2 */ 3189099Sfjoe#define SSH2_AGENTC_REQUEST_IDENTITIES 11 3289099Sfjoe#define SSH2_AGENT_IDENTITIES_ANSWER 12 3389099Sfjoe#define SSH2_AGENTC_SIGN_REQUEST 13 3489099Sfjoe#define SSH2_AGENT_SIGN_RESPONSE 14 3589099Sfjoe#define SSH2_AGENTC_ADD_IDENTITY 17 3689099Sfjoe#define SSH2_AGENTC_REMOVE_IDENTITY 18 3789099Sfjoe#define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19 3889099Sfjoe 3989099Sfjoe/* smartcard */ 4089099Sfjoe#define SSH_AGENTC_ADD_SMARTCARD_KEY 20 4189099Sfjoe#define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21 42109771Sfjoe 4389099Sfjoe/* lock/unlock the agent */ 4489099Sfjoe#define SSH_AGENTC_LOCK 22 4589099Sfjoe#define SSH_AGENTC_UNLOCK 23 4689099Sfjoe 4789099Sfjoe/* add key with constraints */ 4889099Sfjoe#define SSH_AGENTC_ADD_RSA_ID_CONSTRAINED 24 4989099Sfjoe#define SSH2_AGENTC_ADD_ID_CONSTRAINED 25 5089099Sfjoe#define SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 26 5189099Sfjoe 5289099Sfjoe#define SSH_AGENT_CONSTRAIN_LIFETIME 1 5389099Sfjoe#define SSH_AGENT_CONSTRAIN_CONFIRM 2 5489099Sfjoe 5589099Sfjoe/* extended failure messages */ 5689099Sfjoe#define SSH2_AGENT_FAILURE 30 5789099Sfjoe 5889099Sfjoe/* additional error code for ssh.com's ssh-agent2 */ 5989099Sfjoe#define SSH_COM_AGENT2_FAILURE 102 6089099Sfjoe 6189099Sfjoe#define SSH_AGENT_OLD_SIGNATURE 0x01 6289099Sfjoe 6389099Sfjoetypedef struct { 6489099Sfjoe int fd; 6589099Sfjoe Buffer identities; 6689099Sfjoe int howmany; 6789099Sfjoe} AuthenticationConnection; 6889099Sfjoe 6989099Sfjoeint ssh_agent_present(void); 7089099Sfjoeint ssh_get_authentication_socket(void); 7189099Sfjoevoid ssh_close_authentication_socket(int); 7289099Sfjoe 7389099SfjoeAuthenticationConnection *ssh_get_authentication_connection(void); 7489099Sfjoevoid ssh_close_authentication_connection(AuthenticationConnection *); 7589099Sfjoeint ssh_get_num_identities(AuthenticationConnection *, int); 7689099SfjoeKey *ssh_get_first_identity(AuthenticationConnection *, char **, int); 7789099SfjoeKey *ssh_get_next_identity(AuthenticationConnection *, char **, int); 7889099Sfjoeint ssh_add_identity_constrained(AuthenticationConnection *, Key *, 7989099Sfjoe const char *, u_int, u_int); 8089099Sfjoeint ssh_remove_identity(AuthenticationConnection *, Key *); 8189099Sfjoeint ssh_remove_all_identities(AuthenticationConnection *, int); 8289099Sfjoeint ssh_lock_agent(AuthenticationConnection *, int, const char *); 8389099Sfjoeint ssh_update_card(AuthenticationConnection *, int, const char *, 8489099Sfjoe const char *, u_int, u_int); 8589099Sfjoe 8689099Sfjoeint 8789099Sfjoessh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16], 8889099Sfjoe u_int, u_char[16]); 8989099Sfjoe 9089099Sfjoeint 9189099Sfjoessh_agent_sign(AuthenticationConnection *, Key *, u_char **, u_int *, u_char *, 9289099Sfjoe u_int); 9389099Sfjoe 9489099Sfjoe#endif /* AUTHFD_H */ 9589099Sfjoe