1296633Sdes/* $OpenBSD: authfd.h,v 1.39 2015/12/04 16:41:28 markus Exp $ */ 292555Sdes 357429Smarkm/* 457429Smarkm * Author: Tatu Ylonen <ylo@cs.hut.fi> 557429Smarkm * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 657429Smarkm * All rights reserved 757429Smarkm * Functions to interface with the SSH_AUTHENTICATION_FD socket. 860573Skris * 965668Skris * As far as I am concerned, the code I have written for this software 1065668Skris * can be used freely for any purpose. Any derived versions of this 1165668Skris * software must be clearly marked as such, and if the derived work is 1265668Skris * incompatible with the protocol description in the RFC file, it must be 1365668Skris * called by a name other than "ssh" or "Secure Shell". 1457429Smarkm */ 1557429Smarkm 1657429Smarkm#ifndef AUTHFD_H 1757429Smarkm#define AUTHFD_H 1857429Smarkm 19294332Sdes/* List of identities returned by ssh_fetch_identitylist() */ 20294332Sdesstruct ssh_identitylist { 21294332Sdes size_t nkeys; 22294332Sdes struct sshkey **keys; 23294332Sdes char **comments; 24294332Sdes}; 25294332Sdes 26294332Sdesint ssh_get_authentication_socket(int *fdp); 27294332Sdesvoid ssh_close_authentication_socket(int sock); 28294332Sdes 29294332Sdesint ssh_lock_agent(int sock, int lock, const char *password); 30294332Sdesint ssh_fetch_identitylist(int sock, int version, 31294332Sdes struct ssh_identitylist **idlp); 32294332Sdesvoid ssh_free_identitylist(struct ssh_identitylist *idl); 33294332Sdesint ssh_add_identity_constrained(int sock, struct sshkey *key, 34294332Sdes const char *comment, u_int life, u_int confirm); 35294332Sdesint ssh_remove_identity(int sock, struct sshkey *key); 36294332Sdesint ssh_update_card(int sock, int add, const char *reader_id, 37294332Sdes const char *pin, u_int life, u_int confirm); 38294332Sdesint ssh_remove_all_identities(int sock, int version); 39294332Sdes 40294332Sdesint ssh_decrypt_challenge(int sock, struct sshkey* key, BIGNUM *challenge, 41294332Sdes u_char session_id[16], u_char response[16]); 42294332Sdesint ssh_agent_sign(int sock, struct sshkey *key, 43294332Sdes u_char **sigp, size_t *lenp, 44296633Sdes const u_char *data, size_t datalen, const char *alg, u_int compat); 45294332Sdes 4657429Smarkm/* Messages for the authentication agent connection. */ 4757429Smarkm#define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1 4857429Smarkm#define SSH_AGENT_RSA_IDENTITIES_ANSWER 2 4957429Smarkm#define SSH_AGENTC_RSA_CHALLENGE 3 5057429Smarkm#define SSH_AGENT_RSA_RESPONSE 4 5157429Smarkm#define SSH_AGENT_FAILURE 5 5257429Smarkm#define SSH_AGENT_SUCCESS 6 5357429Smarkm#define SSH_AGENTC_ADD_RSA_IDENTITY 7 5457429Smarkm#define SSH_AGENTC_REMOVE_RSA_IDENTITY 8 5557429Smarkm#define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9 5657429Smarkm 5769587Sgreen/* private OpenSSH extensions for SSH2 */ 5865668Skris#define SSH2_AGENTC_REQUEST_IDENTITIES 11 5965668Skris#define SSH2_AGENT_IDENTITIES_ANSWER 12 6065668Skris#define SSH2_AGENTC_SIGN_REQUEST 13 6165668Skris#define SSH2_AGENT_SIGN_RESPONSE 14 6265668Skris#define SSH2_AGENTC_ADD_IDENTITY 17 6365668Skris#define SSH2_AGENTC_REMOVE_IDENTITY 18 6465668Skris#define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19 6565668Skris 6692555Sdes/* smartcard */ 6792555Sdes#define SSH_AGENTC_ADD_SMARTCARD_KEY 20 6898675Sdes#define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21 6992555Sdes 7098675Sdes/* lock/unlock the agent */ 7198675Sdes#define SSH_AGENTC_LOCK 22 7298675Sdes#define SSH_AGENTC_UNLOCK 23 7398675Sdes 7498675Sdes/* add key with constraints */ 7598675Sdes#define SSH_AGENTC_ADD_RSA_ID_CONSTRAINED 24 7698675Sdes#define SSH2_AGENTC_ADD_ID_CONSTRAINED 25 77124208Sdes#define SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 26 7898675Sdes 7998675Sdes#define SSH_AGENT_CONSTRAIN_LIFETIME 1 80113908Sdes#define SSH_AGENT_CONSTRAIN_CONFIRM 2 8198675Sdes 8292555Sdes/* extended failure messages */ 8392555Sdes#define SSH2_AGENT_FAILURE 30 8492555Sdes 8569587Sgreen/* additional error code for ssh.com's ssh-agent2 */ 8698675Sdes#define SSH_COM_AGENT2_FAILURE 102 8769587Sgreen 8869587Sgreen#define SSH_AGENT_OLD_SIGNATURE 0x01 89296633Sdes#define SSH_AGENT_RSA_SHA2_256 0x02 90296633Sdes#define SSH_AGENT_RSA_SHA2_512 0x04 9169587Sgreen 9257429Smarkm#endif /* AUTHFD_H */ 93