key.h revision 323134
1/* $OpenBSD: key.h,v 1.50 2016/09/12 23:31:27 djm Exp $ */ 2 3/* 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25 */ 26#ifndef KEY_H 27#define KEY_H 28 29#include "sshkey.h" 30 31typedef struct sshkey Key; 32 33#define types sshkey_types 34#define fp_type sshkey_fp_type 35#define fp_rep sshkey_fp_rep 36 37#ifndef SSH_KEY_NO_DEFINE 38#define key_new sshkey_new 39#define key_free sshkey_free 40#define key_equal_public sshkey_equal_public 41#define key_equal sshkey_equal 42#define key_type sshkey_type 43#define key_cert_type sshkey_cert_type 44#define key_ssh_name sshkey_ssh_name 45#define key_ssh_name_plain sshkey_ssh_name_plain 46#define key_type_from_name sshkey_type_from_name 47#define key_ecdsa_nid_from_name sshkey_ecdsa_nid_from_name 48#define key_type_is_cert sshkey_type_is_cert 49#define key_size sshkey_size 50#define key_ecdsa_bits_to_nid sshkey_ecdsa_bits_to_nid 51#define key_ecdsa_key_to_nid sshkey_ecdsa_key_to_nid 52#define key_is_cert sshkey_is_cert 53#define key_type_plain sshkey_type_plain 54#define key_curve_name_to_nid sshkey_curve_name_to_nid 55#define key_curve_nid_to_bits sshkey_curve_nid_to_bits 56#define key_curve_nid_to_name sshkey_curve_nid_to_name 57#define key_ec_nid_to_hash_alg sshkey_ec_nid_to_hash_alg 58#define key_dump_ec_point sshkey_dump_ec_point 59#define key_dump_ec_key sshkey_dump_ec_key 60#endif 61 62void key_add_private(Key *); 63Key *key_new_private(int); 64void key_free(Key *); 65Key *key_demote(const Key *); 66int key_write(const Key *, FILE *); 67int key_read(Key *, char **); 68 69Key *key_generate(int, u_int); 70Key *key_from_private(const Key *); 71int key_to_certified(Key *); 72int key_drop_cert(Key *); 73int key_certify(Key *, Key *); 74void key_cert_copy(const Key *, Key *); 75int key_cert_check_authority(const Key *, int, int, const char *, 76 const char **); 77 78#if defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) 79int key_ec_validate_public(const EC_GROUP *, const EC_POINT *); 80int key_ec_validate_private(const EC_KEY *); 81#endif /* defined(WITH_OPENSSL) && defined(OPENSSL_HAS_ECC) */ 82 83Key *key_from_blob(const u_char *, u_int); 84int key_to_blob(const Key *, u_char **, u_int *); 85 86int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int, 87 const char *); 88int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int); 89 90void key_private_serialize(const Key *, struct sshbuf *); 91Key *key_private_deserialize(struct sshbuf *); 92 93/* authfile.c */ 94int key_save_private(Key *, const char *, const char *, const char *, 95 int, const char *, int); 96int key_load_file(int, const char *, struct sshbuf *); 97Key *key_load_cert(const char *); 98Key *key_load_public(const char *, char **); 99Key *key_load_private(const char *, const char *, char **); 100Key *key_load_private_cert(int, const char *, const char *, int *); 101Key *key_load_private_type(int, const char *, const char *, char **, int *); 102int key_perm_ok(int, const char *); 103 104#endif 105