xref: /titanic_44/usr/src/cmd/ssh/include/authfd.h (revision 104d3bde5b4ac46904f144d3676110fc57a69603)
1 /*	$OpenBSD: authfd.h,v 1.31 2002/09/11 18:27:25 stevesk Exp $	*/
2 
3 #ifndef	_AUTHFD_H
4 #define	_AUTHFD_H
5 
6 #ifdef __cplusplus
7 extern "C" {
8 #endif
9 
10 
11 /*
12  * Author: Tatu Ylonen <ylo@cs.hut.fi>
13  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
14  *                    All rights reserved
15  * Functions to interface with the SSH_AUTHENTICATION_FD socket.
16  *
17  * As far as I am concerned, the code I have written for this software
18  * can be used freely for any purpose.  Any derived versions of this
19  * software must be clearly marked as such, and if the derived work is
20  * incompatible with the protocol description in the RFC file, it must be
21  * called by a name other than "ssh" or "Secure Shell".
22  */
23 
24 #include "buffer.h"
25 
26 /* Messages for the authentication agent connection. */
27 #define SSH_AGENTC_REQUEST_RSA_IDENTITIES	1
28 #define SSH_AGENT_RSA_IDENTITIES_ANSWER		2
29 #define SSH_AGENTC_RSA_CHALLENGE		3
30 #define SSH_AGENT_RSA_RESPONSE			4
31 #define SSH_AGENT_FAILURE			5
32 #define SSH_AGENT_SUCCESS			6
33 #define SSH_AGENTC_ADD_RSA_IDENTITY		7
34 #define SSH_AGENTC_REMOVE_RSA_IDENTITY		8
35 #define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES	9
36 
37 /* private OpenSSH extensions for SSH2 */
38 #define SSH2_AGENTC_REQUEST_IDENTITIES		11
39 #define SSH2_AGENT_IDENTITIES_ANSWER		12
40 #define SSH2_AGENTC_SIGN_REQUEST		13
41 #define SSH2_AGENT_SIGN_RESPONSE		14
42 #define SSH2_AGENTC_ADD_IDENTITY		17
43 #define SSH2_AGENTC_REMOVE_IDENTITY		18
44 #define SSH2_AGENTC_REMOVE_ALL_IDENTITIES	19
45 
46 /* smartcard */
47 #define SSH_AGENTC_ADD_SMARTCARD_KEY		20
48 #define SSH_AGENTC_REMOVE_SMARTCARD_KEY		21
49 
50 /* lock/unlock the agent */
51 #define SSH_AGENTC_LOCK				22
52 #define SSH_AGENTC_UNLOCK			23
53 
54 /* add key with constraints */
55 #define SSH_AGENTC_ADD_RSA_ID_CONSTRAINED	24
56 #define SSH2_AGENTC_ADD_ID_CONSTRAINED		25
57 
58 #define	SSH_AGENT_CONSTRAIN_LIFETIME		1
59 #define	SSH_AGENT_CONSTRAIN_CONFIRM		2
60 
61 /* extended failure messages */
62 #define SSH2_AGENT_FAILURE			30
63 
64 /* additional error code for ssh.com's ssh-agent2 */
65 #define SSH_COM_AGENT2_FAILURE			102
66 
67 #define	SSH_AGENT_OLD_SIGNATURE			0x01
68 
69 typedef struct {
70 	int	fd;
71 	Buffer	identities;
72 	int	howmany;
73 }	AuthenticationConnection;
74 
75 int	ssh_agent_present(void);
76 int	ssh_get_authentication_socket(void);
77 void	ssh_close_authentication_socket(int);
78 
79 AuthenticationConnection *ssh_get_authentication_connection(void);
80 void	ssh_close_authentication_connection(AuthenticationConnection *);
81 int	 ssh_get_num_identities(AuthenticationConnection *, int);
82 Key	*ssh_get_first_identity(AuthenticationConnection *, char **, int);
83 Key	*ssh_get_next_identity(AuthenticationConnection *, char **, int);
84 int	 ssh_add_identity(AuthenticationConnection *, Key *, const char *);
85 int	 ssh_add_identity_constrained(AuthenticationConnection *, Key *, const char *, u_int);
86 int	 ssh_remove_identity(AuthenticationConnection *, Key *);
87 int	 ssh_remove_all_identities(AuthenticationConnection *, int);
88 int	 ssh_lock_agent(AuthenticationConnection *, int, const char *);
89 int	 ssh_update_card(AuthenticationConnection *, int, const char *, const char *);
90 
91 int
92 ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16],
93     u_int, u_char[16]);
94 
95 int
96 ssh_agent_sign(AuthenticationConnection *, Key *, u_char **, u_int *, u_char *,
97     u_int);
98 
99 #ifdef __cplusplus
100 }
101 #endif
102 
103 #endif /* _AUTHFD_H */
104