1*006fce9fSdjm /* $OpenBSD: authfd.h,v 1.33 2003/06/11 11:18:38 djm Exp $ */ 2617bdbdbSstevesk 384959968Sderaadt /* 432f90fecSderaadt * Author: Tatu Ylonen <ylo@cs.hut.fi> 532f90fecSderaadt * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 632f90fecSderaadt * All rights reserved 732f90fecSderaadt * Functions to interface with the SSH_AUTHENTICATION_FD socket. 832f90fecSderaadt * 9607fba6cSderaadt * As far as I am concerned, the code I have written for this software 10607fba6cSderaadt * can be used freely for any purpose. Any derived versions of this 11607fba6cSderaadt * software must be clearly marked as such, and if the derived work is 12607fba6cSderaadt * incompatible with the protocol description in the RFC file, it must be 13607fba6cSderaadt * called by a name other than "ssh" or "Secure Shell". 1484959968Sderaadt */ 1584959968Sderaadt 1684959968Sderaadt #ifndef AUTHFD_H 1784959968Sderaadt #define AUTHFD_H 1884959968Sderaadt 1984959968Sderaadt #include "buffer.h" 2084959968Sderaadt 2184959968Sderaadt /* Messages for the authentication agent connection. */ 2284959968Sderaadt #define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1 2384959968Sderaadt #define SSH_AGENT_RSA_IDENTITIES_ANSWER 2 2484959968Sderaadt #define SSH_AGENTC_RSA_CHALLENGE 3 2584959968Sderaadt #define SSH_AGENT_RSA_RESPONSE 4 2684959968Sderaadt #define SSH_AGENT_FAILURE 5 2784959968Sderaadt #define SSH_AGENT_SUCCESS 6 2884959968Sderaadt #define SSH_AGENTC_ADD_RSA_IDENTITY 7 2984959968Sderaadt #define SSH_AGENTC_REMOVE_RSA_IDENTITY 8 3084959968Sderaadt #define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9 3184959968Sderaadt 3210da3483Smarkus /* private OpenSSH extensions for SSH2 */ 333ad03657Smarkus #define SSH2_AGENTC_REQUEST_IDENTITIES 11 343ad03657Smarkus #define SSH2_AGENT_IDENTITIES_ANSWER 12 353ad03657Smarkus #define SSH2_AGENTC_SIGN_REQUEST 13 363ad03657Smarkus #define SSH2_AGENT_SIGN_RESPONSE 14 373ad03657Smarkus #define SSH2_AGENTC_ADD_IDENTITY 17 383ad03657Smarkus #define SSH2_AGENTC_REMOVE_IDENTITY 18 393ad03657Smarkus #define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19 403ad03657Smarkus 4144986879Smarkus /* smartcard */ 4244986879Smarkus #define SSH_AGENTC_ADD_SMARTCARD_KEY 20 4344986879Smarkus #define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21 4444986879Smarkus 45712b8fdeSmarkus /* lock/unlock the agent */ 46712b8fdeSmarkus #define SSH_AGENTC_LOCK 22 47712b8fdeSmarkus #define SSH_AGENTC_UNLOCK 23 48712b8fdeSmarkus 49e01d29b9Smarkus /* add key with constraints */ 50e01d29b9Smarkus #define SSH_AGENTC_ADD_RSA_ID_CONSTRAINED 24 51e01d29b9Smarkus #define SSH2_AGENTC_ADD_ID_CONSTRAINED 25 52*006fce9fSdjm #define SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED 26 53d77f6525Smarkus 54f5a3f9f6Smarkus #define SSH_AGENT_CONSTRAIN_LIFETIME 1 5512af6642Smarkus #define SSH_AGENT_CONSTRAIN_CONFIRM 2 56f9ca96dcSmarkus 579b40274eSmarkus /* extended failure messages */ 589b40274eSmarkus #define SSH2_AGENT_FAILURE 30 599b40274eSmarkus 6010da3483Smarkus /* additional error code for ssh.com's ssh-agent2 */ 6110da3483Smarkus #define SSH_COM_AGENT2_FAILURE 102 6210da3483Smarkus 631604b9adSmarkus #define SSH_AGENT_OLD_SIGNATURE 0x01 641604b9adSmarkus 6532f90fecSderaadt typedef struct { 6684959968Sderaadt int fd; 6784959968Sderaadt Buffer identities; 6884959968Sderaadt int howmany; 6984959968Sderaadt } AuthenticationConnection; 707aabec31Smarkus 7198d71954Sstevesk int ssh_agent_present(void); 721829452dSmarkus int ssh_get_authentication_socket(void); 7308d1172dSitojun void ssh_close_authentication_socket(int); 7484959968Sderaadt 751829452dSmarkus AuthenticationConnection *ssh_get_authentication_connection(void); 7608d1172dSitojun void ssh_close_authentication_connection(AuthenticationConnection *); 7708d1172dSitojun int ssh_get_num_identities(AuthenticationConnection *, int); 7808d1172dSitojun Key *ssh_get_first_identity(AuthenticationConnection *, char **, int); 7908d1172dSitojun Key *ssh_get_next_identity(AuthenticationConnection *, char **, int); 80c1d304b2Smarkus int ssh_add_identity(AuthenticationConnection *, Key *, const char *); 8112af6642Smarkus int ssh_add_identity_constrained(AuthenticationConnection *, Key *, 8212af6642Smarkus const char *, u_int, u_int); 83c1d304b2Smarkus int ssh_remove_identity(AuthenticationConnection *, Key *); 84c1d304b2Smarkus int ssh_remove_all_identities(AuthenticationConnection *, int); 85712b8fdeSmarkus int ssh_lock_agent(AuthenticationConnection *, int, const char *); 86*006fce9fSdjm int ssh_update_card(AuthenticationConnection *, int, const char *, 87*006fce9fSdjm const char *, u_int, u_int); 887aabec31Smarkus 8932f90fecSderaadt int 9008d1172dSitojun ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16], 9108d1172dSitojun u_int, u_char[16]); 9284959968Sderaadt 937aabec31Smarkus int 9446a655d6Smarkus ssh_agent_sign(AuthenticationConnection *, Key *, u_char **, u_int *, u_char *, 9546a655d6Smarkus u_int); 9644986879Smarkus 9784959968Sderaadt #endif /* AUTHFD_H */ 98