1*e01d29b9Smarkus /* $OpenBSD: authfd.h,v 1.29 2002/06/15 01:27:48 markus Exp $ */ 2617bdbdbSstevesk 384959968Sderaadt /* 432f90fecSderaadt * Author: Tatu Ylonen <ylo@cs.hut.fi> 532f90fecSderaadt * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 632f90fecSderaadt * All rights reserved 732f90fecSderaadt * Functions to interface with the SSH_AUTHENTICATION_FD socket. 832f90fecSderaadt * 9607fba6cSderaadt * As far as I am concerned, the code I have written for this software 10607fba6cSderaadt * can be used freely for any purpose. Any derived versions of this 11607fba6cSderaadt * software must be clearly marked as such, and if the derived work is 12607fba6cSderaadt * incompatible with the protocol description in the RFC file, it must be 13607fba6cSderaadt * called by a name other than "ssh" or "Secure Shell". 1484959968Sderaadt */ 1584959968Sderaadt 1684959968Sderaadt #ifndef AUTHFD_H 1784959968Sderaadt #define AUTHFD_H 1884959968Sderaadt 1984959968Sderaadt #include "buffer.h" 2084959968Sderaadt 2184959968Sderaadt /* Messages for the authentication agent connection. */ 2284959968Sderaadt #define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1 2384959968Sderaadt #define SSH_AGENT_RSA_IDENTITIES_ANSWER 2 2484959968Sderaadt #define SSH_AGENTC_RSA_CHALLENGE 3 2584959968Sderaadt #define SSH_AGENT_RSA_RESPONSE 4 2684959968Sderaadt #define SSH_AGENT_FAILURE 5 2784959968Sderaadt #define SSH_AGENT_SUCCESS 6 2884959968Sderaadt #define SSH_AGENTC_ADD_RSA_IDENTITY 7 2984959968Sderaadt #define SSH_AGENTC_REMOVE_RSA_IDENTITY 8 3084959968Sderaadt #define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9 3184959968Sderaadt 3210da3483Smarkus /* private OpenSSH extensions for SSH2 */ 333ad03657Smarkus #define SSH2_AGENTC_REQUEST_IDENTITIES 11 343ad03657Smarkus #define SSH2_AGENT_IDENTITIES_ANSWER 12 353ad03657Smarkus #define SSH2_AGENTC_SIGN_REQUEST 13 363ad03657Smarkus #define SSH2_AGENT_SIGN_RESPONSE 14 373ad03657Smarkus #define SSH2_AGENTC_ADD_IDENTITY 17 383ad03657Smarkus #define SSH2_AGENTC_REMOVE_IDENTITY 18 393ad03657Smarkus #define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19 403ad03657Smarkus 4144986879Smarkus /* smartcard */ 4244986879Smarkus #define SSH_AGENTC_ADD_SMARTCARD_KEY 20 4344986879Smarkus #define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21 4444986879Smarkus 45712b8fdeSmarkus /* lock/unlock the agent */ 46712b8fdeSmarkus #define SSH_AGENTC_LOCK 22 47712b8fdeSmarkus #define SSH_AGENTC_UNLOCK 23 48712b8fdeSmarkus 49*e01d29b9Smarkus /* add key with constraints */ 50*e01d29b9Smarkus #define SSH_AGENTC_ADD_RSA_ID_CONSTRAINED 24 51*e01d29b9Smarkus #define SSH2_AGENTC_ADD_ID_CONSTRAINED 25 52d77f6525Smarkus 53f5a3f9f6Smarkus #define SSH_AGENT_CONSTRAIN_LIFETIME 1 54f9ca96dcSmarkus 559b40274eSmarkus /* extended failure messages */ 569b40274eSmarkus #define SSH2_AGENT_FAILURE 30 579b40274eSmarkus 5810da3483Smarkus /* additional error code for ssh.com's ssh-agent2 */ 5910da3483Smarkus #define SSH_COM_AGENT2_FAILURE 102 6010da3483Smarkus 611604b9adSmarkus #define SSH_AGENT_OLD_SIGNATURE 0x01 621604b9adSmarkus 6332f90fecSderaadt typedef struct { 6484959968Sderaadt int fd; 6584959968Sderaadt Buffer identities; 6684959968Sderaadt int howmany; 6784959968Sderaadt } AuthenticationConnection; 687aabec31Smarkus 691829452dSmarkus int ssh_get_authentication_socket(void); 7008d1172dSitojun void ssh_close_authentication_socket(int); 7184959968Sderaadt 721829452dSmarkus AuthenticationConnection *ssh_get_authentication_connection(void); 7308d1172dSitojun void ssh_close_authentication_connection(AuthenticationConnection *); 7408d1172dSitojun int ssh_get_num_identities(AuthenticationConnection *, int); 7508d1172dSitojun Key *ssh_get_first_identity(AuthenticationConnection *, char **, int); 7608d1172dSitojun Key *ssh_get_next_identity(AuthenticationConnection *, char **, int); 77c1d304b2Smarkus int ssh_add_identity(AuthenticationConnection *, Key *, const char *); 78*e01d29b9Smarkus int ssh_add_identity_constrained(AuthenticationConnection *, Key *, const char *, u_int); 79c1d304b2Smarkus int ssh_remove_identity(AuthenticationConnection *, Key *); 80c1d304b2Smarkus int ssh_remove_all_identities(AuthenticationConnection *, int); 81712b8fdeSmarkus int ssh_lock_agent(AuthenticationConnection *, int, const char *); 826ce25141Srees int ssh_update_card(AuthenticationConnection *, int, const char *, const char *); 837aabec31Smarkus 8432f90fecSderaadt int 8508d1172dSitojun ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16], 8608d1172dSitojun u_int, u_char[16]); 8784959968Sderaadt 887aabec31Smarkus int 8946a655d6Smarkus ssh_agent_sign(AuthenticationConnection *, Key *, u_char **, u_int *, u_char *, 9046a655d6Smarkus u_int); 9144986879Smarkus 9284959968Sderaadt #endif /* AUTHFD_H */ 93