Blame - key.h - fp2-dev/platform/external/openssh

blob: ec5ac5eb87c14cc70b04899e59693a2b94861570 [file] [log] [blame]

Mike Lockwood	1305e95	2011-12-07 08:17:59 -0800	[diff] [blame]	1	/* $OpenBSD: key.h,v 1.33 2010/10/28 11:22:09 djm Exp $ */
				2
				3	/*
				4	* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
				5	*
				6	* Redistribution and use in source and binary forms, with or without
				7	* modification, are permitted provided that the following conditions
				8	* are met:
				9	* 1. Redistributions of source code must retain the above copyright
				10	* notice, this list of conditions and the following disclaimer.
				11	* 2. Redistributions in binary form must reproduce the above copyright
				12	* notice, this list of conditions and the following disclaimer in the
				13	* documentation and/or other materials provided with the distribution.
				14	*
				15	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
				16	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
				17	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
				18	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
				19	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
				20	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
				21	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
				22	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
				23	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
				24	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
				25	*/
				26	#ifndef KEY_H
				27	#define KEY_H
				28
				29	#include "buffer.h"
				30	#include <openssl/rsa.h>
				31	#include <openssl/dsa.h>
				32	#ifdef OPENSSL_HAS_ECC
				33	#include <openssl/ec.h>
				34	#endif
				35
				36	typedef struct Key Key;
				37	enum types {
				38	KEY_RSA1,
				39	KEY_RSA,
				40	KEY_DSA,
				41	KEY_ECDSA,
				42	KEY_RSA_CERT,
				43	KEY_DSA_CERT,
				44	KEY_ECDSA_CERT,
				45	KEY_RSA_CERT_V00,
				46	KEY_DSA_CERT_V00,
				47	KEY_UNSPEC
				48	};
				49	enum fp_type {
				50	SSH_FP_SHA1,
				51	SSH_FP_MD5
				52	};
				53	enum fp_rep {
				54	SSH_FP_HEX,
				55	SSH_FP_BUBBLEBABBLE,
				56	SSH_FP_RANDOMART
				57	};
				58
				59	/* key is stored in external hardware */
				60	#define KEY_FLAG_EXT 0x0001
				61
				62	#define CERT_MAX_PRINCIPALS 256
				63	struct KeyCert {
				64	Buffer certblob; /* Kept around for use on wire */
				65	u_int type; /* SSH2_CERT_TYPE_USER or SSH2_CERT_TYPE_HOST */
				66	u_int64_t serial;
				67	char *key_id;
				68	u_int nprincipals;
				69	char **principals;
				70	u_int64_t valid_after, valid_before;
				71	Buffer critical;
				72	Buffer extensions;
				73	Key *signature_key;
				74	};
				75
				76	struct Key {
				77	int type;
				78	int flags;
				79	RSA *rsa;
				80	DSA *dsa;
				81	int ecdsa_nid; /* NID of curve */
				82	#ifdef OPENSSL_HAS_ECC
				83	EC_KEY *ecdsa;
				84	#else
				85	void *ecdsa;
				86	#endif
				87	struct KeyCert *cert;
				88	};
				89
				90	Key *key_new(int);
				91	void key_add_private(Key *);
				92	Key *key_new_private(int);
				93	void key_free(Key *);
				94	Key key_demote(const Key );
				95	int key_equal_public(const Key , const Key );
				96	int key_equal(const Key , const Key );
				97	char key_fingerprint(Key , enum fp_type, enum fp_rep);
				98	u_char key_fingerprint_raw(Key , enum fp_type, u_int *);
				99	const char key_type(const Key );
				100	const char key_cert_type(const Key );
				101	int key_write(const Key , FILE );
				102	int key_read(Key , char *);
				103	u_int key_size(const Key *);
				104
				105	Key *key_generate(int, u_int);
				106	Key key_from_private(const Key );
				107	int key_type_from_name(char *);
				108	int key_is_cert(const Key *);
				109	int key_type_plain(int);
				110	int key_to_certified(Key *, int);
				111	int key_drop_cert(Key *);
				112	int key_certify(Key , Key );
				113	void key_cert_copy(const Key , struct Key );
				114	int key_cert_check_authority(const Key , int, int, const char ,
				115	const char **);
				116	int key_cert_is_legacy(Key *);
				117
				118	int key_ecdsa_nid_from_name(const char *);
				119	int key_curve_name_to_nid(const char *);
				120	const char * key_curve_nid_to_name(int);
				121	u_int key_curve_nid_to_bits(int);
				122	int key_ecdsa_bits_to_nid(int);
				123	#ifdef OPENSSL_HAS_ECC
				124	int key_ecdsa_key_to_nid(EC_KEY *);
				125	const EVP_MD * key_ec_nid_to_evpmd(int nid);
				126	int key_ec_validate_public(const EC_GROUP , const EC_POINT );
				127	int key_ec_validate_private(const EC_KEY *);
				128	#endif
				129
				130	Key key_from_blob(const u_char , u_int);
				131	int key_to_blob(const Key , u_char , u_int );
				132	const char key_ssh_name(const Key );
				133	const char key_ssh_name_plain(const Key );
				134	int key_names_valid2(const char *);
				135
				136	int key_sign(const Key , u_char , u_int , const u_char *, u_int);
				137	int key_verify(const Key , const u_char , u_int, const u_char *, u_int);
				138
				139	int ssh_dss_sign(const Key , u_char , u_int , const u_char *, u_int);
				140	int ssh_dss_verify(const Key , const u_char , u_int, const u_char *, u_int);
				141	int ssh_ecdsa_sign(const Key , u_char , u_int , const u_char *, u_int);
				142	int ssh_ecdsa_verify(const Key , const u_char , u_int, const u_char *, u_int);
				143	int ssh_rsa_sign(const Key , u_char , u_int , const u_char *, u_int);
				144	int ssh_rsa_verify(const Key , const u_char , u_int, const u_char *, u_int);
				145
				146	#if defined(OPENSSL_HAS_ECC) && (defined(DEBUG_KEXECDH) \|\| defined(DEBUG_PK))
				147	void key_dump_ec_point(const EC_GROUP , const EC_POINT );
				148	void key_dump_ec_key(const EC_KEY *);
				149	#endif
				150
				151	#endif