blob: df589b1c4afd87b1733e17b7eb651e484ad845a4 [file] [log] [blame]
Damien Millerd4a8b7e1999-10-27 13:42:43 +10001/*
2
3authfd.h
4
5Author: Tatu Ylonen <ylo@cs.hut.fi>
6
7Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8 All rights reserved
9
10Created: Wed Mar 29 01:17:41 1995 ylo
11
12Functions to interface with the SSH_AUTHENTICATION_FD socket.
13
14*/
15
Damien Miller7e8e8201999-11-16 13:37:16 +110016/* RCSID("$Id: authfd.h,v 1.2 1999/11/16 02:37:16 damien Exp $"); */
Damien Millerd4a8b7e1999-10-27 13:42:43 +100017
18#ifndef AUTHFD_H
19#define AUTHFD_H
20
21#include "buffer.h"
22
23/* Messages for the authentication agent connection. */
24#define SSH_AGENTC_REQUEST_RSA_IDENTITIES 1
25#define SSH_AGENT_RSA_IDENTITIES_ANSWER 2
26#define SSH_AGENTC_RSA_CHALLENGE 3
27#define SSH_AGENT_RSA_RESPONSE 4
28#define SSH_AGENT_FAILURE 5
29#define SSH_AGENT_SUCCESS 6
30#define SSH_AGENTC_ADD_RSA_IDENTITY 7
31#define SSH_AGENTC_REMOVE_RSA_IDENTITY 8
32#define SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES 9
33
34typedef struct
35{
36 int fd;
37 Buffer packet;
38 Buffer identities;
39 int howmany;
40} AuthenticationConnection;
41
42/* Returns the number of the authentication fd, or -1 if there is none. */
43int ssh_get_authentication_socket();
44
45/* This should be called for any descriptor returned by
46 ssh_get_authentication_socket(). Depending on the way the descriptor was
47 obtained, this may close the descriptor. */
48void ssh_close_authentication_socket(int authfd);
49
50/* Opens and connects a private socket for communication with the
51 authentication agent. Returns NULL if an error occurred and the
52 connection could not be opened. The connection should be closed by
53 the caller by calling ssh_close_authentication_connection(). */
54AuthenticationConnection *ssh_get_authentication_connection();
55
56/* Closes the connection to the authentication agent and frees any associated
57 memory. */
58void ssh_close_authentication_connection(AuthenticationConnection *ac);
59
60/* Returns the first authentication identity held by the agent.
61 Returns true if an identity is available, 0 otherwise.
62 The caller must initialize the integers before the call, and free the
63 comment after a successful call (before calling ssh_get_next_identity). */
64int ssh_get_first_identity(AuthenticationConnection *connection,
Damien Miller7e8e8201999-11-16 13:37:16 +110065 BIGNUM *e, BIGNUM *n, char **comment);
Damien Millerd4a8b7e1999-10-27 13:42:43 +100066
67/* Returns the next authentication identity for the agent. Other functions
68 can be called between this and ssh_get_first_identity or two calls of this
69 function. This returns 0 if there are no more identities. The caller
70 must free comment after a successful return. */
71int ssh_get_next_identity(AuthenticationConnection *connection,
Damien Miller7e8e8201999-11-16 13:37:16 +110072 BIGNUM *e, BIGNUM *n, char **comment);
Damien Millerd4a8b7e1999-10-27 13:42:43 +100073
74/* Requests the agent to decrypt the given challenge. Returns true if
75 the agent claims it was able to decrypt it. */
76int ssh_decrypt_challenge(AuthenticationConnection *auth,
Damien Miller7e8e8201999-11-16 13:37:16 +110077 BIGNUM *e, BIGNUM *n, BIGNUM *challenge,
Damien Millerd4a8b7e1999-10-27 13:42:43 +100078 unsigned char session_id[16],
79 unsigned int response_type,
80 unsigned char response[16]);
81
82/* Adds an identity to the authentication server. This call is not meant to
83 be used by normal applications. This returns true if the identity
84 was successfully added. */
85int ssh_add_identity(AuthenticationConnection *connection,
86 RSA *key, const char *comment);
87
88/* Removes the identity from the authentication server. This call is
89 not meant to be used by normal applications. This returns true if the
90 identity was successfully added. */
91int ssh_remove_identity(AuthenticationConnection *connection,
92 RSA *key);
93
94/* Removes all identities from the authentication agent. This call is not
95 meant to be used by normal applications. This returns true if the
96 operation was successful. */
97int ssh_remove_all_identities(AuthenticationConnection *connection);
98
99/* Closes the connection to the authentication agent. */
100void ssh_close_authentication(AuthenticationConnection *connection);
101
102#endif /* AUTHFD_H */