diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-12-30 09:21:16 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-12-30 20:58:19 +1100 |
commit | 14cea36df397677b8f8568204300ef654114fd76 (patch) | |
tree | 4c9b0bf5108df396f8d9eaff576537e7c9cc50e9 /sk-api.h | |
parent | 2fe05fcb4a2695f190b4fcf27770b655586ab349 (diff) |
upstream: resident keys support in SK API
Adds a sk_load_resident_keys() function to the security key
API that accepts a security key provider and a PIN and returns
a list of keys.
Implement support for this in the usbhid middleware.
feedback and ok markus@
OpenBSD-Commit-ID: 67e984e4e87f4999ce447a6178c4249a9174eff0
Diffstat (limited to 'sk-api.h')
-rw-r--r-- | sk-api.h | 13 |
1 files changed, 12 insertions, 1 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sk-api.h,v 1.3 2019/12/30 09:19:52 djm Exp $ */ | 1 | /* $OpenBSD: sk-api.h,v 1.4 2019/12/30 09:21:16 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2019 Google LLC | 3 | * Copyright (c) 2019 Google LLC |
4 | * | 4 | * |
@@ -52,6 +52,13 @@ struct sk_sign_response { | |||
52 | size_t sig_s_len; | 52 | size_t sig_s_len; |
53 | }; | 53 | }; |
54 | 54 | ||
55 | struct sk_resident_key { | ||
56 | uint8_t alg; | ||
57 | size_t slot; | ||
58 | char *application; | ||
59 | struct sk_enroll_response key; | ||
60 | }; | ||
61 | |||
55 | #define SSH_SK_VERSION_MAJOR 0x00020000 /* current API version */ | 62 | #define SSH_SK_VERSION_MAJOR 0x00020000 /* current API version */ |
56 | #define SSH_SK_VERSION_MAJOR_MASK 0xffff0000 | 63 | #define SSH_SK_VERSION_MAJOR_MASK 0xffff0000 |
57 | 64 | ||
@@ -68,4 +75,8 @@ int sk_sign(int alg, const uint8_t *message, size_t message_len, | |||
68 | const char *application, const uint8_t *key_handle, size_t key_handle_len, | 75 | const char *application, const uint8_t *key_handle, size_t key_handle_len, |
69 | uint8_t flags, struct sk_sign_response **sign_response); | 76 | uint8_t flags, struct sk_sign_response **sign_response); |
70 | 77 | ||
78 | /* Enumerate all resident keys */ | ||
79 | int sk_load_resident_keys(const char *pin, | ||
80 | struct sk_resident_key ***rks, size_t *nrks); | ||
81 | |||
71 | #endif /* _SK_API_H */ | 82 | #endif /* _SK_API_H */ |