summaryrefslogtreecommitdiff
path: root/key.h
diff options
context:
space:
mode:
Diffstat (limited to 'key.h')
-rw-r--r--key.h32
1 files changed, 29 insertions, 3 deletions
diff --git a/key.h b/key.h
index db609d326..aaf4b56bd 100644
--- a/key.h
+++ b/key.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: key.h,v 1.27 2008/06/11 21:01:35 grunk Exp $ */ 1/* $OpenBSD: key.h,v 1.28 2010/02/26 20:29:54 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -26,6 +26,7 @@
26#ifndef KEY_H 26#ifndef KEY_H
27#define KEY_H 27#define KEY_H
28 28
29#include "buffer.h"
29#include <openssl/rsa.h> 30#include <openssl/rsa.h>
30#include <openssl/dsa.h> 31#include <openssl/dsa.h>
31 32
@@ -34,6 +35,8 @@ enum types {
34 KEY_RSA1, 35 KEY_RSA1,
35 KEY_RSA, 36 KEY_RSA,
36 KEY_DSA, 37 KEY_DSA,
38 KEY_RSA_CERT,
39 KEY_DSA_CERT,
37 KEY_NULL, 40 KEY_NULL,
38 KEY_UNSPEC 41 KEY_UNSPEC
39}; 42};
@@ -50,20 +53,35 @@ enum fp_rep {
50/* key is stored in external hardware */ 53/* key is stored in external hardware */
51#define KEY_FLAG_EXT 0x0001 54#define KEY_FLAG_EXT 0x0001
52 55
56#define CERT_MAX_PRINCIPALS 256
57struct KeyCert {
58 Buffer certblob; /* Kept around for use on wire */
59 u_int type; /* SSH2_CERT_TYPE_USER or SSH2_CERT_TYPE_HOST */
60 char *key_id;
61 u_int nprincipals;
62 char **principals;
63 u_int64_t valid_after, valid_before;
64 Buffer constraints;
65 Key *signature_key;
66};
67
53struct Key { 68struct Key {
54 int type; 69 int type;
55 int flags; 70 int flags;
56 RSA *rsa; 71 RSA *rsa;
57 DSA *dsa; 72 DSA *dsa;
73 struct KeyCert *cert;
58}; 74};
59 75
60Key *key_new(int); 76Key *key_new(int);
77void key_add_private(Key *);
61Key *key_new_private(int); 78Key *key_new_private(int);
62void key_free(Key *); 79void key_free(Key *);
63Key *key_demote(const Key *); 80Key *key_demote(const Key *);
81int key_equal_public(const Key *, const Key *);
64int key_equal(const Key *, const Key *); 82int key_equal(const Key *, const Key *);
65char *key_fingerprint(const Key *, enum fp_type, enum fp_rep); 83char *key_fingerprint(Key *, enum fp_type, enum fp_rep);
66u_char *key_fingerprint_raw(const Key *, enum fp_type, u_int *); 84u_char *key_fingerprint_raw(Key *, enum fp_type, u_int *);
67const char *key_type(const Key *); 85const char *key_type(const Key *);
68int key_write(const Key *, FILE *); 86int key_write(const Key *, FILE *);
69int key_read(Key *, char **); 87int key_read(Key *, char **);
@@ -72,6 +90,14 @@ u_int key_size(const Key *);
72Key *key_generate(int, u_int); 90Key *key_generate(int, u_int);
73Key *key_from_private(const Key *); 91Key *key_from_private(const Key *);
74int key_type_from_name(char *); 92int key_type_from_name(char *);
93int key_is_cert(const Key *);
94int key_type_plain(int);
95int key_to_certified(Key *);
96int key_drop_cert(Key *);
97int key_certify(Key *, Key *);
98void key_cert_copy(const Key *, struct Key *);
99int key_cert_check_authority(const Key *, int, int, const char *,
100 const char **);
75 101
76Key *key_from_blob(const u_char *, u_int); 102Key *key_from_blob(const u_char *, u_int);
77int key_to_blob(const Key *, u_char **, u_int *); 103int key_to_blob(const Key *, u_char **, u_int *);
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-08 00:02:56 +0000