summaryrefslogtreecommitdiff
path: root/sshkey.h
diff options
context:
space:
mode:
Diffstat (limited to 'sshkey.h')
-rw-r--r--sshkey.h19
1 files changed, 13 insertions, 6 deletions
diff --git a/sshkey.h b/sshkey.h
index 1b9e42f45..9093eac51 100644
--- a/sshkey.h
+++ b/sshkey.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshkey.h,v 1.15 2017/03/10 04:07:20 djm Exp $ */ 1/* $OpenBSD: sshkey.h,v 1.21 2017/07/01 13:50:45 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -46,14 +46,13 @@
46# define EC_POINT void 46# define EC_POINT void
47#endif /* WITH_OPENSSL */ 47#endif /* WITH_OPENSSL */
48 48
49#define SSH_RSA_MINIMUM_MODULUS_SIZE 768 49#define SSH_RSA_MINIMUM_MODULUS_SIZE 1024
50#define SSH_KEY_MAX_SIGN_DATA_SIZE (1 << 20) 50#define SSH_KEY_MAX_SIGN_DATA_SIZE (1 << 20)
51 51
52struct sshbuf; 52struct sshbuf;
53 53
54/* Key types */ 54/* Key types */
55enum sshkey_types { 55enum sshkey_types {
56 KEY_RSA1,
57 KEY_RSA, 56 KEY_RSA,
58 KEY_DSA, 57 KEY_DSA,
59 KEY_ECDSA, 58 KEY_ECDSA,
@@ -125,6 +124,7 @@ int sshkey_fingerprint_raw(const struct sshkey *k,
125 int, u_char **retp, size_t *lenp); 124 int, u_char **retp, size_t *lenp);
126const char *sshkey_type(const struct sshkey *); 125const char *sshkey_type(const struct sshkey *);
127const char *sshkey_cert_type(const struct sshkey *); 126const char *sshkey_cert_type(const struct sshkey *);
127int sshkey_format_text(const struct sshkey *, struct sshbuf *);
128int sshkey_write(const struct sshkey *, FILE *); 128int sshkey_write(const struct sshkey *, FILE *);
129int sshkey_read(struct sshkey *, char **); 129int sshkey_read(struct sshkey *, char **);
130u_int sshkey_size(const struct sshkey *); 130u_int sshkey_size(const struct sshkey *);
@@ -137,13 +137,19 @@ int sshkey_type_is_cert(int);
137int sshkey_type_plain(int); 137int sshkey_type_plain(int);
138int sshkey_to_certified(struct sshkey *); 138int sshkey_to_certified(struct sshkey *);
139int sshkey_drop_cert(struct sshkey *); 139int sshkey_drop_cert(struct sshkey *);
140int sshkey_certify(struct sshkey *, struct sshkey *, const char *);
141int sshkey_cert_copy(const struct sshkey *, struct sshkey *); 140int sshkey_cert_copy(const struct sshkey *, struct sshkey *);
142int sshkey_cert_check_authority(const struct sshkey *, int, int, 141int sshkey_cert_check_authority(const struct sshkey *, int, int,
143 const char *, const char **); 142 const char *, const char **);
144size_t sshkey_format_cert_validity(const struct sshkey_cert *, 143size_t sshkey_format_cert_validity(const struct sshkey_cert *,
145 char *, size_t) __attribute__((__bounded__(__string__, 2, 3))); 144 char *, size_t) __attribute__((__bounded__(__string__, 2, 3)));
146 145
146int sshkey_certify(struct sshkey *, struct sshkey *, const char *);
147/* Variant allowing use of a custom signature function (e.g. for ssh-agent) */
148typedef int sshkey_certify_signer(const struct sshkey *, u_char **, size_t *,
149 const u_char *, size_t, const char *, u_int, void *);
150int sshkey_certify_custom(struct sshkey *, struct sshkey *, const char *,
151 sshkey_certify_signer *, void *);
152
147int sshkey_ecdsa_nid_from_name(const char *); 153int sshkey_ecdsa_nid_from_name(const char *);
148int sshkey_curve_name_to_nid(const char *); 154int sshkey_curve_name_to_nid(const char *);
149const char * sshkey_curve_nid_to_name(int); 155const char * sshkey_curve_nid_to_name(int);
@@ -185,13 +191,14 @@ int sshkey_private_deserialize(struct sshbuf *buf, struct sshkey **keyp);
185int sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob, 191int sshkey_private_to_fileblob(struct sshkey *key, struct sshbuf *blob,
186 const char *passphrase, const char *comment, 192 const char *passphrase, const char *comment,
187 int force_new_format, const char *new_format_cipher, int new_format_rounds); 193 int force_new_format, const char *new_format_cipher, int new_format_rounds);
188int sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob,
189 struct sshkey **keyp, char **commentp);
190int sshkey_parse_private_fileblob(struct sshbuf *buffer, 194int sshkey_parse_private_fileblob(struct sshbuf *buffer,
191 const char *passphrase, struct sshkey **keyp, char **commentp); 195 const char *passphrase, struct sshkey **keyp, char **commentp);
192int sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, 196int sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type,
193 const char *passphrase, struct sshkey **keyp, char **commentp); 197 const char *passphrase, struct sshkey **keyp, char **commentp);
194 198
199/* XXX should be internal, but used by ssh-keygen */
200int ssh_rsa_generate_additional_parameters(struct sshkey *);
201
195#ifdef SSHKEY_INTERNAL 202#ifdef SSHKEY_INTERNAL
196int ssh_rsa_sign(const struct sshkey *key, 203int ssh_rsa_sign(const struct sshkey *key,
197 u_char **sigp, size_t *lenp, const u_char *data, size_t datalen, 204 u_char **sigp, size_t *lenp, const u_char *data, size_t datalen,