diff options
Diffstat (limited to 'sshsig.h')
-rw-r--r-- | sshsig.h | 26 |
1 files changed, 19 insertions, 7 deletions
@@ -20,9 +20,10 @@ | |||
20 | struct sshbuf; | 20 | struct sshbuf; |
21 | struct sshkey; | 21 | struct sshkey; |
22 | struct sshsigopt; | 22 | struct sshsigopt; |
23 | struct sshkey_sig_details; | ||
23 | 24 | ||
24 | typedef int sshsig_signer(struct sshkey *, u_char **, size_t *, | 25 | typedef int sshsig_signer(struct sshkey *, u_char **, size_t *, |
25 | const u_char *, size_t, const char *, u_int, void *); | 26 | const u_char *, size_t, const char *, const char *, u_int, void *); |
26 | 27 | ||
27 | /* Buffer-oriented API */ | 28 | /* Buffer-oriented API */ |
28 | 29 | ||
@@ -32,8 +33,9 @@ typedef int sshsig_signer(struct sshkey *, u_char **, size_t *, | |||
32 | * out is populated with the detached signature, or NULL on failure. | 33 | * out is populated with the detached signature, or NULL on failure. |
33 | */ | 34 | */ |
34 | int sshsig_signb(struct sshkey *key, const char *hashalg, | 35 | int sshsig_signb(struct sshkey *key, const char *hashalg, |
35 | const struct sshbuf *message, const char *sig_namespace, | 36 | const char *sk_provider, const struct sshbuf *message, |
36 | struct sshbuf **out, sshsig_signer *signer, void *signer_ctx); | 37 | const char *sig_namespace, struct sshbuf **out, |
38 | sshsig_signer *signer, void *signer_ctx); | ||
37 | 39 | ||
38 | /* | 40 | /* |
39 | * Verifies that a detached signature is valid and optionally returns key | 41 | * Verifies that a detached signature is valid and optionally returns key |
@@ -42,7 +44,7 @@ int sshsig_signb(struct sshkey *key, const char *hashalg, | |||
42 | */ | 44 | */ |
43 | int sshsig_verifyb(struct sshbuf *signature, | 45 | int sshsig_verifyb(struct sshbuf *signature, |
44 | const struct sshbuf *message, const char *sig_namespace, | 46 | const struct sshbuf *message, const char *sig_namespace, |
45 | struct sshkey **sign_keyp); | 47 | struct sshkey **sign_keyp, struct sshkey_sig_details **sig_details); |
46 | 48 | ||
47 | /* File/FD-oriented API */ | 49 | /* File/FD-oriented API */ |
48 | 50 | ||
@@ -52,8 +54,8 @@ int sshsig_verifyb(struct sshbuf *signature, | |||
52 | * out is populated with the detached signature, or NULL on failure. | 54 | * out is populated with the detached signature, or NULL on failure. |
53 | */ | 55 | */ |
54 | int sshsig_sign_fd(struct sshkey *key, const char *hashalg, | 56 | int sshsig_sign_fd(struct sshkey *key, const char *hashalg, |
55 | int fd, const char *sig_namespace, struct sshbuf **out, | 57 | const char *sk_provider, int fd, const char *sig_namespace, |
56 | sshsig_signer *signer, void *signer_ctx); | 58 | struct sshbuf **out, sshsig_signer *signer, void *signer_ctx); |
57 | 59 | ||
58 | /* | 60 | /* |
59 | * Verifies that a detached signature over a file is valid and optionally | 61 | * Verifies that a detached signature over a file is valid and optionally |
@@ -61,7 +63,8 @@ int sshsig_sign_fd(struct sshkey *key, const char *hashalg, | |||
61 | * Returns 0 on success or a negative SSH_ERR_* error code on failure. | 63 | * Returns 0 on success or a negative SSH_ERR_* error code on failure. |
62 | */ | 64 | */ |
63 | int sshsig_verify_fd(struct sshbuf *signature, int fd, | 65 | int sshsig_verify_fd(struct sshbuf *signature, int fd, |
64 | const char *sig_namespace, struct sshkey **sign_keyp); | 66 | const char *sig_namespace, struct sshkey **sign_keyp, |
67 | struct sshkey_sig_details **sig_details); | ||
65 | 68 | ||
66 | /* Utility functions */ | 69 | /* Utility functions */ |
67 | 70 | ||
@@ -89,4 +92,13 @@ struct sshsigopt *sshsigopt_parse(const char *opts, | |||
89 | /* Free signature options */ | 92 | /* Free signature options */ |
90 | void sshsigopt_free(struct sshsigopt *opts); | 93 | void sshsigopt_free(struct sshsigopt *opts); |
91 | 94 | ||
95 | /* Get public key from signature */ | ||
96 | int sshsig_get_pubkey(struct sshbuf *signature, struct sshkey **pubkey); | ||
97 | |||
98 | /* Find principal in allowed_keys file, given a sshkey. Returns | ||
99 | * 0 on success. | ||
100 | */ | ||
101 | int sshsig_find_principals(const char *path, const struct sshkey *sign_key, | ||
102 | char **principal); | ||
103 | |||
92 | #endif /* SSHSIG_H */ | 104 | #endif /* SSHSIG_H */ |