search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Welcome ng_deflate.
[dragonfly.git] / crypto / openssh / key.h
blobec5ac5eb87c14cc70b04899e59693a2b94861570
1 /* $OpenBSD: key.h,v 1.33 2010/10/28 11:22:09 djm Exp $ */
2
3 /*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 *
15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
19 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25 */
26 #ifndef KEY_H
27 #define KEY_H
28
29 #include "buffer.h"
30 #include <openssl/rsa.h>
31 #include <openssl/dsa.h>
32 #ifdef OPENSSL_HAS_ECC
33 #include <openssl/ec.h>
34 #endif
35
36 typedef struct Key Key;
37 enum types {
38 KEY_RSA1,
39 KEY_RSA,
40 KEY_DSA,
41 KEY_ECDSA,
42 KEY_RSA_CERT,
43 KEY_DSA_CERT,
44 KEY_ECDSA_CERT,
45 KEY_RSA_CERT_V00,
46 KEY_DSA_CERT_V00,
47 KEY_UNSPEC
48 };
49 enum fp_type {
50 SSH_FP_SHA1,
51 SSH_FP_MD5
52 };
53 enum fp_rep {
54 SSH_FP_HEX,
55 SSH_FP_BUBBLEBABBLE,
56 SSH_FP_RANDOMART
57 };
58
59 /* key is stored in external hardware */
60 #define KEY_FLAG_EXT 0x0001
61
62 #define CERT_MAX_PRINCIPALS 256
63 struct KeyCert {
64 Buffer certblob; /* Kept around for use on wire */
65 u_int type; /* SSH2_CERT_TYPE_USER or SSH2_CERT_TYPE_HOST */
66 u_int64_t serial;
67 char *key_id;
68 u_int nprincipals;
69 char **principals;
70 u_int64_t valid_after, valid_before;
71 Buffer critical;
72 Buffer extensions;
73 Key *signature_key;
74 };
75
76 struct Key {
77 int type;
78 int flags;
79 RSA *rsa;
80 DSA *dsa;
81 int ecdsa_nid; /* NID of curve */
82 #ifdef OPENSSL_HAS_ECC
83 EC_KEY *ecdsa;
84 #else
85 void *ecdsa;
86 #endif
87 struct KeyCert *cert;
88 };
89
90 Key *key_new(int);
91 void key_add_private(Key *);
92 Key *key_new_private(int);
93 void key_free(Key *);
94 Key *key_demote(const Key *);
95 int key_equal_public(const Key *, const Key *);
96 int key_equal(const Key *, const Key *);
97 char *key_fingerprint(Key *, enum fp_type, enum fp_rep);
98 u_char *key_fingerprint_raw(Key *, enum fp_type, u_int *);
99 const char *key_type(const Key *);
100 const char *key_cert_type(const Key *);
101 int key_write(const Key *, FILE *);
102 int key_read(Key *, char **);
103 u_int key_size(const Key *);
104
105 Key *key_generate(int, u_int);
106 Key *key_from_private(const Key *);
107 int key_type_from_name(char *);
108 int key_is_cert(const Key *);
109 int key_type_plain(int);
110 int key_to_certified(Key *, int);
111 int key_drop_cert(Key *);
112 int key_certify(Key *, Key *);
113 void key_cert_copy(const Key *, struct Key *);
114 int key_cert_check_authority(const Key *, int, int, const char *,
115 const char **);
116 int key_cert_is_legacy(Key *);
117
118 int key_ecdsa_nid_from_name(const char *);
119 int key_curve_name_to_nid(const char *);
120 const char * key_curve_nid_to_name(int);
121 u_int key_curve_nid_to_bits(int);
122 int key_ecdsa_bits_to_nid(int);
123 #ifdef OPENSSL_HAS_ECC
124 int key_ecdsa_key_to_nid(EC_KEY *);
125 const EVP_MD * key_ec_nid_to_evpmd(int nid);
126 int key_ec_validate_public(const EC_GROUP *, const EC_POINT *);
127 int key_ec_validate_private(const EC_KEY *);
128 #endif
129
130 Key *key_from_blob(const u_char *, u_int);
131 int key_to_blob(const Key *, u_char **, u_int *);
132 const char *key_ssh_name(const Key *);
133 const char *key_ssh_name_plain(const Key *);
134 int key_names_valid2(const char *);
135
136 int key_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
137 int key_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
138
139 int ssh_dss_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
140 int ssh_dss_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
141 int ssh_ecdsa_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
142 int ssh_ecdsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
143 int ssh_rsa_sign(const Key *, u_char **, u_int *, const u_char *, u_int);
144 int ssh_rsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int);
145
146 #if defined(OPENSSL_HAS_ECC) && (defined(DEBUG_KEXECDH) || defined(DEBUG_PK))
147 void key_dump_ec_point(const EC_GROUP *, const EC_POINT *);
148 void key_dump_ec_key(const EC_KEY *);
149 #endif
150
151 #endif
DragonFly BSD