25 #include "libssh/priv.h"
26 #ifdef HAVE_OPENSSL_EC_H
27 #include <openssl/ec.h>
29 #ifdef HAVE_OPENSSL_ECDSA_H
30 #include <openssl/ecdsa.h>
33 #include <openssl/evp.h>
35 #include "libssh/crypto.h"
36 #if defined(HAVE_LIBCRYPTO) && defined(HAVE_OPENSSL_ED25519)
39 #define ED25519_SIG_LEN 64
41 #include "libssh/ed25519.h"
44 #define ED25519_KEY_LEN 32
46 #define MAX_PUBKEY_SIZE 0x100000
47 #define MAX_PRIVKEY_SIZE 0x400000
49 #define SSH_KEY_FLAG_EMPTY 0x0
50 #define SSH_KEY_FLAG_PUBLIC 0x0001
51 #define SSH_KEY_FLAG_PRIVATE 0x0002
52 #define SSH_KEY_FLAG_PKCS11_URI 0x0004
55 enum ssh_keytypes_e type;
59 #if defined(HAVE_LIBGCRYPT)
63 #elif defined(HAVE_LIBMBEDCRYPTO)
64 mbedtls_pk_context *rsa;
65 mbedtls_ecdsa_context *ecdsa;
67 #elif defined(HAVE_LIBCRYPTO)
68 #if OPENSSL_VERSION_NUMBER < 0x30000000L
76 # if defined(HAVE_OPENSSL_ECC)
85 #if defined(HAVE_LIBCRYPTO) && defined(HAVE_OPENSSL_ED25519)
86 uint8_t *ed25519_pubkey;
87 uint8_t *ed25519_privkey;
89 ed25519_pubkey *ed25519_pubkey;
90 ed25519_privkey *ed25519_privkey;
94 enum ssh_keytypes_e cert_type;
98 enum ssh_keytypes_e type;
99 enum ssh_digest_e hash_type;
101 #if defined(HAVE_LIBGCRYPT)
104 gcry_sexp_t ecdsa_sig;
105 #elif defined(HAVE_LIBMBEDCRYPTO)
107 struct mbedtls_ecdsa_sig ecdsa_sig;
109 #if !defined(HAVE_LIBCRYPTO) || !defined(HAVE_OPENSSL_ED25519)
110 ed25519_signature *ed25519_sig;
130 enum ssh_keytypes_e type);
134 enum ssh_keytypes_e type);
135 enum ssh_digest_e ssh_key_hash_from_name(
const char *name);
137 #define is_ecdsa_key_type(t) \
138 ((t) >= SSH_KEYTYPE_ECDSA_P256 && (t) <= SSH_KEYTYPE_ECDSA_P521)
140 #define is_cert_type(kt)\
141 ((kt) == SSH_KEYTYPE_DSS_CERT01 ||\
142 (kt) == SSH_KEYTYPE_RSA_CERT01 ||\
143 (kt) == SSH_KEYTYPE_SK_ECDSA_CERT01 ||\
144 (kt) == SSH_KEYTYPE_SK_ED25519_CERT01 ||\
145 ((kt) >= SSH_KEYTYPE_ECDSA_P256_CERT01 &&\
146 (kt) <= SSH_KEYTYPE_ED25519_CERT01))
151 #define SSH_SIGNATURE_FREE(x) \
152 do { ssh_signature_free(x); x = NULL; } while(0)
156 int ssh_pki_import_signature_blob(
const ssh_string sig_blob,
162 const unsigned char *digest,
166 int ssh_pki_export_pubkey_blob(
const ssh_key key,
168 int ssh_pki_import_pubkey_blob(
const ssh_string key_blob,
171 int ssh_pki_import_cert_blob(
const ssh_string cert_blob,
177 const ssh_key privatekey,
enum ssh_digest_e hash_type);
183 const enum ssh_digest_e digest);
196 #ifdef WITH_PKCS11_URI
197 bool ssh_pki_is_uri(
const char *filename);
198 char *ssh_pki_export_pub_uri_from_priv_uri(
const char *priv_uri);