libssh  0.10.6
The SSH library
pki_priv.h
1 /*
2  * This file is part of the SSH Library
3  *
4  * Copyright (c) 2010 by Aris Adamantiadis
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, write to the Free Software
18  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
19  */
20 
21 #ifndef PKI_PRIV_H_
22 #define PKI_PRIV_H_
23 
24 #include "libssh/pki.h"
25 
26 #ifdef __cplusplus
27 extern "C" {
28 #endif
29 
30 /* defined in bcrypt_pbkdf.c */
31 int bcrypt_pbkdf(const char *pass,
32  size_t passlen,
33  const uint8_t *salt,
34  size_t saltlen,
35  uint8_t *key,
36  size_t keylen,
37  unsigned int rounds);
38 
39 #define RSA_HEADER_BEGIN "-----BEGIN RSA PRIVATE KEY-----"
40 #define RSA_HEADER_END "-----END RSA PRIVATE KEY-----"
41 #define DSA_HEADER_BEGIN "-----BEGIN DSA PRIVATE KEY-----"
42 #define DSA_HEADER_END "-----END DSA PRIVATE KEY-----"
43 #define ECDSA_HEADER_BEGIN "-----BEGIN EC PRIVATE KEY-----"
44 #define ECDSA_HEADER_END "-----END EC PRIVATE KEY-----"
45 #define OPENSSH_HEADER_BEGIN "-----BEGIN OPENSSH PRIVATE KEY-----"
46 #define OPENSSH_HEADER_END "-----END OPENSSH PRIVATE KEY-----"
47 /* Magic defined in OpenSSH/PROTOCOL.key */
48 #define OPENSSH_AUTH_MAGIC "openssh-key-v1"
49 
50 /* Determine type of ssh key. */
51 enum ssh_key_e {
52  SSH_KEY_PUBLIC = 0,
53  SSH_KEY_PRIVATE
54 };
55 
56 void pki_key_clean(ssh_key key);
57 
58 int pki_key_ecdsa_nid_from_name(const char *name);
59 const char *pki_key_ecdsa_nid_to_name(int nid);
60 const char *ssh_key_signature_to_char(enum ssh_keytypes_e type,
61  enum ssh_digest_e hash_type);
62 enum ssh_digest_e ssh_key_type_to_hash(ssh_session session,
63  enum ssh_keytypes_e type);
64 
65 /* SSH Key Functions */
66 ssh_key pki_key_dup(const ssh_key key, int demote);
67 int pki_key_generate_rsa(ssh_key key, int parameter);
68 int pki_key_generate_dss(ssh_key key, int parameter);
69 int pki_key_generate_ecdsa(ssh_key key, int parameter);
70 int pki_key_generate_ed25519(ssh_key key);
71 
72 int pki_key_compare(const ssh_key k1,
73  const ssh_key k2,
74  enum ssh_keycmp_e what);
75 
76 int pki_key_check_hash_compatible(ssh_key key,
77  enum ssh_digest_e hash_type);
78 /* SSH Private Key Functions */
79 enum ssh_keytypes_e pki_privatekey_type_from_string(const char *privkey);
80 ssh_key pki_private_key_from_base64(const char *b64_key,
81  const char *passphrase,
82  ssh_auth_callback auth_fn,
83  void *auth_data);
84 
85 ssh_string pki_private_key_to_pem(const ssh_key key,
86  const char *passphrase,
87  ssh_auth_callback auth_fn,
88  void *auth_data);
89 int pki_import_privkey_buffer(enum ssh_keytypes_e type,
90  ssh_buffer buffer,
91  ssh_key *pkey);
92 
93 /* SSH Public Key Functions */
94 int pki_pubkey_build_dss(ssh_key key,
95  ssh_string p,
96  ssh_string q,
97  ssh_string g,
98  ssh_string pubkey);
99 int pki_pubkey_build_rsa(ssh_key key,
100  ssh_string e,
101  ssh_string n);
102 int pki_pubkey_build_ecdsa(ssh_key key, int nid, ssh_string e);
103 ssh_string pki_publickey_to_blob(const ssh_key key);
104 
105 /* SSH Private Key Functions */
106 int pki_privkey_build_dss(ssh_key key,
107  ssh_string p,
108  ssh_string q,
109  ssh_string g,
110  ssh_string pubkey,
111  ssh_string privkey);
112 int pki_privkey_build_rsa(ssh_key key,
113  ssh_string n,
114  ssh_string e,
115  ssh_string d,
116  ssh_string iqmp,
117  ssh_string p,
118  ssh_string q);
119 int pki_privkey_build_ecdsa(ssh_key key,
120  int nid,
121  ssh_string e,
122  ssh_string exp);
123 ssh_string pki_publickey_to_blob(const ssh_key key);
124 
125 /* SSH Signature Functions */
126 ssh_signature pki_sign_data(const ssh_key privkey,
127  enum ssh_digest_e hash_type,
128  const unsigned char *input,
129  size_t input_len);
130 int pki_verify_data_signature(ssh_signature signature,
131  const ssh_key pubkey,
132  const unsigned char *input,
133  size_t input_len);
134 ssh_string pki_signature_to_blob(const ssh_signature sign);
135 ssh_signature pki_signature_from_blob(const ssh_key pubkey,
136  const ssh_string sig_blob,
137  enum ssh_keytypes_e type,
138  enum ssh_digest_e hash_type);
139 
140 /* SSH Signing Functions */
141 ssh_signature pki_do_sign(const ssh_key privkey,
142  const unsigned char *input,
143  size_t input_len,
144  enum ssh_digest_e hash_type);
145 ssh_signature pki_do_sign_hash(const ssh_key privkey,
146  const unsigned char *hash,
147  size_t hlen,
148  enum ssh_digest_e hash_type);
149 int pki_ed25519_sign(const ssh_key privkey, ssh_signature sig,
150  const unsigned char *hash, size_t hlen);
151 int pki_ed25519_verify(const ssh_key pubkey, ssh_signature sig,
152  const unsigned char *hash, size_t hlen);
153 int pki_ed25519_key_cmp(const ssh_key k1,
154  const ssh_key k2,
155  enum ssh_keycmp_e what);
156 int pki_ed25519_key_dup(ssh_key new_key, const ssh_key key);
157 int pki_ed25519_public_key_to_blob(ssh_buffer buffer, ssh_key key);
158 ssh_string pki_ed25519_signature_to_blob(ssh_signature sig);
159 int pki_signature_from_ed25519_blob(ssh_signature sig, ssh_string sig_blob);
160 int pki_privkey_build_ed25519(ssh_key key,
161  ssh_string pubkey,
162  ssh_string privkey);
163 
164 /* PKI Container OpenSSH */
165 ssh_key ssh_pki_openssh_pubkey_import(const char *text_key);
166 ssh_key ssh_pki_openssh_privkey_import(const char *text_key,
167  const char *passphrase, ssh_auth_callback auth_fn, void *auth_data);
168 ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey,
169  const char *passphrase, ssh_auth_callback auth_fn, void *auth_data);
170 
171 #ifdef WITH_PKCS11_URI
172 /* URI Function */
173 int pki_uri_import(const char *uri_name, ssh_key *key, enum ssh_key_e key_type);
174 #endif /* WITH_PKCS11_URI */
175 
176 bool ssh_key_size_allowed_rsa(int min_size, ssh_key key);
177 #ifdef __cplusplus
178 }
179 #endif
180 
181 #endif /* PKI_PRIV_H_ */
ssh_key_struct
Definition: pki.h:54
ssh_key_type_to_hash
enum ssh_digest_e ssh_key_type_to_hash(ssh_session session, enum ssh_keytypes_e type)
Convert a key type to a hash type. This is usually unambiguous for all the key types,...
Definition: pki.c:449
ssh_key_signature_to_char
const char * ssh_key_signature_to_char(enum ssh_keytypes_e type, enum ssh_digest_e hash_type)
Convert a signature type to a string.
Definition: pki.c:237
ssh_buffer_struct
Definition: buffer.c:48
ssh_auth_callback
int(* ssh_auth_callback)(const char *prompt, char *buf, size_t len, int echo, int verify, void *userdata)
SSH authentication callback for password and publickey auth.
Definition: libssh.h:674
ssh_session_struct
Definition: session.h:127
ssh_signature_struct
Definition: pki.h:97
ssh_string_struct
Definition: string.h:33