00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021 #ifndef PKI_H_
00022 #define PKI_H_
00023
00024 #include "libssh/priv.h"
00025 #ifdef HAVE_OPENSSL_EC_H
00026 #include <openssl/ec.h>
00027 #endif
00028 #ifdef HAVE_OPENSSL_ECDSA_H
00029 #include <openssl/ecdsa.h>
00030 #endif
00031
00032 #include "libssh/crypto.h"
00033 #include "libssh/ed25519.h"
00034
00035 #define MAX_PUBKEY_SIZE 0x100000
00036 #define MAX_PRIVKEY_SIZE 0x400000
00037
00038 #define SSH_KEY_FLAG_EMPTY 0x0
00039 #define SSH_KEY_FLAG_PUBLIC 0x0001
00040 #define SSH_KEY_FLAG_PRIVATE 0x0002
00041
00042 struct ssh_key_struct {
00043 enum ssh_keytypes_e type;
00044 int flags;
00045 const char *type_c;
00046 int ecdsa_nid;
00047 #ifdef HAVE_LIBGCRYPT
00048 gcry_sexp_t dsa;
00049 gcry_sexp_t rsa;
00050 void *ecdsa;
00051 #elif HAVE_LIBCRYPTO
00052 DSA *dsa;
00053 RSA *rsa;
00054 #ifdef HAVE_OPENSSL_ECC
00055 EC_KEY *ecdsa;
00056 #else
00057 void *ecdsa;
00058 #endif
00059 #endif
00060 ed25519_pubkey *ed25519_pubkey;
00061 ed25519_privkey *ed25519_privkey;
00062 void *cert;
00063 };
00064
00065 struct ssh_signature_struct {
00066 enum ssh_keytypes_e type;
00067 const char *type_c;
00068 #ifdef HAVE_LIBGCRYPT
00069 gcry_sexp_t dsa_sig;
00070 gcry_sexp_t rsa_sig;
00071 void *ecdsa_sig;
00072 #elif defined HAVE_LIBCRYPTO
00073 DSA_SIG *dsa_sig;
00074 ssh_string rsa_sig;
00075 # ifdef HAVE_OPENSSL_ECC
00076 ECDSA_SIG *ecdsa_sig;
00077 # else
00078 void *ecdsa_sig;
00079 # endif
00080 #endif
00081 ed25519_signature *ed25519_sig;
00082 };
00083
00084 typedef struct ssh_signature_struct *ssh_signature;
00085
00086
00087 ssh_key ssh_key_dup(const ssh_key key);
00088 void ssh_key_clean (ssh_key key);
00089
00090
00091 ssh_signature ssh_signature_new(void);
00092 void ssh_signature_free(ssh_signature sign);
00093
00094 int ssh_pki_export_signature_blob(const ssh_signature sign,
00095 ssh_string *sign_blob);
00096 int ssh_pki_import_signature_blob(const ssh_string sig_blob,
00097 const ssh_key pubkey,
00098 ssh_signature *psig);
00099 int ssh_pki_signature_verify_blob(ssh_session session,
00100 ssh_string sig_blob,
00101 const ssh_key key,
00102 unsigned char *digest,
00103 size_t dlen);
00104
00105
00106 int ssh_pki_export_pubkey_blob(const ssh_key key,
00107 ssh_string *pblob);
00108 int ssh_pki_import_pubkey_blob(const ssh_string key_blob,
00109 ssh_key *pkey);
00110 int ssh_pki_export_pubkey_rsa1(const ssh_key key,
00111 const char *host,
00112 char *rsa1,
00113 size_t rsa1_len);
00114
00115
00116 ssh_string ssh_pki_do_sign(ssh_session session, ssh_buffer sigbuf,
00117 const ssh_key privatekey);
00118 ssh_string ssh_pki_do_sign_agent(ssh_session session,
00119 struct ssh_buffer_struct *buf,
00120 const ssh_key pubkey);
00121 ssh_string ssh_srv_pki_do_sign_sessionid(ssh_session session,
00122 const ssh_key privkey);
00123
00124
00125 ssh_public_key ssh_pki_convert_key_to_publickey(const ssh_key key);
00126 ssh_private_key ssh_pki_convert_key_to_privatekey(const ssh_key key);
00127
00128 #endif