diff options
author | des <des@FreeBSD.org> | 2010-03-09 19:16:43 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2010-03-09 19:16:43 +0000 |
commit | c3510f9e73156eaabbbfc18da7d796b9f9ff7ea9 (patch) | |
tree | 286162d33ef4c84bb329fd42641bbe0dd68cc42c /crypto/openssh/key.h | |
parent | 68f48e51f9a4d71d7fb9c332592215895a206ff6 (diff) | |
parent | 57baac6b030508c9bcd74f3b995bd6a4a4f79211 (diff) | |
download | FreeBSD-src-c3510f9e73156eaabbbfc18da7d796b9f9ff7ea9.zip FreeBSD-src-c3510f9e73156eaabbbfc18da7d796b9f9ff7ea9.tar.gz |
Upgrade to OpenSSH 5.4p1.
MFC after: 1 month
Diffstat (limited to 'crypto/openssh/key.h')
-rw-r--r-- | crypto/openssh/key.h | 32 |
1 files changed, 29 insertions, 3 deletions
diff --git a/crypto/openssh/key.h b/crypto/openssh/key.h index 14aac79..6a2e049 100644 --- a/crypto/openssh/key.h +++ b/crypto/openssh/key.h @@ -1,4 +1,4 @@ -/* $OpenBSD: key.h,v 1.27 2008/06/11 21:01:35 grunk Exp $ */ +/* $OpenBSD: key.h,v 1.28 2010/02/26 20:29:54 djm Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. @@ -26,6 +26,7 @@ #ifndef KEY_H #define KEY_H +#include "buffer.h" #include <openssl/rsa.h> #include <openssl/dsa.h> @@ -34,6 +35,8 @@ enum types { KEY_RSA1, KEY_RSA, KEY_DSA, + KEY_RSA_CERT, + KEY_DSA_CERT, KEY_UNSPEC }; enum fp_type { @@ -49,20 +52,35 @@ enum fp_rep { /* key is stored in external hardware */ #define KEY_FLAG_EXT 0x0001 +#define CERT_MAX_PRINCIPALS 256 +struct KeyCert { + Buffer certblob; /* Kept around for use on wire */ + u_int type; /* SSH2_CERT_TYPE_USER or SSH2_CERT_TYPE_HOST */ + char *key_id; + u_int nprincipals; + char **principals; + u_int64_t valid_after, valid_before; + Buffer constraints; + Key *signature_key; +}; + struct Key { int type; int flags; RSA *rsa; DSA *dsa; + struct KeyCert *cert; }; Key *key_new(int); +void key_add_private(Key *); Key *key_new_private(int); void key_free(Key *); Key *key_demote(const Key *); +int key_equal_public(const Key *, const Key *); int key_equal(const Key *, const Key *); -char *key_fingerprint(const Key *, enum fp_type, enum fp_rep); -u_char *key_fingerprint_raw(const Key *, enum fp_type, u_int *); +char *key_fingerprint(Key *, enum fp_type, enum fp_rep); +u_char *key_fingerprint_raw(Key *, enum fp_type, u_int *); const char *key_type(const Key *); int key_write(const Key *, FILE *); int key_read(Key *, char **); @@ -71,6 +89,14 @@ u_int key_size(const Key *); Key *key_generate(int, u_int); Key *key_from_private(const Key *); int key_type_from_name(char *); +int key_is_cert(const Key *); +int key_type_plain(int); +int key_to_certified(Key *); +int key_drop_cert(Key *); +int key_certify(Key *, Key *); +void key_cert_copy(const Key *, struct Key *); +int key_cert_check_authority(const Key *, int, int, const char *, + const char **); Key *key_from_blob(const u_char *, u_int); int key_to_blob(const Key *, u_char **, u_int *); |