Grid Community Toolkit  6.2.1653033972 (tag: v6.2.20220524)
 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
ssh-sk.h
1 /* $OpenBSD: ssh-sk.h,v 1.10 2020/01/10 23:43:26 djm Exp $ */
2 /*
3  * Copyright (c) 2019 Google LLC
4  *
5  * Permission to use, copy, modify, and distribute this software for any
6  * purpose with or without fee is hereby granted, provided that the above
7  * copyright notice and this permission notice appear in all copies.
8  *
9  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16  */
17 
18 #ifndef _SSH_SK_H
19 #define _SSH_SK_H 1
20 
21 struct sshbuf;
22 struct sshkey;
23 struct sk_option;
24 
25 /* Version of protocol expected from ssh-sk-helper */
26 #define SSH_SK_HELPER_VERSION 5
27 
28 /* ssh-sk-helper messages */
29 #define SSH_SK_HELPER_ERROR 0 /* Only valid H->C */
30 #define SSH_SK_HELPER_SIGN 1
31 #define SSH_SK_HELPER_ENROLL 2
32 #define SSH_SK_HELPER_LOAD_RESIDENT 3
33 
34 /*
35  * Enroll (generate) a new security-key hosted private key of given type
36  * via the specified provider middleware.
37  * If challenge_buf is NULL then a random 256 bit challenge will be used.
38  *
39  * Returns 0 on success or a ssherr.h error code on failure.
40  *
41  * If successful and the attest_data buffer is not NULL then attestation
42  * information is placed there.
43  */
44 int sshsk_enroll(int type, const char *provider_path, const char *device,
45  const char *application, const char *userid, uint8_t flags,
46  const char *pin, struct sshbuf *challenge_buf,
47  struct sshkey **keyp, struct sshbuf *attest);
48 
49 /*
50  * Calculate an ECDSA_SK or ED25519_SK signature using the specified key
51  * and provider middleware.
52  *
53  * Returns 0 on success or a ssherr.h error code on failure.
54  */
55 int sshsk_sign(const char *provider_path, struct sshkey *key,
56  u_char **sigp, size_t *lenp, const u_char *data, size_t datalen,
57  u_int compat, const char *pin);
58 
59 /*
60  * Enumerates and loads all SSH-compatible resident keys from a security
61  * key.
62  *
63  * Returns 0 on success or a ssherr.h error code on failure.
64  */
65 int sshsk_load_resident(const char *provider_path, const char *device,
66  const char *pin, struct sshkey ***keysp, size_t *nkeysp);
67 
68 #endif /* _SSH_SK_H */
69