| 1 | /* $NetBSD: krl.h,v 1.3 2019/04/20 17:16:40 christos Exp $ */ |
|---|---|
| 2 | /* |
| 3 | * Copyright (c) 2012 Damien Miller <djm@mindrot.org> |
| 4 | * |
| 5 | * Permission to use, copy, modify, and distribute this software for any |
| 6 | * purpose with or without fee is hereby granted, provided that the above |
| 7 | * copyright notice and this permission notice appear in all copies. |
| 8 | * |
| 9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
| 10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
| 11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
| 12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
| 13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
| 14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
| 15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 16 | */ |
| 17 | |
| 18 | /* $OpenBSD: krl.h,v 1.6 2018/09/12 01:21:34 djm Exp $ */ |
| 19 | |
| 20 | #ifndef _KRL_H |
| 21 | #define _KRL_H |
| 22 | |
| 23 | /* Functions to manage key revocation lists */ |
| 24 | |
| 25 | #define KRL_MAGIC "SSHKRL\n\0" |
| 26 | #define KRL_FORMAT_VERSION 1 |
| 27 | |
| 28 | /* KRL section types */ |
| 29 | #define KRL_SECTION_CERTIFICATES 1 |
| 30 | #define KRL_SECTION_EXPLICIT_KEY 2 |
| 31 | #define KRL_SECTION_FINGERPRINT_SHA1 3 |
| 32 | #define KRL_SECTION_SIGNATURE 4 |
| 33 | #define KRL_SECTION_FINGERPRINT_SHA256 5 |
| 34 | |
| 35 | /* KRL_SECTION_CERTIFICATES subsection types */ |
| 36 | #define KRL_SECTION_CERT_SERIAL_LIST 0x20 |
| 37 | #define KRL_SECTION_CERT_SERIAL_RANGE 0x21 |
| 38 | #define KRL_SECTION_CERT_SERIAL_BITMAP 0x22 |
| 39 | #define KRL_SECTION_CERT_KEY_ID 0x23 |
| 40 | |
| 41 | struct sshkey; |
| 42 | struct sshbuf; |
| 43 | struct ssh_krl; |
| 44 | |
| 45 | struct ssh_krl *ssh_krl_init(void); |
| 46 | void ssh_krl_free(struct ssh_krl *krl); |
| 47 | void ssh_krl_set_version(struct ssh_krl *krl, u_int64_t version); |
| 48 | int ssh_krl_set_comment(struct ssh_krl *krl, const char *comment); |
| 49 | int ssh_krl_revoke_cert_by_serial(struct ssh_krl *krl, |
| 50 | const struct sshkey *ca_key, u_int64_t serial); |
| 51 | int ssh_krl_revoke_cert_by_serial_range(struct ssh_krl *krl, |
| 52 | const struct sshkey *ca_key, u_int64_t lo, u_int64_t hi); |
| 53 | int ssh_krl_revoke_cert_by_key_id(struct ssh_krl *krl, |
| 54 | const struct sshkey *ca_key, const char *key_id); |
| 55 | int ssh_krl_revoke_key_explicit(struct ssh_krl *krl, const struct sshkey *key); |
| 56 | int ssh_krl_revoke_key_sha1(struct ssh_krl *krl, const u_char *p, size_t len); |
| 57 | int ssh_krl_revoke_key_sha256(struct ssh_krl *krl, const u_char *p, size_t len); |
| 58 | int ssh_krl_revoke_key(struct ssh_krl *krl, const struct sshkey *key); |
| 59 | int ssh_krl_to_blob(struct ssh_krl *krl, struct sshbuf *buf, |
| 60 | const struct sshkey **sign_keys, u_int nsign_keys); |
| 61 | int ssh_krl_from_blob(struct sshbuf *buf, struct ssh_krl **krlp, |
| 62 | const struct sshkey **sign_ca_keys, size_t nsign_ca_keys); |
| 63 | int ssh_krl_check_key(struct ssh_krl *krl, const struct sshkey *key); |
| 64 | int ssh_krl_file_contains_key(const char *path, const struct sshkey *key); |
| 65 | |
| 66 | #endif /* _KRL_H */ |
| 67 | |
| 68 |
Generated while processing netbsd/crypto/external/bsd/openssh/dist/authfile.c
Generated on 2019-Jul-19 from project netbsd revision f9da89e0d
Powered by 
Code Browser 2.1
Generator usage only permitted with license.