Google Git
Sign in
apache / guacamole-server / e5b3af8ffe9f14ef47225261584ab186d5230849 / . / src / common-ssh / guac_ssh_key.h
blob: 1754deaedb3800c13c5e3bfa1b4145580851e351 [file] [log] [blame]
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
#ifndef GUAC_COMMON_SSH_KEY_H
#define GUAC_COMMON_SSH_KEY_H
#include "config.h"
#include <openssl/ossl_typ.h>
/**
* The expected header of RSA private keys.
*/
#define SSH_RSA_KEY_HEADER "-----BEGIN RSA PRIVATE KEY-----"
/**
* The expected header of DSA private keys.
*/
#define SSH_DSA_KEY_HEADER "-----BEGIN DSA PRIVATE KEY-----"
/**
* The size of single number within a DSA signature, in bytes.
*/
#define DSA_SIG_NUMBER_SIZE 20
/**
* The size of a DSA signature, in bytes.
*/
#define DSA_SIG_SIZE DSA_SIG_NUMBER_SIZE*2
/**
* The type of an SSH key.
*/
typedef enum guac_common_ssh_key_type {
/**
* RSA key.
*/
SSH_KEY_RSA,
/**
* DSA key.
*/
SSH_KEY_DSA
} guac_common_ssh_key_type;
/**
* Abstraction of a key used for SSH authentication.
*/
typedef struct guac_common_ssh_key {
/**
* The type of this key.
*/
guac_common_ssh_key_type type;
/**
* Underlying RSA private key, if any.
*/
RSA* rsa;
/**
* Underlying DSA private key, if any.
*/
DSA* dsa;
/**
* The associated public key, encoded as necessary for SSH.
*/
char* public_key;
/**
* The length of the public key, in bytes.
*/
int public_key_length;
/**
* The private key, encoded as necessary for SSH.
*/
char* private_key;
/**
* The length of the private key, in bytes.
*/
int private_key_length;
} guac_common_ssh_key;
/**
* Allocates a new key containing the given private key data and specified
* passphrase. If unable to read the key, NULL is returned.
*
* @param data
* The base64-encoded data to decode when reading the key.
*
* @param length
* The length of the provided data, in bytes.
*
* @param passphrase
* The passphrase to use when decrypting the key, if any, or an empty
* string or NULL if no passphrase is needed.
*
* @return
* The decoded, decrypted private key, or NULL if the key could not be
* decoded.
*/
guac_common_ssh_key* guac_common_ssh_key_alloc(char* data, int length,
char* passphrase);
/**
* Returns a statically-allocated string describing the most recent SSH key
* error.
*
* @return
* A statically-allocated string describing the most recent SSH key error.
*/
const char* guac_common_ssh_key_error();
/**
* Frees all memory associated with the given key.
*
* @param key
* The key to free.
*/
void guac_common_ssh_key_free(guac_common_ssh_key* key);
/**
* Signs the given data using the given key, returning the length of the
* signature in bytes, or a value less than zero on error.
*
* @param key
* The key to use when signing the given data.
*
* @param data
* The arbitrary data to sign.
*
* @param length
* The length of the arbitrary data being signed, in bytes.
*
* @param sig
* The buffer into which the signature should be written. The buffer must
* be at least DSA_SIG_SIZE for DSA keys. For RSA keys, the signature size
* is dependent only on key size, and is equal to the length of the
* modulus, in bytes.
*
* @return
* The number of bytes in the resulting signature.
*/
int guac_common_ssh_key_sign(guac_common_ssh_key* key, const char* data,
int length, unsigned char* sig);
#endif