ssh_cert_parse.h File Reference

SSH certificate parsing. More...

#include "ssh_types.h"

Go to the source code of this file.

Data Structures

struct  SshRsaCertPublicKey
 RSA public key. More...
 
struct  SshDsaCertPublicKey
 DSA public key. More...
 
struct  SshEcdsaCertPublicKey
 ECDSA public key. More...
 
struct  SshEd25519CertPublicKey
 Ed25519 public key. More...
 
union  SshCertPublicKey
 Public key. More...
 
struct  SshCertificate
 SSH certificate (OpenSSH format) More...
 

Enumerations

enum  SshCertType { SSH_CERT_TYPE_USER = 1 , SSH_CERT_TYPE_HOST = 2 }
 SSH certificate types. More...
 

Functions

error_t sshParseCertificate (const uint8_t *data, size_t length, SshCertificate *cert)
 Parse SSH certificate. More...
 
error_t sshParseRsaCertPublicKey (const uint8_t *data, size_t length, size_t *consumed, SshRsaCertPublicKey *publicKey)
 Parse an RSA public key. More...
 
error_t sshParseDsaCertPublicKey (const uint8_t *data, size_t length, size_t *consumed, SshDsaCertPublicKey *publicKey)
 Parse a DSA public key. More...
 
error_t sshParseEcdsaCertPublicKey (const uint8_t *data, size_t length, size_t *consumed, SshEcdsaCertPublicKey *publicKey)
 Parse an ECDSA public key. More...
 
error_t sshParseEd25519CertPublicKey (const uint8_t *data, size_t length, size_t *consumed, SshEd25519CertPublicKey *publicKey)
 Parse an Ed25519 public key. More...
 
error_t sshParseValidPrincipals (const uint8_t *data, size_t length, SshBinaryString *validPrincipals)
 Parse 'valid principals' field. More...
 
error_t sshParseCriticalOptions (const uint8_t *data, size_t length, SshBinaryString *criticalOptions)
 Parse 'critical options' field. More...
 
error_t sshParseExtensions (const uint8_t *data, size_t length, SshBinaryString *extensions)
 Parse 'extensions' field. More...
 
bool_t sshGetValidPrincipal (const SshCertificate *cert, uint_t index, SshString *name)
 Extract the principal name at specified index. More...
 
bool_t sshGetCriticalOption (const SshCertificate *cert, uint_t index, SshString *name, SshBinaryString *data)
 Extract the critical option at specified index. More...
 
bool_t sshGetExtension (const SshCertificate *cert, uint_t index, SshString *name, SshBinaryString *data)
 Extract the extension at specified index. More...
 

Detailed Description

SSH certificate parsing.

License

SPDX-License-Identifier: GPL-2.0-or-later

Copyright (C) 2019-2024 Oryx Embedded SARL. All rights reserved.

This file is part of CycloneSSH Open.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Author
Oryx Embedded SARL (www.oryx-embedded.com)
Version
2.4.0

Definition in file ssh_cert_parse.h.

Enumeration Type Documentation

◆ SshCertType

SSH certificate types.

Enumerator
SSH_CERT_TYPE_USER 
SSH_CERT_TYPE_HOST 

Definition at line 47 of file ssh_cert_parse.h.

Function Documentation

◆ sshGetCriticalOption()

bool_t sshGetCriticalOption ( const SshCertificate cert,
uint_t  index,
SshString name,
SshBinaryString data 
)

Extract the critical option at specified index.

Parameters
[in]certPointer to the SSH certificate
[in]indexZero-based index of the element to get
[out]nameOption name
[out]dataOption value
Returns
TRUE if the index is valid, else FALSE

Definition at line 692 of file ssh_cert_parse.c.

◆ sshGetExtension()

bool_t sshGetExtension ( const SshCertificate cert,
uint_t  index,
SshString name,
SshBinaryString data 
)

Extract the extension at specified index.

Parameters
[in]certPointer to the SSH certificate
[in]indexZero-based index of the element to get
[out]nameExtension name
[out]dataExtension value
Returns
TRUE if the index is valid, else FALSE

Definition at line 746 of file ssh_cert_parse.c.

◆ sshGetValidPrincipal()

bool_t sshGetValidPrincipal ( const SshCertificate cert,
uint_t  index,
SshString name 
)

Extract the principal name at specified index.

Parameters
[in]certPointer to the SSH certificate
[in]indexZero-based index of the element to get
[out]namePrincipal name
Returns
TRUE if the index is valid, else FALSE

Definition at line 648 of file ssh_cert_parse.c.

◆ sshParseCertificate()

error_t sshParseCertificate ( const uint8_t *  data,
size_t  length,
SshCertificate cert 
)

Parse SSH certificate.

Parameters
[in]dataPointer to the certificate
[in]lengthLength of the certificate, in bytes
[out]certInformation resulting from the parsing process
Returns
Error code

Definition at line 52 of file ssh_cert_parse.c.

◆ sshParseCriticalOptions()

error_t sshParseCriticalOptions ( const uint8_t *  data,
size_t  length,
SshBinaryString criticalOptions 
)

Parse 'critical options' field.

Parameters
[in]dataPointer to the input data to parse
[in]lengthNumber of bytes available in the input data
[out]criticalOptionsInformation resulting from the parsing process
Returns
Error code

Definition at line 534 of file ssh_cert_parse.c.

◆ sshParseDsaCertPublicKey()

error_t sshParseDsaCertPublicKey ( const uint8_t *  data,
size_t  length,
size_t *  consumed,
SshDsaCertPublicKey publicKey 
)

Parse a DSA public key.

Parameters
[in]dataPointer to the input data to parse
[in]lengthNumber of bytes available in the input data
[in]consumedNumber of bytes that have been consumed
[out]publicKeyInformation resulting from the parsing process
Returns
Error code

Definition at line 321 of file ssh_cert_parse.c.

◆ sshParseEcdsaCertPublicKey()

error_t sshParseEcdsaCertPublicKey ( const uint8_t *  data,
size_t  length,
size_t *  consumed,
SshEcdsaCertPublicKey publicKey 
)

Parse an ECDSA public key.

Parameters
[in]dataPointer to the input data to parse
[in]lengthNumber of bytes available in the input data
[in]consumedNumber of bytes that have been consumed
[out]publicKeyInformation resulting from the parsing process
Returns
Error code

Definition at line 392 of file ssh_cert_parse.c.

◆ sshParseEd25519CertPublicKey()

error_t sshParseEd25519CertPublicKey ( const uint8_t *  data,
size_t  length,
size_t *  consumed,
SshEd25519CertPublicKey publicKey 
)

Parse an Ed25519 public key.

Parameters
[in]dataPointer to the input data to parse
[in]lengthNumber of bytes available in the input data
[in]consumedNumber of bytes that have been consumed
[out]publicKeyInformation resulting from the parsing process
Returns
Error code

Definition at line 441 of file ssh_cert_parse.c.

◆ sshParseExtensions()

error_t sshParseExtensions ( const uint8_t *  data,
size_t  length,
SshBinaryString extensions 
)

Parse 'extensions' field.

Parameters
[in]dataPointer to the input data to parse
[in]lengthNumber of bytes available in the input data
[out]extensionsInformation resulting from the parsing process
Returns
Error code

Definition at line 591 of file ssh_cert_parse.c.

◆ sshParseRsaCertPublicKey()

error_t sshParseRsaCertPublicKey ( const uint8_t *  data,
size_t  length,
size_t *  consumed,
SshRsaCertPublicKey publicKey 
)

Parse an RSA public key.

Parameters
[in]dataPointer to the input data to parse
[in]lengthNumber of bytes available in the input data
[in]consumedNumber of bytes that have been consumed
[out]publicKeyInformation resulting from the parsing process
Returns
Error code

Definition at line 272 of file ssh_cert_parse.c.

◆ sshParseValidPrincipals()

error_t sshParseValidPrincipals ( const uint8_t *  data,
size_t  length,
SshBinaryString validPrincipals 
)

Parse 'valid principals' field.

Parameters
[in]dataPointer to the input data to parse
[in]lengthNumber of bytes available in the input data
[out]validPrincipalsInformation resulting from the parsing process
Returns
Error code

Definition at line 478 of file ssh_cert_parse.c.