ssh_cert_parse.h File Reference

SSH certificate parsing. More...

#include "ssh_types.h"

Go to the source code of this file.

Data Structures

struct  SshRsaCertPublicKey
 RSA public key. More...
 
struct  SshDsaCertPublicKey
 DSA public key. More...
 
struct  SshEcdsaCertPublicKey
 ECDSA public key. More...
 
struct  SshEddsaCertPublicKey
 EdDSA public key. More...
 
union  SshCertPublicKey
 Public key. More...
 
struct  SshCertificate
 SSH certificate (OpenSSH format) More...
 

Enumerations

enum  SshCertType { SSH_CERT_TYPE_USER = 1, SSH_CERT_TYPE_HOST = 2 }
 SSH certificate types. More...
 

Functions

error_t sshParseCertificate (const uint8_t *data, size_t length, SshCertificate *cert)
 Parse SSH certificate. More...
 
error_t sshParseRsaCertPublicKey (const uint8_t *data, size_t length, size_t *consumed, SshRsaCertPublicKey *publicKey)
 Parse an RSA public key. More...
 
error_t sshParseDsaCertPublicKey (const uint8_t *data, size_t length, size_t *consumed, SshDsaCertPublicKey *publicKey)
 Parse a DSA public key. More...
 
error_t sshParseEcdsaCertPublicKey (const uint8_t *data, size_t length, size_t *consumed, SshEcdsaCertPublicKey *publicKey)
 Parse an ECDSA public key. More...
 
error_t sshParseEddsaCertPublicKey (const uint8_t *data, size_t length, size_t *consumed, SshEddsaCertPublicKey *publicKey)
 Parse an EdDSA public key. More...
 
error_t sshParseValidPrincipals (const uint8_t *data, size_t length, SshBinaryString *validPrincipals)
 Parse 'valid principals' field. More...
 
error_t sshParseCriticalOptions (const uint8_t *data, size_t length, SshBinaryString *criticalOptions)
 Parse 'critical options' field. More...
 
error_t sshParseExtensions (const uint8_t *data, size_t length, SshBinaryString *extensions)
 Parse 'extensions' field. More...
 
bool_t sshGetValidPrincipal (const SshCertificate *cert, uint_t index, SshString *name)
 Extract the principal name at specified index. More...
 
bool_t sshGetCriticalOption (const SshCertificate *cert, uint_t index, SshString *name, SshBinaryString *data)
 Extract the critical option at specified index. More...
 
bool_t sshGetExtension (const SshCertificate *cert, uint_t index, SshString *name, SshBinaryString *data)
 Extract the extension at specified index. More...
 

Detailed Description

SSH certificate parsing.

License

SPDX-License-Identifier: GPL-2.0-or-later

Copyright (C) 2019-2025 Oryx Embedded SARL. All rights reserved.

This file is part of CycloneSSH Open.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Author
Oryx Embedded SARL (www.oryx-embedded.com)
Version
2.5.2

Definition in file ssh_cert_parse.h.

Enumeration Type Documentation

◆ SshCertType

SSH certificate types.

Enumerator
SSH_CERT_TYPE_USER 
SSH_CERT_TYPE_HOST 

Definition at line 47 of file ssh_cert_parse.h.

Function Documentation

◆ sshGetCriticalOption()

bool_t sshGetCriticalOption ( const SshCertificate cert,
uint_t  index,
SshString name,
SshBinaryString data 
)

Extract the critical option at specified index.

Parameters
[in]certPointer to the SSH certificate
[in]indexZero-based index of the element to get
[out]nameOption name
[out]dataOption value
Returns
TRUE if the index is valid, else FALSE

Definition at line 708 of file ssh_cert_parse.c.

◆ sshGetExtension()

bool_t sshGetExtension ( const SshCertificate cert,
uint_t  index,
SshString name,
SshBinaryString data 
)

Extract the extension at specified index.

Parameters
[in]certPointer to the SSH certificate
[in]indexZero-based index of the element to get
[out]nameExtension name
[out]dataExtension value
Returns
TRUE if the index is valid, else FALSE

Definition at line 762 of file ssh_cert_parse.c.

◆ sshGetValidPrincipal()

bool_t sshGetValidPrincipal ( const SshCertificate cert,
uint_t  index,
SshString name 
)

Extract the principal name at specified index.

Parameters
[in]certPointer to the SSH certificate
[in]indexZero-based index of the element to get
[out]namePrincipal name
Returns
TRUE if the index is valid, else FALSE

Definition at line 664 of file ssh_cert_parse.c.

◆ sshParseCertificate()

error_t sshParseCertificate ( const uint8_t *  data,
size_t  length,
SshCertificate cert 
)

Parse SSH certificate.

Parameters
[in]dataPointer to the certificate
[in]lengthLength of the certificate, in bytes
[out]certInformation resulting from the parsing process
Returns
Error code

Definition at line 52 of file ssh_cert_parse.c.

◆ sshParseCriticalOptions()

error_t sshParseCriticalOptions ( const uint8_t *  data,
size_t  length,
SshBinaryString criticalOptions 
)

Parse 'critical options' field.

Parameters
[in]dataPointer to the input data to parse
[in]lengthNumber of bytes available in the input data
[out]criticalOptionsInformation resulting from the parsing process
Returns
Error code

Definition at line 550 of file ssh_cert_parse.c.

◆ sshParseDsaCertPublicKey()

error_t sshParseDsaCertPublicKey ( const uint8_t *  data,
size_t  length,
size_t *  consumed,
SshDsaCertPublicKey publicKey 
)

Parse a DSA public key.

Parameters
[in]dataPointer to the input data to parse
[in]lengthNumber of bytes available in the input data
[in]consumedNumber of bytes that have been consumed
[out]publicKeyInformation resulting from the parsing process
Returns
Error code

Definition at line 337 of file ssh_cert_parse.c.

◆ sshParseEcdsaCertPublicKey()

error_t sshParseEcdsaCertPublicKey ( const uint8_t *  data,
size_t  length,
size_t *  consumed,
SshEcdsaCertPublicKey publicKey 
)

Parse an ECDSA public key.

Parameters
[in]dataPointer to the input data to parse
[in]lengthNumber of bytes available in the input data
[in]consumedNumber of bytes that have been consumed
[out]publicKeyInformation resulting from the parsing process
Returns
Error code

Definition at line 408 of file ssh_cert_parse.c.

◆ sshParseEddsaCertPublicKey()

error_t sshParseEddsaCertPublicKey ( const uint8_t *  data,
size_t  length,
size_t *  consumed,
SshEddsaCertPublicKey publicKey 
)

Parse an EdDSA public key.

Parameters
[in]dataPointer to the input data to parse
[in]lengthNumber of bytes available in the input data
[in]consumedNumber of bytes that have been consumed
[out]publicKeyInformation resulting from the parsing process
Returns
Error code

Definition at line 457 of file ssh_cert_parse.c.

◆ sshParseExtensions()

error_t sshParseExtensions ( const uint8_t *  data,
size_t  length,
SshBinaryString extensions 
)

Parse 'extensions' field.

Parameters
[in]dataPointer to the input data to parse
[in]lengthNumber of bytes available in the input data
[out]extensionsInformation resulting from the parsing process
Returns
Error code

Definition at line 607 of file ssh_cert_parse.c.

◆ sshParseRsaCertPublicKey()

error_t sshParseRsaCertPublicKey ( const uint8_t *  data,
size_t  length,
size_t *  consumed,
SshRsaCertPublicKey publicKey 
)

Parse an RSA public key.

Parameters
[in]dataPointer to the input data to parse
[in]lengthNumber of bytes available in the input data
[in]consumedNumber of bytes that have been consumed
[out]publicKeyInformation resulting from the parsing process
Returns
Error code

Definition at line 288 of file ssh_cert_parse.c.

◆ sshParseValidPrincipals()

error_t sshParseValidPrincipals ( const uint8_t *  data,
size_t  length,
SshBinaryString validPrincipals 
)

Parse 'valid principals' field.

Parameters
[in]dataPointer to the input data to parse
[in]lengthNumber of bytes available in the input data
[out]validPrincipalsInformation resulting from the parsing process
Returns
Error code

Definition at line 494 of file ssh_cert_parse.c.