| 1 | #ifndef __KEY_STORE_H__␊ |
| 2 | #define __KEY_STORE_H__␊ |
| 3 | ␊ |
| 4 | #include <boost/scoped_ptr.hpp>␊ |
| 5 | #include "vector.hh"␊ |
| 6 | #include "vocab.hh"␊ |
| 7 | #include "paths.hh"␊ |
| 8 | ␊ |
| 9 | class app_state;␊ |
| 10 | struct globish;␊ |
| 11 | class database;␊ |
| 12 | ␊ |
| 13 | struct keypair␊ |
| 14 | {␊ |
| 15 | rsa_pub_key pub;␊ |
| 16 | rsa_priv_key priv;␊ |
| 17 | keypair()␊ |
| 18 | {}␊ |
| 19 | keypair(rsa_pub_key const & a,␊ |
| 20 | rsa_priv_key const & b)␊ |
| 21 | : pub(a), priv(b)␊ |
| 22 | {}␊ |
| 23 | };␊ |
| 24 | ␊ |
| 25 | struct key_store_state;␊ |
| 26 | ␊ |
| 27 | class key_store␊ |
| 28 | {␊ |
| 29 | private:␊ |
| 30 | boost::scoped_ptr<key_store_state> s;␊ |
| 31 | ␊ |
| 32 | public:␊ |
| 33 | rsa_keypair_id signing_key;␊ |
| 34 | ␊ |
| 35 | explicit key_store(app_state & a);␊ |
| 36 | ~key_store();␊ |
| 37 | ␊ |
| 38 | system_path const & get_key_dir();␊ |
| 39 | ␊ |
| 40 | // Basic key I/O␊ |
| 41 | ␊ |
| 42 | void get_key_ids(std::vector<rsa_keypair_id> & priv);␊ |
| 43 | void get_key_ids(globish const & pattern,␊ |
| 44 | std::vector<rsa_keypair_id> & priv);␊ |
| 45 | ␊ |
| 46 | bool key_pair_exists(rsa_keypair_id const & ident);␊ |
| 47 | ␊ |
| 48 | void get_key_pair(rsa_keypair_id const & ident,␊ |
| 49 | keypair & kp);␊ |
| 50 | bool maybe_get_key_pair(rsa_keypair_id const & ident,␊ |
| 51 | keypair & kp);␊ |
| 52 | bool maybe_get_key_pair(id const & hash,␊ |
| 53 | rsa_keypair_id & ident,␊ |
| 54 | keypair & kp);␊ |
| 55 | ␊ |
| 56 | bool put_key_pair(rsa_keypair_id const & ident,␊ |
| 57 | keypair const & kp);␊ |
| 58 | ␊ |
| 59 | void delete_key(rsa_keypair_id const & ident);␊ |
| 60 | ␊ |
| 61 | // Crypto operations␊ |
| 62 | ␊ |
| 63 | void cache_decrypted_key(rsa_keypair_id const & id);␊ |
| 64 | ␊ |
| 65 | void create_key_pair(database & db, rsa_keypair_id const & id,␊ |
| 66 | utf8 const * maybe_passphrase = NULL,␊ |
| 67 | id * maybe_pubhash = NULL,␊ |
| 68 | id * maybe_privhash = NULL);␊ |
| 69 | ␊ |
| 70 | void change_key_passphrase(rsa_keypair_id const & id);␊ |
| 71 | ␊ |
| 72 | void decrypt_rsa(rsa_keypair_id const & id,␊ |
| 73 | rsa_oaep_sha_data const & ciphertext,␊ |
| 74 | std::string & plaintext);␊ |
| 75 | ␊ |
| 76 | void make_signature(database & db, rsa_keypair_id const & id,␊ |
| 77 | std::string const & tosign,␊ |
| 78 | rsa_sha1_signature & signature);␊ |
| 79 | ␊ |
| 80 | // Interoperation with ssh-agent␊ |
| 81 | ␊ |
| 82 | void add_key_to_agent(rsa_keypair_id const & id);␊ |
| 83 | void export_key_for_agent(rsa_keypair_id const & id,␊ |
| 84 | std::ostream & os);␊ |
| 85 | ␊ |
| 86 | // Migration from old databases␊ |
| 87 | ␊ |
| 88 | void migrate_old_key_pair(rsa_keypair_id const & id,␊ |
| 89 | old_arc4_rsa_priv_key const & old_priv,␊ |
| 90 | rsa_pub_key const & pub);␊ |
| 91 | };␊ |
| 92 | ␊ |
| 93 | // Local Variables:␊ |
| 94 | // mode: C++␊ |
| 95 | // fill-column: 76␊ |
| 96 | // c-file-style: "gnu"␊ |
| 97 | // indent-tabs-mode: nil␊ |
| 98 | // End:␊ |
| 99 | // vim: et:sw=2:sts=2:ts=2:cino=>2s,{s,\:s,+s,t0,g0,^-2,e-2,n-2,p2s,(0,=s:␊ |
| 100 | ␊ |
| 101 | #endif␊ |
