package ssh-agent

  1. Overview
  2. Docs
Legend:
Library
Module
Module type
Parameter
Class
Class type
module Pubkey : sig ... end
module Privkey : sig ... end
type identity = {
  1. pubkey : Pubkey.t;
  2. comment : string;
}
val sexp_of_identity : identity -> Sexplib0.Sexp.t
type sign_flag =
  1. | SSH_AGENT_RSA_SHA2_256
  2. | SSH_AGENT_RSA_SHA2_512

Flags for what hashing algorithm is desired when doing a signing request. * SHA1 is assumed otherwise.

val sexp_of_sign_flag : sign_flag -> Sexplib0.Sexp.t
type key_constraint =
  1. | Lifetime of int32
  2. | Confirm
val sexp_of_key_constraint : key_constraint -> Sexplib0.Sexp.t
type ssh_agent_request_type = [
  1. | `Ssh_agentc_request_identities
  2. | `Ssh_agentc_sign_request
  3. | `Ssh_agentc_extension
  4. | `Ssh_agentc_successable
]

ssh_agent_request_type is used in the below GADTs for enforcing protocol * semantics. It represents types of requests. The `Ssh_agentc_successable * type is a generalization of all requests that expect either success or * failure.

type _ ssh_agent_request =
  1. | Ssh_agentc_request_identities : [ `Ssh_agentc_request_identities ] ssh_agent_request
  2. | Ssh_agentc_add_identity : {
    1. privkey : Privkey.t;
    2. key_comment : string;
    } -> [ `Ssh_agentc_successable ] ssh_agent_request
  3. | Ssh_agentc_remove_identity : Pubkey.t -> [ `Ssh_agentc_successable ] ssh_agent_request
  4. | Ssh_agentc_remove_all_identities : [ `Ssh_agentc_successable ] ssh_agent_request
  5. | Ssh_agentc_add_smartcard_key : {
    1. smartcard_id : string;
    2. smartcard_pin : string;
    } -> [ `Ssh_agentc_successable ] ssh_agent_request
  6. | Ssh_agentc_remove_smartcard_key : {
    1. smartcard_reader_id : string;
    2. smartcard_reader_pin : string;
    } -> [ `Ssh_agentc_successable ] ssh_agent_request
  7. | Ssh_agentc_lock : string -> [ `Ssh_agentc_successable ] ssh_agent_request
  8. | Ssh_agentc_unlock : string -> [ `Ssh_agentc_successable ] ssh_agent_request
  9. | Ssh_agentc_add_id_constrained : {
    1. privkey : Privkey.t;
    2. key_comment : string;
    3. key_constraints : key_constraint list;
    } -> [ `Ssh_agentc_successable ] ssh_agent_request
  10. | Ssh_agentc_add_smartcard_key_constrained : {
    1. smartcard_id : string;
    2. smartcard_pin : string;
    3. smartcard_constraints : key_constraint list;
    } -> [ `Ssh_agentc_successable ] ssh_agent_request
  11. | Ssh_agentc_extension : {
    1. extension_type : string;
    2. extension_contents : string;
    } -> [ `Ssh_agentc_extension ] ssh_agent_request
val sexp_of_ssh_agent_request : ('a__001_ -> Sexplib0.Sexp.t) -> 'a__001_ ssh_agent_request -> Sexplib0.Sexp.t
type any_ssh_agent_request =
  1. | Any_request : 'a ssh_agent_request -> any_ssh_agent_request
val sexp_of_any_ssh_agent_request : any_ssh_agent_request -> Sexplib0.Sexp.t
type _ ssh_agent_response =
  1. | Ssh_agent_failure : [< ssh_agent_request_type ] ssh_agent_response
  2. | Ssh_agent_success : [ `Ssh_agentc_successable ] ssh_agent_response
  3. | Ssh_agent_extension_failure : [ `Ssh_agentc_extension ] ssh_agent_response
  4. | Ssh_agent_extension_blob : string -> [ `Ssh_agentc_extension ] ssh_agent_response
    (*

    Generic uninterpreted response - it's up to the library user to interpret * the message body.

    *)
  5. | Ssh_agent_identities_answer : identity list -> [ `Ssh_agentc_request_identities ] ssh_agent_response
  6. | Ssh_agent_sign_response : string -> [ `Ssh_agentc_sign_request ] ssh_agent_response
val sexp_of_ssh_agent_response : ('a__002_ -> Sexplib0.Sexp.t) -> 'a__002_ ssh_agent_response -> Sexplib0.Sexp.t
type any_ssh_agent_response =
  1. | Any_response : 'a ssh_agent_response -> any_ssh_agent_response
val sexp_of_any_ssh_agent_response : any_ssh_agent_response -> Sexplib0.Sexp.t
type request_handler = {
  1. handle : 'a. 'a ssh_agent_request -> 'a ssh_agent_response;
}

Any function that takes a request and returns a valid response for the * request type

module Parse : sig ... end
module Serialize : sig ... end
val is_extension_request : 'a ssh_agent_request -> bool

is_extension_request request returns true if request is * Ssh_agentc_extension. Useful for passing ~extension to * ssh_agent_message.

val unpack_any_response : 'a ssh_agent_request -> any_ssh_agent_response -> ('a ssh_agent_response, string) Stdlib.result

unpack_any_response request response unpacks response if it is a valid * response type with regard to request, otherwise Error is returned.

val sign : Privkey.t -> Ssh_agent__.Protocol_number.sign_flag list -> string -> string

sign privkey flags blob returns a signature of blob using privkey * respecting the hashing algorithms specified by flags. Currently, only RSA * signatures are supported.

val string_of_tbs : Pubkey.ssh_rsa_cert_tbs -> string

string_of_tbs to_be_signed is the string representation of to_be_signed * that must be signed by to_be_signed.Pubkey.signature_key in order to * create a valid certificate.

OCaml

Innovation. Community. Security.