GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
libssh2_sign_sk(3) libssh2 libssh2_sign_sk(3)

libssh2_sign_sk - Create a signature from a FIDO2 authenticator.

#include <libssh2.h>
int
libssh2_sign_sk(LIBSSH2_SESSION *session,


                unsigned char **sig,


                size_t *sig_len,


                const unsigned char *data,


                size_t data_len,


                void **abstract);
typedef struct _LIBSSH2_PRIVKEY_SK {


    int algorithm;


    uint8_t flags;


    const char *application;


    const unsigned char *key_handle;


    size_t handle_len;


    LIBSSH2_USERAUTH_SK_SIGN_FUNC((*sign_callback));


    void **orig_abstract;
} LIBSSH2_PRIVKEY_SK;

session - Session instance as returned by libssh2_session_init_ex(3)

sig - A pointer to a buffer in which to place the signature. The caller is responsible for freeing the signature with LIBSSH2_FREE.

sig_len - A pointer to the length of the sig parameter.

data - The data to sign.

data_len - The length of the data parameter.

abstract - A pointer to a pointer to a LIBSSH2_PRIVKEY_SK. See description below.

Create a signature from a FIDO2 authenticator, using either the sk-ssh-ed25519@openssh.com or sk-ecdsa-sha2-nistp256@openssh.com key exchange algorithms.

The abstract parameter is a pointer to a pointer due to the internal workings of libssh2. The LIBSSH2_PRIVKEY_SK must be completely filled out, and the caller is responsible for all memory management of its fields.

algorithm - The signing algorithm to use. Possible values are LIBSSH2_HOSTKEY_TYPE_ED25519 and LIBSSH2_HOSTKEY_TYPE_ECDSA_256.

flags - A bitmask specifying options for the authenticator. When LIBSSH2_SK_PRESENCE_REQUIRED is set, the authenticator requires a touch. When LIBSSH2_SK_VERIFICATION_REQUIRED is set, the authenticator requires a PIN. Many servers and authenticators do not work properly when LIBSSH2_SK_PRESENCE_REQUIRED is not set.

application - A user-defined string to use as the RP name for the authenticator. Usually "ssh:".

key_handle - The key handle to use for the authenticator's allow list.

handle_len - The length of the key_handle parameter.

abstract - User-defined data. When a PIN is required, use this to pass in the PIN, or a function pointer to retrieve the PIN.

key_handle The decoded key handle from the private key file.

handle_len The length of the key_handle parameter.

sign_callback - Responsible for communicating with the hardware authenticator to generate a signature. On success, the signature information must be placed in the `sig_info sig_info parameter and the callback must return 0. On failure, it should return a negative number. See libssh2_userauth_publickey_sk(3)
for more information.

orig_abstract - User-defined data. When a PIN is required, use this to pass in the PIN, or a function pointer to retrieve the PIN.

Return 0 on success or negative on failure.

libssh2_userauth_publickey_sk(3)

1 Jun 2022 libssh2 1.10.0
Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.