1libssh2_sign_sk(3)                  libssh2                 libssh2_sign_sk(3)
2
3
4

NAME

6       libssh2_sign_sk - Create a signature from a FIDO2 authenticator.
7

SYNOPSIS

9       #include <libssh2.h>
10
11       int
12       libssh2_sign_sk(LIBSSH2_SESSION *session,
13                       unsigned char **sig,
14                       size_t *sig_len,
15                       const unsigned char *data,
16                       size_t data_len,
17                       void **abstract);
18
19       typedef struct _LIBSSH2_PRIVKEY_SK {
20           int algorithm;
21           uint8_t flags;
22           const char *application;
23           const unsigned char *key_handle;
24           size_t handle_len;
25           LIBSSH2_USERAUTH_SK_SIGN_FUNC((*sign_callback));
26           void **orig_abstract;
27       } LIBSSH2_PRIVKEY_SK;
28

DESCRIPTION

30       session - Session instance as returned by libssh2_session_init_ex(3)
31
32       sig - A pointer to a buffer in which to place the signature. The caller
33       is responsible for freeing the signature with LIBSSH2_FREE.
34
35       sig_len - A pointer to the length of the sig parameter.
36
37       data - The data to sign.
38
39       data_len - The length of the data parameter.
40
41       abstract - A pointer to a pointer to a LIBSSH2_PRIVKEY_SK. See descrip‐
42       tion below.
43
44       Create a signature from a FIDO2 authenticator, using either the sk-ssh-
45       ed25519@openssh.com or sk-ecdsa-sha2-nistp256@openssh.com key  exchange
46       algorithms.
47
48       The  abstract  parameter  is a pointer to a pointer due to the internal
49       workings of libssh2. The LIBSSH2_PRIVKEY_SK must be  completely  filled
50       out,  and  the  caller  is responsible for all memory management of its
51       fields.
52
53       algorithm - The signing algorithm to  use.  Possible  values  are  LIB‐
54       SSH2_HOSTKEY_TYPE_ED25519 and LIBSSH2_HOSTKEY_TYPE_ECDSA_256.
55
56       flags  -  A bitmask specifying options for the authenticator. When LIB‐
57       SSH2_SK_PRESENCE_REQUIRED is set, the authenticator requires  a  touch.
58       When  LIBSSH2_SK_VERIFICATION_REQUIRED  is  set,  the authenticator re‐
59       quires a PIN.  Many servers and authenticators  do  not  work  properly
60       when LIBSSH2_SK_PRESENCE_REQUIRED is not set.
61
62       application  -  A user-defined string to use as the RP name for the au‐
63       thenticator. Usually "ssh:".
64
65       key_handle - The key handle to use for the authenticator's allow list.
66
67       handle_len - The length of the key_handle parameter.
68
69       abstract - User-defined data. When a PIN is required, use this to  pass
70       in the PIN, or a function pointer to retrieve the PIN.
71
72       key_handle The decoded key handle from the private key file.
73
74       handle_len The length of the key_handle parameter.
75
76       sign_callback - Responsible for communicating with the hardware authen‐
77       ticator to generate a signature. On success, the signature  information
78       must  be  placed  in  the `sig_info sig_info parameter and the callback
79       must return 0. On failure, it should return a negative number. See lib‐
80       ssh2_userauth_publickey_sk(3)
81        for more information.
82
83       orig_abstract  - User-defined data. When a PIN is required, use this to
84       pass in the PIN, or a function pointer to retrieve the PIN.
85

RETURN VALUE

87       Return 0 on success or negative on failure.
88

SEE ALSO

90       libssh2_userauth_publickey_sk(3)
91
92
93
94libssh2 1.10.0                    1 Jun 2022                libssh2_sign_sk(3)
Impressum