Legend:
Page
Library
Module
Module type
Parameter
Class
Class type
Source
Page
Library
Module
Module type
Parameter
Class
Class type
Source
Ssh_agent.Pubkey
Sourceoptions
is a list of pairs of options used in critical_options
and * extensions
. The first element is the name of the option, and the second * is the option's data. * * The data seems to be always encoded as a ssh wire string inside this * string. The empty string would thus be "no data".
type ssh_rsa_cert_tbs = {
nonce : string;
CA-provided random bitstring.
*)pubkey : ssh_rsa;
The public key this certificate is valid for.
*)serial : int64;
Optional serial number set by the CA. Set to zero if unused.
*)typ : Ssh_agent__.Protocol_number.ssh_cert_type;
Whether this is a host key certificate or a user key certificate.
*)key_id : string;
Free-form text filled by the CA. Used to help identify the identity * principal.
*)valid_principals : string list;
valid_principals
's semantics depends on the value of typ
. * For Ssh_cert_type_user
it's the valid usernames, while for * Ssh_cert_type_host
it's the valid hostnames.
valid_after : int64;
valid_after
defines when the certificate is valid from. It's * represented as seconds since epoch.
valid_before : int64;
valid_before
defines when the certificate becomes invalid. It's * represented as seconds since epoch.
critical_options : options;
Critical extensions. Must be sorted lexicographically.
*)extensions : options;
Non-critical extensions. Must be sorted lexicographically.
*)reserved : string;
reserved
is always empty currently according to the specification
signature_key : t;
Public key used for signing the signature
*)}
and ssh_rsa_cert = {
to_be_signed : ssh_rsa_cert_tbs;
The data that is signed
*)signature : string;
Signature of the serialized other fields
*)}
and t =
| Ssh_dss of ssh_dss
| Ssh_rsa of ssh_rsa
| Ssh_rsa_cert of ssh_rsa_cert
| Ssh_ed25519 of ssh_ed25519
| Blob of {
}
Blob
is an unknown ssh wire string-unwrapped public key of type * key_type
.