package ssh-agent

  1. Overview
  2. Docs

Module Ssh_agent.PubkeySource

Sourcetype options = (string * string) list

options is a list of pairs of options used in critical_options and * extensions. The first element is the name of the option, and the second * is the option's data. * * The data seems to be always encoded as a ssh wire string inside this * string. The empty string would thus be "no data".

Sourcetype ssh_rsa_cert_tbs = {
  1. nonce : string;
    (*

    CA-provided random bitstring.

    *)
  2. pubkey : ssh_rsa;
    (*

    The public key this certificate is valid for.

    *)
  3. serial : int64;
    (*

    Optional serial number set by the CA. Set to zero if unused.

    *)
  4. typ : Ssh_agent__.Protocol_number.ssh_cert_type;
    (*

    Whether this is a host key certificate or a user key certificate.

    *)
  5. key_id : string;
    (*

    Free-form text filled by the CA. Used to help identify the identity * principal.

    *)
  6. valid_principals : string list;
    (*

    valid_principals's semantics depends on the value of typ. * For Ssh_cert_type_user it's the valid usernames, while for * Ssh_cert_type_host it's the valid hostnames.

    *)
  7. valid_after : int64;
    (*

    valid_after defines when the certificate is valid from. It's * represented as seconds since epoch.

    *)
  8. valid_before : int64;
    (*

    valid_before defines when the certificate becomes invalid. It's * represented as seconds since epoch.

    *)
  9. critical_options : options;
    (*

    Critical extensions. Must be sorted lexicographically.

    *)
  10. extensions : options;
    (*

    Non-critical extensions. Must be sorted lexicographically.

    *)
  11. reserved : string;
    (*

    reserved is always empty currently according to the specification

    *)
  12. signature_key : t;
    (*

    Public key used for signing the signature

    *)
}
Sourceand ssh_rsa_cert = {
  1. to_be_signed : ssh_rsa_cert_tbs;
    (*

    The data that is signed

    *)
  2. signature : string;
    (*

    Signature of the serialized other fields

    *)
}
Sourceand t =
  1. | Ssh_dss of ssh_dss
  2. | Ssh_rsa of ssh_rsa
  3. | Ssh_rsa_cert of ssh_rsa_cert
  4. | Ssh_ed25519 of ssh_ed25519
  5. | Blob of {
    1. key_type : string;
    2. key_blob : string;
    }
    (*

    Blob is an unknown ssh wire string-unwrapped public key of type * key_type.

    *)
Sourceval equal : t -> t -> bool

equal pubkey pubkey' is true if pubkey and pubkey' represent the * same public key