package ssh-agent
Library
Module
Module type
Parameter
Class
Class type
type ssh_dss = Mirage_crypto_pk.Dsa.pub
type ssh_rsa = Mirage_crypto_pk.Rsa.pub
type ssh_ed25519 = Mirage_crypto_ec.Ed25519.pub
options
is a list of pairs of options used in critical_options
and * extensions
. The first element is the name of the option, and the second * is the option's data. * * The data seems to be always encoded as a ssh wire string inside this * string. The empty string would thus be "no data".
type ssh_rsa_cert_tbs = {
nonce : string;
(*CA-provided random bitstring.
*)pubkey : ssh_rsa;
(*The public key this certificate is valid for.
*)serial : int64;
(*Optional serial number set by the CA. Set to zero if unused.
*)typ : Ssh_agent__.Protocol_number.ssh_cert_type;
(*Whether this is a host key certificate or a user key certificate.
*)key_id : string;
(*Free-form text filled by the CA. Used to help identify the identity * principal.
*)valid_principals : string list;
(*
*)valid_principals
's semantics depends on the value oftyp
. * ForSsh_cert_type_user
it's the valid usernames, while for *Ssh_cert_type_host
it's the valid hostnames.valid_after : int64;
(*
*)valid_after
defines when the certificate is valid from. It's * represented as seconds since epoch.valid_before : int64;
(*
*)valid_before
defines when the certificate becomes invalid. It's * represented as seconds since epoch.critical_options : options;
(*Critical extensions. Must be sorted lexicographically.
*)extensions : options;
(*Non-critical extensions. Must be sorted lexicographically.
*)reserved : string;
(*
*)reserved
is always empty currently according to the specificationsignature_key : t;
(*Public key used for signing the signature
*)
}
and ssh_rsa_cert = {
to_be_signed : ssh_rsa_cert_tbs;
(*The data that is signed
*)signature : string;
(*Signature of the serialized other fields
*)
}
and t =
| Ssh_dss of ssh_dss
| Ssh_rsa of ssh_rsa
| Ssh_rsa_cert of ssh_rsa_cert
| Ssh_ed25519 of ssh_ed25519
| Blob of {
}
(*
*)Blob
is an unknown ssh wire string-unwrapped public key of type *key_type
.