5.3-5.8. Key Operations and Extensions
Cette page resume la section correspondante du RFC 9987 et conserve les numeros, noms de messages et exigences de securite du protocole agent SSH.
Public keys are referred to by their standard SSH wire-encoded public key blob. Clients can remove all identities with SSH_AGENTC_REMOVE_ALL_IDENTITIES, remove a specific key with SSH_AGENTC_REMOVE_IDENTITY, remove token-hosted keys with SSH_AGENTC_REMOVE_SMARTCARD_KEY, request a key list with SSH_AGENTC_REQUEST_IDENTITIES, and request a private key signature with SSH_AGENTC_SIGN_REQUEST.
SSH_AGENTC_SIGN_REQUEST carries a key blob, data, and signature flags. On success, the response is SSH_AGENT_SIGN_RESPONSE. The defined RSA signature flags are SSH_AGENT_RSA_SHA2_256 and SSH_AGENT_RSA_SHA2_512.
The protocol supports locking and unlocking an agent with SSH_AGENTC_LOCK and SSH_AGENTC_UNLOCK. The extension mechanism uses SSH_AGENTC_EXTENSION, SSH_AGENT_EXTENSION_RESPONSE, and SSH_AGENT_EXTENSION_FAILURE. The optional query extension lets a client discover supported extension names.