1 /* 2 * pgp.h 3 * OpenPGP implementation. 4 * 5 * Copyright (c) 2005 Marko Kreen 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * contrib/pgcrypto/pgp.h 30 */ 31 32 #include "lib/stringinfo.h" 33 34 #include "mbuf.h" 35 #include "px.h" 36 37 enum PGP_S2K_TYPE 38 { 39 PGP_S2K_SIMPLE = 0, 40 PGP_S2K_SALTED = 1, 41 PGP_S2K_ISALTED = 3 42 }; 43 44 enum PGP_PKT_TYPE 45 { 46 PGP_PKT_RESERVED = 0, 47 PGP_PKT_PUBENCRYPTED_SESSKEY = 1, 48 PGP_PKT_SIGNATURE = 2, 49 PGP_PKT_SYMENCRYPTED_SESSKEY = 3, 50 PGP_PKT_SECRET_KEY = 5, 51 PGP_PKT_PUBLIC_KEY = 6, 52 PGP_PKT_SECRET_SUBKEY = 7, 53 PGP_PKT_COMPRESSED_DATA = 8, 54 PGP_PKT_SYMENCRYPTED_DATA = 9, 55 PGP_PKT_MARKER = 10, 56 PGP_PKT_LITERAL_DATA = 11, 57 PGP_PKT_TRUST = 12, 58 PGP_PKT_USER_ID = 13, 59 PGP_PKT_PUBLIC_SUBKEY = 14, 60 PGP_PKT_USER_ATTR = 17, 61 PGP_PKT_SYMENCRYPTED_DATA_MDC = 18, 62 PGP_PKT_MDC = 19, 63 PGP_PKT_PRIV_61 = 61 /* occurs in gpg secring */ 64 }; 65 66 enum PGP_PUB_ALGO_TYPE 67 { 68 PGP_PUB_RSA_ENCRYPT_SIGN = 1, 69 PGP_PUB_RSA_ENCRYPT = 2, 70 PGP_PUB_RSA_SIGN = 3, 71 PGP_PUB_ELG_ENCRYPT = 16, 72 PGP_PUB_DSA_SIGN = 17 73 }; 74 75 enum PGP_SYMENC_TYPE 76 { 77 PGP_SYM_PLAIN = 0, /* ?? */ 78 PGP_SYM_IDEA = 1, /* obsolete, PGP 2.6 compat */ 79 PGP_SYM_DES3 = 2, /* must */ 80 PGP_SYM_CAST5 = 3, /* should */ 81 PGP_SYM_BLOWFISH = 4, 82 PGP_SYM_SAFER_SK128 = 5, /* obsolete */ 83 PGP_SYM_DES_SK = 6, /* obsolete */ 84 PGP_SYM_AES_128 = 7, /* should */ 85 PGP_SYM_AES_192 = 8, 86 PGP_SYM_AES_256 = 9, 87 PGP_SYM_TWOFISH = 10 88 }; 89 90 enum PGP_COMPR_TYPE 91 { 92 PGP_COMPR_NONE = 0, /* must */ 93 PGP_COMPR_ZIP = 1, /* should */ 94 PGP_COMPR_ZLIB = 2, 95 PGP_COMPR_BZIP2 = 3 96 }; 97 98 enum PGP_DIGEST_TYPE 99 { 100 PGP_DIGEST_MD5 = 1, /* should, deprecated */ 101 PGP_DIGEST_SHA1 = 2, /* must */ 102 PGP_DIGEST_RIPEMD160 = 3, 103 PGP_DIGEST_XSHA = 4, /* obsolete */ 104 PGP_DIGEST_MD2 = 5, /* obsolete */ 105 PGP_DIGEST_TIGER192 = 6, /* obsolete */ 106 PGP_DIGEST_HAVAL5_160 = 7, /* obsolete */ 107 PGP_DIGEST_SHA256 = 8, 108 PGP_DIGEST_SHA384 = 9, 109 PGP_DIGEST_SHA512 = 10 110 }; 111 112 #define PGP_MAX_KEY (256/8) 113 #define PGP_MAX_BLOCK (256/8) 114 #define PGP_MAX_DIGEST (512/8) 115 #define PGP_S2K_SALT 8 116 117 typedef struct PGP_MPI PGP_MPI; 118 typedef struct PGP_PubKey PGP_PubKey; 119 typedef struct PGP_Context PGP_Context; 120 typedef struct PGP_S2K PGP_S2K; 121 122 struct PGP_S2K 123 { 124 uint8 mode; 125 uint8 digest_algo; 126 uint8 salt[8]; 127 uint8 iter; /* encoded (one-octet) count */ 128 /* calculated: */ 129 uint8 key[PGP_MAX_KEY]; 130 uint8 key_len; 131 }; 132 133 134 struct PGP_Context 135 { 136 /* 137 * parameters 138 */ 139 PGP_S2K s2k; 140 int s2k_mode; 141 int s2k_count; /* 4-byte decoded count */ 142 int s2k_digest_algo; 143 int s2k_cipher_algo; 144 int cipher_algo; 145 int compress_algo; 146 int compress_level; 147 int disable_mdc; 148 int use_sess_key; 149 int text_mode; 150 int convert_crlf; 151 int unicode_mode; 152 153 /* 154 * internal variables 155 */ 156 int mdc_checked; 157 int corrupt_prefix; /* prefix failed RFC 4880 "quick check" */ 158 int unsupported_compr; /* has bzip2 compression */ 159 int unexpected_binary; /* binary data seen in text_mode */ 160 int in_mdc_pkt; 161 int use_mdcbuf_filter; 162 PX_MD *mdc_ctx; 163 164 PGP_PubKey *pub_key; /* ctx owns it */ 165 const uint8 *sym_key; /* ctx does not own it */ 166 int sym_key_len; 167 168 /* 169 * read or generated data 170 */ 171 uint8 sess_key[PGP_MAX_KEY]; 172 unsigned sess_key_len; 173 }; 174 175 /* from RFC 4880 3.7.1.3 */ 176 #define s2k_decode_count(cval) \ 177 (((unsigned) 16 + (cval & 15)) << ((cval >> 4) + 6)) 178 179 struct PGP_MPI 180 { 181 uint8 *data; 182 int bits; 183 int bytes; 184 }; 185 186 struct PGP_PubKey 187 { 188 uint8 ver; 189 uint8 time[4]; 190 uint8 algo; 191 192 /* public part */ 193 union 194 { 195 struct 196 { 197 PGP_MPI *p; 198 PGP_MPI *g; 199 PGP_MPI *y; 200 } elg; 201 struct 202 { 203 PGP_MPI *n; 204 PGP_MPI *e; 205 } rsa; 206 struct 207 { 208 PGP_MPI *p; 209 PGP_MPI *q; 210 PGP_MPI *g; 211 PGP_MPI *y; 212 } dsa; 213 } pub; 214 215 /* secret part */ 216 union 217 { 218 struct 219 { 220 PGP_MPI *x; 221 } elg; 222 struct 223 { 224 PGP_MPI *d; 225 PGP_MPI *p; 226 PGP_MPI *q; 227 PGP_MPI *u; 228 } rsa; 229 struct 230 { 231 PGP_MPI *x; 232 } dsa; 233 } sec; 234 235 uint8 key_id[8]; 236 int can_encrypt; 237 }; 238 239 int pgp_init(PGP_Context **ctx); 240 int pgp_encrypt(PGP_Context *ctx, MBuf *src, MBuf *dst); 241 int pgp_decrypt(PGP_Context *ctx, MBuf *src, MBuf *dst); 242 int pgp_free(PGP_Context *ctx); 243 244 int pgp_get_digest_code(const char *name); 245 int pgp_get_cipher_code(const char *name); 246 const char *pgp_get_digest_name(int code); 247 const char *pgp_get_cipher_name(int code); 248 249 int pgp_set_cipher_algo(PGP_Context *ctx, const char *name); 250 int pgp_set_s2k_mode(PGP_Context *ctx, int type); 251 int pgp_set_s2k_count(PGP_Context *ctx, int count); 252 int pgp_set_s2k_cipher_algo(PGP_Context *ctx, const char *name); 253 int pgp_set_s2k_digest_algo(PGP_Context *ctx, const char *name); 254 int pgp_set_convert_crlf(PGP_Context *ctx, int doit); 255 int pgp_disable_mdc(PGP_Context *ctx, int disable); 256 int pgp_set_sess_key(PGP_Context *ctx, int use); 257 int pgp_set_compress_algo(PGP_Context *ctx, int algo); 258 int pgp_set_compress_level(PGP_Context *ctx, int level); 259 int pgp_set_text_mode(PGP_Context *ctx, int mode); 260 int pgp_set_unicode_mode(PGP_Context *ctx, int mode); 261 int pgp_get_unicode_mode(PGP_Context *ctx); 262 263 int pgp_set_symkey(PGP_Context *ctx, const uint8 *key, int klen); 264 int pgp_set_pubkey(PGP_Context *ctx, MBuf *keypkt, 265 const uint8 *key, int klen, int pubtype); 266 267 int pgp_get_keyid(MBuf *pgp_data, char *dst); 268 269 /* internal functions */ 270 271 int pgp_load_digest(int c, PX_MD **res); 272 int pgp_load_cipher(int c, PX_Cipher **res); 273 int pgp_get_cipher_key_size(int c); 274 int pgp_get_cipher_block_size(int c); 275 276 int pgp_s2k_fill(PGP_S2K *s2k, int mode, int digest_algo, int count); 277 int pgp_s2k_read(PullFilter *src, PGP_S2K *s2k); 278 int pgp_s2k_process(PGP_S2K *s2k, int cipher, const uint8 *key, int klen); 279 280 typedef struct PGP_CFB PGP_CFB; 281 int pgp_cfb_create(PGP_CFB **ctx_p, int algo, 282 const uint8 *key, int key_len, int recync, uint8 *iv); 283 void pgp_cfb_free(PGP_CFB *ctx); 284 int pgp_cfb_encrypt(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst); 285 int pgp_cfb_decrypt(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst); 286 287 void pgp_armor_encode(const uint8 *src, unsigned len, StringInfo dst, 288 int num_headers, char **keys, char **values); 289 int pgp_armor_decode(const uint8 *src, int len, StringInfo dst); 290 int pgp_extract_armor_headers(const uint8 *src, unsigned len, 291 int *nheaders, char ***keys, char ***values); 292 293 int pgp_compress_filter(PushFilter **res, PGP_Context *ctx, PushFilter *dst); 294 int pgp_decompress_filter(PullFilter **res, PGP_Context *ctx, PullFilter *src); 295 296 int pgp_key_alloc(PGP_PubKey **pk_p); 297 void pgp_key_free(PGP_PubKey *pk); 298 int _pgp_read_public_key(PullFilter *pkt, PGP_PubKey **pk_p); 299 300 int pgp_parse_pubenc_sesskey(PGP_Context *ctx, PullFilter *pkt); 301 int pgp_create_pkt_reader(PullFilter **pf_p, PullFilter *src, int len, 302 int pkttype, PGP_Context *ctx); 303 int pgp_parse_pkt_hdr(PullFilter *src, uint8 *tag, int *len_p, 304 int allow_ctx); 305 306 int pgp_skip_packet(PullFilter *pkt); 307 int pgp_expect_packet_end(PullFilter *pkt); 308 309 int pgp_write_pubenc_sesskey(PGP_Context *ctx, PushFilter *dst); 310 int pgp_create_pkt_writer(PushFilter *dst, int tag, PushFilter **res_p); 311 312 int pgp_mpi_alloc(int bits, PGP_MPI **mpi); 313 int pgp_mpi_create(uint8 *data, int bits, PGP_MPI **mpi); 314 int pgp_mpi_free(PGP_MPI *mpi); 315 int pgp_mpi_read(PullFilter *src, PGP_MPI **mpi); 316 int pgp_mpi_write(PushFilter *dst, PGP_MPI *n); 317 int pgp_mpi_hash(PX_MD *md, PGP_MPI *n); 318 unsigned pgp_mpi_cksum(unsigned cksum, PGP_MPI *n); 319 320 int pgp_elgamal_encrypt(PGP_PubKey *pk, PGP_MPI *m, 321 PGP_MPI **c1, PGP_MPI **c2); 322 int pgp_elgamal_decrypt(PGP_PubKey *pk, PGP_MPI *c1, PGP_MPI *c2, 323 PGP_MPI **m); 324 int pgp_rsa_encrypt(PGP_PubKey *pk, PGP_MPI *m, PGP_MPI **c); 325 int pgp_rsa_decrypt(PGP_PubKey *pk, PGP_MPI *c, PGP_MPI **m); 326 327 extern struct PullFilterOps pgp_decrypt_filter; 328