1 2#------------------------------------------------------------------------------ 3# $File: pgp,v 1.17 2019/04/19 00:42:27 christos Exp $ 4# pgp: file(1) magic for Pretty Good Privacy 5# see https://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html 6# 7# Update: Joerg Jenderek 8# Note: verified by `gpg -v --debug 0x02 --list-packets < PUBRING263_10.PGP` 9#0 byte 0x99 MAYBE PGP 0x99 100 byte 0x99 11# 99h~10;0110;01~2=old packet type;tag 6=Public-Key Packet;1=two-octet length 12# A two-octet body header encodes packet lengths of 192~00C0h - 8383~20BFh 13#>1 ubeshort x \b, body length 0x%.4x 14# skip Basic.Image Beauty.320 Pic.Icons by looking for low version number 15#>3 ubyte x \b, V=%u 16#>3 ubyte <5 VERSION OK 17>3 ubyte <5 18# next packet type often b4h~(tag 13)~User ID Packet, b0h~(tag 12)~Trust packet 19#>>(1.S+3) ubyte x \b, next packet type 0x%x 20# skip 9900-v4.bin 9902-v4.bin by looking for valid second packet type (bit 7=1) 21#>>(1.S+3) ubyte >0x7F TYPE OK, 22>>(1.S+3) ubyte >0x7F 23# old versions 2,3 implies Pretty Good Privacy 24>>>3 ubyte <4 PGP key public ring (v%u) 25!:mime application/pgp-keys 26!:ext pgp/ASD 27>>>>4 beldate x created %s 28# days that this key is valid. If this number is zero, then it does not expire 29>>>>8 ubeshort >0 \b, %u days valid 30>>>>8 ubeshort =0 \b, not expire 31# display key algorithm 1~RSA (Encrypt or Sign) 32>>>>10 use key_algo 33# Multiprecision Integers (MPI) size 34>>>>11 ubeshort x %u bits 35# MPI 36>>>>13 ubequad x MPI=0x%16.16llx... 37# new version implies Pretty Good Privacy (PGP) >= 5.0 or Gnu Privacy Guard (GPG) 38>>>3 ubyte >3 PGP/GPG key public ring (v%u) 39!:mime application/pgp-keys 40!:ext pgp/gpg/pkr/asd 41>>>>4 beldate x created %s 42# display key algorithm 17~DSA 43>>>>8 use key_algo 44# Multiprecision Integers (MPI) size 45>>>>9 ubeshort x %u bits 46>>>>11 ubequad x MPI=0x%16.16llx... 47 480 beshort 0x9501 PGP key security ring 49!:mime application/x-pgp-keyring 500 beshort 0x9500 PGP key security ring 51!:mime application/x-pgp-keyring 520 beshort 0xa600 PGP encrypted data 53#!:mime application/pgp-encrypted 54#0 string -----BEGIN\040PGP text/PGP armored data 55!:mime text/PGP # encoding: armored data 56#>15 string PUBLIC\040KEY\040BLOCK- public key block 57#>15 string MESSAGE- message 58#>15 string SIGNED\040MESSAGE- signed message 59#>15 string PGP\040SIGNATURE- signature 60 612 string ---BEGIN\040PGP\040PUBLIC\040KEY\040BLOCK- PGP public key block 62!:mime application/pgp-keys 63>10 search/100 \n\n 64>>&0 use pgp 650 string -----BEGIN\040PGP\040MESSAGE- PGP message 66!:mime application/pgp 67>10 search/100 \n\n 68>>&0 use pgp 690 string -----BEGIN\040PGP\040SIGNATURE- PGP signature 70!:mime application/pgp-signature 71>10 search/100 \n\n 72>>&0 use pgp 73 74# Decode the type of the packet based on it's base64 encoding. 75# Idea from Mark Martinec 76# The specification is in RFC 4880, section 4.2 and 4.3: 77# https://tools.ietf.org/html/rfc4880#section-4.2 78 790 name pgp 80>0 byte 0x67 Reserved (old) 81>0 byte 0x68 Public-Key Encrypted Session Key (old) 82>0 byte 0x69 Signature (old) 83>0 byte 0x6a Symmetric-Key Encrypted Session Key (old) 84>0 byte 0x6b One-Pass Signature (old) 85>0 byte 0x6c Secret-Key (old) 86>0 byte 0x6d Public-Key (old) 87>0 byte 0x6e Secret-Subkey (old) 88>0 byte 0x6f Compressed Data (old) 89>0 byte 0x70 Symmetrically Encrypted Data (old) 90>0 byte 0x71 Marker (old) 91>0 byte 0x72 Literal Data (old) 92>0 byte 0x73 Trust (old) 93>0 byte 0x74 User ID (old) 94>0 byte 0x75 Public-Subkey (old) 95>0 byte 0x76 Unused (old) 96>0 byte 0x77 97>>1 byte&0xc0 0x00 Reserved 98>>1 byte&0xc0 0x40 Public-Key Encrypted Session Key 99>>1 byte&0xc0 0x80 Signature 100>>1 byte&0xc0 0xc0 Symmetric-Key Encrypted Session Key 101>0 byte 0x78 102>>1 byte&0xc0 0x00 One-Pass Signature 103>>1 byte&0xc0 0x40 Secret-Key 104>>1 byte&0xc0 0x80 Public-Key 105>>1 byte&0xc0 0xc0 Secret-Subkey 106>0 byte 0x79 107>>1 byte&0xc0 0x00 Compressed Data 108>>1 byte&0xc0 0x40 Symmetrically Encrypted Data 109>>1 byte&0xc0 0x80 Marker 110>>1 byte&0xc0 0xc0 Literal Data 111>0 byte 0x7a 112>>1 byte&0xc0 0x00 Trust 113>>1 byte&0xc0 0x40 User ID 114>>1 byte&0xc0 0x80 Public-Subkey 115>>1 byte&0xc0 0xc0 Unused [z%x] 116>0 byte 0x30 117>>1 byte&0xc0 0x00 Unused [0%x] 118>>1 byte&0xc0 0x40 User Attribute 119>>1 byte&0xc0 0x80 Sym. Encrypted and Integrity Protected Data 120>>1 byte&0xc0 0xc0 Modification Detection Code 121 122# magic signatures to detect PGP crypto material (from stef) 123# detects and extracts metadata from: 124# - symmetric encrypted packet header 125# - RSA (e=65537) secret (sub-)keys 126 127# 1024b RSA encrypted data 128 1290 string \x84\x8c\x03 PGP RSA encrypted session key - 130>3 lelong x keyid: %X 131>7 lelong x %X 132>11 byte 0x01 RSA (Encrypt or Sign) 1024b 133>11 byte 0x02 RSA Encrypt-Only 1024b 134>12 string \x04\x00 135>12 string \x03\xff 136>12 string \x03\xfe 137>12 string \x03\xfd 138>12 string \x03\xfc 139>12 string \x03\xfb 140>12 string \x03\xfa 141>12 string \x03\xf9 142>142 byte 0xd2 . 143 144# 2048b RSA encrypted data 145 1460 string \x85\x01\x0c\x03 PGP RSA encrypted session key - 147>4 lelong x keyid: %X 148>8 lelong x %X 149>12 byte 0x01 RSA (Encrypt or Sign) 2048b 150>12 byte 0x02 RSA Encrypt-Only 2048b 151>13 string \x08\x00 152>13 string \x07\xff 153>13 string \x07\xfe 154>13 string \x07\xfd 155>13 string \x07\xfc 156>13 string \x07\xfb 157>13 string \x07\xfa 158>13 string \x07\xf9 159>271 byte 0xd2 . 160 161# 3072b RSA encrypted data 162 1630 string \x85\x01\x8c\x03 PGP RSA encrypted session key - 164>4 lelong x keyid: %X 165>8 lelong x %X 166>12 byte 0x01 RSA (Encrypt or Sign) 3072b 167>12 byte 0x02 RSA Encrypt-Only 3072b 168>13 string \x0c\x00 169>13 string \x0b\xff 170>13 string \x0b\xfe 171>13 string \x0b\xfd 172>13 string \x0b\xfc 173>13 string \x0b\xfb 174>13 string \x0b\xfa 175>13 string \x0b\xf9 176>399 byte 0xd2 . 177 178# 3072b RSA encrypted data 179 1800 string \x85\x02\x0c\x03 PGP RSA encrypted session key - 181>4 lelong x keyid: %X 182>8 lelong x %X 183>12 byte 0x01 RSA (Encrypt or Sign) 4096b 184>12 byte 0x02 RSA Encrypt-Only 4096b 185>13 string \x10\x00 186>13 string \x0f\xff 187>13 string \x0f\xfe 188>13 string \x0f\xfd 189>13 string \x0f\xfc 190>13 string \x0f\xfb 191>13 string \x0f\xfa 192>13 string \x0f\xf9 193>527 byte 0xd2 . 194 195# 4096b RSA encrypted data 196 1970 string \x85\x04\x0c\x03 PGP RSA encrypted session key - 198>4 lelong x keyid: %X 199>8 lelong x %X 200>12 byte 0x01 RSA (Encrypt or Sign) 8129b 201>12 byte 0x02 RSA Encrypt-Only 8129b 202>13 string \x20\x00 203>13 string \x1f\xff 204>13 string \x1f\xfe 205>13 string \x1f\xfd 206>13 string \x1f\xfc 207>13 string \x1f\xfb 208>13 string \x1f\xfa 209>13 string \x1f\xf9 210>1039 byte 0xd2 . 211 212# crypto algo mapper 213 2140 name crypto 215>0 byte 0x00 Plaintext or unencrypted data 216>0 byte 0x01 IDEA 217>0 byte 0x02 TripleDES 218>0 byte 0x03 CAST5 (128 bit key) 219>0 byte 0x04 Blowfish (128 bit key, 16 rounds) 220>0 byte 0x07 AES with 128-bit key 221>0 byte 0x08 AES with 192-bit key 222>0 byte 0x09 AES with 256-bit key 223>0 byte 0x0a Twofish with 256-bit key 224 225# hash algo mapper 226 2270 name hash 228>0 byte 0x01 MD5 229>0 byte 0x02 SHA-1 230>0 byte 0x03 RIPE-MD/160 231>0 byte 0x08 SHA256 232>0 byte 0x09 SHA384 233>0 byte 0x0a SHA512 234>0 byte 0x0b SHA224 235 236# display public key algorithms as human readable text 2370 name key_algo 238>0 byte 0x01 RSA (Encrypt or Sign) 239# keep old look of version 5.28 without parentheses 240>0 byte 0x02 RSA Encrypt-Only 241>0 byte 0x03 RSA (Sign-Only) 242>0 byte 16 ElGamal (Encrypt-Only) 243>0 byte 17 DSA 244>0 byte 18 Elliptic Curve 245>0 byte 19 ECDSA 246>0 byte 20 ElGamal (Encrypt or Sign) 247>0 byte 21 Diffie-Hellman 248>0 default x 249>>0 ubyte <22 unknown (pub %d) 250# this should never happen 251>>0 ubyte >21 invalid (%d) 252 253# pgp symmetric encrypted data 254 2550 byte 0x8c PGP symmetric key encrypted data - 256>1 byte 0x0d 257>1 byte 0x0c 258>2 byte 0x04 259>3 use crypto 260>4 byte 0x01 salted - 261>>5 use hash 262>>14 byte 0xd2 . 263>>14 byte 0xc9 . 264>4 byte 0x03 salted & iterated - 265>>5 use hash 266>>15 byte 0xd2 . 267>>15 byte 0xc9 . 268 269# encrypted keymaterial needs s2k & can be checksummed/hashed 270 2710 name chkcrypto 272>0 use crypto 273>1 byte 0x00 Simple S2K 274>1 byte 0x01 Salted S2K 275>1 byte 0x03 Salted&Iterated S2K 276>2 use hash 277 278# all PGP keys start with this prolog 279# containing version, creation date, and purpose 280 2810 name keyprolog 282>0 byte 0x04 283>1 beldate x created on %s - 284>5 byte 0x01 RSA (Encrypt or Sign) 285>5 byte 0x02 RSA Encrypt-Only 286 287# end of secret keys known signature 288# contains e=65537 and the prolog to 289# the encrypted parameters 290 2910 name keyend 292>0 string \x00\x11\x01\x00\x01 e=65537 293>5 use crypto 294>5 byte 0xff checksummed 295>>6 use chkcrypto 296>5 byte 0xfe hashed 297>>6 use chkcrypto 298 299# PGP secret keys contain also the public parts 300# these vary by bitsize of the key 301 3020 name x1024 303>0 use keyprolog 304>6 string \x03\xfe 305>6 string \x03\xff 306>6 string \x04\x00 307>136 use keyend 308 3090 name x2048 310>0 use keyprolog 311>6 string \x80\x00 312>6 string \x07\xfe 313>6 string \x07\xff 314>264 use keyend 315 3160 name x3072 317>0 use keyprolog 318>6 string \x0b\xfe 319>6 string \x0b\xff 320>6 string \x0c\x00 321>392 use keyend 322 3230 name x4096 324>0 use keyprolog 325>6 string \x10\x00 326>6 string \x0f\xfe 327>6 string \x0f\xff 328>520 use keyend 329 330# \x00|\x1f[\xfe\xff]).{1024})' 3310 name x8192 332>0 use keyprolog 333>6 string \x20\x00 334>6 string \x1f\xfe 335>6 string \x1f\xff 336>1032 use keyend 337 338# depending on the size of the pkt 339# we branch into the proper key size 340# signatures defined as x{keysize} 341 342>0 name pgpkey 343>0 string \x01\xd8 1024b 344>>2 use x1024 345>0 string \x01\xeb 1024b 346>>2 use x1024 347>0 string \x01\xfb 1024b 348>>2 use x1024 349>0 string \x01\xfd 1024b 350>>2 use x1024 351>0 string \x01\xf3 1024b 352>>2 use x1024 353>0 string \x01\xee 1024b 354>>2 use x1024 355>0 string \x01\xfe 1024b 356>>2 use x1024 357>0 string \x01\xf4 1024b 358>>2 use x1024 359>0 string \x02\x0d 1024b 360>>2 use x1024 361>0 string \x02\x03 1024b 362>>2 use x1024 363>0 string \x02\x05 1024b 364>>2 use x1024 365>0 string \x02\x15 1024b 366>>2 use x1024 367>0 string \x02\x00 1024b 368>>2 use x1024 369>0 string \x02\x10 1024b 370>>2 use x1024 371>0 string \x02\x04 1024b 372>>2 use x1024 373>0 string \x02\x06 1024b 374>>2 use x1024 375>0 string \x02\x16 1024b 376>>2 use x1024 377>0 string \x03\x98 2048b 378>>2 use x2048 379>0 string \x03\xab 2048b 380>>2 use x2048 381>0 string \x03\xbb 2048b 382>>2 use x2048 383>0 string \x03\xbd 2048b 384>>2 use x2048 385>0 string \x03\xcd 2048b 386>>2 use x2048 387>0 string \x03\xb3 2048b 388>>2 use x2048 389>0 string \x03\xc3 2048b 390>>2 use x2048 391>0 string \x03\xc5 2048b 392>>2 use x2048 393>0 string \x03\xd5 2048b 394>>2 use x2048 395>0 string \x03\xae 2048b 396>>2 use x2048 397>0 string \x03\xbe 2048b 398>>2 use x2048 399>0 string \x03\xc0 2048b 400>>2 use x2048 401>0 string \x03\xd0 2048b 402>>2 use x2048 403>0 string \x03\xb4 2048b 404>>2 use x2048 405>0 string \x03\xc4 2048b 406>>2 use x2048 407>0 string \x03\xc6 2048b 408>>2 use x2048 409>0 string \x03\xd6 2048b 410>>2 use x2048 411>0 string \x05X 3072b 412>>2 use x3072 413>0 string \x05k 3072b 414>>2 use x3072 415>0 string \x05{ 3072b 416>>2 use x3072 417>0 string \x05} 3072b 418>>2 use x3072 419>0 string \x05\x8d 3072b 420>>2 use x3072 421>0 string \x05s 3072b 422>>2 use x3072 423>0 string \x05\x83 3072b 424>>2 use x3072 425>0 string \x05\x85 3072b 426>>2 use x3072 427>0 string \x05\x95 3072b 428>>2 use x3072 429>0 string \x05n 3072b 430>>2 use x3072 431>0 string \x05\x7e 3072b 432>>2 use x3072 433>0 string \x05\x80 3072b 434>>2 use x3072 435>0 string \x05\x90 3072b 436>>2 use x3072 437>0 string \x05t 3072b 438>>2 use x3072 439>0 string \x05\x84 3072b 440>>2 use x3072 441>0 string \x05\x86 3072b 442>>2 use x3072 443>0 string \x05\x96 3072b 444>>2 use x3072 445>0 string \x07[ 4096b 446>>2 use x4096 447>0 string \x07\x18 4096b 448>>2 use x4096 449>0 string \x07+ 4096b 450>>2 use x4096 451>0 string \x07; 4096b 452>>2 use x4096 453>0 string \x07= 4096b 454>>2 use x4096 455>0 string \x07M 4096b 456>>2 use x4096 457>0 string \x073 4096b 458>>2 use x4096 459>0 string \x07C 4096b 460>>2 use x4096 461>0 string \x07E 4096b 462>>2 use x4096 463>0 string \x07U 4096b 464>>2 use x4096 465>0 string \x07. 4096b 466>>2 use x4096 467>0 string \x07> 4096b 468>>2 use x4096 469>0 string \x07@ 4096b 470>>2 use x4096 471>0 string \x07P 4096b 472>>2 use x4096 473>0 string \x074 4096b 474>>2 use x4096 475>0 string \x07D 4096b 476>>2 use x4096 477>0 string \x07F 4096b 478>>2 use x4096 479>0 string \x07V 4096b 480>>2 use x4096 481>0 string \x0e[ 8192b 482>>2 use x8192 483>0 string \x0e\x18 8192b 484>>2 use x8192 485>0 string \x0e+ 8192b 486>>2 use x8192 487>0 string \x0e; 8192b 488>>2 use x8192 489>0 string \x0e= 8192b 490>>2 use x8192 491>0 string \x0eM 8192b 492>>2 use x8192 493>0 string \x0e3 8192b 494>>2 use x8192 495>0 string \x0eC 8192b 496>>2 use x8192 497>0 string \x0eE 8192b 498>>2 use x8192 499>0 string \x0eU 8192b 500>>2 use x8192 501>0 string \x0e. 8192b 502>>2 use x8192 503>0 string \x0e> 8192b 504>>2 use x8192 505>0 string \x0e@ 8192b 506>>2 use x8192 507>0 string \x0eP 8192b 508>>2 use x8192 509>0 string \x0e4 8192b 510>>2 use x8192 511>0 string \x0eD 8192b 512>>2 use x8192 513>0 string \x0eF 8192b 514>>2 use x8192 515>0 string \x0eV 8192b 516>>2 use x8192 517 518# PGP RSA (e=65537) secret (sub-)key header 519 5200 byte 0x95 PGP Secret Key - 521>1 use pgpkey 5220 byte 0x97 PGP Secret Sub-key - 523>1 use pgpkey 5240 byte 0x9d 525# Update: Joerg Jenderek 526# secret subkey packet (tag 7) with same structure as secret key packet (tag 5) 527# skip Fetus.Sys16 CALIBUS.MAIN OrbFix.Sys16.Ex by looking for positive len 528>1 ubeshort >0 529#>1 ubeshort x \b, body length 0x%x 530# next packet type often 88h,89h~(tag 2)~Signature Packet 531#>>(1.S+3) ubyte x \b, next packet type 0x%x 532# skip Dragon.SHR DEMO.INIT by looking for positive version 533>>3 ubyte >0 534# skip BUISSON.13 GUITAR1 by looking for low version number 535>>>3 ubyte <5 PGP Secret Sub-key 536# sub-key are normally part of secret key. So it does not occur as standalone file 537#!:ext bin 538# version 2,3~old 4~new . Comment following line for version 5.28 look 539>>>>3 ubyte x (v%d) 540>>>>3 ubyte x - 541# old versions 2 or 3 but no real example found 542>>>>3 ubyte <4 543# 2 byte for key bits in version 5.28 look 544>>>>>11 ubeshort x %db 545>>>>>4 beldate x created on %s - 546# old versions use 2 additional bytes after time stamp 547#>>>>>8 ubeshort x 0x%x 548# display key algorithm 1~RSA Encrypt|Sign - 21~Diffie-Hellman 549>>>>>10 use key_algo 550>>>>>(11.S/8) ubequad x 551# look after first key 552>>>>>>&5 use keyend 553# new version 554>>>>3 ubyte >3 555>>>>>9 ubeshort x %db 556>>>>>4 beldate x created on %s - 557# display key algorithm 558>>>>>8 use key_algo 559>>>>>(9.S/8) ubequad x 560# look after first key for something like s2k 561>>>>>>&3 use keyend 562