1 /*- 2 * Copyright (c) 2009 The NetBSD Foundation, Inc. 3 * All rights reserved. 4 * 5 * This code is derived from software contributed to The NetBSD Foundation 6 * by Alistair Crooks (agc@NetBSD.org) 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 18 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 19 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 20 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 21 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 22 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 23 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 24 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 25 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 26 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27 * POSSIBILITY OF SUCH DAMAGE. 28 */ 29 /* 30 * Copyright (c) 2005-2008 Nominet UK (www.nic.uk) 31 * All rights reserved. 32 * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted 33 * their moral rights under the UK Copyright Design and Patents Act 1988 to 34 * be recorded as the authors of this copyright work. 35 * 36 * Licensed under the Apache License, Version 2.0 (the "License"); you may not 37 * use this file except in compliance with the License. 38 * 39 * You may obtain a copy of the License at 40 * http://www.apache.org/licenses/LICENSE-2.0 41 * 42 * Unless required by applicable law or agreed to in writing, software 43 * distributed under the License is distributed on an "AS IS" BASIS, 44 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 45 * 46 * See the License for the specific language governing permissions and 47 * limitations under the License. 48 */ 49 50 /** \file 51 */ 52 53 #ifndef CRYPTO_H_ 54 #define CRYPTO_H_ 55 56 #include "keyring.h" 57 #include "packet.h" 58 #include "memory.h" 59 #include "packet-parse.h" 60 61 #include <openssl/dsa.h> 62 63 #define PGP_MIN_HASH_SIZE 16 64 65 /** pgp_hash_t */ 66 struct pgp_hash_t { 67 pgp_hash_alg_t alg; /* algorithm */ 68 size_t size; /* size */ 69 const char *name; /* what it's known as */ 70 int (*init)(pgp_hash_t *); 71 void (*add)(pgp_hash_t *, const uint8_t *, unsigned); 72 unsigned (*finish)(pgp_hash_t *, uint8_t *); 73 void *data; /* blob for data */ 74 }; 75 76 /** pgp_crypt_t */ 77 struct pgp_crypt_t { 78 pgp_symm_alg_t alg; 79 size_t blocksize; 80 size_t keysize; 81 void (*set_iv)(pgp_crypt_t *, const uint8_t *); 82 void (*set_crypt_key)(pgp_crypt_t *, const uint8_t *); 83 int (*base_init)(pgp_crypt_t *); 84 void (*decrypt_resync)(pgp_crypt_t *); 85 /* encrypt/decrypt one block */ 86 void (*block_encrypt)(pgp_crypt_t *, void *, const void *); 87 void (*block_decrypt)(pgp_crypt_t *, void *, const void *); 88 /* Standard CFB encrypt/decrypt (as used by Sym Enc Int Prot packets) */ 89 void (*cfb_encrypt)(pgp_crypt_t *, void *, const void *, size_t); 90 void (*cfb_decrypt)(pgp_crypt_t *, void *, const void *, size_t); 91 void (*decrypt_finish)(pgp_crypt_t *); 92 uint8_t iv[PGP_MAX_BLOCK_SIZE]; 93 uint8_t civ[PGP_MAX_BLOCK_SIZE]; 94 uint8_t siv[PGP_MAX_BLOCK_SIZE]; 95 /* siv is needed for weird v3 resync */ 96 uint8_t key[PGP_MAX_KEY_SIZE]; 97 int num; 98 /* num is offset - see openssl _encrypt doco */ 99 void *encrypt_key; 100 void *decrypt_key; 101 }; 102 103 void pgp_crypto_finish(void); 104 void pgp_hash_md5(pgp_hash_t *); 105 void pgp_hash_sha1(pgp_hash_t *); 106 void pgp_hash_sha256(pgp_hash_t *); 107 void pgp_hash_sha512(pgp_hash_t *); 108 void pgp_hash_sha384(pgp_hash_t *); 109 void pgp_hash_sha224(pgp_hash_t *); 110 void pgp_hash_any(pgp_hash_t *, pgp_hash_alg_t); 111 pgp_hash_alg_t pgp_str_to_hash_alg(const char *); 112 const char *pgp_text_from_hash(pgp_hash_t *); 113 unsigned pgp_hash_size(pgp_hash_alg_t); 114 unsigned pgp_hash(uint8_t *, pgp_hash_alg_t, const void *, size_t); 115 116 void pgp_hash_add_int(pgp_hash_t *, unsigned, unsigned); 117 118 unsigned pgp_dsa_verify(const uint8_t *, size_t, 119 const pgp_dsa_sig_t *, 120 const pgp_dsa_pubkey_t *); 121 122 int pgp_rsa_public_decrypt(uint8_t *, const uint8_t *, size_t, 123 const pgp_rsa_pubkey_t *); 124 int pgp_rsa_public_encrypt(uint8_t *, const uint8_t *, size_t, 125 const pgp_rsa_pubkey_t *); 126 127 int pgp_rsa_private_encrypt(uint8_t *, const uint8_t *, size_t, 128 const pgp_rsa_seckey_t *, const pgp_rsa_pubkey_t *); 129 int pgp_rsa_private_decrypt(uint8_t *, const uint8_t *, size_t, 130 const pgp_rsa_seckey_t *, const pgp_rsa_pubkey_t *); 131 132 int pgp_elgamal_public_encrypt(uint8_t *, uint8_t *, const uint8_t *, size_t, 133 const pgp_elgamal_pubkey_t *); 134 int pgp_elgamal_private_decrypt(uint8_t *, const uint8_t *, const uint8_t *, size_t, 135 const pgp_elgamal_seckey_t *, const pgp_elgamal_pubkey_t *); 136 137 pgp_symm_alg_t pgp_str_to_cipher(const char *); 138 unsigned pgp_block_size(pgp_symm_alg_t); 139 unsigned pgp_key_size(pgp_symm_alg_t); 140 141 int pgp_decrypt_data(pgp_content_enum, pgp_region_t *, 142 pgp_stream_t *); 143 144 int pgp_crypt_any(pgp_crypt_t *, pgp_symm_alg_t); 145 void pgp_decrypt_init(pgp_crypt_t *); 146 void pgp_encrypt_init(pgp_crypt_t *); 147 size_t pgp_decrypt_se(pgp_crypt_t *, void *, const void *, size_t); 148 size_t pgp_encrypt_se(pgp_crypt_t *, void *, const void *, size_t); 149 size_t pgp_decrypt_se_ip(pgp_crypt_t *, void *, const void *, size_t); 150 size_t pgp_encrypt_se_ip(pgp_crypt_t *, void *, const void *, size_t); 151 unsigned pgp_is_sa_supported(pgp_symm_alg_t); 152 153 void pgp_reader_push_decrypt(pgp_stream_t *, pgp_crypt_t *, 154 pgp_region_t *); 155 void pgp_reader_pop_decrypt(pgp_stream_t *); 156 157 /* Hash everything that's read */ 158 void pgp_reader_push_hash(pgp_stream_t *, pgp_hash_t *); 159 void pgp_reader_pop_hash(pgp_stream_t *); 160 161 int pgp_decrypt_decode_mpi(uint8_t *, unsigned, const BIGNUM *, 162 const BIGNUM *, const pgp_seckey_t *); 163 164 unsigned pgp_rsa_encrypt_mpi(const uint8_t *, const size_t, 165 const pgp_pubkey_t *, 166 pgp_pk_sesskey_params_t *); 167 unsigned pgp_elgamal_encrypt_mpi(const uint8_t *, const size_t, 168 const pgp_pubkey_t *, 169 pgp_pk_sesskey_params_t *); 170 171 /* Encrypt everything that's written */ 172 struct pgp_key_data; 173 void pgp_writer_push_encrypt(pgp_output_t *, 174 const struct pgp_key_data *); 175 176 unsigned pgp_encrypt_file(pgp_io_t *, const char *, const char *, 177 const pgp_key_t *, 178 const unsigned, const unsigned, const char *); 179 unsigned pgp_decrypt_file(pgp_io_t *, 180 const char *, 181 const char *, 182 pgp_keyring_t *, 183 pgp_keyring_t *, 184 const unsigned, 185 const unsigned, 186 const unsigned, 187 void *, 188 int, 189 pgp_cbfunc_t *); 190 191 pgp_memory_t * 192 pgp_encrypt_buf(pgp_io_t *, const void *, const size_t, 193 const pgp_key_t *, 194 const unsigned, const char *); 195 pgp_memory_t * 196 pgp_decrypt_buf(pgp_io_t *, 197 const void *, 198 const size_t, 199 pgp_keyring_t *, 200 pgp_keyring_t *, 201 const unsigned, 202 const unsigned, 203 void *, 204 int, 205 pgp_cbfunc_t *); 206 207 /* Keys */ 208 pgp_key_t *pgp_rsa_new_selfsign_key(const int, 209 const unsigned long, uint8_t *, const char *, 210 const char *); 211 212 int pgp_dsa_size(const pgp_dsa_pubkey_t *); 213 DSA_SIG *pgp_dsa_sign(uint8_t *, unsigned, 214 const pgp_dsa_seckey_t *, 215 const pgp_dsa_pubkey_t *); 216 217 int openssl_read_pem_seckey(const char *, pgp_key_t *, const char *, int); 218 219 /** pgp_reader_t */ 220 struct pgp_reader_t { 221 pgp_reader_func_t *reader; /* reader func to get parse data */ 222 pgp_reader_destroyer_t *destroyer; 223 void *arg; /* args to pass to reader function */ 224 unsigned accumulate:1; /* set to gather packet data */ 225 uint8_t *accumulated; /* the accumulated data */ 226 unsigned asize; /* size of the buffer */ 227 unsigned alength;/* used buffer */ 228 unsigned position; /* reader-specific offset */ 229 pgp_reader_t *next; 230 pgp_stream_t *parent;/* parent parse_info structure */ 231 }; 232 233 234 /** pgp_cryptinfo_t 235 Encrypt/decrypt settings 236 */ 237 struct pgp_cryptinfo_t { 238 char *passphrase; 239 pgp_keyring_t *secring; 240 const pgp_key_t *keydata; 241 pgp_cbfunc_t *getpassphrase; 242 pgp_keyring_t *pubring; 243 }; 244 245 /** pgp_cbdata_t */ 246 struct pgp_cbdata_t { 247 pgp_cbfunc_t *cbfunc; /* callback function */ 248 void *arg; /* args to pass to callback func */ 249 pgp_error_t **errors; /* address of error stack */ 250 pgp_cbdata_t *next; 251 pgp_output_t *output; /* when writing out parsed info */ 252 pgp_io_t *io; /* error/output messages */ 253 void *passfp; /* fp for passphrase input */ 254 pgp_cryptinfo_t cryptinfo; /* used when decrypting */ 255 pgp_printstate_t printstate; /* used to keep printing state */ 256 pgp_seckey_t *sshseckey; /* secret key for ssh */ 257 int numtries; /* # of passphrase attempts */ 258 int gotpass; /* when passphrase entered */ 259 }; 260 261 /** pgp_hashtype_t */ 262 typedef struct { 263 pgp_hash_t hash; /* hashes we should hash data with */ 264 uint8_t keyid[PGP_KEY_ID_SIZE]; 265 } pgp_hashtype_t; 266 267 #define NTAGS 0x100 /* == 256 */ 268 269 /** \brief Structure to hold information about a packet parse. 270 * 271 * This information includes options about the parse: 272 * - whether the packet contents should be accumulated or not 273 * - whether signature subpackets should be parsed or left raw 274 * 275 * It contains options specific to the parsing of armoured data: 276 * - whether headers are allowed in armoured data without a gap 277 * - whether a blank line is allowed at the start of the armoured data 278 * 279 * It also specifies : 280 * - the callback function to use and its arguments 281 * - the reader function to use and its arguments 282 * 283 * It also contains information about the current state of the parse: 284 * - offset from the beginning 285 * - the accumulated data, if any 286 * - the size of the buffer, and how much has been used 287 * 288 * It has a linked list of errors. 289 */ 290 291 struct pgp_stream_t { 292 uint8_t ss_raw[NTAGS / 8]; 293 /* 1 bit / sig-subpkt type; set to get raw data */ 294 uint8_t ss_parsed[NTAGS / 8]; 295 /* 1 bit / sig-subpkt type; set to get parsed data */ 296 pgp_reader_t readinfo; 297 pgp_cbdata_t cbinfo; 298 pgp_error_t *errors; 299 void *io; /* io streams */ 300 pgp_crypt_t decrypt; 301 pgp_cryptinfo_t cryptinfo; 302 size_t hashc; 303 pgp_hashtype_t *hashes; 304 unsigned reading_v3_secret:1; 305 unsigned reading_mpi_len:1; 306 unsigned exact_read:1; 307 unsigned partial_read:1; 308 unsigned coalescing:1; 309 /* used for partial length coalescing */ 310 unsigned virtualc; 311 unsigned virtualoff; 312 uint8_t *virtualpkt; 313 }; 314 315 #endif /* CRYPTO_H_ */ 316