rpmpgp.h

Go to the documentation of this file.

#ifndef H_RPMPGP
#define H_RPMPGP

#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <rpm/rpmtypes.h>
#include <rpm/rpmstring.h>

#ifdef __cplusplus
extern "C" {
#endif

typedef struct DIGEST_CTX_s * DIGEST_CTX;
typedef struct rpmDigestBundle_s * rpmDigestBundle;

typedef struct pgpDig_s * pgpDig;

typedef struct pgpDigParams_s * pgpDigParams;

typedef uint8_t pgpKeyID_t[8];
typedef uint8_t pgpTime_t[4];

typedef enum pgpTag_e {
    PGPTAG_RESERVED             =  0, 
    PGPTAG_PUBLIC_SESSION_KEY   =  1, 
    PGPTAG_SIGNATURE            =  2, 
    PGPTAG_SYMMETRIC_SESSION_KEY=  3, 
    PGPTAG_ONEPASS_SIGNATURE    =  4, 
    PGPTAG_SECRET_KEY           =  5, 
    PGPTAG_PUBLIC_KEY           =  6, 
    PGPTAG_SECRET_SUBKEY        =  7, 
    PGPTAG_COMPRESSED_DATA      =  8, 
    PGPTAG_SYMMETRIC_DATA       =  9, 
    PGPTAG_MARKER               = 10, 
    PGPTAG_LITERAL_DATA         = 11, 
    PGPTAG_TRUST                = 12, 
    PGPTAG_USER_ID              = 13, 
    PGPTAG_PUBLIC_SUBKEY        = 14, 
    PGPTAG_COMMENT_OLD          = 16, 
    PGPTAG_PHOTOID              = 17, 
    PGPTAG_ENCRYPTED_MDC        = 18, 
    PGPTAG_MDC                  = 19, 
    PGPTAG_PRIVATE_60           = 60, 
    PGPTAG_COMMENT              = 61, 
    PGPTAG_PRIVATE_62           = 62, 
    PGPTAG_CONTROL              = 63  
} pgpTag;

typedef struct pgpPktPubkey_s {
    uint8_t version;    
    pgpKeyID_t keyid;   
    uint8_t algo;               
} pgpPktPubkey;


typedef enum pgpSigType_e {
    PGPSIGTYPE_BINARY            = 0x00, 
    PGPSIGTYPE_TEXT              = 0x01, 
    PGPSIGTYPE_STANDALONE        = 0x02, 
    PGPSIGTYPE_GENERIC_CERT      = 0x10,
    PGPSIGTYPE_PERSONA_CERT      = 0x11,
    PGPSIGTYPE_CASUAL_CERT       = 0x12,
    PGPSIGTYPE_POSITIVE_CERT     = 0x13,
    PGPSIGTYPE_SUBKEY_BINDING    = 0x18, 
    PGPSIGTYPE_SIGNED_KEY        = 0x1F, 
    PGPSIGTYPE_KEY_REVOKE        = 0x20, 
    PGPSIGTYPE_SUBKEY_REVOKE     = 0x28, 
    PGPSIGTYPE_CERT_REVOKE       = 0x30, 
    PGPSIGTYPE_TIMESTAMP         = 0x40  
} pgpSigType;

typedef enum pgpPubkeyAlgo_e {
    PGPPUBKEYALGO_RSA           =  1,   
    PGPPUBKEYALGO_RSA_ENCRYPT   =  2,   
    PGPPUBKEYALGO_RSA_SIGN      =  3,   
    PGPPUBKEYALGO_ELGAMAL_ENCRYPT = 16, 
    PGPPUBKEYALGO_DSA           = 17,   
    PGPPUBKEYALGO_EC            = 18,   
    PGPPUBKEYALGO_ECDSA         = 19,   
    PGPPUBKEYALGO_ELGAMAL       = 20,   
    PGPPUBKEYALGO_DH            = 21    
} pgpPubkeyAlgo;

typedef enum pgpSymkeyAlgo_e {
    PGPSYMKEYALGO_PLAINTEXT     =  0,   
    PGPSYMKEYALGO_IDEA          =  1,   
    PGPSYMKEYALGO_TRIPLE_DES    =  2,   
    PGPSYMKEYALGO_CAST5         =  3,   
    PGPSYMKEYALGO_BLOWFISH      =  4,   
    PGPSYMKEYALGO_SAFER         =  5,   
    PGPSYMKEYALGO_DES_SK        =  6,   
    PGPSYMKEYALGO_AES_128       =  7,   
    PGPSYMKEYALGO_AES_192       =  8,   
    PGPSYMKEYALGO_AES_256       =  9,   
    PGPSYMKEYALGO_TWOFISH       = 10,   
    PGPSYMKEYALGO_NOENCRYPT     = 110   
} pgpSymkeyAlgo;

typedef enum pgpCompressAlgo_e {
    PGPCOMPRESSALGO_NONE        =  0,   
    PGPCOMPRESSALGO_ZIP         =  1,   
    PGPCOMPRESSALGO_ZLIB        =  2,   
    PGPCOMPRESSALGO_BZIP2       =  3    
} pgpCompressAlgo;

typedef enum pgpHashAlgo_e {
    PGPHASHALGO_MD5             =  1,   
    PGPHASHALGO_SHA1            =  2,   
    PGPHASHALGO_RIPEMD160       =  3,   
    PGPHASHALGO_MD2             =  5,   
    PGPHASHALGO_TIGER192        =  6,   
    PGPHASHALGO_HAVAL_5_160     =  7,   
    PGPHASHALGO_SHA256          =  8,   
    PGPHASHALGO_SHA384          =  9,   
    PGPHASHALGO_SHA512          = 10,   
    PGPHASHALGO_SHA224          = 11,   
} pgpHashAlgo;

typedef struct pgpPktSigV3_s {
    uint8_t version;    
    uint8_t hashlen;    
    uint8_t sigtype;    
    pgpTime_t time;     
    pgpKeyID_t signid;  
    uint8_t pubkey_algo;        
    uint8_t hash_algo;  
    uint8_t signhash16[2];      
} * pgpPktSigV3;

typedef struct pgpPktSigV4_s {
    uint8_t version;    
    uint8_t sigtype;    
    uint8_t pubkey_algo;        
    uint8_t hash_algo;  
    uint8_t hashlen[2]; 
} * pgpPktSigV4;

typedef enum pgpSubType_e {
    PGPSUBTYPE_NONE             =   0, 
    PGPSUBTYPE_SIG_CREATE_TIME  =   2, 
    PGPSUBTYPE_SIG_EXPIRE_TIME  =   3, 
    PGPSUBTYPE_EXPORTABLE_CERT  =   4, 
    PGPSUBTYPE_TRUST_SIG        =   5, 
    PGPSUBTYPE_REGEX            =   6, 
    PGPSUBTYPE_REVOCABLE        =   7, 
    PGPSUBTYPE_KEY_EXPIRE_TIME  =   9, 
    PGPSUBTYPE_ARR              =  10, 
    PGPSUBTYPE_PREFER_SYMKEY    =  11, 
    PGPSUBTYPE_REVOKE_KEY       =  12, 
    PGPSUBTYPE_ISSUER_KEYID     =  16, 
    PGPSUBTYPE_NOTATION         =  20, 
    PGPSUBTYPE_PREFER_HASH      =  21, 
    PGPSUBTYPE_PREFER_COMPRESS  =  22, 
    PGPSUBTYPE_KEYSERVER_PREFERS=  23, 
    PGPSUBTYPE_PREFER_KEYSERVER =  24, 
    PGPSUBTYPE_PRIMARY_USERID   =  25, 
    PGPSUBTYPE_POLICY_URL       =  26, 
    PGPSUBTYPE_KEY_FLAGS        =  27, 
    PGPSUBTYPE_SIGNER_USERID    =  28, 
    PGPSUBTYPE_REVOKE_REASON    =  29, 
    PGPSUBTYPE_FEATURES         =  30, 
    PGPSUBTYPE_EMBEDDED_SIG     =  32, 
    PGPSUBTYPE_INTERNAL_100     = 100, 
    PGPSUBTYPE_INTERNAL_101     = 101, 
    PGPSUBTYPE_INTERNAL_102     = 102, 
    PGPSUBTYPE_INTERNAL_103     = 103, 
    PGPSUBTYPE_INTERNAL_104     = 104, 
    PGPSUBTYPE_INTERNAL_105     = 105, 
    PGPSUBTYPE_INTERNAL_106     = 106, 
    PGPSUBTYPE_INTERNAL_107     = 107, 
    PGPSUBTYPE_INTERNAL_108     = 108, 
    PGPSUBTYPE_INTERNAL_109     = 109, 
    PGPSUBTYPE_INTERNAL_110     = 110, 
    PGPSUBTYPE_CRITICAL         = 128  
} pgpSubType;

typedef union pgpPktSig_u {
    struct pgpPktSigV3_s v3;
    struct pgpPktSigV4_s v4;
} * pgpPktSig;

typedef struct pgpPktSymkey_s {
    uint8_t version;    
    uint8_t symkey_algo;
    uint8_t s2k[1];
} pgpPktSymkey;

typedef struct pgpPktOnepass_s {
    uint8_t version;    
    uint8_t sigtype;    
    uint8_t hash_algo;  
    uint8_t pubkey_algo;        
    pgpKeyID_t signid;  
    uint8_t nested;
} * pgpPktOnepass;

typedef struct pgpPktKeyV3_s {
    uint8_t version;    
    pgpTime_t time;     
    uint8_t valid[2];   
    uint8_t pubkey_algo;        
} * pgpPktKeyV3;

typedef struct pgpPktKeyV4_s {
    uint8_t version;    
    pgpTime_t time;     
    uint8_t pubkey_algo;        
} * pgpPktKeyV4;

typedef union pgpPktKey_u {
    struct pgpPktKeyV3_s v3;
    struct pgpPktKeyV4_s v4;
} pgpPktKey;

/* \ingroup rpmpgp
 * 5.6. Compressed Data Packet (Tag 8)
 *
 * The Compressed Data packet contains compressed data. Typically, this
 * packet is found as the contents of an encrypted packet, or following
 * a Signature or One-Pass Signature packet, and contains literal data
 * packets.
 *
 * The body of this packet consists of:
 *   - One octet that gives the algorithm used to compress the packet.
 *   - The remainder of the packet is compressed data.
 *
 * A Compressed Data Packet's body contains an block that compresses
 * some set of packets. See section "Packet Composition" for details on
 * how messages are formed.
 *
 * ZIP-compressed packets are compressed with raw RFC 1951 DEFLATE
 * blocks. Note that PGP V2.6 uses 13 bits of compression. If an
 * implementation uses more bits of compression, PGP V2.6 cannot
 * decompress it.
 *
 * ZLIB-compressed packets are compressed with RFC 1950 ZLIB-style
 * blocks.
 */
typedef struct pgpPktCdata_s {
    uint8_t compressalgo;
    uint8_t data[1];
} pgpPktCdata;

/* \ingroup rpmpgp
 * 5.7. Symmetrically Encrypted Data Packet (Tag 9)
 *
 * The Symmetrically Encrypted Data packet contains data encrypted with
 * a symmetric-key algorithm. When it has been decrypted, it will
 * typically contain other packets (often literal data packets or
 * compressed data packets).
 *
 * The body of this packet consists of:
 *   - Encrypted data, the output of the selected symmetric-key cipher
 *     operating in PGP's variant of Cipher Feedback (CFB) mode.
 *
 * The symmetric cipher used may be specified in an Public-Key or
 * Symmetric-Key Encrypted Session Key packet that precedes the
 * Symmetrically Encrypted Data Packet.  In that case, the cipher
 * algorithm octet is prefixed to the session key before it is
 * encrypted.  If no packets of these types precede the encrypted data,
 * the IDEA algorithm is used with the session key calculated as the MD5
 * hash of the passphrase.
 *
 * The data is encrypted in CFB mode, with a CFB shift size equal to the
 * cipher's block size.  The Initial Vector (IV) is specified as all
 * zeros.  Instead of using an IV, OpenPGP prefixes a 10-octet string to
 * the data before it is encrypted.  The first eight octets are random,
 * and the 9th and 10th octets are copies of the 7th and 8th octets,
 * respectively. After encrypting the first 10 octets, the CFB state is
 * resynchronized if the cipher block size is 8 octets or less.  The
 * last 8 octets of ciphertext are passed through the cipher and the
 * block boundary is reset.
 *
 * The repetition of 16 bits in the 80 bits of random data prefixed to
 * the message allows the receiver to immediately check whether the
 * session key is incorrect.
 */
typedef struct pgpPktEdata_s {
    uint8_t data[1];
} pgpPktEdata;

/* \ingroup rpmpgp
 * 5.8. Marker Packet (Obsolete Literal Packet) (Tag 10)
 *
 * An experimental version of PGP used this packet as the Literal
 * packet, but no released version of PGP generated Literal packets with
 * this tag. With PGP 5.x, this packet has been re-assigned and is
 * reserved for use as the Marker packet.
 *
 * The body of this packet consists of:
 *   - The three octets 0x50, 0x47, 0x50 (which spell "PGP" in UTF-8).
 *
 * Such a packet MUST be ignored when received.  It may be placed at the
 * beginning of a message that uses features not available in PGP 2.6.x
 * in order to cause that version to report that newer software is
 * necessary to process the message.
 */
/* \ingroup rpmpgp
 * 5.9. Literal Data Packet (Tag 11)
 *
 * A Literal Data packet contains the body of a message; data that is
 * not to be further interpreted.
 *
 * The body of this packet consists of:
 *   - A one-octet field that describes how the data is formatted.
 *
 * If it is a 'b' (0x62), then the literal packet contains binary data.
 * If it is a 't' (0x74), then it contains text data, and thus may need
 * line ends converted to local form, or other text-mode changes.  RFC
 * 1991 also defined a value of 'l' as a 'local' mode for machine-local
 * conversions.  This use is now deprecated.
 *   - File name as a string (one-octet length, followed by file name),
 *     if the encrypted data should be saved as a file.
 *
 * If the special name "_CONSOLE" is used, the message is considered to
 * be "for your eyes only".  This advises that the message data is
 * unusually sensitive, and the receiving program should process it more
 * carefully, perhaps avoiding storing the received data to disk, for
 * example.
 *   - A four-octet number that indicates the modification date of the
 *     file, or the creation time of the packet, or a zero that
 *     indicates the present time.
 *   - The remainder of the packet is literal data.
 *
 * Text data is stored with <CR><LF> text endings (i.e. network-normal
 * line endings).  These should be converted to native line endings by
 * the receiving software.
 */
typedef struct pgpPktLdata_s {
    uint8_t format;
    uint8_t filenamelen;
    uint8_t filename[1];
} pgpPktLdata;

/* \ingroup rpmpgp
 * 5.10. Trust Packet (Tag 12)
 *
 * The Trust packet is used only within keyrings and is not normally
 * exported.  Trust packets contain data that record the user's
 * specifications of which key holders are trustworthy introducers,
 * along with other information that implementing software uses for
 * trust information.
 *
 * Trust packets SHOULD NOT be emitted to output streams that are
 * transferred to other users, and they SHOULD be ignored on any input
 * other than local keyring files.
 */
typedef struct pgpPktTrust_s {
    uint8_t flag;
} pgpPktTrust;

/* \ingroup rpmpgp
 * 5.11. User ID Packet (Tag 13)
 *
 * A User ID packet consists of data that is intended to represent the
 * name and email address of the key holder.  By convention, it includes
 * an RFC 822 mail name, but there are no restrictions on its content.
 * The packet length in the header specifies the length of the user id.
 * If it is text, it is encoded in UTF-8.
 *
 */
typedef struct pgpPktUid_s {
    uint8_t userid[1];
} pgpPktUid;

union pgpPktPre_u {
    pgpPktPubkey pubkey;        
    pgpPktSig sig;              
    pgpPktSymkey symkey;        
    pgpPktOnepass onepass;      
    pgpPktKey key;              
    pgpPktCdata cdata;          
    pgpPktEdata edata;          
    pgpPktLdata ldata;          
    pgpPktTrust tdata;          
    pgpPktUid uid;              
};

typedef enum pgpArmor_e {
    PGPARMOR_ERR_CRC_CHECK              = -7,
    PGPARMOR_ERR_BODY_DECODE            = -6,
    PGPARMOR_ERR_CRC_DECODE             = -5,
    PGPARMOR_ERR_NO_END_PGP             = -4,
    PGPARMOR_ERR_UNKNOWN_PREAMBLE_TAG   = -3,
    PGPARMOR_ERR_UNKNOWN_ARMOR_TYPE     = -2,
    PGPARMOR_ERR_NO_BEGIN_PGP           = -1,
#define PGPARMOR_ERROR  PGPARMOR_ERR_NO_BEGIN_PGP
    PGPARMOR_NONE               =  0,
    PGPARMOR_MESSAGE            =  1, 
    PGPARMOR_PUBKEY             =  2, 
    PGPARMOR_SIGNATURE          =  3, 
    PGPARMOR_SIGNED_MESSAGE     =  4, 
    PGPARMOR_FILE               =  5, 
    PGPARMOR_PRIVKEY            =  6, 
    PGPARMOR_SECKEY             =  7  
} pgpArmor;

typedef enum pgpArmorKey_e {
    PGPARMORKEY_VERSION         = 1, 
    PGPARMORKEY_COMMENT         = 2, 
    PGPARMORKEY_MESSAGEID       = 3, 
    PGPARMORKEY_HASH            = 4, 
    PGPARMORKEY_CHARSET         = 5  
} pgpArmorKey;

typedef enum pgpValType_e {
    PGPVAL_TAG                  = 1,
    PGPVAL_ARMORBLOCK           = 2,
    PGPVAL_ARMORKEY             = 3,
    PGPVAL_SIGTYPE              = 4,
    PGPVAL_SUBTYPE              = 5,
    PGPVAL_PUBKEYALGO           = 6,
    PGPVAL_SYMKEYALGO           = 7,
    PGPVAL_COMPRESSALGO         = 8,
    PGPVAL_HASHALGO             = 9,
    PGPVAL_SERVERPREFS          = 10,
} pgpValType;

enum rpmDigestFlags_e {
    RPMDIGEST_NONE      = 0
};

typedef rpmFlags rpmDigestFlags;

const char * pgpValString(pgpValType type, uint8_t val);

static inline
unsigned int pgpGrab(const uint8_t *s, size_t nbytes)
{
    size_t i = 0;
    size_t nb = (nbytes <= sizeof(i) ? nbytes : sizeof(i));
    while (nb--)
        i = (i << 8) | *s++;
    return i;
}

char * pgpHexStr(const uint8_t *p, size_t plen);

int pgpPubkeyFingerprint(const uint8_t * pkt, size_t pktlen,
                pgpKeyID_t keyid);

int pgpExtractPubkeyFingerprint(const char * b64pkt, pgpKeyID_t keyid);

int pgpPrtParams(const uint8_t *pkts, size_t pktlen, unsigned int pkttype,
                 pgpDigParams * ret);

int pgpPrtPkts(const uint8_t *pkts, size_t pktlen, pgpDig dig, int printing);

pgpArmor pgpReadPkts(const char * fn, uint8_t ** pkt, size_t * pktlen);

pgpArmor pgpParsePkts(const char *armor, uint8_t ** pkt, size_t * pktlen);

char * pgpArmorWrap(int atype, const unsigned char * s, size_t ns);

pgpDig pgpNewDig(void);

void pgpCleanDig(pgpDig dig);

pgpDig pgpFreeDig(pgpDig dig);

pgpDigParams pgpDigGetParams(pgpDig dig, unsigned int pkttype);

int pgpDigParamsCmp(pgpDigParams p1, pgpDigParams p2);

unsigned int pgpDigParamsAlgo(pgpDigParams digp, unsigned int algotype);

pgpDigParams pgpDigParamsFree(pgpDigParams digp);

rpmRC pgpVerifySignature(pgpDigParams key, pgpDigParams sig, DIGEST_CTX hashctx);

rpmRC pgpVerifySig(pgpDig dig, DIGEST_CTX hashctx);

char *pgpIdentItem(pgpDigParams digp);

int rpmInitCrypto(void);

int rpmFreeCrypto(void);

DIGEST_CTX rpmDigestDup(DIGEST_CTX octx);

size_t rpmDigestLength(int hashalgo);

DIGEST_CTX rpmDigestInit(int hashalgo, rpmDigestFlags flags);

int rpmDigestUpdate(DIGEST_CTX ctx, const void * data, size_t len);

int rpmDigestFinal(DIGEST_CTX ctx,
        void ** datap,
        size_t * lenp, int asAscii);

rpmDigestBundle rpmDigestBundleNew(void);

rpmDigestBundle rpmDigestBundleFree(rpmDigestBundle bundle);

int rpmDigestBundleAdd(rpmDigestBundle bundle, int algo,
                        rpmDigestFlags flags);

int rpmDigestBundleUpdate(rpmDigestBundle bundle, const void *data, size_t len);

int rpmDigestBundleFinal(rpmDigestBundle bundle,
         int algo, void ** datap, size_t * lenp, int asAscii);

DIGEST_CTX rpmDigestBundleDupCtx(rpmDigestBundle bundle, int algo);

#ifdef __cplusplus
}
#endif

#endif  /* H_RPMPGP */