PostgreSQL Source Code  git master
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros
pgp-pubkey.c File Reference
#include "postgres.h"
#include "px.h"
#include "mbuf.h"
#include "pgp.h"
Include dependency graph for pgp-pubkey.c:

Go to the source code of this file.

Macros

#define HIDE_CLEAR   0
 
#define HIDE_CKSUM   255
 
#define HIDE_SHA1   254
 

Functions

int pgp_key_alloc (PGP_PubKey **pk_p)
 
void pgp_key_free (PGP_PubKey *pk)
 
static int calc_key_id (PGP_PubKey *pk)
 
int _pgp_read_public_key (PullFilter *pkt, PGP_PubKey **pk_p)
 
static int check_key_sha1 (PullFilter *src, PGP_PubKey *pk)
 
static int check_key_cksum (PullFilter *src, PGP_PubKey *pk)
 
static int process_secret_key (PullFilter *pkt, PGP_PubKey **pk_p, const uint8 *key, int key_len)
 
static int internal_read_key (PullFilter *src, PGP_PubKey **pk_p, const uint8 *psw, int psw_len, int pubtype)
 
int pgp_set_pubkey (PGP_Context *ctx, MBuf *keypkt, const uint8 *key, int key_len, int pubtype)
 

Macro Definition Documentation

#define HIDE_CKSUM   255

Definition at line 250 of file pgp-pubkey.c.

Referenced by process_secret_key().

#define HIDE_CLEAR   0

Definition at line 249 of file pgp-pubkey.c.

Referenced by process_secret_key().

#define HIDE_SHA1   254

Definition at line 251 of file pgp-pubkey.c.

Referenced by process_secret_key().

Function Documentation

int _pgp_read_public_key ( PullFilter pkt,
PGP_PubKey **  pk_p 
)

Definition at line 159 of file pgp-pubkey.c.

References PGP_PubKey::algo, calc_key_id(), PGP_PubKey::can_encrypt, PGP_PubKey::dsa, PGP_PubKey::elg, GETBYTE, pgp_key_alloc(), pgp_key_free(), pgp_mpi_read(), PGP_PUB_DSA_SIGN, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_PUB_RSA_SIGN, PGP_PubKey::pub, pullf_read_fixed(), px_debug(), PXE_PGP_NOT_V4_KEYPKT, PXE_PGP_UNKNOWN_PUBALGO, PGP_PubKey::rsa, PGP_PubKey::time, and PGP_PubKey::ver.

Referenced by internal_read_key(), process_secret_key(), and read_pubkey_keyid().

160 {
161  int res;
162  PGP_PubKey *pk;
163 
164  res = pgp_key_alloc(&pk);
165  if (res < 0)
166  return res;
167 
168  /* get version */
169  GETBYTE(pkt, pk->ver);
170  if (pk->ver != 4)
171  {
172  res = PXE_PGP_NOT_V4_KEYPKT;
173  goto out;
174  }
175 
176  /* read time */
177  res = pullf_read_fixed(pkt, 4, pk->time);
178  if (res < 0)
179  goto out;
180 
181  /* pubkey algorithm */
182  GETBYTE(pkt, pk->algo);
183 
184  switch (pk->algo)
185  {
186  case PGP_PUB_DSA_SIGN:
187  res = pgp_mpi_read(pkt, &pk->pub.dsa.p);
188  if (res < 0)
189  break;
190  res = pgp_mpi_read(pkt, &pk->pub.dsa.q);
191  if (res < 0)
192  break;
193  res = pgp_mpi_read(pkt, &pk->pub.dsa.g);
194  if (res < 0)
195  break;
196  res = pgp_mpi_read(pkt, &pk->pub.dsa.y);
197  if (res < 0)
198  break;
199 
200  res = calc_key_id(pk);
201  break;
202 
203  case PGP_PUB_RSA_SIGN:
204  case PGP_PUB_RSA_ENCRYPT:
206  res = pgp_mpi_read(pkt, &pk->pub.rsa.n);
207  if (res < 0)
208  break;
209  res = pgp_mpi_read(pkt, &pk->pub.rsa.e);
210  if (res < 0)
211  break;
212 
213  res = calc_key_id(pk);
214 
215  if (pk->algo != PGP_PUB_RSA_SIGN)
216  pk->can_encrypt = 1;
217  break;
218 
219  case PGP_PUB_ELG_ENCRYPT:
220  res = pgp_mpi_read(pkt, &pk->pub.elg.p);
221  if (res < 0)
222  break;
223  res = pgp_mpi_read(pkt, &pk->pub.elg.g);
224  if (res < 0)
225  break;
226  res = pgp_mpi_read(pkt, &pk->pub.elg.y);
227  if (res < 0)
228  break;
229 
230  res = calc_key_id(pk);
231 
232  pk->can_encrypt = 1;
233  break;
234 
235  default:
236  px_debug("unknown public algo: %d", pk->algo);
238  }
239 
240 out:
241  if (res < 0)
242  pgp_key_free(pk);
243  else
244  *pk_p = pk;
245 
246  return res;
247 }
struct PGP_PubKey::@5::@7 elg
uint8 ver
Definition: pgp.h:188
int pullf_read_fixed(PullFilter *src, int len, uint8 *dst)
Definition: mbuf.c:317
struct PGP_PubKey::@5::@9 dsa
uint8 time[4]
Definition: pgp.h:189
static int calc_key_id(PGP_PubKey *pk)
Definition: pgp-pubkey.c:85
int pgp_key_alloc(PGP_PubKey **pk_p)
Definition: pgp-pubkey.c:38
struct PGP_PubKey::@5::@8 rsa
#define GETBYTE(x, i)
Definition: hstore_gist.c:32
void pgp_key_free(PGP_PubKey *pk)
Definition: pgp-pubkey.c:49
int pgp_mpi_read(PullFilter *src, PGP_MPI **mpi)
Definition: pgp-mpi.c:80
void px_debug(const char *fmt,...)
Definition: px.c:160
#define PXE_PGP_UNKNOWN_PUBALGO
Definition: px.h:93
union PGP_PubKey::@5 pub
uint8 algo
Definition: pgp.h:190
#define PXE_PGP_NOT_V4_KEYPKT
Definition: px.h:98
int can_encrypt
Definition: pgp.h:236
static int calc_key_id ( PGP_PubKey pk)
static

Definition at line 85 of file pgp-pubkey.c.

References PGP_PubKey::algo, PGP_PubKey::dsa, PGP_PubKey::elg, hash(), PGP_PubKey::key_id, PGP_DIGEST_SHA1, pgp_load_digest(), pgp_mpi_hash(), PGP_PUB_DSA_SIGN, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_PUB_RSA_SIGN, PGP_PubKey::pub, px_md_finish, px_md_free, px_md_update, px_memset(), PGP_PubKey::rsa, PGP_PubKey::time, and PGP_PubKey::ver.

Referenced by _pgp_read_public_key().

86 {
87  int res;
88  PX_MD *md;
89  int len;
90  uint8 hdr[3];
91  uint8 hash[20];
92 
93  res = pgp_load_digest(PGP_DIGEST_SHA1, &md);
94  if (res < 0)
95  return res;
96 
97  len = 1 + 4 + 1;
98  switch (pk->algo)
99  {
100  case PGP_PUB_ELG_ENCRYPT:
101  len += 2 + pk->pub.elg.p->bytes;
102  len += 2 + pk->pub.elg.g->bytes;
103  len += 2 + pk->pub.elg.y->bytes;
104  break;
105  case PGP_PUB_RSA_SIGN:
106  case PGP_PUB_RSA_ENCRYPT:
108  len += 2 + pk->pub.rsa.n->bytes;
109  len += 2 + pk->pub.rsa.e->bytes;
110  break;
111  case PGP_PUB_DSA_SIGN:
112  len += 2 + pk->pub.dsa.p->bytes;
113  len += 2 + pk->pub.dsa.q->bytes;
114  len += 2 + pk->pub.dsa.g->bytes;
115  len += 2 + pk->pub.dsa.y->bytes;
116  break;
117  }
118 
119  hdr[0] = 0x99;
120  hdr[1] = len >> 8;
121  hdr[2] = len & 0xFF;
122  px_md_update(md, hdr, 3);
123 
124  px_md_update(md, &pk->ver, 1);
125  px_md_update(md, pk->time, 4);
126  px_md_update(md, &pk->algo, 1);
127 
128  switch (pk->algo)
129  {
130  case PGP_PUB_ELG_ENCRYPT:
131  pgp_mpi_hash(md, pk->pub.elg.p);
132  pgp_mpi_hash(md, pk->pub.elg.g);
133  pgp_mpi_hash(md, pk->pub.elg.y);
134  break;
135  case PGP_PUB_RSA_SIGN:
136  case PGP_PUB_RSA_ENCRYPT:
138  pgp_mpi_hash(md, pk->pub.rsa.n);
139  pgp_mpi_hash(md, pk->pub.rsa.e);
140  break;
141  case PGP_PUB_DSA_SIGN:
142  pgp_mpi_hash(md, pk->pub.dsa.p);
143  pgp_mpi_hash(md, pk->pub.dsa.q);
144  pgp_mpi_hash(md, pk->pub.dsa.g);
145  pgp_mpi_hash(md, pk->pub.dsa.y);
146  break;
147  }
148 
149  px_md_finish(md, hash);
150  px_md_free(md);
151 
152  memcpy(pk->key_id, hash + 12, 8);
153  px_memset(hash, 0, 20);
154 
155  return 0;
156 }
int pgp_mpi_hash(PX_MD *md, PGP_MPI *n)
Definition: pgp-mpi.c:119
struct PGP_PubKey::@5::@7 elg
uint8 ver
Definition: pgp.h:188
struct PGP_PubKey::@5::@9 dsa
uint8 time[4]
Definition: pgp.h:189
#define px_md_update(md, data, dlen)
Definition: px.h:208
unsigned char uint8
Definition: c.h:266
#define px_md_finish(md, buf)
Definition: px.h:209
Definition: px.h:113
struct PGP_PubKey::@5::@8 rsa
#define px_md_free(md)
Definition: px.h:210
int pgp_load_digest(int code, PX_MD **res)
Definition: pgp.c:184
uint8 key_id[8]
Definition: pgp.h:235
union PGP_PubKey::@5 pub
uint8 algo
Definition: pgp.h:190
static unsigned hash(unsigned *uv, int n)
Definition: rege_dfa.c:541
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:134
static int check_key_cksum ( PullFilter src,
PGP_PubKey pk 
)
static

Definition at line 300 of file pgp-pubkey.c.

References PGP_PubKey::algo, buf, PGP_PubKey::dsa, PGP_PubKey::elg, pgp_mpi_cksum(), PGP_PUB_DSA_SIGN, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_PUB_RSA_SIGN, pullf_read_fixed(), px_debug(), PXE_PGP_KEYPKT_CORRUPT, PGP_PubKey::rsa, and PGP_PubKey::sec.

Referenced by process_secret_key().

301 {
302  int res;
303  unsigned got_cksum,
304  my_cksum = 0;
305  uint8 buf[2];
306 
307  res = pullf_read_fixed(src, 2, buf);
308  if (res < 0)
309  return res;
310 
311  got_cksum = ((unsigned) buf[0] << 8) + buf[1];
312  switch (pk->algo)
313  {
314  case PGP_PUB_ELG_ENCRYPT:
315  my_cksum = pgp_mpi_cksum(0, pk->sec.elg.x);
316  break;
317  case PGP_PUB_RSA_SIGN:
318  case PGP_PUB_RSA_ENCRYPT:
320  my_cksum = pgp_mpi_cksum(0, pk->sec.rsa.d);
321  my_cksum = pgp_mpi_cksum(my_cksum, pk->sec.rsa.p);
322  my_cksum = pgp_mpi_cksum(my_cksum, pk->sec.rsa.q);
323  my_cksum = pgp_mpi_cksum(my_cksum, pk->sec.rsa.u);
324  break;
325  case PGP_PUB_DSA_SIGN:
326  my_cksum = pgp_mpi_cksum(0, pk->sec.dsa.x);
327  break;
328  }
329  if (my_cksum != got_cksum)
330  {
331  px_debug("key cksum check failed");
332  return PXE_PGP_KEYPKT_CORRUPT;
333  }
334  return 0;
335 }
#define PXE_PGP_KEYPKT_CORRUPT
Definition: px.h:99
unsigned pgp_mpi_cksum(unsigned cksum, PGP_MPI *n)
Definition: pgp-mpi.c:132
struct PGP_PubKey::@5::@7 elg
int pullf_read_fixed(PullFilter *src, int len, uint8 *dst)
Definition: mbuf.c:317
struct PGP_PubKey::@5::@9 dsa
unsigned char uint8
Definition: c.h:266
struct PGP_PubKey::@5::@8 rsa
static char * buf
Definition: pg_test_fsync.c:65
union PGP_PubKey::@6 sec
void px_debug(const char *fmt,...)
Definition: px.c:160
uint8 algo
Definition: pgp.h:190
static int check_key_sha1 ( PullFilter src,
PGP_PubKey pk 
)
static

Definition at line 254 of file pgp-pubkey.c.

References PGP_PubKey::algo, PGP_PubKey::dsa, PGP_PubKey::elg, PGP_DIGEST_SHA1, pgp_load_digest(), pgp_mpi_hash(), PGP_PUB_DSA_SIGN, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_PUB_RSA_SIGN, pullf_read_fixed(), px_debug(), px_md_finish, px_md_free, px_memset(), PXE_PGP_KEYPKT_CORRUPT, PGP_PubKey::rsa, and PGP_PubKey::sec.

Referenced by process_secret_key().

255 {
256  int res;
257  uint8 got_sha1[20];
258  uint8 my_sha1[20];
259  PX_MD *md;
260 
261  res = pullf_read_fixed(src, 20, got_sha1);
262  if (res < 0)
263  return res;
264 
265  res = pgp_load_digest(PGP_DIGEST_SHA1, &md);
266  if (res < 0)
267  goto err;
268  switch (pk->algo)
269  {
270  case PGP_PUB_ELG_ENCRYPT:
271  pgp_mpi_hash(md, pk->sec.elg.x);
272  break;
273  case PGP_PUB_RSA_SIGN:
274  case PGP_PUB_RSA_ENCRYPT:
276  pgp_mpi_hash(md, pk->sec.rsa.d);
277  pgp_mpi_hash(md, pk->sec.rsa.p);
278  pgp_mpi_hash(md, pk->sec.rsa.q);
279  pgp_mpi_hash(md, pk->sec.rsa.u);
280  break;
281  case PGP_PUB_DSA_SIGN:
282  pgp_mpi_hash(md, pk->sec.dsa.x);
283  break;
284  }
285  px_md_finish(md, my_sha1);
286  px_md_free(md);
287 
288  if (memcmp(my_sha1, got_sha1, 20) != 0)
289  {
290  px_debug("key sha1 check failed");
292  }
293 err:
294  px_memset(got_sha1, 0, 20);
295  px_memset(my_sha1, 0, 20);
296  return res;
297 }
#define PXE_PGP_KEYPKT_CORRUPT
Definition: px.h:99
int pgp_mpi_hash(PX_MD *md, PGP_MPI *n)
Definition: pgp-mpi.c:119
struct PGP_PubKey::@5::@7 elg
int pullf_read_fixed(PullFilter *src, int len, uint8 *dst)
Definition: mbuf.c:317
struct PGP_PubKey::@5::@9 dsa
unsigned char uint8
Definition: c.h:266
#define px_md_finish(md, buf)
Definition: px.h:209
Definition: px.h:113
struct PGP_PubKey::@5::@8 rsa
#define px_md_free(md)
Definition: px.h:210
int pgp_load_digest(int code, PX_MD **res)
Definition: pgp.c:184
union PGP_PubKey::@6 sec
void px_debug(const char *fmt,...)
Definition: px.c:160
uint8 algo
Definition: pgp.h:190
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:134
static int internal_read_key ( PullFilter src,
PGP_PubKey **  pk_p,
const uint8 psw,
int  psw_len,
int  pubtype 
)
static

Definition at line 459 of file pgp-pubkey.c.

References _pgp_read_public_key(), PGP_PubKey::can_encrypt, NULL, pgp_create_pkt_reader(), pgp_key_free(), pgp_parse_pkt_hdr(), PGP_PKT_MARKER, PGP_PKT_PRIV_61, PGP_PKT_PUBLIC_KEY, PGP_PKT_PUBLIC_SUBKEY, PGP_PKT_SECRET_KEY, PGP_PKT_SECRET_SUBKEY, PGP_PKT_SIGNATURE, PGP_PKT_TRUST, PGP_PKT_USER_ATTR, PGP_PKT_USER_ID, pgp_skip_packet(), process_secret_key(), pullf_free(), px_debug(), PXE_PGP_EXPECT_PUBLIC_KEY, PXE_PGP_EXPECT_SECRET_KEY, PXE_PGP_MULTIPLE_KEYS, PXE_PGP_MULTIPLE_SUBKEYS, PXE_PGP_NO_USABLE_KEY, and PXE_PGP_UNEXPECTED_PKT.

Referenced by pgp_set_pubkey().

461 {
462  PullFilter *pkt = NULL;
463  int res;
464  uint8 tag;
465  int len;
466  PGP_PubKey *enc_key = NULL;
467  PGP_PubKey *pk = NULL;
468  int got_main_key = 0;
469 
470  /*
471  * Search for encryption key.
472  *
473  * Error out on anything fancy.
474  */
475  while (1)
476  {
477  res = pgp_parse_pkt_hdr(src, &tag, &len, 0);
478  if (res <= 0)
479  break;
480  res = pgp_create_pkt_reader(&pkt, src, len, res, NULL);
481  if (res < 0)
482  break;
483 
484  switch (tag)
485  {
486  case PGP_PKT_PUBLIC_KEY:
487  case PGP_PKT_SECRET_KEY:
488  if (got_main_key)
489  {
490  res = PXE_PGP_MULTIPLE_KEYS;
491  break;
492  }
493  got_main_key = 1;
494  res = pgp_skip_packet(pkt);
495  break;
496 
498  if (pubtype != 0)
500  else
501  res = _pgp_read_public_key(pkt, &pk);
502  break;
503 
505  if (pubtype != 1)
507  else
508  res = process_secret_key(pkt, &pk, psw, psw_len);
509  break;
510 
511  case PGP_PKT_SIGNATURE:
512  case PGP_PKT_MARKER:
513  case PGP_PKT_TRUST:
514  case PGP_PKT_USER_ID:
515  case PGP_PKT_USER_ATTR:
516  case PGP_PKT_PRIV_61:
517  res = pgp_skip_packet(pkt);
518  break;
519  default:
520  px_debug("unknown/unexpected packet: %d", tag);
522  }
523  pullf_free(pkt);
524  pkt = NULL;
525 
526  if (pk != NULL)
527  {
528  if (res >= 0 && pk->can_encrypt)
529  {
530  if (enc_key == NULL)
531  {
532  enc_key = pk;
533  pk = NULL;
534  }
535  else
537  }
538 
539  if (pk)
540  pgp_key_free(pk);
541  pk = NULL;
542  }
543 
544  if (res < 0)
545  break;
546  }
547 
548  if (pkt)
549  pullf_free(pkt);
550 
551  if (res < 0)
552  {
553  if (enc_key)
554  pgp_key_free(enc_key);
555  return res;
556  }
557 
558  if (!enc_key)
559  res = PXE_PGP_NO_USABLE_KEY;
560  else
561  *pk_p = enc_key;
562  return res;
563 }
void pullf_free(PullFilter *pf)
Definition: mbuf.c:245
int pgp_parse_pkt_hdr(PullFilter *src, uint8 *tag, int *len_p, int allow_ctx)
Definition: pgp-decrypt.c:129
#define PXE_PGP_EXPECT_SECRET_KEY
Definition: px.h:97
unsigned char uint8
Definition: c.h:266
#define PXE_PGP_MULTIPLE_SUBKEYS
Definition: px.h:104
int pgp_skip_packet(PullFilter *pkt)
Definition: pgp-decrypt.c:1061
#define PXE_PGP_NO_USABLE_KEY
Definition: px.h:100
void pgp_key_free(PGP_PubKey *pk)
Definition: pgp-pubkey.c:49
int pgp_create_pkt_reader(PullFilter **pf_p, PullFilter *src, int len, int pkttype, PGP_Context *ctx)
Definition: pgp-decrypt.c:223
#define PXE_PGP_UNEXPECTED_PKT
Definition: px.h:88
#define PXE_PGP_MULTIPLE_KEYS
Definition: px.h:95
static int process_secret_key(PullFilter *pkt, PGP_PubKey **pk_p, const uint8 *key, int key_len)
Definition: pgp-pubkey.c:338
#define PXE_PGP_EXPECT_PUBLIC_KEY
Definition: px.h:96
#define NULL
Definition: c.h:229
void px_debug(const char *fmt,...)
Definition: px.c:160
int can_encrypt
Definition: pgp.h:236
int _pgp_read_public_key(PullFilter *pkt, PGP_PubKey **pk_p)
Definition: pgp-pubkey.c:159
int pgp_key_alloc ( PGP_PubKey **  pk_p)

Definition at line 38 of file pgp-pubkey.c.

References px_alloc.

Referenced by _pgp_read_public_key().

39 {
40  PGP_PubKey *pk;
41 
42  pk = px_alloc(sizeof(*pk));
43  memset(pk, 0, sizeof(*pk));
44  *pk_p = pk;
45  return 0;
46 }
#define px_alloc(s)
Definition: px.h:44
void pgp_key_free ( PGP_PubKey pk)

Definition at line 49 of file pgp-pubkey.c.

References PGP_PubKey::algo, PGP_PubKey::dsa, PGP_PubKey::elg, NULL, pgp_mpi_free(), PGP_PUB_DSA_SIGN, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_PUB_RSA_SIGN, PGP_PubKey::pub, px_free, px_memset(), PGP_PubKey::rsa, and PGP_PubKey::sec.

Referenced by _pgp_read_public_key(), internal_read_key(), pgp_free(), process_secret_key(), and read_pubkey_keyid().

50 {
51  if (pk == NULL)
52  return;
53 
54  switch (pk->algo)
55  {
57  pgp_mpi_free(pk->pub.elg.p);
58  pgp_mpi_free(pk->pub.elg.g);
59  pgp_mpi_free(pk->pub.elg.y);
60  pgp_mpi_free(pk->sec.elg.x);
61  break;
62  case PGP_PUB_RSA_SIGN:
65  pgp_mpi_free(pk->pub.rsa.n);
66  pgp_mpi_free(pk->pub.rsa.e);
67  pgp_mpi_free(pk->sec.rsa.d);
68  pgp_mpi_free(pk->sec.rsa.p);
69  pgp_mpi_free(pk->sec.rsa.q);
70  pgp_mpi_free(pk->sec.rsa.u);
71  break;
72  case PGP_PUB_DSA_SIGN:
73  pgp_mpi_free(pk->pub.dsa.p);
74  pgp_mpi_free(pk->pub.dsa.q);
75  pgp_mpi_free(pk->pub.dsa.g);
76  pgp_mpi_free(pk->pub.dsa.y);
77  pgp_mpi_free(pk->sec.dsa.x);
78  break;
79  }
80  px_memset(pk, 0, sizeof(*pk));
81  px_free(pk);
82 }
struct PGP_PubKey::@5::@7 elg
struct PGP_PubKey::@5::@9 dsa
#define px_free(p)
Definition: px.h:46
struct PGP_PubKey::@5::@8 rsa
int pgp_mpi_free(PGP_MPI *mpi)
Definition: pgp-mpi.c:70
union PGP_PubKey::@6 sec
#define NULL
Definition: c.h:229
union PGP_PubKey::@5 pub
uint8 algo
Definition: pgp.h:190
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:134
int pgp_set_pubkey ( PGP_Context ctx,
MBuf keypkt,
const uint8 key,
int  key_len,
int  pubtype 
)

Definition at line 566 of file pgp-pubkey.c.

References internal_read_key(), NULL, PGP_Context::pub_key, pullf_create_mbuf_reader(), and pullf_free().

Referenced by decrypt_internal(), and encrypt_internal().

568 {
569  int res;
570  PullFilter *src;
571  PGP_PubKey *pk = NULL;
572 
573  res = pullf_create_mbuf_reader(&src, keypkt);
574  if (res < 0)
575  return res;
576 
577  res = internal_read_key(src, &pk, key, key_len, pubtype);
578  pullf_free(src);
579 
580  if (res >= 0)
581  ctx->pub_key = pk;
582 
583  return res < 0 ? res : 0;
584 }
void pullf_free(PullFilter *pf)
Definition: mbuf.c:245
int pullf_create_mbuf_reader(PullFilter **mp_p, MBuf *src)
Definition: mbuf.c:352
static int internal_read_key(PullFilter *src, PGP_PubKey **pk_p, const uint8 *psw, int psw_len, int pubtype)
Definition: pgp-pubkey.c:459
#define NULL
Definition: c.h:229
PGP_PubKey * pub_key
Definition: pgp.h:164
static int process_secret_key ( PullFilter pkt,
PGP_PubKey **  pk_p,
const uint8 key,
int  key_len 
)
static

Definition at line 338 of file pgp-pubkey.c.

References _pgp_read_public_key(), PGP_PubKey::algo, check_key_cksum(), check_key_sha1(), debug_expect::cipher_algo, PGP_PubKey::dsa, PGP_PubKey::elg, GETBYTE, HIDE_CKSUM, HIDE_CLEAR, HIDE_SHA1, PGP_S2K::key, PGP_S2K::key_len, NULL, pgp_cfb_create(), pgp_cfb_free(), pgp_decrypt_filter, pgp_expect_packet_end(), pgp_get_cipher_block_size(), pgp_key_free(), pgp_mpi_read(), PGP_PUB_DSA_SIGN, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_PUB_RSA_SIGN, pgp_s2k_process(), pgp_s2k_read(), pullf_create(), pullf_free(), pullf_read_fixed(), px_debug(), PXE_PGP_KEYPKT_CORRUPT, PXE_PGP_NEED_SECRET_PSW, PXE_PGP_UNSUPPORTED_CIPHER, PGP_PubKey::rsa, and PGP_PubKey::sec.

Referenced by internal_read_key().

340 {
341  int res;
342  int hide_type;
343  int cipher_algo;
344  int bs;
345  uint8 iv[512];
346  PullFilter *pf_decrypt = NULL,
347  *pf_key;
348  PGP_CFB *cfb = NULL;
349  PGP_S2K s2k;
350  PGP_PubKey *pk;
351 
352  /* first read public key part */
353  res = _pgp_read_public_key(pkt, &pk);
354  if (res < 0)
355  return res;
356 
357  /*
358  * is secret key encrypted?
359  */
360  GETBYTE(pkt, hide_type);
361  if (hide_type == HIDE_SHA1 || hide_type == HIDE_CKSUM)
362  {
363  if (key == NULL)
365  GETBYTE(pkt, cipher_algo);
366  res = pgp_s2k_read(pkt, &s2k);
367  if (res < 0)
368  return res;
369 
370  res = pgp_s2k_process(&s2k, cipher_algo, key, key_len);
371  if (res < 0)
372  return res;
373 
374  bs = pgp_get_cipher_block_size(cipher_algo);
375  if (bs == 0)
376  {
377  px_debug("unknown cipher algo=%d", cipher_algo);
379  }
380  res = pullf_read_fixed(pkt, bs, iv);
381  if (res < 0)
382  return res;
383 
384  /*
385  * create decrypt filter
386  */
387  res = pgp_cfb_create(&cfb, cipher_algo, s2k.key, s2k.key_len, 0, iv);
388  if (res < 0)
389  return res;
390  res = pullf_create(&pf_decrypt, &pgp_decrypt_filter, cfb, pkt);
391  if (res < 0)
392  return res;
393  pf_key = pf_decrypt;
394  }
395  else if (hide_type == HIDE_CLEAR)
396  {
397  pf_key = pkt;
398  }
399  else
400  {
401  px_debug("unknown hide type");
402  return PXE_PGP_KEYPKT_CORRUPT;
403  }
404 
405  /* read secret key */
406  switch (pk->algo)
407  {
408  case PGP_PUB_RSA_SIGN:
409  case PGP_PUB_RSA_ENCRYPT:
411  res = pgp_mpi_read(pf_key, &pk->sec.rsa.d);
412  if (res < 0)
413  break;
414  res = pgp_mpi_read(pf_key, &pk->sec.rsa.p);
415  if (res < 0)
416  break;
417  res = pgp_mpi_read(pf_key, &pk->sec.rsa.q);
418  if (res < 0)
419  break;
420  res = pgp_mpi_read(pf_key, &pk->sec.rsa.u);
421  if (res < 0)
422  break;
423  break;
424  case PGP_PUB_ELG_ENCRYPT:
425  res = pgp_mpi_read(pf_key, &pk->sec.elg.x);
426  break;
427  case PGP_PUB_DSA_SIGN:
428  res = pgp_mpi_read(pf_key, &pk->sec.dsa.x);
429  break;
430  default:
431  px_debug("unknown public algo: %d", pk->algo);
433  }
434  /* read checksum / sha1 */
435  if (res >= 0)
436  {
437  if (hide_type == HIDE_SHA1)
438  res = check_key_sha1(pf_key, pk);
439  else
440  res = check_key_cksum(pf_key, pk);
441  }
442  if (res >= 0)
443  res = pgp_expect_packet_end(pf_key);
444 
445  if (pf_decrypt)
446  pullf_free(pf_decrypt);
447  if (cfb)
448  pgp_cfb_free(cfb);
449 
450  if (res < 0)
451  pgp_key_free(pk);
452  else
453  *pk_p = pk;
454 
455  return res;
456 }
#define PXE_PGP_KEYPKT_CORRUPT
Definition: px.h:99
struct PGP_PubKey::@5::@7 elg
void pullf_free(PullFilter *pf)
Definition: mbuf.c:245
int pullf_create(PullFilter **pf_p, const PullFilterOps *op, void *init_arg, PullFilter *src)
Definition: mbuf.c:206
int pullf_read_fixed(PullFilter *src, int len, uint8 *dst)
Definition: mbuf.c:317
struct PGP_PubKey::@5::@9 dsa
#define PXE_PGP_UNSUPPORTED_CIPHER
Definition: px.h:84
unsigned char uint8
Definition: c.h:266
#define HIDE_CKSUM
Definition: pgp-pubkey.c:250
int cipher_algo
Definition: pgp-pgsql.c:123
struct PGP_PubKey::@5::@8 rsa
static int check_key_cksum(PullFilter *src, PGP_PubKey *pk)
Definition: pgp-pubkey.c:300
#define GETBYTE(x, i)
Definition: hstore_gist.c:32
void pgp_key_free(PGP_PubKey *pk)
Definition: pgp-pubkey.c:49
#define HIDE_SHA1
Definition: pgp-pubkey.c:251
uint8 key[PGP_MAX_KEY]
Definition: pgp.h:129
Definition: pgp.h:122
int pgp_mpi_read(PullFilter *src, PGP_MPI **mpi)
Definition: pgp-mpi.c:80
int pgp_expect_packet_end(PullFilter *pkt)
Definition: pgp-decrypt.c:1075
int pgp_s2k_process(PGP_S2K *s2k, int cipher, const uint8 *key, int key_len)
Definition: pgp-s2k.c:281
struct PullFilterOps pgp_decrypt_filter
Definition: pgp-decrypt.c:313
void pgp_cfb_free(PGP_CFB *ctx)
Definition: pgp-cfb.c:84
#define PXE_PGP_NEED_SECRET_PSW
Definition: px.h:101
union PGP_PubKey::@6 sec
#define NULL
Definition: c.h:229
int pgp_s2k_read(PullFilter *src, PGP_S2K *s2k)
Definition: pgp-s2k.c:255
static int check_key_sha1(PullFilter *src, PGP_PubKey *pk)
Definition: pgp-pubkey.c:254
void px_debug(const char *fmt,...)
Definition: px.c:160
int pgp_get_cipher_block_size(int code)
Definition: pgp.c:158
uint8 key_len
Definition: pgp.h:130
int pgp_cfb_create(PGP_CFB **ctx_p, int algo, const uint8 *key, int key_len, int resync, uint8 *iv)
Definition: pgp-cfb.c:52
uint8 algo
Definition: pgp.h:190
#define HIDE_CLEAR
Definition: pgp-pubkey.c:249
int _pgp_read_public_key(PullFilter *pkt, PGP_PubKey **pk_p)
Definition: pgp-pubkey.c:159