PostgreSQL Source Code git master
pgp.h File Reference
#include "lib/stringinfo.h"
#include "mbuf.h"
#include "px.h"
Include dependency graph for pgp.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  PGP_S2K
 
struct  PGP_Context
 
struct  PGP_MPI
 
struct  PGP_PubKey
 

Macros

#define PGP_MAX_KEY   (256/8)
 
#define PGP_MAX_BLOCK   (256/8)
 
#define PGP_MAX_DIGEST   (512/8)
 
#define PGP_S2K_SALT   8
 
#define s2k_decode_count(cval)    (((unsigned) 16 + (cval & 15)) << ((cval >> 4) + 6))
 

Typedefs

typedef struct PGP_MPI PGP_MPI
 
typedef struct PGP_PubKey PGP_PubKey
 
typedef struct PGP_Context PGP_Context
 
typedef struct PGP_S2K PGP_S2K
 
typedef struct PGP_CFB PGP_CFB
 

Enumerations

enum  PGP_S2K_TYPE { PGP_S2K_SIMPLE = 0 , PGP_S2K_SALTED = 1 , PGP_S2K_ISALTED = 3 }
 
enum  PGP_PKT_TYPE {
  PGP_PKT_RESERVED = 0 , PGP_PKT_PUBENCRYPTED_SESSKEY = 1 , PGP_PKT_SIGNATURE = 2 , PGP_PKT_SYMENCRYPTED_SESSKEY = 3 ,
  PGP_PKT_SECRET_KEY = 5 , PGP_PKT_PUBLIC_KEY = 6 , PGP_PKT_SECRET_SUBKEY = 7 , PGP_PKT_COMPRESSED_DATA = 8 ,
  PGP_PKT_SYMENCRYPTED_DATA = 9 , PGP_PKT_MARKER = 10 , PGP_PKT_LITERAL_DATA = 11 , PGP_PKT_TRUST = 12 ,
  PGP_PKT_USER_ID = 13 , PGP_PKT_PUBLIC_SUBKEY = 14 , PGP_PKT_USER_ATTR = 17 , PGP_PKT_SYMENCRYPTED_DATA_MDC = 18 ,
  PGP_PKT_MDC = 19 , PGP_PKT_PRIV_61 = 61
}
 
enum  PGP_PUB_ALGO_TYPE {
  PGP_PUB_RSA_ENCRYPT_SIGN = 1 , PGP_PUB_RSA_ENCRYPT = 2 , PGP_PUB_RSA_SIGN = 3 , PGP_PUB_ELG_ENCRYPT = 16 ,
  PGP_PUB_DSA_SIGN = 17
}
 
enum  PGP_SYMENC_TYPE {
  PGP_SYM_PLAIN = 0 , PGP_SYM_IDEA = 1 , PGP_SYM_DES3 = 2 , PGP_SYM_CAST5 = 3 ,
  PGP_SYM_BLOWFISH = 4 , PGP_SYM_SAFER_SK128 = 5 , PGP_SYM_DES_SK = 6 , PGP_SYM_AES_128 = 7 ,
  PGP_SYM_AES_192 = 8 , PGP_SYM_AES_256 = 9 , PGP_SYM_TWOFISH = 10
}
 
enum  PGP_COMPR_TYPE { PGP_COMPR_NONE = 0 , PGP_COMPR_ZIP = 1 , PGP_COMPR_ZLIB = 2 , PGP_COMPR_BZIP2 = 3 }
 
enum  PGP_DIGEST_TYPE {
  PGP_DIGEST_MD5 = 1 , PGP_DIGEST_SHA1 = 2 , PGP_DIGEST_RIPEMD160 = 3 , PGP_DIGEST_XSHA = 4 ,
  PGP_DIGEST_MD2 = 5 , PGP_DIGEST_TIGER192 = 6 , PGP_DIGEST_HAVAL5_160 = 7 , PGP_DIGEST_SHA256 = 8 ,
  PGP_DIGEST_SHA384 = 9 , PGP_DIGEST_SHA512 = 10
}
 

Functions

int pgp_init (PGP_Context **ctx_p)
 
int pgp_encrypt (PGP_Context *ctx, MBuf *src, MBuf *dst)
 
int pgp_decrypt (PGP_Context *ctx, MBuf *msrc, MBuf *mdst)
 
int pgp_free (PGP_Context *ctx)
 
int pgp_get_digest_code (const char *name)
 
int pgp_get_cipher_code (const char *name)
 
const char * pgp_get_digest_name (int code)
 
int pgp_set_cipher_algo (PGP_Context *ctx, const char *name)
 
int pgp_set_s2k_mode (PGP_Context *ctx, int mode)
 
int pgp_set_s2k_count (PGP_Context *ctx, int count)
 
int pgp_set_s2k_cipher_algo (PGP_Context *ctx, const char *name)
 
int pgp_set_s2k_digest_algo (PGP_Context *ctx, const char *name)
 
int pgp_set_convert_crlf (PGP_Context *ctx, int doit)
 
int pgp_disable_mdc (PGP_Context *ctx, int disable)
 
int pgp_set_sess_key (PGP_Context *ctx, int use)
 
int pgp_set_compress_algo (PGP_Context *ctx, int algo)
 
int pgp_set_compress_level (PGP_Context *ctx, int level)
 
int pgp_set_text_mode (PGP_Context *ctx, int mode)
 
int pgp_set_unicode_mode (PGP_Context *ctx, int mode)
 
int pgp_get_unicode_mode (PGP_Context *ctx)
 
int pgp_set_symkey (PGP_Context *ctx, const uint8 *key, int len)
 
int pgp_set_pubkey (PGP_Context *ctx, MBuf *keypkt, const uint8 *key, int key_len, int pubtype)
 
int pgp_get_keyid (MBuf *pgp_data, char *dst)
 
int pgp_load_digest (int code, PX_MD **res)
 
int pgp_load_cipher (int code, PX_Cipher **res)
 
int pgp_get_cipher_key_size (int code)
 
int pgp_get_cipher_block_size (int code)
 
int pgp_s2k_fill (PGP_S2K *s2k, int mode, int digest_algo, int count)
 
int pgp_s2k_read (PullFilter *src, PGP_S2K *s2k)
 
int pgp_s2k_process (PGP_S2K *s2k, int cipher, const uint8 *key, int key_len)
 
int pgp_cfb_create (PGP_CFB **ctx_p, int algo, const uint8 *key, int key_len, int resync, uint8 *iv)
 
void pgp_cfb_free (PGP_CFB *ctx)
 
int pgp_cfb_encrypt (PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
 
int pgp_cfb_decrypt (PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
 
void pgp_armor_encode (const uint8 *src, unsigned len, StringInfo dst, int num_headers, char **keys, char **values)
 
int pgp_armor_decode (const uint8 *src, int len, StringInfo dst)
 
int pgp_extract_armor_headers (const uint8 *src, unsigned len, int *nheaders, char ***keys, char ***values)
 
int pgp_compress_filter (PushFilter **res, PGP_Context *ctx, PushFilter *dst)
 
int pgp_decompress_filter (PullFilter **res, PGP_Context *ctx, PullFilter *src)
 
int pgp_key_alloc (PGP_PubKey **pk_p)
 
void pgp_key_free (PGP_PubKey *pk)
 
int _pgp_read_public_key (PullFilter *pkt, PGP_PubKey **pk_p)
 
int pgp_parse_pubenc_sesskey (PGP_Context *ctx, PullFilter *pkt)
 
int pgp_create_pkt_reader (PullFilter **pf_p, PullFilter *src, int len, int pkttype, PGP_Context *ctx)
 
int pgp_parse_pkt_hdr (PullFilter *src, uint8 *tag, int *len_p, int allow_ctx)
 
int pgp_skip_packet (PullFilter *pkt)
 
int pgp_expect_packet_end (PullFilter *pkt)
 
int pgp_write_pubenc_sesskey (PGP_Context *ctx, PushFilter *dst)
 
int pgp_create_pkt_writer (PushFilter *dst, int tag, PushFilter **res_p)
 
int pgp_mpi_alloc (int bits, PGP_MPI **mpi)
 
int pgp_mpi_create (uint8 *data, int bits, PGP_MPI **mpi)
 
int pgp_mpi_free (PGP_MPI *mpi)
 
int pgp_mpi_read (PullFilter *src, PGP_MPI **mpi)
 
int pgp_mpi_write (PushFilter *dst, PGP_MPI *n)
 
int pgp_mpi_hash (PX_MD *md, PGP_MPI *n)
 
unsigned pgp_mpi_cksum (unsigned cksum, PGP_MPI *n)
 
int pgp_elgamal_encrypt (PGP_PubKey *pk, PGP_MPI *_m, PGP_MPI **c1_p, PGP_MPI **c2_p)
 
int pgp_elgamal_decrypt (PGP_PubKey *pk, PGP_MPI *_c1, PGP_MPI *_c2, PGP_MPI **msg_p)
 
int pgp_rsa_encrypt (PGP_PubKey *pk, PGP_MPI *_m, PGP_MPI **c_p)
 
int pgp_rsa_decrypt (PGP_PubKey *pk, PGP_MPI *_c, PGP_MPI **m_p)
 

Variables

struct PullFilterOps pgp_decrypt_filter
 

Macro Definition Documentation

◆ PGP_MAX_BLOCK

#define PGP_MAX_BLOCK   (256/8)

Definition at line 113 of file pgp.h.

◆ PGP_MAX_DIGEST

#define PGP_MAX_DIGEST   (512/8)

Definition at line 114 of file pgp.h.

◆ PGP_MAX_KEY

#define PGP_MAX_KEY   (256/8)

Definition at line 112 of file pgp.h.

◆ PGP_S2K_SALT

#define PGP_S2K_SALT   8

Definition at line 115 of file pgp.h.

◆ s2k_decode_count

#define s2k_decode_count (   cval)     (((unsigned) 16 + (cval & 15)) << ((cval >> 4) + 6))

Definition at line 176 of file pgp.h.

Typedef Documentation

◆ PGP_CFB

typedef struct PGP_CFB PGP_CFB

Definition at line 279 of file pgp.h.

◆ PGP_Context

typedef struct PGP_Context PGP_Context

Definition at line 119 of file pgp.h.

◆ PGP_MPI

typedef struct PGP_MPI PGP_MPI

Definition at line 117 of file pgp.h.

◆ PGP_PubKey

typedef struct PGP_PubKey PGP_PubKey

Definition at line 118 of file pgp.h.

◆ PGP_S2K

typedef struct PGP_S2K PGP_S2K

Definition at line 120 of file pgp.h.

Enumeration Type Documentation

◆ PGP_COMPR_TYPE

Enumerator
PGP_COMPR_NONE 
PGP_COMPR_ZIP 
PGP_COMPR_ZLIB 
PGP_COMPR_BZIP2 

Definition at line 90 of file pgp.h.

91{
92 PGP_COMPR_NONE = 0, /* must */
93 PGP_COMPR_ZIP = 1, /* should */
96};
@ PGP_COMPR_BZIP2
Definition: pgp.h:95
@ PGP_COMPR_ZLIB
Definition: pgp.h:94
@ PGP_COMPR_NONE
Definition: pgp.h:92
@ PGP_COMPR_ZIP
Definition: pgp.h:93

◆ PGP_DIGEST_TYPE

Enumerator
PGP_DIGEST_MD5 
PGP_DIGEST_SHA1 
PGP_DIGEST_RIPEMD160 
PGP_DIGEST_XSHA 
PGP_DIGEST_MD2 
PGP_DIGEST_TIGER192 
PGP_DIGEST_HAVAL5_160 
PGP_DIGEST_SHA256 
PGP_DIGEST_SHA384 
PGP_DIGEST_SHA512 

Definition at line 98 of file pgp.h.

99{
100 PGP_DIGEST_MD5 = 1, /* should, deprecated */
101 PGP_DIGEST_SHA1 = 2, /* must */
103 PGP_DIGEST_XSHA = 4, /* obsolete */
104 PGP_DIGEST_MD2 = 5, /* obsolete */
105 PGP_DIGEST_TIGER192 = 6, /* obsolete */
106 PGP_DIGEST_HAVAL5_160 = 7, /* obsolete */
110};
@ PGP_DIGEST_XSHA
Definition: pgp.h:103
@ PGP_DIGEST_MD2
Definition: pgp.h:104
@ PGP_DIGEST_TIGER192
Definition: pgp.h:105
@ PGP_DIGEST_SHA1
Definition: pgp.h:101
@ PGP_DIGEST_SHA256
Definition: pgp.h:107
@ PGP_DIGEST_MD5
Definition: pgp.h:100
@ PGP_DIGEST_SHA512
Definition: pgp.h:109
@ PGP_DIGEST_SHA384
Definition: pgp.h:108
@ PGP_DIGEST_RIPEMD160
Definition: pgp.h:102
@ PGP_DIGEST_HAVAL5_160
Definition: pgp.h:106

◆ PGP_PKT_TYPE

Enumerator
PGP_PKT_RESERVED 
PGP_PKT_PUBENCRYPTED_SESSKEY 
PGP_PKT_SIGNATURE 
PGP_PKT_SYMENCRYPTED_SESSKEY 
PGP_PKT_SECRET_KEY 
PGP_PKT_PUBLIC_KEY 
PGP_PKT_SECRET_SUBKEY 
PGP_PKT_COMPRESSED_DATA 
PGP_PKT_SYMENCRYPTED_DATA 
PGP_PKT_MARKER 
PGP_PKT_LITERAL_DATA 
PGP_PKT_TRUST 
PGP_PKT_USER_ID 
PGP_PKT_PUBLIC_SUBKEY 
PGP_PKT_USER_ATTR 
PGP_PKT_SYMENCRYPTED_DATA_MDC 
PGP_PKT_MDC 
PGP_PKT_PRIV_61 

Definition at line 44 of file pgp.h.

45{
55 PGP_PKT_MARKER = 10,
57 PGP_PKT_TRUST = 12,
58 PGP_PKT_USER_ID = 13,
62 PGP_PKT_MDC = 19,
63 PGP_PKT_PRIV_61 = 61, /* occurs in gpg secring */
64};
@ PGP_PKT_TRUST
Definition: pgp.h:57
@ PGP_PKT_USER_ATTR
Definition: pgp.h:60
@ PGP_PKT_PUBLIC_SUBKEY
Definition: pgp.h:59
@ PGP_PKT_SYMENCRYPTED_DATA
Definition: pgp.h:54
@ PGP_PKT_RESERVED
Definition: pgp.h:46
@ PGP_PKT_SIGNATURE
Definition: pgp.h:48
@ PGP_PKT_COMPRESSED_DATA
Definition: pgp.h:53
@ PGP_PKT_SECRET_SUBKEY
Definition: pgp.h:52
@ PGP_PKT_MARKER
Definition: pgp.h:55
@ PGP_PKT_SECRET_KEY
Definition: pgp.h:50
@ PGP_PKT_SYMENCRYPTED_SESSKEY
Definition: pgp.h:49
@ PGP_PKT_MDC
Definition: pgp.h:62
@ PGP_PKT_PUBLIC_KEY
Definition: pgp.h:51
@ PGP_PKT_LITERAL_DATA
Definition: pgp.h:56
@ PGP_PKT_USER_ID
Definition: pgp.h:58
@ PGP_PKT_SYMENCRYPTED_DATA_MDC
Definition: pgp.h:61
@ PGP_PKT_PUBENCRYPTED_SESSKEY
Definition: pgp.h:47
@ PGP_PKT_PRIV_61
Definition: pgp.h:63

◆ PGP_PUB_ALGO_TYPE

Enumerator
PGP_PUB_RSA_ENCRYPT_SIGN 
PGP_PUB_RSA_ENCRYPT 
PGP_PUB_RSA_SIGN 
PGP_PUB_ELG_ENCRYPT 
PGP_PUB_DSA_SIGN 

Definition at line 66 of file pgp.h.

67{
73};
@ PGP_PUB_RSA_ENCRYPT_SIGN
Definition: pgp.h:68
@ PGP_PUB_RSA_ENCRYPT
Definition: pgp.h:69
@ PGP_PUB_DSA_SIGN
Definition: pgp.h:72
@ PGP_PUB_RSA_SIGN
Definition: pgp.h:70
@ PGP_PUB_ELG_ENCRYPT
Definition: pgp.h:71

◆ PGP_S2K_TYPE

Enumerator
PGP_S2K_SIMPLE 
PGP_S2K_SALTED 
PGP_S2K_ISALTED 

Definition at line 37 of file pgp.h.

38{
42};
@ PGP_S2K_ISALTED
Definition: pgp.h:41
@ PGP_S2K_SALTED
Definition: pgp.h:40
@ PGP_S2K_SIMPLE
Definition: pgp.h:39

◆ PGP_SYMENC_TYPE

Enumerator
PGP_SYM_PLAIN 
PGP_SYM_IDEA 
PGP_SYM_DES3 
PGP_SYM_CAST5 
PGP_SYM_BLOWFISH 
PGP_SYM_SAFER_SK128 
PGP_SYM_DES_SK 
PGP_SYM_AES_128 
PGP_SYM_AES_192 
PGP_SYM_AES_256 
PGP_SYM_TWOFISH 

Definition at line 75 of file pgp.h.

76{
77 PGP_SYM_PLAIN = 0, /* ?? */
78 PGP_SYM_IDEA = 1, /* obsolete, PGP 2.6 compat */
79 PGP_SYM_DES3 = 2, /* must */
80 PGP_SYM_CAST5 = 3, /* should */
82 PGP_SYM_SAFER_SK128 = 5, /* obsolete */
83 PGP_SYM_DES_SK = 6, /* obsolete */
84 PGP_SYM_AES_128 = 7, /* should */
87 PGP_SYM_TWOFISH = 10,
88};
@ PGP_SYM_TWOFISH
Definition: pgp.h:87
@ PGP_SYM_IDEA
Definition: pgp.h:78
@ PGP_SYM_SAFER_SK128
Definition: pgp.h:82
@ PGP_SYM_DES3
Definition: pgp.h:79
@ PGP_SYM_AES_256
Definition: pgp.h:86
@ PGP_SYM_BLOWFISH
Definition: pgp.h:81
@ PGP_SYM_PLAIN
Definition: pgp.h:77
@ PGP_SYM_CAST5
Definition: pgp.h:80
@ PGP_SYM_DES_SK
Definition: pgp.h:83
@ PGP_SYM_AES_128
Definition: pgp.h:84
@ PGP_SYM_AES_192
Definition: pgp.h:85

Function Documentation

◆ _pgp_read_public_key()

int _pgp_read_public_key ( PullFilter pkt,
PGP_PubKey **  pk_p 
)

Definition at line 158 of file pgp-pubkey.c.

159{
160 int res;
161 PGP_PubKey *pk;
162
163 res = pgp_key_alloc(&pk);
164 if (res < 0)
165 return res;
166
167 /* get version */
168 GETBYTE(pkt, pk->ver);
169 if (pk->ver != 4)
170 {
172 goto out;
173 }
174
175 /* read time */
176 res = pullf_read_fixed(pkt, 4, pk->time);
177 if (res < 0)
178 goto out;
179
180 /* pubkey algorithm */
181 GETBYTE(pkt, pk->algo);
182
183 switch (pk->algo)
184 {
185 case PGP_PUB_DSA_SIGN:
186 res = pgp_mpi_read(pkt, &pk->pub.dsa.p);
187 if (res < 0)
188 break;
189 res = pgp_mpi_read(pkt, &pk->pub.dsa.q);
190 if (res < 0)
191 break;
192 res = pgp_mpi_read(pkt, &pk->pub.dsa.g);
193 if (res < 0)
194 break;
195 res = pgp_mpi_read(pkt, &pk->pub.dsa.y);
196 if (res < 0)
197 break;
198
199 res = calc_key_id(pk);
200 break;
201
202 case PGP_PUB_RSA_SIGN:
205 res = pgp_mpi_read(pkt, &pk->pub.rsa.n);
206 if (res < 0)
207 break;
208 res = pgp_mpi_read(pkt, &pk->pub.rsa.e);
209 if (res < 0)
210 break;
211
212 res = calc_key_id(pk);
213
214 if (pk->algo != PGP_PUB_RSA_SIGN)
215 pk->can_encrypt = 1;
216 break;
217
219 res = pgp_mpi_read(pkt, &pk->pub.elg.p);
220 if (res < 0)
221 break;
222 res = pgp_mpi_read(pkt, &pk->pub.elg.g);
223 if (res < 0)
224 break;
225 res = pgp_mpi_read(pkt, &pk->pub.elg.y);
226 if (res < 0)
227 break;
228
229 res = calc_key_id(pk);
230
231 pk->can_encrypt = 1;
232 break;
233
234 default:
235 px_debug("unknown public algo: %d", pk->algo);
237 }
238
239out:
240 if (res < 0)
241 pgp_key_free(pk);
242 else
243 *pk_p = pk;
244
245 return res;
246}
#define GETBYTE(x, i)
Definition: hstore_gist.c:40
int pullf_read_fixed(PullFilter *src, int len, uint8 *dst)
Definition: mbuf.c:301
int pgp_mpi_read(PullFilter *src, PGP_MPI **mpi)
Definition: pgp-mpi.c:80
static int calc_key_id(PGP_PubKey *pk)
Definition: pgp-pubkey.c:84
int pgp_key_alloc(PGP_PubKey **pk_p)
Definition: pgp-pubkey.c:38
void pgp_key_free(PGP_PubKey *pk)
Definition: pgp-pubkey.c:48
void px_debug(const char *fmt,...)
Definition: px.c:149
#define PXE_PGP_UNKNOWN_PUBALGO
Definition: px.h:79
#define PXE_PGP_NOT_V4_KEYPKT
Definition: px.h:84
uint8 time[4]
Definition: pgp.h:189
int can_encrypt
Definition: pgp.h:236
PGP_MPI * y
Definition: pgp.h:199
PGP_MPI * q
Definition: pgp.h:209
struct PGP_PubKey::@0::@3 rsa
uint8 algo
Definition: pgp.h:190
struct PGP_PubKey::@0::@2 elg
PGP_MPI * p
Definition: pgp.h:197
uint8 ver
Definition: pgp.h:188
struct PGP_PubKey::@0::@4 dsa
PGP_MPI * g
Definition: pgp.h:198
PGP_MPI * e
Definition: pgp.h:204
PGP_MPI * n
Definition: pgp.h:203
union PGP_PubKey::@0 pub

References PGP_PubKey::algo, calc_key_id(), PGP_PubKey::can_encrypt, PGP_PubKey::dsa, PGP_PubKey::e, PGP_PubKey::elg, PGP_PubKey::g, GETBYTE, PGP_PubKey::n, PGP_PubKey::p, pgp_key_alloc(), pgp_key_free(), pgp_mpi_read(), PGP_PUB_DSA_SIGN, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_PUB_RSA_SIGN, PGP_PubKey::pub, pullf_read_fixed(), px_debug(), PXE_PGP_NOT_V4_KEYPKT, PXE_PGP_UNKNOWN_PUBALGO, PGP_PubKey::q, res, PGP_PubKey::rsa, PGP_PubKey::time, PGP_PubKey::ver, and PGP_PubKey::y.

Referenced by internal_read_key(), process_secret_key(), and read_pubkey_keyid().

◆ pgp_armor_decode()

int pgp_armor_decode ( const uint8 src,
int  len,
StringInfo  dst 
)

Definition at line 314 of file pgp-armor.c.

315{
316 const uint8 *p = src;
317 const uint8 *data_end = src + len;
318 long crc;
319 const uint8 *base64_start,
320 *armor_end;
321 const uint8 *base64_end = NULL;
322 uint8 buf[4];
323 int hlen;
324 int blen;
326
327 /* armor start */
328 hlen = find_header(src, data_end, &p, 0);
329 if (hlen <= 0)
330 goto out;
331 p += hlen;
332
333 /* armor end */
334 hlen = find_header(p, data_end, &armor_end, 1);
335 if (hlen <= 0)
336 goto out;
337
338 /* skip comments - find empty line */
339 while (p < armor_end && *p != '\n' && *p != '\r')
340 {
341 p = memchr(p, '\n', armor_end - p);
342 if (!p)
343 goto out;
344
345 /* step to start of next line */
346 p++;
347 }
348 base64_start = p;
349
350 /* find crc pos */
351 for (p = armor_end; p >= base64_start; p--)
352 if (*p == '=')
353 {
354 base64_end = p - 1;
355 break;
356 }
357 if (base64_end == NULL)
358 goto out;
359
360 /* decode crc */
361 if (pg_base64_decode(p + 1, 4, buf) != 3)
362 goto out;
363 crc = (((long) buf[0]) << 16) + (((long) buf[1]) << 8) + (long) buf[2];
364
365 /* decode data */
366 blen = (int) pg_base64_dec_len(len);
367 enlargeStringInfo(dst, blen);
368 res = pg_base64_decode(base64_start, base64_end - base64_start, (uint8 *) dst->data);
369 if (res > blen)
370 elog(FATAL, "overflow - decode estimate too small");
371 if (res >= 0)
372 {
373 if (crc24((uint8 *) dst->data, res) == crc)
374 dst->len += res;
375 else
377 }
378out:
379 return res;
380}
uint8_t uint8
Definition: c.h:483
#define FATAL
Definition: elog.h:41
#define elog(elevel,...)
Definition: elog.h:225
const void size_t len
return crc
static char * buf
Definition: pg_test_fsync.c:72
static long crc24(const uint8 *data, unsigned len)
Definition: pgp-armor.c:188
static int find_header(const uint8 *data, const uint8 *datend, const uint8 **start_p, int is_end)
Definition: pgp-armor.c:266
static int pg_base64_decode(const uint8 *src, unsigned len, uint8 *dst)
Definition: pgp-armor.c:95
static unsigned pg_base64_dec_len(unsigned srclen)
Definition: pgp-armor.c:172
#define PXE_PGP_CORRUPT_ARMOR
Definition: px.h:68
void enlargeStringInfo(StringInfo str, int needed)
Definition: stringinfo.c:337

References buf, crc, crc24(), StringInfoData::data, elog, enlargeStringInfo(), FATAL, find_header(), StringInfoData::len, len, pg_base64_dec_len(), pg_base64_decode(), PXE_PGP_CORRUPT_ARMOR, and res.

Referenced by pg_dearmor().

◆ pgp_armor_encode()

void pgp_armor_encode ( const uint8 src,
unsigned  len,
StringInfo  dst,
int  num_headers,
char **  keys,
char **  values 
)

Definition at line 207 of file pgp-armor.c.

209{
210 int n;
211 int res;
212 unsigned b64len;
213 unsigned crc = crc24(src, len);
214
216
217 for (n = 0; n < num_headers; n++)
218 appendStringInfo(dst, "%s: %s\n", keys[n], values[n]);
219 appendStringInfoChar(dst, '\n');
220
221 /* make sure we have enough room to pg_base64_encode() */
222 b64len = pg_base64_enc_len(len);
223 enlargeStringInfo(dst, (int) b64len);
224
225 res = pg_base64_encode(src, len, (uint8 *) dst->data + dst->len);
226 if (res > b64len)
227 elog(FATAL, "overflow - encode estimate too small");
228 dst->len += res;
229
230 if (*(dst->data + dst->len - 1) != '\n')
231 appendStringInfoChar(dst, '\n');
232
233 appendStringInfoChar(dst, '=');
234 appendStringInfoChar(dst, _base64[(crc >> 18) & 0x3f]);
235 appendStringInfoChar(dst, _base64[(crc >> 12) & 0x3f]);
236 appendStringInfoChar(dst, _base64[(crc >> 6) & 0x3f]);
237 appendStringInfoChar(dst, _base64[crc & 0x3f]);
238
240}
static Datum values[MAXATTR]
Definition: bootstrap.c:151
static const char *const armor_footer
Definition: pgp-armor.c:182
static unsigned pg_base64_enc_len(unsigned srclen)
Definition: pgp-armor.c:163
static const char *const armor_header
Definition: pgp-armor.c:181
static int pg_base64_encode(const uint8 *src, unsigned len, uint8 *dst)
Definition: pgp-armor.c:45
static const unsigned char _base64[]
Definition: pgp-armor.c:41
void appendStringInfo(StringInfo str, const char *fmt,...)
Definition: stringinfo.c:145
void appendStringInfoString(StringInfo str, const char *s)
Definition: stringinfo.c:230
void appendStringInfoChar(StringInfo str, char ch)
Definition: stringinfo.c:242

References _base64, appendStringInfo(), appendStringInfoChar(), appendStringInfoString(), armor_footer, armor_header, crc, crc24(), StringInfoData::data, elog, enlargeStringInfo(), FATAL, StringInfoData::len, len, pg_base64_enc_len(), pg_base64_encode(), res, and values.

Referenced by pg_armor().

◆ pgp_cfb_create()

int pgp_cfb_create ( PGP_CFB **  ctx_p,
int  algo,
const uint8 key,
int  key_len,
int  resync,
uint8 iv 
)

Definition at line 52 of file pgp-cfb.c.

54{
55 int res;
56 PX_Cipher *ciph;
57 PGP_CFB *ctx;
58
59 res = pgp_load_cipher(algo, &ciph);
60 if (res < 0)
61 return res;
62
63 res = px_cipher_init(ciph, key, key_len, NULL);
64 if (res < 0)
65 {
66 px_cipher_free(ciph);
67 return res;
68 }
69
70 ctx = palloc0(sizeof(*ctx));
71 ctx->ciph = ciph;
73 ctx->resync = resync;
74
75 if (iv)
76 memcpy(ctx->fr, iv, ctx->block_size);
77
78 *ctx_p = ctx;
79 return 0;
80}
void * palloc0(Size size)
Definition: mcxt.c:1347
int pgp_load_cipher(int code, PX_Cipher **res)
Definition: pgp.c:157
#define px_cipher_free(c)
Definition: px.h:215
#define px_cipher_block_size(c)
Definition: px.h:208
#define px_cipher_init(c, k, klen, iv)
Definition: px.h:210
int block_size
Definition: pgp-cfb.c:42
PX_Cipher * ciph
Definition: pgp-cfb.c:41
uint8 fr[PGP_MAX_BLOCK]
Definition: pgp-cfb.c:46
int resync
Definition: pgp-cfb.c:45
Definition: px.h:141

References PGP_CFB::block_size, PGP_CFB::ciph, PGP_CFB::fr, sort-test::key, palloc0(), pgp_load_cipher(), px_cipher_block_size, px_cipher_free, px_cipher_init, res, and PGP_CFB::resync.

Referenced by decrypt_key(), encrypt_init(), parse_symenc_data(), parse_symenc_mdc_data(), process_secret_key(), and symencrypt_sesskey().

◆ pgp_cfb_decrypt()

int pgp_cfb_decrypt ( PGP_CFB ctx,
const uint8 data,
int  len,
uint8 dst 
)

Definition at line 260 of file pgp-cfb.c.

261{
263
264 return cfb_process(ctx, data, len, dst, mix);
265}
#define mix(a, b, c)
Definition: hashfn.c:82
const void * data
static int mix_decrypt_resync(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:157
static int cfb_process(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst, mix_data_t mix_data)
Definition: pgp-cfb.c:197
int(* mix_data_t)(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:37
static int mix_decrypt_normal(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:105

References cfb_process(), data, len, mix, mix_decrypt_normal(), mix_decrypt_resync(), and PGP_CFB::resync.

Referenced by decrypt_key(), and decrypt_read().

◆ pgp_cfb_encrypt()

int pgp_cfb_encrypt ( PGP_CFB ctx,
const uint8 data,
int  len,
uint8 dst 
)

Definition at line 252 of file pgp-cfb.c.

253{
255
256 return cfb_process(ctx, data, len, dst, mix);
257}
static int mix_encrypt_resync(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:125
static int mix_encrypt_normal(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:94

References cfb_process(), data, len, mix, mix_encrypt_normal(), mix_encrypt_resync(), and PGP_CFB::resync.

Referenced by encrypt_process(), and symencrypt_sesskey().

◆ pgp_cfb_free()

void pgp_cfb_free ( PGP_CFB ctx)

Definition at line 83 of file pgp-cfb.c.

84{
85 px_cipher_free(ctx->ciph);
86 px_memset(ctx, 0, sizeof(*ctx));
87 pfree(ctx);
88}
void pfree(void *pointer)
Definition: mcxt.c:1521
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:123

References PGP_CFB::ciph, pfree(), px_cipher_free, and px_memset().

Referenced by decrypt_key(), encrypt_free(), parse_symenc_data(), parse_symenc_mdc_data(), process_secret_key(), and symencrypt_sesskey().

◆ pgp_compress_filter()

int pgp_compress_filter ( PushFilter **  res,
PGP_Context ctx,
PushFilter dst 
)

Definition at line 335 of file pgp-compress.c.

336{
338}
#define PXE_PGP_UNSUPPORTED_COMPR
Definition: px.h:69

References PXE_PGP_UNSUPPORTED_COMPR.

Referenced by init_compress().

◆ pgp_create_pkt_reader()

int pgp_create_pkt_reader ( PullFilter **  pf_p,
PullFilter src,
int  len,
int  pkttype,
PGP_Context ctx 
)

Definition at line 223 of file pgp-decrypt.c.

225{
226 int res;
227 struct PktData *pkt = palloc(sizeof(*pkt));
228
229 pkt->type = pkttype;
230 pkt->len = len;
231 res = pullf_create(pf_p, &pktreader_filter, pkt, src);
232 if (res < 0)
233 pfree(pkt);
234 return res;
235}
int pullf_create(PullFilter **pf_p, const PullFilterOps *op, void *init_arg, PullFilter *src)
Definition: mbuf.c:191
void * palloc(Size size)
Definition: mcxt.c:1317
static struct PullFilterOps pktreader_filter
Definition: pgp-decrypt.c:217
int type
Definition: pgp-decrypt.c:170

References PktData::len, len, palloc(), pfree(), pktreader_filter, pullf_create(), res, and PktData::type.

Referenced by internal_read_key(), pgp_decrypt(), pgp_get_keyid(), and process_data_packets().

◆ pgp_create_pkt_writer()

int pgp_create_pkt_writer ( PushFilter dst,
int  tag,
PushFilter **  res_p 
)

Definition at line 311 of file pgp-encrypt.c.

312{
313 int res;
314
315 res = write_tag_only(dst, tag);
316 if (res < 0)
317 return res;
318
319 return pushf_create(res_p, &pkt_stream_filter, NULL, dst);
320}
int pushf_create(PushFilter **mp_p, const PushFilterOps *op, void *init_arg, PushFilter *next)
Definition: mbuf.c:357
static int write_tag_only(PushFilter *dst, int tag)
Definition: pgp-encrypt.c:68
static const PushFilterOps pkt_stream_filter
Definition: pgp-encrypt.c:306

References pkt_stream_filter, pushf_create(), res, and write_tag_only().

Referenced by pgp_write_pubenc_sesskey().

◆ pgp_decompress_filter()

int pgp_decompress_filter ( PullFilter **  res,
PGP_Context ctx,
PullFilter src 
)

Definition at line 341 of file pgp-compress.c.

342{
344}

References PXE_PGP_UNSUPPORTED_COMPR.

Referenced by parse_compressed_data().

◆ pgp_decrypt()

int pgp_decrypt ( PGP_Context ctx,
MBuf msrc,
MBuf mdst 
)

Definition at line 1093 of file pgp-decrypt.c.

1094{
1095 int res;
1096 PullFilter *src = NULL;
1097 PullFilter *pkt = NULL;
1098 uint8 tag;
1099 int len;
1100 int got_key = 0;
1101 int got_data = 0;
1102
1103 res = pullf_create_mbuf_reader(&src, msrc);
1104
1105 while (res >= 0)
1106 {
1107 res = pgp_parse_pkt_hdr(src, &tag, &len, NO_CTX_SIZE);
1108 if (res <= 0)
1109 break;
1110
1111 res = pgp_create_pkt_reader(&pkt, src, len, res, ctx);
1112 if (res < 0)
1113 break;
1114
1116 switch (tag)
1117 {
1118 case PGP_PKT_MARKER:
1119 res = pgp_skip_packet(pkt);
1120 break;
1122 /* fixme: skip those */
1123 res = pgp_parse_pubenc_sesskey(ctx, pkt);
1124 got_key = 1;
1125 break;
1127 if (got_key)
1128
1129 /*
1130 * Theoretically, there could be several keys, both public
1131 * and symmetric, all of which encrypt same session key.
1132 * Decrypt should try with each one, before failing.
1133 */
1134 px_debug("pgp_decrypt: using first of several keys");
1135 else
1136 {
1137 got_key = 1;
1138 res = parse_symenc_sesskey(ctx, pkt);
1139 }
1140 break;
1142 if (!got_key)
1143 px_debug("pgp_decrypt: have data but no key");
1144 else if (got_data)
1145 px_debug("pgp_decrypt: got second data packet");
1146 else
1147 {
1148 got_data = 1;
1149 ctx->disable_mdc = 1;
1150 res = parse_symenc_data(ctx, pkt, mdst);
1151 }
1152 break;
1154 if (!got_key)
1155 px_debug("pgp_decrypt: have data but no key");
1156 else if (got_data)
1157 px_debug("pgp_decrypt: several data pkts not supported");
1158 else
1159 {
1160 got_data = 1;
1161 ctx->disable_mdc = 0;
1162 res = parse_symenc_mdc_data(ctx, pkt, mdst);
1163 }
1164 break;
1165 default:
1166 px_debug("pgp_decrypt: unknown tag: 0x%02x", tag);
1167 }
1168 pullf_free(pkt);
1169 pkt = NULL;
1170 }
1171
1172 if (pkt)
1173 pullf_free(pkt);
1174
1175 if (src)
1176 pullf_free(src);
1177
1178 if (res < 0)
1179 return res;
1180
1181 /*
1182 * Report a failure of the prefix_init() "quick check" now, rather than
1183 * upon detection, to hinder timing attacks. pgcrypto is not generally
1184 * secure against timing attacks, but this helps.
1185 */
1186 if (!got_data || ctx->corrupt_prefix)
1187 return PXE_PGP_CORRUPT_DATA;
1188
1189 /*
1190 * Code interpreting purportedly-decrypted data prior to this stage shall
1191 * report no error other than PXE_PGP_CORRUPT_DATA. (PXE_BUG is okay so
1192 * long as it remains unreachable.) This ensures that an attacker able to
1193 * choose a ciphertext and receive a corresponding decryption error
1194 * message cannot use that oracle to gather clues about the decryption
1195 * key. See "An Attack on CFB Mode Encryption As Used By OpenPGP" by
1196 * Serge Mister and Robert Zuccherato.
1197 *
1198 * A problematic value in the first octet of a Literal Data or Compressed
1199 * Data packet may indicate a simple user error, such as the need to call
1200 * pgp_sym_decrypt_bytea instead of pgp_sym_decrypt. Occasionally,
1201 * though, it is the first symptom of the encryption key not matching the
1202 * decryption key. When this was the only problem encountered, report a
1203 * specific error to guide the user; otherwise, we will have reported
1204 * PXE_PGP_CORRUPT_DATA before now. A key mismatch makes the other errors
1205 * into red herrings, and this avoids leaking clues to attackers.
1206 */
1207 if (ctx->unsupported_compr)
1209 if (ctx->unexpected_binary)
1210 return PXE_PGP_NOT_TEXT;
1211
1212 return res;
1213}
int pullf_create_mbuf_reader(PullFilter **mp_p, MBuf *src)
Definition: mbuf.c:336
void pullf_free(PullFilter *pf)
Definition: mbuf.c:229
#define NO_CTX_SIZE
Definition: pgp-decrypt.c:38
int pgp_parse_pkt_hdr(PullFilter *src, uint8 *tag, int *len_p, int allow_ctx)
Definition: pgp-decrypt.c:129
static int parse_symenc_mdc_data(PGP_Context *ctx, PullFilter *pkt, MBuf *dst)
Definition: pgp-decrypt.c:1012
static int parse_symenc_sesskey(PGP_Context *ctx, PullFilter *src)
Definition: pgp-decrypt.c:624
int pgp_skip_packet(PullFilter *pkt)
Definition: pgp-decrypt.c:1064
static int parse_symenc_data(PGP_Context *ctx, PullFilter *pkt, MBuf *dst)
Definition: pgp-decrypt.c:978
int pgp_create_pkt_reader(PullFilter **pf_p, PullFilter *src, int len, int pkttype, PGP_Context *ctx)
Definition: pgp-decrypt.c:223
int pgp_parse_pubenc_sesskey(PGP_Context *ctx, PullFilter *pkt)
Definition: pgp-pubdec.c:150
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:67
#define PXE_PGP_NOT_TEXT
Definition: px.h:73
int disable_mdc
Definition: pgp.h:147
int corrupt_prefix
Definition: pgp.h:157
int unsupported_compr
Definition: pgp.h:158
int unexpected_binary
Definition: pgp.h:159

References PGP_Context::corrupt_prefix, PGP_Context::disable_mdc, len, NO_CTX_SIZE, parse_symenc_data(), parse_symenc_mdc_data(), parse_symenc_sesskey(), pgp_create_pkt_reader(), pgp_parse_pkt_hdr(), pgp_parse_pubenc_sesskey(), PGP_PKT_MARKER, PGP_PKT_PUBENCRYPTED_SESSKEY, PGP_PKT_SYMENCRYPTED_DATA, PGP_PKT_SYMENCRYPTED_DATA_MDC, PGP_PKT_SYMENCRYPTED_SESSKEY, pgp_skip_packet(), pullf_create_mbuf_reader(), pullf_free(), px_debug(), PXE_PGP_CORRUPT_DATA, PXE_PGP_NOT_TEXT, PXE_PGP_UNSUPPORTED_COMPR, res, PGP_Context::unexpected_binary, and PGP_Context::unsupported_compr.

Referenced by decrypt_internal().

◆ pgp_disable_mdc()

int pgp_disable_mdc ( PGP_Context ctx,
int  disable 
)

Definition at line 223 of file pgp.c.

224{
225 ctx->disable_mdc = disable ? 1 : 0;
226 return 0;
227}

References PGP_Context::disable_mdc.

Referenced by set_arg().

◆ pgp_elgamal_decrypt()

int pgp_elgamal_decrypt ( PGP_PubKey pk,
PGP_MPI _c1,
PGP_MPI _c2,
PGP_MPI **  msg_p 
)

Definition at line 164 of file pgp-mpi-openssl.c.

166{
168 BIGNUM *c1 = mpi_to_bn(_c1);
169 BIGNUM *c2 = mpi_to_bn(_c2);
170 BIGNUM *p = mpi_to_bn(pk->pub.elg.p);
171 BIGNUM *x = mpi_to_bn(pk->sec.elg.x);
172 BIGNUM *c1x = BN_new();
173 BIGNUM *div = BN_new();
174 BIGNUM *m = BN_new();
175 BN_CTX *tmp = BN_CTX_new();
176
177 if (!c1 || !c2 || !p || !x || !c1x || !div || !m || !tmp)
178 goto err;
179
180 /*
181 * m = c2 / (c1^x)
182 */
183 if (!BN_mod_exp(c1x, c1, x, p, tmp))
184 goto err;
185 if (!BN_mod_inverse(div, c1x, p, tmp))
186 goto err;
187 if (!BN_mod_mul(m, c2, div, p, tmp))
188 goto err;
189
190 /* result */
191 *msg_p = bn_to_mpi(m);
192 if (*msg_p)
193 res = 0;
194err:
195 if (tmp)
196 BN_CTX_free(tmp);
197 if (m)
198 BN_clear_free(m);
199 if (div)
200 BN_clear_free(div);
201 if (c1x)
202 BN_clear_free(c1x);
203 if (x)
204 BN_clear_free(x);
205 if (p)
206 BN_clear_free(p);
207 if (c2)
208 BN_clear_free(c2);
209 if (c1)
210 BN_clear_free(c1);
211 return res;
212}
void err(int eval, const char *fmt,...)
Definition: err.c:43
int x
Definition: isn.c:70
static BIGNUM * mpi_to_bn(PGP_MPI *n)
static PGP_MPI * bn_to_mpi(BIGNUM *bn)
#define PXE_PGP_MATH_FAILED
Definition: px.h:76
union PGP_PubKey::@1 sec
PGP_MPI * x
Definition: pgp.h:220

References bn_to_mpi(), PGP_PubKey::elg, err(), mpi_to_bn(), PGP_PubKey::p, PGP_PubKey::pub, PXE_PGP_MATH_FAILED, res, PGP_PubKey::sec, x, and PGP_PubKey::x.

Referenced by decrypt_elgamal().

◆ pgp_elgamal_encrypt()

int pgp_elgamal_encrypt ( PGP_PubKey pk,
PGP_MPI _m,
PGP_MPI **  c1_p,
PGP_MPI **  c2_p 
)

Definition at line 101 of file pgp-mpi-openssl.c.

103{
105 int k_bits;
106 BIGNUM *m = mpi_to_bn(_m);
107 BIGNUM *p = mpi_to_bn(pk->pub.elg.p);
108 BIGNUM *g = mpi_to_bn(pk->pub.elg.g);
109 BIGNUM *y = mpi_to_bn(pk->pub.elg.y);
110 BIGNUM *k = BN_new();
111 BIGNUM *yk = BN_new();
112 BIGNUM *c1 = BN_new();
113 BIGNUM *c2 = BN_new();
114 BN_CTX *tmp = BN_CTX_new();
115
116 if (!m || !p || !g || !y || !k || !yk || !c1 || !c2 || !tmp)
117 goto err;
118
119 /*
120 * generate k
121 */
122 k_bits = decide_k_bits(BN_num_bits(p));
123 if (!BN_rand(k, k_bits, 0, 0))
124 goto err;
125
126 /*
127 * c1 = g^k c2 = m * y^k
128 */
129 if (!BN_mod_exp(c1, g, k, p, tmp))
130 goto err;
131 if (!BN_mod_exp(yk, y, k, p, tmp))
132 goto err;
133 if (!BN_mod_mul(c2, m, yk, p, tmp))
134 goto err;
135
136 /* result */
137 *c1_p = bn_to_mpi(c1);
138 *c2_p = bn_to_mpi(c2);
139 if (*c1_p && *c2_p)
140 res = 0;
141err:
142 if (tmp)
143 BN_CTX_free(tmp);
144 if (c2)
145 BN_clear_free(c2);
146 if (c1)
147 BN_clear_free(c1);
148 if (yk)
149 BN_clear_free(yk);
150 if (k)
151 BN_clear_free(k);
152 if (y)
153 BN_clear_free(y);
154 if (g)
155 BN_clear_free(g);
156 if (p)
157 BN_clear_free(p);
158 if (m)
159 BN_clear_free(m);
160 return res;
161}
int y
Definition: isn.c:71
static int decide_k_bits(int p_bits)

References bn_to_mpi(), decide_k_bits(), PGP_PubKey::elg, err(), PGP_PubKey::g, mpi_to_bn(), PGP_PubKey::p, PGP_PubKey::pub, PXE_PGP_MATH_FAILED, res, y, and PGP_PubKey::y.

Referenced by encrypt_and_write_elgamal().

◆ pgp_encrypt()

int pgp_encrypt ( PGP_Context ctx,
MBuf src,
MBuf dst 
)

Definition at line 599 of file pgp-encrypt.c.

600{
601 int res;
602 int len;
603 uint8 *buf;
604 PushFilter *pf,
605 *pf_tmp;
606
607 /*
608 * do we have any key
609 */
610 if (!ctx->sym_key && !ctx->pub_key)
611 return PXE_ARGUMENT_ERROR;
612
613 /* MBuf writer */
614 res = pushf_create_mbuf_writer(&pf, dst);
615 if (res < 0)
616 goto out;
617
618 /*
619 * initialize sym_key
620 */
621 if (ctx->sym_key)
622 {
623 res = init_s2k_key(ctx);
624 if (res < 0)
625 goto out;
626 }
627
628 res = init_sess_key(ctx);
629 if (res < 0)
630 goto out;
631
632 /*
633 * write keypkt
634 */
635 if (ctx->pub_key)
636 res = pgp_write_pubenc_sesskey(ctx, pf);
637 else
638 res = write_symenc_sesskey(ctx, pf);
639 if (res < 0)
640 goto out;
641
642 /* encrypted data pkt */
643 res = init_encdata_packet(&pf_tmp, ctx, pf);
644 if (res < 0)
645 goto out;
646 pf = pf_tmp;
647
648 /* encrypter */
649 res = pushf_create(&pf_tmp, &encrypt_filter, ctx, pf);
650 if (res < 0)
651 goto out;
652 pf = pf_tmp;
653
654 /* hasher */
655 if (ctx->disable_mdc == 0)
656 {
657 res = pushf_create(&pf_tmp, &mdc_filter, ctx, pf);
658 if (res < 0)
659 goto out;
660 pf = pf_tmp;
661 }
662
663 /* prefix */
664 res = write_prefix(ctx, pf);
665 if (res < 0)
666 goto out;
667
668 /* compressor */
669 if (ctx->compress_algo > 0 && ctx->compress_level > 0)
670 {
671 res = init_compress(&pf_tmp, ctx, pf);
672 if (res < 0)
673 goto out;
674 pf = pf_tmp;
675 }
676
677 /* data streamer */
678 res = init_litdata_packet(&pf_tmp, ctx, pf);
679 if (res < 0)
680 goto out;
681 pf = pf_tmp;
682
683
684 /* text conversion? */
685 if (ctx->text_mode && ctx->convert_crlf)
686 {
687 res = pushf_create(&pf_tmp, &crlf_filter, ctx, pf);
688 if (res < 0)
689 goto out;
690 pf = pf_tmp;
691 }
692
693 /*
694 * chain complete
695 */
696
697 len = mbuf_grab(src, mbuf_avail(src), &buf);
698 res = pushf_write(pf, buf, len);
699 if (res >= 0)
700 res = pushf_flush(pf);
701out:
702 pushf_free_all(pf);
703 return res;
704}
int pushf_write(PushFilter *mp, const uint8 *data, int len)
Definition: mbuf.c:439
int mbuf_avail(MBuf *mbuf)
Definition: mbuf.c:50
int pushf_create_mbuf_writer(PushFilter **res, MBuf *dst)
Definition: mbuf.c:544
void pushf_free_all(PushFilter *mp)
Definition: mbuf.c:411
int pushf_flush(PushFilter *mp)
Definition: mbuf.c:499
int mbuf_grab(MBuf *mbuf, int len, uint8 **data_p)
Definition: mbuf.c:149
static int write_symenc_sesskey(PGP_Context *ctx, PushFilter *dst)
Definition: pgp-encrypt.c:521
static int init_litdata_packet(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
Definition: pgp-encrypt.c:374
static int write_prefix(PGP_Context *ctx, PushFilter *dst)
Definition: pgp-encrypt.c:478
static const PushFilterOps crlf_filter
Definition: pgp-encrypt.c:366
static int init_compress(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
Definition: pgp-encrypt.c:429
static int init_encdata_packet(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
Definition: pgp-encrypt.c:457
static const PushFilterOps encrypt_filter
Definition: pgp-encrypt.c:224
static int init_s2k_key(PGP_Context *ctx)
Definition: pgp-encrypt.c:562
static int init_sess_key(PGP_Context *ctx)
Definition: pgp-encrypt.c:578
static const PushFilterOps mdc_filter
Definition: pgp-encrypt.c:142
int pgp_write_pubenc_sesskey(PGP_Context *ctx, PushFilter *dst)
Definition: pgp-pubenc.c:190
#define PXE_ARGUMENT_ERROR
Definition: px.h:59
PGP_PubKey * pub_key
Definition: pgp.h:164
int compress_level
Definition: pgp.h:146
int text_mode
Definition: pgp.h:149
int convert_crlf
Definition: pgp.h:150
int compress_algo
Definition: pgp.h:145
const uint8 * sym_key
Definition: pgp.h:165

References buf, PGP_Context::compress_algo, PGP_Context::compress_level, PGP_Context::convert_crlf, crlf_filter, PGP_Context::disable_mdc, encrypt_filter, init_compress(), init_encdata_packet(), init_litdata_packet(), init_s2k_key(), init_sess_key(), len, mbuf_avail(), mbuf_grab(), mdc_filter, pgp_write_pubenc_sesskey(), PGP_Context::pub_key, pushf_create(), pushf_create_mbuf_writer(), pushf_flush(), pushf_free_all(), pushf_write(), PXE_ARGUMENT_ERROR, res, PGP_Context::sym_key, PGP_Context::text_mode, write_prefix(), and write_symenc_sesskey().

Referenced by encrypt_internal().

◆ pgp_expect_packet_end()

int pgp_expect_packet_end ( PullFilter pkt)

Definition at line 1078 of file pgp-decrypt.c.

1079{
1080 int res;
1081 uint8 *tmp;
1082
1083 res = pullf_read(pkt, 32 * 1024, &tmp);
1084 if (res > 0)
1085 {
1086 px_debug("pgp_expect_packet_end: got data");
1087 return PXE_PGP_CORRUPT_DATA;
1088 }
1089 return res;
1090}
int pullf_read(PullFilter *pf, int len, uint8 **data_p)
Definition: mbuf.c:246

References pullf_read(), px_debug(), PXE_PGP_CORRUPT_DATA, and res.

Referenced by pgp_parse_pubenc_sesskey(), and process_secret_key().

◆ pgp_extract_armor_headers()

int pgp_extract_armor_headers ( const uint8 src,
unsigned  len,
int *  nheaders,
char ***  keys,
char ***  values 
)

Definition at line 390 of file pgp-armor.c.

392{
393 const uint8 *data_end = src + len;
394 const uint8 *p;
395 const uint8 *base64_start;
396 const uint8 *armor_start;
397 const uint8 *armor_end;
398 Size armor_len;
399 char *line;
400 char *nextline;
401 char *eol,
402 *colon;
403 int hlen;
404 char *buf;
405 int hdrlines;
406 int n;
407
408 /* armor start */
409 hlen = find_header(src, data_end, &armor_start, 0);
410 if (hlen <= 0)
412 armor_start += hlen;
413
414 /* armor end */
415 hlen = find_header(armor_start, data_end, &armor_end, 1);
416 if (hlen <= 0)
418
419 /* Count the number of armor header lines. */
420 hdrlines = 0;
421 p = armor_start;
422 while (p < armor_end && *p != '\n' && *p != '\r')
423 {
424 p = memchr(p, '\n', armor_end - p);
425 if (!p)
427
428 /* step to start of next line */
429 p++;
430 hdrlines++;
431 }
432 base64_start = p;
433
434 /*
435 * Make a modifiable copy of the part of the input that contains the
436 * headers. The returned key/value pointers will point inside the buffer.
437 */
438 armor_len = base64_start - armor_start;
439 buf = palloc(armor_len + 1);
440 memcpy(buf, armor_start, armor_len);
441 buf[armor_len] = '\0';
442
443 /* Allocate return arrays */
444 *keys = (char **) palloc(hdrlines * sizeof(char *));
445 *values = (char **) palloc(hdrlines * sizeof(char *));
446
447 /*
448 * Split the header lines at newlines and ": " separators, and collect
449 * pointers to the keys and values in the return arrays.
450 */
451 n = 0;
452 line = buf;
453 for (;;)
454 {
455 /* find end of line */
456 eol = strchr(line, '\n');
457 if (!eol)
458 break;
459 nextline = eol + 1;
460 /* if the line ends in CR + LF, strip the CR */
461 if (eol > line && *(eol - 1) == '\r')
462 eol--;
463 *eol = '\0';
464
465 /* find colon+space separating the key and value */
466 colon = strstr(line, ": ");
467 if (!colon)
469 *colon = '\0';
470
471 /* shouldn't happen, we counted the number of lines beforehand */
472 if (n >= hdrlines)
473 elog(ERROR, "unexpected number of armor header lines");
474
475 (*keys)[n] = line;
476 (*values)[n] = colon + 2;
477 n++;
478
479 /* step to start of next line */
480 line = nextline;
481 }
482
483 if (n != hdrlines)
484 elog(ERROR, "unexpected number of armor header lines");
485
486 *nheaders = n;
487 return 0;
488}
size_t Size
Definition: c.h:559
#define ERROR
Definition: elog.h:39
#define colon
Definition: indent_codes.h:43

References buf, colon, elog, ERROR, find_header(), len, palloc(), PXE_PGP_CORRUPT_ARMOR, and values.

Referenced by pgp_armor_headers().

◆ pgp_free()

int pgp_free ( PGP_Context ctx)

Definition at line 213 of file pgp.c.

214{
215 if (ctx->pub_key)
216 pgp_key_free(ctx->pub_key);
217 px_memset(ctx, 0, sizeof *ctx);
218 pfree(ctx);
219 return 0;
220}

References pfree(), pgp_key_free(), PGP_Context::pub_key, and px_memset().

Referenced by decrypt_internal(), and encrypt_internal().

◆ pgp_get_cipher_block_size()

int pgp_get_cipher_block_size ( int  code)

Definition at line 147 of file pgp.c.

148{
149 const struct cipher_info *i = get_cipher_info(code);
150
151 if (i != NULL)
152 return i->block_len;
153 return 0;
154}
int i
Definition: isn.c:72
static const struct cipher_info * get_cipher_info(int code)
Definition: pgp.c:93
int code
Definition: pgp.c:62

References cipher_info::code, get_cipher_info(), and i.

Referenced by prefix_init(), process_secret_key(), and write_prefix().

◆ pgp_get_cipher_code()

int pgp_get_cipher_code ( const char *  name)

Definition at line 115 of file pgp.c.

116{
117 const struct cipher_info *i;
118
119 for (i = cipher_list; i->name; i++)
120 if (pg_strcasecmp(i->name, name) == 0)
121 return i->code;
123}
static const struct cipher_info cipher_list[]
Definition: pgp.c:79
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
#define PXE_PGP_UNSUPPORTED_CIPHER
Definition: px.h:70
const char * name

References cipher_list, i, name, pg_strcasecmp(), and PXE_PGP_UNSUPPORTED_CIPHER.

Referenced by pgp_set_cipher_algo(), pgp_set_s2k_cipher_algo(), and set_arg().

◆ pgp_get_cipher_key_size()

int pgp_get_cipher_key_size ( int  code)

Definition at line 137 of file pgp.c.

138{
139 const struct cipher_info *i = get_cipher_info(code);
140
141 if (i != NULL)
142 return i->key_len;
143 return 0;
144}

References cipher_info::code, get_cipher_info(), and i.

Referenced by decrypt_key(), init_sess_key(), and pgp_s2k_process().

◆ pgp_get_digest_code()

int pgp_get_digest_code ( const char *  name)

Definition at line 104 of file pgp.c.

105{
106 const struct digest_info *i;
107
108 for (i = digest_list; i->name; i++)
109 if (pg_strcasecmp(i->name, name) == 0)
110 return i->code;
112}
static const struct digest_info digest_list[]
Definition: pgp.c:68
#define PXE_PGP_UNSUPPORTED_HASH
Definition: px.h:71

References digest_list, i, name, pg_strcasecmp(), and PXE_PGP_UNSUPPORTED_HASH.

Referenced by pgp_set_s2k_digest_algo(), and set_arg().

◆ pgp_get_digest_name()

const char * pgp_get_digest_name ( int  code)

Definition at line 126 of file pgp.c.

127{
128 const struct digest_info *i;
129
130 for (i = digest_list; i->name; i++)
131 if (i->code == code)
132 return i->name;
133 return NULL;
134}
int code
Definition: pgp.c:56

References digest_info::code, digest_list, and i.

Referenced by pgp_load_digest().

◆ pgp_get_keyid()

int pgp_get_keyid ( MBuf pgp_data,
char *  dst 
)

Definition at line 112 of file pgp-info.c.

113{
114 int res;
115 PullFilter *src;
116 PullFilter *pkt = NULL;
117 int len;
118 uint8 tag;
119 int got_pub_key = 0,
120 got_symenc_key = 0,
121 got_pubenc_key = 0;
122 int got_data = 0;
123 uint8 keyid_buf[8];
124 int got_main_key = 0;
125
126
127 res = pullf_create_mbuf_reader(&src, pgp_data);
128 if (res < 0)
129 return res;
130
131 while (1)
132 {
133 res = pgp_parse_pkt_hdr(src, &tag, &len, 0);
134 if (res <= 0)
135 break;
136 res = pgp_create_pkt_reader(&pkt, src, len, res, NULL);
137 if (res < 0)
138 break;
139
140 switch (tag)
141 {
144 /* main key is for signing, so ignore it */
145 if (!got_main_key)
146 {
147 got_main_key = 1;
148 res = pgp_skip_packet(pkt);
149 }
150 else
152 break;
155 res = read_pubkey_keyid(pkt, keyid_buf);
156 if (res < 0)
157 break;
158 if (res > 0)
159 got_pub_key++;
160 break;
162 got_pubenc_key++;
163 res = read_pubenc_keyid(pkt, keyid_buf);
164 break;
167 /* don't skip it, just stop */
168 got_data = 1;
169 break;
171 got_symenc_key++;
172 /* fall through */
174 case PGP_PKT_MARKER:
175 case PGP_PKT_TRUST:
176 case PGP_PKT_USER_ID:
178 case PGP_PKT_PRIV_61:
179 res = pgp_skip_packet(pkt);
180 break;
181 default:
183 }
184
185 if (pkt)
186 pullf_free(pkt);
187 pkt = NULL;
188
189 if (res < 0 || got_data)
190 break;
191 }
192
193 pullf_free(src);
194 if (pkt)
195 pullf_free(pkt);
196
197 if (res < 0)
198 return res;
199
200 /* now check sanity */
201 if (got_pub_key && got_pubenc_key)
203
204 if (got_pub_key > 1)
206
207 if (got_pubenc_key > 1)
209
210 /*
211 * if still ok, look what we got
212 */
213 if (res >= 0)
214 {
215 if (got_pubenc_key || got_pub_key)
216 {
217 if (memcmp(keyid_buf, any_key, 8) == 0)
218 {
219 memcpy(dst, "ANYKEY", 7);
220 res = 6;
221 }
222 else
223 res = print_key(keyid_buf, dst);
224 }
225 else if (got_symenc_key)
226 {
227 memcpy(dst, "SYMKEY", 7);
228 res = 6;
229 }
230 else
232 }
233
234 return res;
235}
static const uint8 any_key[]
Definition: pgp-info.c:105
static int read_pubkey_keyid(PullFilter *pkt, uint8 *keyid_buf)
Definition: pgp-info.c:38
static int print_key(uint8 *keyid, char *dst)
Definition: pgp-info.c:90
static int read_pubenc_keyid(PullFilter *pkt, uint8 *keyid_buf)
Definition: pgp-info.c:71
#define PXE_PGP_MULTIPLE_KEYS
Definition: px.h:81
#define PXE_PGP_NO_USABLE_KEY
Definition: px.h:86

References any_key, len, pgp_create_pkt_reader(), pgp_parse_pkt_hdr(), PGP_PKT_MARKER, PGP_PKT_PRIV_61, PGP_PKT_PUBENCRYPTED_SESSKEY, PGP_PKT_PUBLIC_KEY, PGP_PKT_PUBLIC_SUBKEY, PGP_PKT_SECRET_KEY, PGP_PKT_SECRET_SUBKEY, PGP_PKT_SIGNATURE, PGP_PKT_SYMENCRYPTED_DATA, PGP_PKT_SYMENCRYPTED_DATA_MDC, PGP_PKT_SYMENCRYPTED_SESSKEY, PGP_PKT_TRUST, PGP_PKT_USER_ATTR, PGP_PKT_USER_ID, pgp_skip_packet(), print_key(), pullf_create_mbuf_reader(), pullf_free(), PXE_PGP_CORRUPT_DATA, PXE_PGP_MULTIPLE_KEYS, PXE_PGP_NO_USABLE_KEY, read_pubenc_keyid(), read_pubkey_keyid(), and res.

Referenced by pgp_key_id_w().

◆ pgp_get_unicode_mode()

int pgp_get_unicode_mode ( PGP_Context ctx)

Definition at line 340 of file pgp.c.

341{
342 return ctx->unicode_mode;
343}
int unicode_mode
Definition: pgp.h:151

References PGP_Context::unicode_mode.

Referenced by decrypt_internal(), and encrypt_internal().

◆ pgp_init()

int pgp_init ( PGP_Context **  ctx_p)

Definition at line 189 of file pgp.c.

190{
191 PGP_Context *ctx;
192
193 ctx = palloc0(sizeof *ctx);
194
197 ctx->s2k_mode = def_s2k_mode;
207
208 *ctx_p = ctx;
209 return 0;
210}
static int def_compress_algo
Definition: pgp.c:45
static int def_s2k_cipher_algo
Definition: pgp.c:41
static int def_convert_crlf
Definition: pgp.c:51
static int def_compress_level
Definition: pgp.c:46
static int def_s2k_digest_algo
Definition: pgp.c:44
static int def_unicode_mode
Definition: pgp.c:50
static int def_s2k_mode
Definition: pgp.c:42
static int def_cipher_algo
Definition: pgp.c:40
static int def_disable_mdc
Definition: pgp.c:47
static int def_s2k_count
Definition: pgp.c:43
static int def_text_mode
Definition: pgp.c:49
static int def_use_sess_key
Definition: pgp.c:48
int cipher_algo
Definition: pgp.h:144
int s2k_mode
Definition: pgp.h:140
int s2k_cipher_algo
Definition: pgp.h:143
int s2k_count
Definition: pgp.h:141
int use_sess_key
Definition: pgp.h:148
int s2k_digest_algo
Definition: pgp.h:142

References PGP_Context::cipher_algo, PGP_Context::compress_algo, PGP_Context::compress_level, PGP_Context::convert_crlf, def_cipher_algo, def_compress_algo, def_compress_level, def_convert_crlf, def_disable_mdc, def_s2k_cipher_algo, def_s2k_count, def_s2k_digest_algo, def_s2k_mode, def_text_mode, def_unicode_mode, def_use_sess_key, PGP_Context::disable_mdc, palloc0(), PGP_Context::s2k_cipher_algo, PGP_Context::s2k_count, PGP_Context::s2k_digest_algo, PGP_Context::s2k_mode, PGP_Context::text_mode, PGP_Context::unicode_mode, and PGP_Context::use_sess_key.

Referenced by init_work().

◆ pgp_key_alloc()

int pgp_key_alloc ( PGP_PubKey **  pk_p)

Definition at line 38 of file pgp-pubkey.c.

39{
40 PGP_PubKey *pk;
41
42 pk = palloc0(sizeof(*pk));
43 *pk_p = pk;
44 return 0;
45}

References palloc0().

Referenced by _pgp_read_public_key().

◆ pgp_key_free()

void pgp_key_free ( PGP_PubKey pk)

◆ pgp_load_cipher()

int pgp_load_cipher ( int  code,
PX_Cipher **  res 
)

Definition at line 157 of file pgp.c.

158{
159 int err;
160 const struct cipher_info *i = get_cipher_info(code);
161
162 if (i == NULL)
164
165 err = px_find_cipher(i->int_name, res);
166 if (err == 0)
167 return 0;
168
170}
int px_find_cipher(const char *name, PX_Cipher **res)
Definition: openssl.c:736

References cipher_info::code, err(), get_cipher_info(), i, px_find_cipher(), PXE_PGP_CORRUPT_DATA, PXE_PGP_UNSUPPORTED_CIPHER, and res.

Referenced by pgp_cfb_create().

◆ pgp_load_digest()

int pgp_load_digest ( int  code,
PX_MD **  res 
)

Definition at line 173 of file pgp.c.

174{
175 int err;
176 const char *name = pgp_get_digest_name(code);
177
178 if (name == NULL)
180
182 if (err == 0)
183 return 0;
184
186}
int px_find_digest(const char *name, PX_MD **res)
Definition: openssl.c:160
const char * pgp_get_digest_name(int code)
Definition: pgp.c:126

References cipher_info::code, err(), name, pgp_get_digest_name(), px_find_digest(), PXE_PGP_CORRUPT_DATA, PXE_PGP_UNSUPPORTED_HASH, and res.

Referenced by calc_key_id(), check_key_sha1(), mdc_init(), and pgp_s2k_process().

◆ pgp_mpi_alloc()

int pgp_mpi_alloc ( int  bits,
PGP_MPI **  mpi 
)

Definition at line 37 of file pgp-mpi.c.

38{
39 PGP_MPI *n;
40 int len = (bits + 7) / 8;
41
42 if (bits < 0 || bits > 0xFFFF)
43 {
44 px_debug("pgp_mpi_alloc: unreasonable request: bits=%d", bits);
46 }
47 n = palloc(sizeof(*n) + len);
48 n->bits = bits;
49 n->bytes = len;
50 n->data = (uint8 *) (n) + sizeof(*n);
51 *mpi = n;
52 return 0;
53}
Definition: pgp.h:180
int bits
Definition: pgp.h:182
int bytes
Definition: pgp.h:183
uint8 * data
Definition: pgp.h:181

References PGP_MPI::bits, PGP_MPI::bytes, PGP_MPI::data, len, palloc(), px_debug(), and PXE_PGP_CORRUPT_DATA.

Referenced by bn_to_mpi(), pgp_mpi_create(), and pgp_mpi_read().

◆ pgp_mpi_cksum()

unsigned pgp_mpi_cksum ( unsigned  cksum,
PGP_MPI n 
)

Definition at line 132 of file pgp-mpi.c.

133{
134 int i;
135
136 cksum += n->bits >> 8;
137 cksum += n->bits & 0xFF;
138 for (i = 0; i < n->bytes; i++)
139 cksum += n->data[i];
140
141 return cksum & 0xFFFF;
142}

References PGP_MPI::bits, PGP_MPI::bytes, PGP_MPI::data, and i.

Referenced by check_key_cksum().

◆ pgp_mpi_create()

int pgp_mpi_create ( uint8 data,
int  bits,
PGP_MPI **  mpi 
)

Definition at line 56 of file pgp-mpi.c.

57{
58 int res;
59 PGP_MPI *n;
60
61 res = pgp_mpi_alloc(bits, &n);
62 if (res < 0)
63 return res;
64 memcpy(n->data, data, n->bytes);
65 *mpi = n;
66 return 0;
67}
int pgp_mpi_alloc(int bits, PGP_MPI **mpi)
Definition: pgp-mpi.c:37

References PGP_MPI::bytes, PGP_MPI::data, data, pgp_mpi_alloc(), and res.

Referenced by create_secmsg().

◆ pgp_mpi_free()

int pgp_mpi_free ( PGP_MPI mpi)

Definition at line 70 of file pgp-mpi.c.

71{
72 if (mpi == NULL)
73 return 0;
74 px_memset(mpi, 0, sizeof(*mpi) + mpi->bytes);
75 pfree(mpi);
76 return 0;
77}

References PGP_MPI::bytes, pfree(), and px_memset().

Referenced by bn_to_mpi(), decrypt_elgamal(), decrypt_rsa(), encrypt_and_write_elgamal(), encrypt_and_write_rsa(), pgp_key_free(), pgp_mpi_read(), and pgp_parse_pubenc_sesskey().

◆ pgp_mpi_hash()

int pgp_mpi_hash ( PX_MD md,
PGP_MPI n 
)

Definition at line 119 of file pgp-mpi.c.

120{
121 uint8 buf[2];
122
123 buf[0] = n->bits >> 8;
124 buf[1] = n->bits & 0xFF;
125 px_md_update(md, buf, 2);
126 px_md_update(md, n->data, n->bytes);
127
128 return 0;
129}
#define px_md_update(md, data, dlen)
Definition: px.h:194

References PGP_MPI::bits, buf, PGP_MPI::bytes, PGP_MPI::data, and px_md_update.

Referenced by calc_key_id(), and check_key_sha1().

◆ pgp_mpi_read()

int pgp_mpi_read ( PullFilter src,
PGP_MPI **  mpi 
)

Definition at line 80 of file pgp-mpi.c.

81{
82 int res;
83 uint8 hdr[2];
84 int bits;
85 PGP_MPI *n;
86
87 res = pullf_read_fixed(src, 2, hdr);
88 if (res < 0)
89 return res;
90 bits = ((unsigned) hdr[0] << 8) + hdr[1];
91
92 res = pgp_mpi_alloc(bits, &n);
93 if (res < 0)
94 return res;
95
96 res = pullf_read_fixed(src, n->bytes, n->data);
97 if (res < 0)
98 pgp_mpi_free(n);
99 else
100 *mpi = n;
101 return res;
102}

References PGP_MPI::bytes, PGP_MPI::data, pgp_mpi_alloc(), pgp_mpi_free(), pullf_read_fixed(), and res.

Referenced by _pgp_read_public_key(), decrypt_elgamal(), decrypt_rsa(), and process_secret_key().

◆ pgp_mpi_write()

int pgp_mpi_write ( PushFilter dst,
PGP_MPI n 
)

Definition at line 105 of file pgp-mpi.c.

106{
107 int res;
108 uint8 buf[2];
109
110 buf[0] = n->bits >> 8;
111 buf[1] = n->bits & 0xFF;
112 res = pushf_write(dst, buf, 2);
113 if (res >= 0)
114 res = pushf_write(dst, n->data, n->bytes);
115 return res;
116}

References PGP_MPI::bits, buf, PGP_MPI::bytes, PGP_MPI::data, pushf_write(), and res.

Referenced by encrypt_and_write_elgamal(), and encrypt_and_write_rsa().

◆ pgp_parse_pkt_hdr()

int pgp_parse_pkt_hdr ( PullFilter src,
uint8 tag,
int *  len_p,
int  allow_ctx 
)

Definition at line 129 of file pgp-decrypt.c.

130{
131 int lentype;
132 int res;
133 uint8 *p;
134
135 /* EOF is normal here, thus we don't use GETBYTE */
136 res = pullf_read(src, 1, &p);
137 if (res < 0)
138 return res;
139 if (res == 0)
140 return 0;
141
142 if ((*p & 0x80) == 0)
143 {
144 px_debug("pgp_parse_pkt_hdr: not pkt hdr");
146 }
147
148 if (*p & 0x40)
149 {
150 *tag = *p & 0x3f;
151 res = parse_new_len(src, len_p);
152 }
153 else
154 {
155 lentype = *p & 3;
156 *tag = (*p >> 2) & 0x0F;
157 if (lentype == 3)
158 res = allow_ctx ? PKT_CONTEXT : PXE_PGP_CORRUPT_DATA;
159 else
160 res = parse_old_len(src, len_p, lentype);
161 }
162 return res;
163}
static int parse_old_len(PullFilter *src, int *len_p, int lentype)
Definition: pgp-decrypt.c:95
static int parse_new_len(PullFilter *src, int *len_p)
Definition: pgp-decrypt.c:52
#define PKT_CONTEXT
Definition: pgp-decrypt.c:47

References parse_new_len(), parse_old_len(), PKT_CONTEXT, pullf_read(), px_debug(), PXE_PGP_CORRUPT_DATA, and res.

Referenced by internal_read_key(), pgp_decrypt(), pgp_get_keyid(), and process_data_packets().

◆ pgp_parse_pubenc_sesskey()

int pgp_parse_pubenc_sesskey ( PGP_Context ctx,
PullFilter pkt 
)

Definition at line 150 of file pgp-pubdec.c.

151{
152 int ver;
153 int algo;
154 int res;
155 uint8 key_id[8];
156 PGP_PubKey *pk;
157 uint8 *msg;
158 int msglen;
159 PGP_MPI *m;
160
161 pk = ctx->pub_key;
162 if (pk == NULL)
163 {
164 px_debug("no pubkey?");
165 return PXE_BUG;
166 }
167
168 GETBYTE(pkt, ver);
169 if (ver != 3)
170 {
171 px_debug("unknown pubenc_sesskey pkt ver=%d", ver);
173 }
174
175 /*
176 * check if keyid's match - user-friendly msg
177 */
178 res = pullf_read_fixed(pkt, 8, key_id);
179 if (res < 0)
180 return res;
181 if (memcmp(key_id, any_key, 8) != 0
182 && memcmp(key_id, pk->key_id, 8) != 0)
183 {
184 px_debug("key_id's does not match");
185 return PXE_PGP_WRONG_KEY;
186 }
187
188 /*
189 * Decrypt
190 */
191 GETBYTE(pkt, algo);
192 switch (algo)
193 {
195 res = decrypt_elgamal(pk, pkt, &m);
196 break;
199 res = decrypt_rsa(pk, pkt, &m);
200 break;
201 default:
203 }
204 if (res < 0)
205 return res;
206
207 /*
208 * extract message
209 */
210 msg = check_eme_pkcs1_v15(m->data, m->bytes);
211 if (msg == NULL)
212 {
213 px_debug("check_eme_pkcs1_v15 failed");
215 goto out;
216 }
217 msglen = m->bytes - (msg - m->data);
218
219 res = control_cksum(msg, msglen);
220 if (res < 0)
221 goto out;
222
223 /*
224 * got sesskey
225 */
226 ctx->cipher_algo = *msg;
227 ctx->sess_key_len = msglen - 3;
228 memcpy(ctx->sess_key, msg + 1, ctx->sess_key_len);
229
230out:
231 pgp_mpi_free(m);
232 if (res < 0)
233 return res;
234 return pgp_expect_packet_end(pkt);
235}
int pgp_expect_packet_end(PullFilter *pkt)
Definition: pgp-decrypt.c:1078
static int decrypt_rsa(PGP_PubKey *pk, PullFilter *pkt, PGP_MPI **m_p)
Definition: pgp-pubdec.c:124
static const uint8 any_key[]
Definition: pgp-pubdec.c:147
static int decrypt_elgamal(PGP_PubKey *pk, PullFilter *pkt, PGP_MPI **m_p)
Definition: pgp-pubdec.c:97
static uint8 * check_eme_pkcs1_v15(uint8 *data, int len)
Definition: pgp-pubdec.c:42
static int control_cksum(uint8 *msg, int msglen)
Definition: pgp-pubdec.c:74
#define PXE_BUG
Definition: px.h:58
#define PXE_PGP_WRONG_KEY
Definition: px.h:80
unsigned sess_key_len
Definition: pgp.h:172
uint8 sess_key[PGP_MAX_KEY]
Definition: pgp.h:171
uint8 key_id[8]
Definition: pgp.h:235

References any_key, PGP_MPI::bytes, check_eme_pkcs1_v15(), PGP_Context::cipher_algo, control_cksum(), PGP_MPI::data, decrypt_elgamal(), decrypt_rsa(), GETBYTE, PGP_PubKey::key_id, pgp_expect_packet_end(), pgp_mpi_free(), PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_Context::pub_key, pullf_read_fixed(), px_debug(), PXE_BUG, PXE_PGP_CORRUPT_DATA, PXE_PGP_UNKNOWN_PUBALGO, PXE_PGP_WRONG_KEY, res, PGP_Context::sess_key, and PGP_Context::sess_key_len.

Referenced by pgp_decrypt().

◆ pgp_rsa_decrypt()

int pgp_rsa_decrypt ( PGP_PubKey pk,
PGP_MPI _c,
PGP_MPI **  m_p 
)

Definition at line 251 of file pgp-mpi-openssl.c.

252{
254 BIGNUM *c = mpi_to_bn(_c);
255 BIGNUM *d = mpi_to_bn(pk->sec.rsa.d);
256 BIGNUM *n = mpi_to_bn(pk->pub.rsa.n);
257 BIGNUM *m = BN_new();
258 BN_CTX *tmp = BN_CTX_new();
259
260 if (!m || !d || !n || !c || !tmp)
261 goto err;
262
263 /*
264 * m = c ^ d
265 */
266 if (!BN_mod_exp(m, c, d, n, tmp))
267 goto err;
268
269 *m_p = bn_to_mpi(m);
270 if (*m_p)
271 res = 0;
272err:
273 if (tmp)
274 BN_CTX_free(tmp);
275 if (m)
276 BN_clear_free(m);
277 if (n)
278 BN_clear_free(n);
279 if (d)
280 BN_clear_free(d);
281 if (c)
282 BN_clear_free(c);
283 return res;
284}
char * c

References bn_to_mpi(), PGP_PubKey::d, err(), mpi_to_bn(), PGP_PubKey::n, PGP_PubKey::pub, PXE_PGP_MATH_FAILED, res, PGP_PubKey::rsa, and PGP_PubKey::sec.

Referenced by decrypt_rsa().

◆ pgp_rsa_encrypt()

int pgp_rsa_encrypt ( PGP_PubKey pk,
PGP_MPI _m,
PGP_MPI **  c_p 
)

Definition at line 215 of file pgp-mpi-openssl.c.

216{
218 BIGNUM *m = mpi_to_bn(_m);
219 BIGNUM *e = mpi_to_bn(pk->pub.rsa.e);
220 BIGNUM *n = mpi_to_bn(pk->pub.rsa.n);
221 BIGNUM *c = BN_new();
222 BN_CTX *tmp = BN_CTX_new();
223
224 if (!m || !e || !n || !c || !tmp)
225 goto err;
226
227 /*
228 * c = m ^ e
229 */
230 if (!BN_mod_exp(c, m, e, n, tmp))
231 goto err;
232
233 *c_p = bn_to_mpi(c);
234 if (*c_p)
235 res = 0;
236err:
237 if (tmp)
238 BN_CTX_free(tmp);
239 if (c)
240 BN_clear_free(c);
241 if (n)
242 BN_clear_free(n);
243 if (e)
244 BN_clear_free(e);
245 if (m)
246 BN_clear_free(m);
247 return res;
248}
e
Definition: preproc-init.c:82

References bn_to_mpi(), PGP_PubKey::e, err(), mpi_to_bn(), PGP_PubKey::n, PGP_PubKey::pub, PXE_PGP_MATH_FAILED, res, and PGP_PubKey::rsa.

Referenced by encrypt_and_write_rsa().

◆ pgp_s2k_fill()

int pgp_s2k_fill ( PGP_S2K s2k,
int  mode,
int  digest_algo,
int  count 
)

Definition at line 223 of file pgp-s2k.c.

224{
225 int res = 0;
226 uint8 tmp;
227
228 s2k->mode = mode;
229 s2k->digest_algo = digest_algo;
230
231 switch (s2k->mode)
232 {
233 case PGP_S2K_SIMPLE:
234 break;
235 case PGP_S2K_SALTED:
237 return PXE_NO_RANDOM;
238 break;
239 case PGP_S2K_ISALTED:
241 return PXE_NO_RANDOM;
242 if (!pg_strong_random(&tmp, 1))
243 return PXE_NO_RANDOM;
244 s2k->iter = decide_s2k_iter(tmp, count);
245 break;
246 default:
248 }
249 return res;
250}
static PgChecksumMode mode
Definition: pg_checksums.c:55
static uint8 decide_s2k_iter(unsigned rand_byte, int count)
Definition: pgp-s2k.c:209
#define PGP_S2K_SALT
Definition: pgp.h:115
bool pg_strong_random(void *buf, size_t len)
#define PXE_PGP_BAD_S2K_MODE
Definition: px.h:88
#define PXE_NO_RANDOM
Definition: px.h:63
uint8 digest_algo
Definition: pgp.h:125
uint8 mode
Definition: pgp.h:124
uint8 iter
Definition: pgp.h:127
uint8 salt[8]
Definition: pgp.h:126

References decide_s2k_iter(), PGP_S2K::digest_algo, PGP_S2K::iter, PGP_S2K::mode, mode, pg_strong_random(), PGP_S2K_ISALTED, PGP_S2K_SALT, PGP_S2K_SALTED, PGP_S2K_SIMPLE, PXE_NO_RANDOM, PXE_PGP_BAD_S2K_MODE, res, and PGP_S2K::salt.

Referenced by init_s2k_key().

◆ pgp_s2k_process()

int pgp_s2k_process ( PGP_S2K s2k,
int  cipher,
const uint8 key,
int  key_len 
)

Definition at line 279 of file pgp-s2k.c.

280{
281 int res;
282 PX_MD *md;
283
284 s2k->key_len = pgp_get_cipher_key_size(cipher);
285 if (s2k->key_len <= 0)
287
288 res = pgp_load_digest(s2k->digest_algo, &md);
289 if (res < 0)
290 return res;
291
292 switch (s2k->mode)
293 {
294 case 0:
295 res = calc_s2k_simple(s2k, md, key, key_len);
296 break;
297 case 1:
298 res = calc_s2k_salted(s2k, md, key, key_len);
299 break;
300 case 3:
301 res = calc_s2k_iter_salted(s2k, md, key, key_len);
302 break;
303 default:
305 }
306 px_md_free(md);
307 return res;
308}
static int calc_s2k_salted(PGP_S2K *s2k, PX_MD *md, const uint8 *key, unsigned key_len)
Definition: pgp-s2k.c:82
static int calc_s2k_simple(PGP_S2K *s2k, PX_MD *md, const uint8 *key, unsigned key_len)
Definition: pgp-s2k.c:38
static int calc_s2k_iter_salted(PGP_S2K *s2k, PX_MD *md, const uint8 *key, unsigned key_len)
Definition: pgp-s2k.c:126
int pgp_get_cipher_key_size(int code)
Definition: pgp.c:137
int pgp_load_digest(int code, PX_MD **res)
Definition: pgp.c:173
#define px_md_free(md)
Definition: px.h:196
uint8 key_len
Definition: pgp.h:130
Definition: px.h:100

References calc_s2k_iter_salted(), calc_s2k_salted(), calc_s2k_simple(), PGP_S2K::digest_algo, sort-test::key, PGP_S2K::key_len, PGP_S2K::mode, pgp_get_cipher_key_size(), pgp_load_digest(), px_md_free, PXE_PGP_BAD_S2K_MODE, PXE_PGP_UNSUPPORTED_CIPHER, and res.

Referenced by init_s2k_key(), parse_symenc_sesskey(), and process_secret_key().

◆ pgp_s2k_read()

int pgp_s2k_read ( PullFilter src,
PGP_S2K s2k 
)

Definition at line 253 of file pgp-s2k.c.

254{
255 int res = 0;
256
257 GETBYTE(src, s2k->mode);
258 GETBYTE(src, s2k->digest_algo);
259 switch (s2k->mode)
260 {
261 case 0:
262 break;
263 case 1:
264 res = pullf_read_fixed(src, 8, s2k->salt);
265 break;
266 case 3:
267 res = pullf_read_fixed(src, 8, s2k->salt);
268 if (res < 0)
269 break;
270 GETBYTE(src, s2k->iter);
271 break;
272 default:
274 }
275 return res;
276}

References PGP_S2K::digest_algo, GETBYTE, PGP_S2K::iter, PGP_S2K::mode, pullf_read_fixed(), PXE_PGP_BAD_S2K_MODE, res, and PGP_S2K::salt.

Referenced by parse_symenc_sesskey(), and process_secret_key().

◆ pgp_set_cipher_algo()

int pgp_set_cipher_algo ( PGP_Context ctx,
const char *  name 
)

Definition at line 307 of file pgp.c.

308{
309 int code = pgp_get_cipher_code(name);
310
311 if (code < 0)
312 return code;
313 ctx->cipher_algo = code;
314 return 0;
315}
int pgp_get_cipher_code(const char *name)
Definition: pgp.c:115

References PGP_Context::cipher_algo, cipher_info::code, name, and pgp_get_cipher_code().

Referenced by set_arg().

◆ pgp_set_compress_algo()

int pgp_set_compress_algo ( PGP_Context ctx,
int  algo 
)

Definition at line 274 of file pgp.c.

275{
276 switch (algo)
277 {
278 case PGP_COMPR_NONE:
279 case PGP_COMPR_ZIP:
280 case PGP_COMPR_ZLIB:
281 case PGP_COMPR_BZIP2:
282 ctx->compress_algo = algo;
283 return 0;
284 }
285 return PXE_ARGUMENT_ERROR;
286}

References PGP_Context::compress_algo, PGP_COMPR_BZIP2, PGP_COMPR_NONE, PGP_COMPR_ZIP, PGP_COMPR_ZLIB, and PXE_ARGUMENT_ERROR.

Referenced by set_arg().

◆ pgp_set_compress_level()

int pgp_set_compress_level ( PGP_Context ctx,
int  level 
)

Definition at line 289 of file pgp.c.

290{
291 if (level >= 0 && level <= 9)
292 {
293 ctx->compress_level = level;
294 return 0;
295 }
296 return PXE_ARGUMENT_ERROR;
297}

References PGP_Context::compress_level, and PXE_ARGUMENT_ERROR.

Referenced by set_arg().

◆ pgp_set_convert_crlf()

int pgp_set_convert_crlf ( PGP_Context ctx,
int  doit 
)

Definition at line 237 of file pgp.c.

238{
239 ctx->convert_crlf = doit ? 1 : 0;
240 return 0;
241}

References PGP_Context::convert_crlf.

Referenced by set_arg().

◆ pgp_set_pubkey()

int pgp_set_pubkey ( PGP_Context ctx,
MBuf keypkt,
const uint8 key,
int  key_len,
int  pubtype 
)

Definition at line 565 of file pgp-pubkey.c.

567{
568 int res;
569 PullFilter *src;
570 PGP_PubKey *pk = NULL;
571
572 res = pullf_create_mbuf_reader(&src, keypkt);
573 if (res < 0)
574 return res;
575
576 res = internal_read_key(src, &pk, key, key_len, pubtype);
577 pullf_free(src);
578
579 if (res >= 0)
580 ctx->pub_key = pk;
581
582 return res < 0 ? res : 0;
583}
static int internal_read_key(PullFilter *src, PGP_PubKey **pk_p, const uint8 *psw, int psw_len, int pubtype)
Definition: pgp-pubkey.c:458

References internal_read_key(), sort-test::key, PGP_Context::pub_key, pullf_create_mbuf_reader(), pullf_free(), and res.

Referenced by decrypt_internal(), and encrypt_internal().

◆ pgp_set_s2k_cipher_algo()

int pgp_set_s2k_cipher_algo ( PGP_Context ctx,
const char *  name 
)

Definition at line 318 of file pgp.c.

319{
320 int code = pgp_get_cipher_code(name);
321
322 if (code < 0)
323 return code;
324 ctx->s2k_cipher_algo = code;
325 return 0;
326}

References cipher_info::code, name, pgp_get_cipher_code(), and PGP_Context::s2k_cipher_algo.

Referenced by set_arg().

◆ pgp_set_s2k_count()

int pgp_set_s2k_count ( PGP_Context ctx,
int  count 
)

Definition at line 263 of file pgp.c.

264{
265 if (ctx->s2k_mode == PGP_S2K_ISALTED && count >= 1024 && count <= 65011712)
266 {
267 ctx->s2k_count = count;
268 return PXE_OK;
269 }
270 return PXE_ARGUMENT_ERROR;
271}
#define PXE_OK
Definition: px.h:46

References PGP_S2K_ISALTED, PXE_ARGUMENT_ERROR, PXE_OK, PGP_Context::s2k_count, and PGP_Context::s2k_mode.

Referenced by set_arg().

◆ pgp_set_s2k_digest_algo()

int pgp_set_s2k_digest_algo ( PGP_Context ctx,
const char *  name 
)

Definition at line 329 of file pgp.c.

330{
331 int code = pgp_get_digest_code(name);
332
333 if (code < 0)
334 return code;
335 ctx->s2k_digest_algo = code;
336 return 0;
337}
int pgp_get_digest_code(const char *name)
Definition: pgp.c:104

References cipher_info::code, name, pgp_get_digest_code(), and PGP_Context::s2k_digest_algo.

Referenced by set_arg().

◆ pgp_set_s2k_mode()

int pgp_set_s2k_mode ( PGP_Context ctx,
int  mode 
)

Definition at line 244 of file pgp.c.

245{
246 int err = PXE_OK;
247
248 switch (mode)
249 {
250 case PGP_S2K_SIMPLE:
251 case PGP_S2K_SALTED:
252 case PGP_S2K_ISALTED:
253 ctx->s2k_mode = mode;
254 break;
255 default:
257 break;
258 }
259 return err;
260}

References err(), mode, PGP_S2K_ISALTED, PGP_S2K_SALTED, PGP_S2K_SIMPLE, PXE_ARGUMENT_ERROR, PXE_OK, and PGP_Context::s2k_mode.

Referenced by set_arg().

◆ pgp_set_sess_key()

int pgp_set_sess_key ( PGP_Context ctx,
int  use 
)

Definition at line 230 of file pgp.c.

231{
232 ctx->use_sess_key = use ? 1 : 0;
233 return 0;
234}

References PGP_Context::use_sess_key.

Referenced by set_arg().

◆ pgp_set_symkey()

int pgp_set_symkey ( PGP_Context ctx,
const uint8 key,
int  len 
)

Definition at line 353 of file pgp.c.

354{
355 if (key == NULL || len < 1)
356 return PXE_ARGUMENT_ERROR;
357 ctx->sym_key = key;
358 ctx->sym_key_len = len;
359 return 0;
360}
int sym_key_len
Definition: pgp.h:166

References sort-test::key, len, PXE_ARGUMENT_ERROR, PGP_Context::sym_key, and PGP_Context::sym_key_len.

Referenced by decrypt_internal(), and encrypt_internal().

◆ pgp_set_text_mode()

int pgp_set_text_mode ( PGP_Context ctx,
int  mode 
)

Definition at line 300 of file pgp.c.

301{
302 ctx->text_mode = mode;
303 return 0;
304}

References mode, and PGP_Context::text_mode.

Referenced by init_work().

◆ pgp_set_unicode_mode()

int pgp_set_unicode_mode ( PGP_Context ctx,
int  mode 
)

Definition at line 346 of file pgp.c.

347{
348 ctx->unicode_mode = mode ? 1 : 0;
349 return 0;
350}

References mode, and PGP_Context::unicode_mode.

Referenced by set_arg().

◆ pgp_skip_packet()

int pgp_skip_packet ( PullFilter pkt)

Definition at line 1064 of file pgp-decrypt.c.

1065{
1066 int res = 1;
1067 uint8 *tmp;
1068
1069 while (res > 0)
1070 res = pullf_read(pkt, 32 * 1024, &tmp);
1071 return res;
1072}

References pullf_read(), and res.

Referenced by internal_read_key(), pgp_decrypt(), pgp_get_keyid(), read_pubenc_keyid(), and read_pubkey_keyid().

◆ pgp_write_pubenc_sesskey()

int pgp_write_pubenc_sesskey ( PGP_Context ctx,
PushFilter dst 
)

Definition at line 190 of file pgp-pubenc.c.

191{
192 int res;
193 PGP_PubKey *pk = ctx->pub_key;
194 uint8 ver = 3;
195 PushFilter *pkt = NULL;
196 uint8 algo;
197
198 if (pk == NULL)
199 {
200 px_debug("no pubkey?\n");
201 return PXE_BUG;
202 }
203
204 algo = pk->algo;
205
206 /*
207 * now write packet
208 */
210 if (res < 0)
211 goto err;
212 res = pushf_write(pkt, &ver, 1);
213 if (res < 0)
214 goto err;
215 res = pushf_write(pkt, pk->key_id, 8);
216 if (res < 0)
217 goto err;
218 res = pushf_write(pkt, &algo, 1);
219 if (res < 0)
220 goto err;
221
222 switch (algo)
223 {
225 res = encrypt_and_write_elgamal(ctx, pk, pkt);
226 break;
229 res = encrypt_and_write_rsa(ctx, pk, pkt);
230 break;
231 }
232 if (res < 0)
233 goto err;
234
235 /*
236 * done, signal packet end
237 */
238 res = pushf_flush(pkt);
239err:
240 if (pkt)
241 pushf_free(pkt);
242
243 return res;
244}
void pushf_free(PushFilter *mp)
Definition: mbuf.c:395
int pgp_create_pkt_writer(PushFilter *dst, int tag, PushFilter **res_p)
Definition: pgp-encrypt.c:311
static int encrypt_and_write_elgamal(PGP_Context *ctx, PGP_PubKey *pk, PushFilter *pkt)
Definition: pgp-pubenc.c:133
static int encrypt_and_write_rsa(PGP_Context *ctx, PGP_PubKey *pk, PushFilter *pkt)
Definition: pgp-pubenc.c:164

References PGP_PubKey::algo, encrypt_and_write_elgamal(), encrypt_and_write_rsa(), err(), PGP_PubKey::key_id, pgp_create_pkt_writer(), PGP_PKT_PUBENCRYPTED_SESSKEY, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_Context::pub_key, pushf_flush(), pushf_free(), pushf_write(), px_debug(), PXE_BUG, and res.

Referenced by pgp_encrypt().

Variable Documentation

◆ pgp_decrypt_filter

struct PullFilterOps pgp_decrypt_filter
extern

Definition at line 314 of file pgp-decrypt.c.

Referenced by parse_symenc_data(), parse_symenc_mdc_data(), and process_secret_key().