PostgreSQL Source Code  git master
pgp.h File Reference
#include "lib/stringinfo.h"
#include "mbuf.h"
#include "px.h"
Include dependency graph for pgp.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  PGP_S2K
 
struct  PGP_Context
 
struct  PGP_MPI
 
struct  PGP_PubKey
 

Macros

#define PGP_MAX_KEY   (256/8)
 
#define PGP_MAX_BLOCK   (256/8)
 
#define PGP_MAX_DIGEST   (512/8)
 
#define PGP_S2K_SALT   8
 
#define s2k_decode_count(cval)   (((unsigned) 16 + (cval & 15)) << ((cval >> 4) + 6))
 

Typedefs

typedef struct PGP_MPI PGP_MPI
 
typedef struct PGP_PubKey PGP_PubKey
 
typedef struct PGP_Context PGP_Context
 
typedef struct PGP_S2K PGP_S2K
 
typedef struct PGP_CFB PGP_CFB
 

Enumerations

enum  PGP_S2K_TYPE { PGP_S2K_SIMPLE = 0, PGP_S2K_SALTED = 1, PGP_S2K_ISALTED = 3 }
 
enum  PGP_PKT_TYPE {
  PGP_PKT_RESERVED = 0, PGP_PKT_PUBENCRYPTED_SESSKEY = 1, PGP_PKT_SIGNATURE = 2, PGP_PKT_SYMENCRYPTED_SESSKEY = 3,
  PGP_PKT_SECRET_KEY = 5, PGP_PKT_PUBLIC_KEY = 6, PGP_PKT_SECRET_SUBKEY = 7, PGP_PKT_COMPRESSED_DATA = 8,
  PGP_PKT_SYMENCRYPTED_DATA = 9, PGP_PKT_MARKER = 10, PGP_PKT_LITERAL_DATA = 11, PGP_PKT_TRUST = 12,
  PGP_PKT_USER_ID = 13, PGP_PKT_PUBLIC_SUBKEY = 14, PGP_PKT_USER_ATTR = 17, PGP_PKT_SYMENCRYPTED_DATA_MDC = 18,
  PGP_PKT_MDC = 19, PGP_PKT_PRIV_61 = 61
}
 
enum  PGP_PUB_ALGO_TYPE {
  PGP_PUB_RSA_ENCRYPT_SIGN = 1, PGP_PUB_RSA_ENCRYPT = 2, PGP_PUB_RSA_SIGN = 3, PGP_PUB_ELG_ENCRYPT = 16,
  PGP_PUB_DSA_SIGN = 17
}
 
enum  PGP_SYMENC_TYPE {
  PGP_SYM_PLAIN = 0, PGP_SYM_IDEA = 1, PGP_SYM_DES3 = 2, PGP_SYM_CAST5 = 3,
  PGP_SYM_BLOWFISH = 4, PGP_SYM_SAFER_SK128 = 5, PGP_SYM_DES_SK = 6, PGP_SYM_AES_128 = 7,
  PGP_SYM_AES_192 = 8, PGP_SYM_AES_256 = 9, PGP_SYM_TWOFISH = 10
}
 
enum  PGP_COMPR_TYPE { PGP_COMPR_NONE = 0, PGP_COMPR_ZIP = 1, PGP_COMPR_ZLIB = 2, PGP_COMPR_BZIP2 = 3 }
 
enum  PGP_DIGEST_TYPE {
  PGP_DIGEST_MD5 = 1, PGP_DIGEST_SHA1 = 2, PGP_DIGEST_RIPEMD160 = 3, PGP_DIGEST_XSHA = 4,
  PGP_DIGEST_MD2 = 5, PGP_DIGEST_TIGER192 = 6, PGP_DIGEST_HAVAL5_160 = 7, PGP_DIGEST_SHA256 = 8,
  PGP_DIGEST_SHA384 = 9, PGP_DIGEST_SHA512 = 10
}
 

Functions

int pgp_init (PGP_Context **ctx)
 
int pgp_encrypt (PGP_Context *ctx, MBuf *src, MBuf *dst)
 
int pgp_decrypt (PGP_Context *ctx, MBuf *src, MBuf *dst)
 
int pgp_free (PGP_Context *ctx)
 
int pgp_get_digest_code (const char *name)
 
int pgp_get_cipher_code (const char *name)
 
const char * pgp_get_digest_name (int code)
 
const char * pgp_get_cipher_name (int code)
 
int pgp_set_cipher_algo (PGP_Context *ctx, const char *name)
 
int pgp_set_s2k_mode (PGP_Context *ctx, int type)
 
int pgp_set_s2k_count (PGP_Context *ctx, int count)
 
int pgp_set_s2k_cipher_algo (PGP_Context *ctx, const char *name)
 
int pgp_set_s2k_digest_algo (PGP_Context *ctx, const char *name)
 
int pgp_set_convert_crlf (PGP_Context *ctx, int doit)
 
int pgp_disable_mdc (PGP_Context *ctx, int disable)
 
int pgp_set_sess_key (PGP_Context *ctx, int use)
 
int pgp_set_compress_algo (PGP_Context *ctx, int algo)
 
int pgp_set_compress_level (PGP_Context *ctx, int level)
 
int pgp_set_text_mode (PGP_Context *ctx, int mode)
 
int pgp_set_unicode_mode (PGP_Context *ctx, int mode)
 
int pgp_get_unicode_mode (PGP_Context *ctx)
 
int pgp_set_symkey (PGP_Context *ctx, const uint8 *key, int klen)
 
int pgp_set_pubkey (PGP_Context *ctx, MBuf *keypkt, const uint8 *key, int klen, int pubtype)
 
int pgp_get_keyid (MBuf *pgp_data, char *dst)
 
int pgp_load_digest (int c, PX_MD **res)
 
int pgp_load_cipher (int c, PX_Cipher **res)
 
int pgp_get_cipher_key_size (int c)
 
int pgp_get_cipher_block_size (int c)
 
int pgp_s2k_fill (PGP_S2K *s2k, int mode, int digest_algo, int count)
 
int pgp_s2k_read (PullFilter *src, PGP_S2K *s2k)
 
int pgp_s2k_process (PGP_S2K *s2k, int cipher, const uint8 *key, int klen)
 
int pgp_cfb_create (PGP_CFB **ctx_p, int algo, const uint8 *key, int key_len, int recync, uint8 *iv)
 
void pgp_cfb_free (PGP_CFB *ctx)
 
int pgp_cfb_encrypt (PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
 
int pgp_cfb_decrypt (PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
 
void pgp_armor_encode (const uint8 *src, unsigned len, StringInfo dst, int num_headers, char **keys, char **values)
 
int pgp_armor_decode (const uint8 *src, int len, StringInfo dst)
 
int pgp_extract_armor_headers (const uint8 *src, unsigned len, int *nheaders, char ***keys, char ***values)
 
int pgp_compress_filter (PushFilter **res, PGP_Context *ctx, PushFilter *dst)
 
int pgp_decompress_filter (PullFilter **res, PGP_Context *ctx, PullFilter *src)
 
int pgp_key_alloc (PGP_PubKey **pk_p)
 
void pgp_key_free (PGP_PubKey *pk)
 
int _pgp_read_public_key (PullFilter *pkt, PGP_PubKey **pk_p)
 
int pgp_parse_pubenc_sesskey (PGP_Context *ctx, PullFilter *pkt)
 
int pgp_create_pkt_reader (PullFilter **pf_p, PullFilter *src, int len, int pkttype, PGP_Context *ctx)
 
int pgp_parse_pkt_hdr (PullFilter *src, uint8 *tag, int *len_p, int allow_ctx)
 
int pgp_skip_packet (PullFilter *pkt)
 
int pgp_expect_packet_end (PullFilter *pkt)
 
int pgp_write_pubenc_sesskey (PGP_Context *ctx, PushFilter *dst)
 
int pgp_create_pkt_writer (PushFilter *dst, int tag, PushFilter **res_p)
 
int pgp_mpi_alloc (int bits, PGP_MPI **mpi)
 
int pgp_mpi_create (uint8 *data, int bits, PGP_MPI **mpi)
 
int pgp_mpi_free (PGP_MPI *mpi)
 
int pgp_mpi_read (PullFilter *src, PGP_MPI **mpi)
 
int pgp_mpi_write (PushFilter *dst, PGP_MPI *n)
 
int pgp_mpi_hash (PX_MD *md, PGP_MPI *n)
 
unsigned pgp_mpi_cksum (unsigned cksum, PGP_MPI *n)
 
int pgp_elgamal_encrypt (PGP_PubKey *pk, PGP_MPI *m, PGP_MPI **c1, PGP_MPI **c2)
 
int pgp_elgamal_decrypt (PGP_PubKey *pk, PGP_MPI *c1, PGP_MPI *c2, PGP_MPI **m)
 
int pgp_rsa_encrypt (PGP_PubKey *pk, PGP_MPI *m, PGP_MPI **c)
 
int pgp_rsa_decrypt (PGP_PubKey *pk, PGP_MPI *c, PGP_MPI **m)
 

Variables

struct PullFilterOps pgp_decrypt_filter
 

Macro Definition Documentation

◆ PGP_MAX_BLOCK

#define PGP_MAX_BLOCK   (256/8)

Definition at line 113 of file pgp.h.

Referenced by prefix_init(), and write_prefix().

◆ PGP_MAX_DIGEST

#define PGP_MAX_DIGEST   (512/8)

Definition at line 114 of file pgp.h.

Referenced by calc_s2k_iter_salted(), calc_s2k_salted(), and calc_s2k_simple().

◆ PGP_MAX_KEY

#define PGP_MAX_KEY   (256/8)

Definition at line 112 of file pgp.h.

Referenced by parse_symenc_sesskey().

◆ PGP_S2K_SALT

#define PGP_S2K_SALT   8

Definition at line 115 of file pgp.h.

Referenced by calc_s2k_iter_salted(), calc_s2k_salted(), and pgp_s2k_fill().

◆ s2k_decode_count

#define s2k_decode_count (   cval)    (((unsigned) 16 + (cval & 15)) << ((cval >> 4) + 6))

Definition at line 176 of file pgp.h.

Referenced by calc_s2k_iter_salted(), decide_s2k_iter(), and parse_symenc_sesskey().

Typedef Documentation

◆ PGP_CFB

Definition at line 280 of file pgp.h.

◆ PGP_Context

Definition at line 119 of file pgp.h.

◆ PGP_MPI

Definition at line 117 of file pgp.h.

◆ PGP_PubKey

Definition at line 118 of file pgp.h.

◆ PGP_S2K

Definition at line 120 of file pgp.h.

Enumeration Type Documentation

◆ PGP_COMPR_TYPE

Enumerator
PGP_COMPR_NONE 
PGP_COMPR_ZIP 
PGP_COMPR_ZLIB 
PGP_COMPR_BZIP2 

Definition at line 90 of file pgp.h.

91 {
92  PGP_COMPR_NONE = 0, /* must */
93  PGP_COMPR_ZIP = 1, /* should */
94  PGP_COMPR_ZLIB = 2,
95  PGP_COMPR_BZIP2 = 3
96 };

◆ PGP_DIGEST_TYPE

Enumerator
PGP_DIGEST_MD5 
PGP_DIGEST_SHA1 
PGP_DIGEST_RIPEMD160 
PGP_DIGEST_XSHA 
PGP_DIGEST_MD2 
PGP_DIGEST_TIGER192 
PGP_DIGEST_HAVAL5_160 
PGP_DIGEST_SHA256 
PGP_DIGEST_SHA384 
PGP_DIGEST_SHA512 

Definition at line 98 of file pgp.h.

99 {
100  PGP_DIGEST_MD5 = 1, /* should, deprecated */
101  PGP_DIGEST_SHA1 = 2, /* must */
103  PGP_DIGEST_XSHA = 4, /* obsolete */
104  PGP_DIGEST_MD2 = 5, /* obsolete */
105  PGP_DIGEST_TIGER192 = 6, /* obsolete */
106  PGP_DIGEST_HAVAL5_160 = 7, /* obsolete */
107  PGP_DIGEST_SHA256 = 8,
108  PGP_DIGEST_SHA384 = 9,
109  PGP_DIGEST_SHA512 = 10
110 };

◆ PGP_PKT_TYPE

Enumerator
PGP_PKT_RESERVED 
PGP_PKT_PUBENCRYPTED_SESSKEY 
PGP_PKT_SIGNATURE 
PGP_PKT_SYMENCRYPTED_SESSKEY 
PGP_PKT_SECRET_KEY 
PGP_PKT_PUBLIC_KEY 
PGP_PKT_SECRET_SUBKEY 
PGP_PKT_COMPRESSED_DATA 
PGP_PKT_SYMENCRYPTED_DATA 
PGP_PKT_MARKER 
PGP_PKT_LITERAL_DATA 
PGP_PKT_TRUST 
PGP_PKT_USER_ID 
PGP_PKT_PUBLIC_SUBKEY 
PGP_PKT_USER_ATTR 
PGP_PKT_SYMENCRYPTED_DATA_MDC 
PGP_PKT_MDC 
PGP_PKT_PRIV_61 

Definition at line 44 of file pgp.h.

◆ PGP_PUB_ALGO_TYPE

Enumerator
PGP_PUB_RSA_ENCRYPT_SIGN 
PGP_PUB_RSA_ENCRYPT 
PGP_PUB_RSA_SIGN 
PGP_PUB_ELG_ENCRYPT 
PGP_PUB_DSA_SIGN 

Definition at line 66 of file pgp.h.

◆ PGP_S2K_TYPE

Enumerator
PGP_S2K_SIMPLE 
PGP_S2K_SALTED 
PGP_S2K_ISALTED 

Definition at line 37 of file pgp.h.

38 {
39  PGP_S2K_SIMPLE = 0,
40  PGP_S2K_SALTED = 1,
41  PGP_S2K_ISALTED = 3
42 };

◆ PGP_SYMENC_TYPE

Enumerator
PGP_SYM_PLAIN 
PGP_SYM_IDEA 
PGP_SYM_DES3 
PGP_SYM_CAST5 
PGP_SYM_BLOWFISH 
PGP_SYM_SAFER_SK128 
PGP_SYM_DES_SK 
PGP_SYM_AES_128 
PGP_SYM_AES_192 
PGP_SYM_AES_256 
PGP_SYM_TWOFISH 

Definition at line 75 of file pgp.h.

76 {
77  PGP_SYM_PLAIN = 0, /* ?? */
78  PGP_SYM_IDEA = 1, /* obsolete, PGP 2.6 compat */
79  PGP_SYM_DES3 = 2, /* must */
80  PGP_SYM_CAST5 = 3, /* should */
81  PGP_SYM_BLOWFISH = 4,
82  PGP_SYM_SAFER_SK128 = 5, /* obsolete */
83  PGP_SYM_DES_SK = 6, /* obsolete */
84  PGP_SYM_AES_128 = 7, /* should */
85  PGP_SYM_AES_192 = 8,
86  PGP_SYM_AES_256 = 9,
87  PGP_SYM_TWOFISH = 10
88 };

Function Documentation

◆ _pgp_read_public_key()

int _pgp_read_public_key ( PullFilter pkt,
PGP_PubKey **  pk_p 
)

Definition at line 159 of file pgp-pubkey.c.

References PGP_PubKey::algo, calc_key_id(), PGP_PubKey::can_encrypt, PGP_PubKey::dsa, PGP_PubKey::elg, GETBYTE, pgp_key_alloc(), pgp_key_free(), pgp_mpi_read(), PGP_PUB_DSA_SIGN, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_PUB_RSA_SIGN, PGP_PubKey::pub, pullf_read_fixed(), px_debug(), PXE_PGP_NOT_V4_KEYPKT, PXE_PGP_UNKNOWN_PUBALGO, PGP_PubKey::rsa, PGP_PubKey::time, and PGP_PubKey::ver.

Referenced by internal_read_key(), process_secret_key(), and read_pubkey_keyid().

160 {
161  int res;
162  PGP_PubKey *pk;
163 
164  res = pgp_key_alloc(&pk);
165  if (res < 0)
166  return res;
167 
168  /* get version */
169  GETBYTE(pkt, pk->ver);
170  if (pk->ver != 4)
171  {
172  res = PXE_PGP_NOT_V4_KEYPKT;
173  goto out;
174  }
175 
176  /* read time */
177  res = pullf_read_fixed(pkt, 4, pk->time);
178  if (res < 0)
179  goto out;
180 
181  /* pubkey algorithm */
182  GETBYTE(pkt, pk->algo);
183 
184  switch (pk->algo)
185  {
186  case PGP_PUB_DSA_SIGN:
187  res = pgp_mpi_read(pkt, &pk->pub.dsa.p);
188  if (res < 0)
189  break;
190  res = pgp_mpi_read(pkt, &pk->pub.dsa.q);
191  if (res < 0)
192  break;
193  res = pgp_mpi_read(pkt, &pk->pub.dsa.g);
194  if (res < 0)
195  break;
196  res = pgp_mpi_read(pkt, &pk->pub.dsa.y);
197  if (res < 0)
198  break;
199 
200  res = calc_key_id(pk);
201  break;
202 
203  case PGP_PUB_RSA_SIGN:
204  case PGP_PUB_RSA_ENCRYPT:
206  res = pgp_mpi_read(pkt, &pk->pub.rsa.n);
207  if (res < 0)
208  break;
209  res = pgp_mpi_read(pkt, &pk->pub.rsa.e);
210  if (res < 0)
211  break;
212 
213  res = calc_key_id(pk);
214 
215  if (pk->algo != PGP_PUB_RSA_SIGN)
216  pk->can_encrypt = 1;
217  break;
218 
219  case PGP_PUB_ELG_ENCRYPT:
220  res = pgp_mpi_read(pkt, &pk->pub.elg.p);
221  if (res < 0)
222  break;
223  res = pgp_mpi_read(pkt, &pk->pub.elg.g);
224  if (res < 0)
225  break;
226  res = pgp_mpi_read(pkt, &pk->pub.elg.y);
227  if (res < 0)
228  break;
229 
230  res = calc_key_id(pk);
231 
232  pk->can_encrypt = 1;
233  break;
234 
235  default:
236  px_debug("unknown public algo: %d", pk->algo);
238  }
239 
240 out:
241  if (res < 0)
242  pgp_key_free(pk);
243  else
244  *pk_p = pk;
245 
246  return res;
247 }
struct PGP_PubKey::@5::@7 elg
uint8 ver
Definition: pgp.h:188
int pullf_read_fixed(PullFilter *src, int len, uint8 *dst)
Definition: mbuf.c:317
struct PGP_PubKey::@5::@9 dsa
uint8 time[4]
Definition: pgp.h:189
static int calc_key_id(PGP_PubKey *pk)
Definition: pgp-pubkey.c:85
int pgp_key_alloc(PGP_PubKey **pk_p)
Definition: pgp-pubkey.c:38
struct PGP_PubKey::@5::@8 rsa
#define GETBYTE(x, i)
Definition: hstore_gist.c:32
void pgp_key_free(PGP_PubKey *pk)
Definition: pgp-pubkey.c:49
int pgp_mpi_read(PullFilter *src, PGP_MPI **mpi)
Definition: pgp-mpi.c:80
void px_debug(const char *fmt,...)
Definition: px.c:160
#define PXE_PGP_UNKNOWN_PUBALGO
Definition: px.h:93
union PGP_PubKey::@5 pub
uint8 algo
Definition: pgp.h:190
#define PXE_PGP_NOT_V4_KEYPKT
Definition: px.h:98
int can_encrypt
Definition: pgp.h:236

◆ pgp_armor_decode()

int pgp_armor_decode ( const uint8 src,
int  len,
StringInfo  dst 
)

Definition at line 314 of file pgp-armor.c.

References b64_dec_len(), b64_decode(), buf, crc24(), StringInfoData::data, elog, enlargeStringInfo(), FATAL, find_header(), StringInfoData::len, and PXE_PGP_CORRUPT_ARMOR.

Referenced by pg_dearmor().

315 {
316  const uint8 *p = src;
317  const uint8 *data_end = src + len;
318  long crc;
319  const uint8 *base64_start,
320  *armor_end;
321  const uint8 *base64_end = NULL;
322  uint8 buf[4];
323  int hlen;
324  int blen;
325  int res = PXE_PGP_CORRUPT_ARMOR;
326 
327  /* armor start */
328  hlen = find_header(src, data_end, &p, 0);
329  if (hlen <= 0)
330  goto out;
331  p += hlen;
332 
333  /* armor end */
334  hlen = find_header(p, data_end, &armor_end, 1);
335  if (hlen <= 0)
336  goto out;
337 
338  /* skip comments - find empty line */
339  while (p < armor_end && *p != '\n' && *p != '\r')
340  {
341  p = memchr(p, '\n', armor_end - p);
342  if (!p)
343  goto out;
344 
345  /* step to start of next line */
346  p++;
347  }
348  base64_start = p;
349 
350  /* find crc pos */
351  for (p = armor_end; p >= base64_start; p--)
352  if (*p == '=')
353  {
354  base64_end = p - 1;
355  break;
356  }
357  if (base64_end == NULL)
358  goto out;
359 
360  /* decode crc */
361  if (b64_decode(p + 1, 4, buf) != 3)
362  goto out;
363  crc = (((long) buf[0]) << 16) + (((long) buf[1]) << 8) + (long) buf[2];
364 
365  /* decode data */
366  blen = (int) b64_dec_len(len);
367  enlargeStringInfo(dst, blen);
368  res = b64_decode(base64_start, base64_end - base64_start, (uint8 *) dst->data);
369  if (res > blen)
370  elog(FATAL, "overflow - decode estimate too small");
371  if (res >= 0)
372  {
373  if (crc24((uint8 *) dst->data, res) == crc)
374  dst->len += res;
375  else
376  res = PXE_PGP_CORRUPT_ARMOR;
377  }
378 out:
379  return res;
380 }
unsigned char uint8
Definition: c.h:304
#define FATAL
Definition: elog.h:52
static int b64_decode(const uint8 *src, unsigned len, uint8 *dst)
Definition: pgp-armor.c:95
static char * buf
Definition: pg_test_fsync.c:67
static long crc24(const uint8 *data, unsigned len)
Definition: pgp-armor.c:188
static int find_header(const uint8 *data, const uint8 *datend, const uint8 **start_p, int is_end)
Definition: pgp-armor.c:266
void enlargeStringInfo(StringInfo str, int needed)
Definition: stringinfo.c:264
#define PXE_PGP_CORRUPT_ARMOR
Definition: px.h:82
#define elog
Definition: elog.h:219
static unsigned b64_dec_len(unsigned srclen)
Definition: pgp-armor.c:172

◆ pgp_armor_encode()

void pgp_armor_encode ( const uint8 src,
unsigned  len,
StringInfo  dst,
int  num_headers,
char **  keys,
char **  values 
)

Definition at line 207 of file pgp-armor.c.

References _base64, appendStringInfo(), appendStringInfoChar(), appendStringInfoString(), armor_footer, armor_header, b64_enc_len(), b64_encode(), crc24(), StringInfoData::data, elog, enlargeStringInfo(), FATAL, and StringInfoData::len.

Referenced by pg_armor().

209 {
210  int n;
211  int res;
212  unsigned b64len;
213  unsigned crc = crc24(src, len);
214 
216 
217  for (n = 0; n < num_headers; n++)
218  appendStringInfo(dst, "%s: %s\n", keys[n], values[n]);
219  appendStringInfoChar(dst, '\n');
220 
221  /* make sure we have enough room to b64_encode() */
222  b64len = b64_enc_len(len);
223  enlargeStringInfo(dst, (int) b64len);
224 
225  res = b64_encode(src, len, (uint8 *) dst->data + dst->len);
226  if (res > b64len)
227  elog(FATAL, "overflow - encode estimate too small");
228  dst->len += res;
229 
230  if (*(dst->data + dst->len - 1) != '\n')
231  appendStringInfoChar(dst, '\n');
232 
233  appendStringInfoChar(dst, '=');
234  appendStringInfoChar(dst, _base64[(crc >> 18) & 0x3f]);
235  appendStringInfoChar(dst, _base64[(crc >> 12) & 0x3f]);
236  appendStringInfoChar(dst, _base64[(crc >> 6) & 0x3f]);
237  appendStringInfoChar(dst, _base64[crc & 0x3f]);
238 
240 }
unsigned char uint8
Definition: c.h:304
static const char * armor_footer
Definition: pgp-armor.c:182
void appendStringInfo(StringInfo str, const char *fmt,...)
Definition: stringinfo.c:78
#define FATAL
Definition: elog.h:52
void appendStringInfoString(StringInfo str, const char *s)
Definition: stringinfo.c:157
static long crc24(const uint8 *data, unsigned len)
Definition: pgp-armor.c:188
void enlargeStringInfo(StringInfo str, int needed)
Definition: stringinfo.c:264
static unsigned b64_enc_len(unsigned srclen)
Definition: pgp-armor.c:163
static const char * armor_header
Definition: pgp-armor.c:181
void appendStringInfoChar(StringInfo str, char ch)
Definition: stringinfo.c:169
static const unsigned char _base64[]
Definition: pgp-armor.c:41
static int b64_encode(const uint8 *src, unsigned len, uint8 *dst)
Definition: pgp-armor.c:45
static Datum values[MAXATTR]
Definition: bootstrap.c:164
#define elog
Definition: elog.h:219

◆ pgp_cfb_create()

int pgp_cfb_create ( PGP_CFB **  ctx_p,
int  algo,
const uint8 key,
int  key_len,
int  recync,
uint8 iv 
)

Definition at line 52 of file pgp-cfb.c.

References PGP_CFB::block_size, PGP_CFB::ciph, PGP_CFB::fr, pgp_load_cipher(), px_alloc, px_cipher_block_size, px_cipher_free, px_cipher_init, and PGP_CFB::resync.

Referenced by decrypt_key(), encrypt_init(), parse_symenc_data(), parse_symenc_mdc_data(), process_secret_key(), and symencrypt_sesskey().

54 {
55  int res;
56  PX_Cipher *ciph;
57  PGP_CFB *ctx;
58 
59  res = pgp_load_cipher(algo, &ciph);
60  if (res < 0)
61  return res;
62 
63  res = px_cipher_init(ciph, key, key_len, NULL);
64  if (res < 0)
65  {
66  px_cipher_free(ciph);
67  return res;
68  }
69 
70  ctx = px_alloc(sizeof(*ctx));
71  memset(ctx, 0, sizeof(*ctx));
72  ctx->ciph = ciph;
73  ctx->block_size = px_cipher_block_size(ciph);
74  ctx->resync = resync;
75 
76  if (iv)
77  memcpy(ctx->fr, iv, ctx->block_size);
78 
79  *ctx_p = ctx;
80  return 0;
81 }
#define px_cipher_init(c, k, klen, iv)
Definition: px.h:224
int key_len
Definition: pgp.c:65
#define px_cipher_free(c)
Definition: px.h:229
PX_Cipher * ciph
Definition: pgp-cfb.c:41
uint8 fr[PGP_MAX_BLOCK]
Definition: pgp-cfb.c:46
int pgp_load_cipher(int code, PX_Cipher **res)
Definition: pgp.c:168
int resync
Definition: pgp-cfb.c:45
int block_size
Definition: pgp-cfb.c:42
#define px_cipher_block_size(c)
Definition: px.h:222
Definition: px.h:154
#define px_alloc(s)
Definition: px.h:44

◆ pgp_cfb_decrypt()

int pgp_cfb_decrypt ( PGP_CFB ctx,
const uint8 data,
int  len,
uint8 dst 
)

Definition at line 259 of file pgp-cfb.c.

References cfb_process(), mix, mix_decrypt_normal(), mix_decrypt_resync(), and PGP_CFB::resync.

Referenced by decrypt_key(), and decrypt_read().

260 {
262 
263  return cfb_process(ctx, data, len, dst, mix);
264 }
static int cfb_process(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst, mix_data_t mix_data)
Definition: pgp-cfb.c:198
static int mix_decrypt_normal(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:106
int resync
Definition: pgp-cfb.c:45
#define mix(a, b, c)
Definition: hashfunc.c:364
static int mix_decrypt_resync(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:158
int(* mix_data_t)(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:37

◆ pgp_cfb_encrypt()

int pgp_cfb_encrypt ( PGP_CFB ctx,
const uint8 data,
int  len,
uint8 dst 
)

Definition at line 251 of file pgp-cfb.c.

References cfb_process(), mix, mix_encrypt_normal(), mix_encrypt_resync(), and PGP_CFB::resync.

Referenced by encrypt_process(), and symencrypt_sesskey().

252 {
254 
255  return cfb_process(ctx, data, len, dst, mix);
256 }
static int cfb_process(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst, mix_data_t mix_data)
Definition: pgp-cfb.c:198
int resync
Definition: pgp-cfb.c:45
static int mix_encrypt_normal(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:95
#define mix(a, b, c)
Definition: hashfunc.c:364
static int mix_encrypt_resync(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:126
int(* mix_data_t)(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:37

◆ pgp_cfb_free()

void pgp_cfb_free ( PGP_CFB ctx)

Definition at line 84 of file pgp-cfb.c.

References PGP_CFB::ciph, px_cipher_free, px_free, and px_memset().

Referenced by decrypt_key(), encrypt_free(), parse_symenc_data(), parse_symenc_mdc_data(), process_secret_key(), and symencrypt_sesskey().

85 {
86  px_cipher_free(ctx->ciph);
87  px_memset(ctx, 0, sizeof(*ctx));
88  px_free(ctx);
89 }
#define px_free(p)
Definition: px.h:46
#define px_cipher_free(c)
Definition: px.h:229
PX_Cipher * ciph
Definition: pgp-cfb.c:41
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:134

◆ pgp_compress_filter()

int pgp_compress_filter ( PushFilter **  res,
PGP_Context ctx,
PushFilter dst 
)

Definition at line 317 of file pgp-compress.c.

References PXE_PGP_UNSUPPORTED_COMPR.

Referenced by init_compress().

318 {
320 }
#define PXE_PGP_UNSUPPORTED_COMPR
Definition: px.h:83

◆ pgp_create_pkt_reader()

int pgp_create_pkt_reader ( PullFilter **  pf_p,
PullFilter src,
int  len,
int  pkttype,
PGP_Context ctx 
)

Definition at line 223 of file pgp-decrypt.c.

References PktData::len, pullf_create(), px_alloc, px_free, and PktData::type.

Referenced by internal_read_key(), pgp_decrypt(), pgp_get_keyid(), and process_data_packets().

225 {
226  int res;
227  struct PktData *pkt = px_alloc(sizeof(*pkt));
228 
229  pkt->type = pkttype;
230  pkt->len = len;
231  res = pullf_create(pf_p, &pktreader_filter, pkt, src);
232  if (res < 0)
233  px_free(pkt);
234  return res;
235 }
int pullf_create(PullFilter **pf_p, const PullFilterOps *op, void *init_arg, PullFilter *src)
Definition: mbuf.c:206
#define px_free(p)
Definition: px.h:46
int type
Definition: pgp-decrypt.c:170
#define px_alloc(s)
Definition: px.h:44
static struct PullFilterOps pktreader_filter
Definition: pgp-decrypt.c:217

◆ pgp_create_pkt_writer()

int pgp_create_pkt_writer ( PushFilter dst,
int  tag,
PushFilter **  res_p 
)

Definition at line 315 of file pgp-encrypt.c.

References pushf_create(), and write_tag_only().

Referenced by pgp_write_pubenc_sesskey().

316 {
317  int res;
318 
319  res = write_tag_only(dst, tag);
320  if (res < 0)
321  return res;
322 
323  return pushf_create(res_p, &pkt_stream_filter, NULL, dst);
324 }
static int write_tag_only(PushFilter *dst, int tag)
Definition: pgp-encrypt.c:71
static const PushFilterOps pkt_stream_filter
Definition: pgp-encrypt.c:310
int pushf_create(PushFilter **mp_p, const PushFilterOps *op, void *init_arg, PushFilter *next)
Definition: mbuf.c:373

◆ pgp_decompress_filter()

int pgp_decompress_filter ( PullFilter **  res,
PGP_Context ctx,
PullFilter src 
)

Definition at line 323 of file pgp-compress.c.

References PXE_PGP_UNSUPPORTED_COMPR.

Referenced by parse_compressed_data().

324 {
326 }
#define PXE_PGP_UNSUPPORTED_COMPR
Definition: px.h:83

◆ pgp_decrypt()

int pgp_decrypt ( PGP_Context ctx,
MBuf src,
MBuf dst 
)

Definition at line 1090 of file pgp-decrypt.c.

References PGP_Context::corrupt_prefix, PGP_Context::disable_mdc, PktData::len, NO_CTX_SIZE, parse_symenc_data(), parse_symenc_mdc_data(), parse_symenc_sesskey(), pgp_create_pkt_reader(), pgp_parse_pkt_hdr(), pgp_parse_pubenc_sesskey(), PGP_PKT_MARKER, PGP_PKT_PUBENCRYPTED_SESSKEY, PGP_PKT_SYMENCRYPTED_DATA, PGP_PKT_SYMENCRYPTED_DATA_MDC, PGP_PKT_SYMENCRYPTED_SESSKEY, pgp_skip_packet(), pullf_create_mbuf_reader(), pullf_free(), px_debug(), PXE_PGP_CORRUPT_DATA, PXE_PGP_NOT_TEXT, PXE_PGP_UNSUPPORTED_COMPR, PGP_Context::unexpected_binary, and PGP_Context::unsupported_compr.

Referenced by decrypt_internal().

1091 {
1092  int res;
1093  PullFilter *src = NULL;
1094  PullFilter *pkt = NULL;
1095  uint8 tag;
1096  int len;
1097  int got_key = 0;
1098  int got_data = 0;
1099 
1100  res = pullf_create_mbuf_reader(&src, msrc);
1101 
1102  while (res >= 0)
1103  {
1104  res = pgp_parse_pkt_hdr(src, &tag, &len, NO_CTX_SIZE);
1105  if (res <= 0)
1106  break;
1107 
1108  res = pgp_create_pkt_reader(&pkt, src, len, res, ctx);
1109  if (res < 0)
1110  break;
1111 
1112  res = PXE_PGP_CORRUPT_DATA;
1113  switch (tag)
1114  {
1115  case PGP_PKT_MARKER:
1116  res = pgp_skip_packet(pkt);
1117  break;
1119  /* fixme: skip those */
1120  res = pgp_parse_pubenc_sesskey(ctx, pkt);
1121  got_key = 1;
1122  break;
1124  if (got_key)
1125 
1126  /*
1127  * Theoretically, there could be several keys, both public
1128  * and symmetric, all of which encrypt same session key.
1129  * Decrypt should try with each one, before failing.
1130  */
1131  px_debug("pgp_decrypt: using first of several keys");
1132  else
1133  {
1134  got_key = 1;
1135  res = parse_symenc_sesskey(ctx, pkt);
1136  }
1137  break;
1139  if (!got_key)
1140  px_debug("pgp_decrypt: have data but no key");
1141  else if (got_data)
1142  px_debug("pgp_decrypt: got second data packet");
1143  else
1144  {
1145  got_data = 1;
1146  ctx->disable_mdc = 1;
1147  res = parse_symenc_data(ctx, pkt, mdst);
1148  }
1149  break;
1151  if (!got_key)
1152  px_debug("pgp_decrypt: have data but no key");
1153  else if (got_data)
1154  px_debug("pgp_decrypt: several data pkts not supported");
1155  else
1156  {
1157  got_data = 1;
1158  ctx->disable_mdc = 0;
1159  res = parse_symenc_mdc_data(ctx, pkt, mdst);
1160  }
1161  break;
1162  default:
1163  px_debug("pgp_decrypt: unknown tag: 0x%02x", tag);
1164  }
1165  pullf_free(pkt);
1166  pkt = NULL;
1167  }
1168 
1169  if (pkt)
1170  pullf_free(pkt);
1171 
1172  if (src)
1173  pullf_free(src);
1174 
1175  if (res < 0)
1176  return res;
1177 
1178  /*
1179  * Report a failure of the prefix_init() "quick check" now, rather than
1180  * upon detection, to hinder timing attacks. pgcrypto is not generally
1181  * secure against timing attacks, but this helps.
1182  */
1183  if (!got_data || ctx->corrupt_prefix)
1184  return PXE_PGP_CORRUPT_DATA;
1185 
1186  /*
1187  * Code interpreting purportedly-decrypted data prior to this stage shall
1188  * report no error other than PXE_PGP_CORRUPT_DATA. (PXE_BUG is okay so
1189  * long as it remains unreachable.) This ensures that an attacker able to
1190  * choose a ciphertext and receive a corresponding decryption error
1191  * message cannot use that oracle to gather clues about the decryption
1192  * key. See "An Attack on CFB Mode Encryption As Used By OpenPGP" by
1193  * Serge Mister and Robert Zuccherato.
1194  *
1195  * A problematic value in the first octet of a Literal Data or Compressed
1196  * Data packet may indicate a simple user error, such as the need to call
1197  * pgp_sym_decrypt_bytea instead of pgp_sym_decrypt. Occasionally,
1198  * though, it is the first symptom of the encryption key not matching the
1199  * decryption key. When this was the only problem encountered, report a
1200  * specific error to guide the user; otherwise, we will have reported
1201  * PXE_PGP_CORRUPT_DATA before now. A key mismatch makes the other errors
1202  * into red herrings, and this avoids leaking clues to attackers.
1203  */
1204  if (ctx->unsupported_compr)
1206  if (ctx->unexpected_binary)
1207  return PXE_PGP_NOT_TEXT;
1208 
1209  return res;
1210 }
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:81
void pullf_free(PullFilter *pf)
Definition: mbuf.c:245
int unexpected_binary
Definition: pgp.h:159
int pgp_parse_pkt_hdr(PullFilter *src, uint8 *tag, int *len_p, int allow_ctx)
Definition: pgp-decrypt.c:129
unsigned char uint8
Definition: c.h:304
static int parse_symenc_mdc_data(PGP_Context *ctx, PullFilter *pkt, MBuf *dst)
Definition: pgp-decrypt.c:1009
int pullf_create_mbuf_reader(PullFilter **mp_p, MBuf *src)
Definition: mbuf.c:352
int pgp_skip_packet(PullFilter *pkt)
Definition: pgp-decrypt.c:1061
int unsupported_compr
Definition: pgp.h:158
int pgp_parse_pubenc_sesskey(PGP_Context *ctx, PullFilter *pkt)
Definition: pgp-pubdec.c:150
int disable_mdc
Definition: pgp.h:147
#define NO_CTX_SIZE
Definition: pgp-decrypt.c:38
#define PXE_PGP_UNSUPPORTED_COMPR
Definition: px.h:83
int pgp_create_pkt_reader(PullFilter **pf_p, PullFilter *src, int len, int pkttype, PGP_Context *ctx)
Definition: pgp-decrypt.c:223
#define PXE_PGP_NOT_TEXT
Definition: px.h:87
int corrupt_prefix
Definition: pgp.h:157
static int parse_symenc_sesskey(PGP_Context *ctx, PullFilter *src)
Definition: pgp-decrypt.c:624
void px_debug(const char *fmt,...)
Definition: px.c:160
static int parse_symenc_data(PGP_Context *ctx, PullFilter *pkt, MBuf *dst)
Definition: pgp-decrypt.c:975

◆ pgp_disable_mdc()

int pgp_disable_mdc ( PGP_Context ctx,
int  disable 
)

Definition at line 235 of file pgp.c.

References PGP_Context::disable_mdc.

Referenced by set_arg().

236 {
237  ctx->disable_mdc = disable ? 1 : 0;
238  return 0;
239 }
int disable_mdc
Definition: pgp.h:147

◆ pgp_elgamal_decrypt()

int pgp_elgamal_decrypt ( PGP_PubKey pk,
PGP_MPI c1,
PGP_MPI c2,
PGP_MPI **  m 
)

Definition at line 218 of file pgp-mpi-internal.c.

References bn_to_mpi(), PGP_PubKey::elg, mp_clear_free(), mp_int_exptmod(), mp_int_invmod(), mp_modmul(), mp_new(), mpi_to_bn(), PGP_PubKey::pub, PXE_PGP_MATH_FAILED, and PGP_PubKey::sec.

Referenced by decrypt_elgamal().

220 {
221  int res = PXE_PGP_MATH_FAILED;
222  mpz_t *c1 = mpi_to_bn(_c1);
223  mpz_t *c2 = mpi_to_bn(_c2);
224  mpz_t *p = mpi_to_bn(pk->pub.elg.p);
225  mpz_t *x = mpi_to_bn(pk->sec.elg.x);
226  mpz_t *c1x = mp_new();
227  mpz_t *div = mp_new();
228  mpz_t *m = mp_new();
229 
230  if (!c1 || !c2 || !p || !x || !c1x || !div || !m)
231  goto err;
232 
233  /*
234  * m = c2 / (c1^x)
235  */
236  mp_int_exptmod(c1, x, p, c1x);
237  mp_int_invmod(c1x, p, div);
238  mp_modmul(c2, div, p, m);
239 
240  /* result */
241  *msg_p = bn_to_mpi(m);
242  if (*msg_p)
243  res = 0;
244 err:
245  mp_clear_free(m);
246  mp_clear_free(div);
247  mp_clear_free(c1x);
248  mp_clear_free(x);
249  mp_clear_free(p);
250  mp_clear_free(c2);
251  mp_clear_free(c1);
252  return res;
253 }
mp_result mp_int_invmod(mp_int a, mp_int m, mp_int c)
Definition: imath.c:1481
struct PGP_PubKey::@5::@7 elg
static mpz_t * mpi_to_bn(PGP_MPI *n)
static mpz_t * mp_new()
mp_result mp_int_exptmod(mp_int a, mp_int b, mp_int m, mp_int c)
Definition: imath.c:1336
static PGP_MPI * bn_to_mpi(mpz_t *bn)
union PGP_PubKey::@6 sec
static void mp_modmul(mpz_t *a, mpz_t *b, mpz_t *p, mpz_t *res)
union PGP_PubKey::@5 pub
#define PXE_PGP_MATH_FAILED
Definition: px.h:90
Definition: imath.h:57
static void mp_clear_free(mpz_t *a)

◆ pgp_elgamal_encrypt()

int pgp_elgamal_encrypt ( PGP_PubKey pk,
PGP_MPI m,
PGP_MPI **  c1,
PGP_MPI **  c2 
)

Definition at line 168 of file pgp-mpi-internal.c.

References bn_to_mpi(), decide_k_bits(), PGP_PubKey::elg, mp_clear_free(), mp_int_count_bits(), mp_int_exptmod(), mp_modmul(), mp_new(), mp_px_rand(), mpi_to_bn(), PGP_PubKey::pub, and PXE_PGP_MATH_FAILED.

Referenced by encrypt_and_write_elgamal().

170 {
171  int res = PXE_PGP_MATH_FAILED;
172  int k_bits;
173  mpz_t *m = mpi_to_bn(_m);
174  mpz_t *p = mpi_to_bn(pk->pub.elg.p);
175  mpz_t *g = mpi_to_bn(pk->pub.elg.g);
176  mpz_t *y = mpi_to_bn(pk->pub.elg.y);
177  mpz_t *k = mp_new();
178  mpz_t *yk = mp_new();
179  mpz_t *c1 = mp_new();
180  mpz_t *c2 = mp_new();
181 
182  if (!m || !p || !g || !y || !k || !yk || !c1 || !c2)
183  goto err;
184 
185  /*
186  * generate k
187  */
188  k_bits = decide_k_bits(mp_int_count_bits(p));
189  res = mp_px_rand(k_bits, k);
190  if (res < 0)
191  return res;
192 
193  /*
194  * c1 = g^k c2 = m * y^k
195  */
196  mp_int_exptmod(g, k, p, c1);
197  mp_int_exptmod(y, k, p, yk);
198  mp_modmul(m, yk, p, c2);
199 
200  /* result */
201  *c1_p = bn_to_mpi(c1);
202  *c2_p = bn_to_mpi(c2);
203  if (*c1_p && *c2_p)
204  res = 0;
205 err:
206  mp_clear_free(c2);
207  mp_clear_free(c1);
208  mp_clear_free(yk);
209  mp_clear_free(k);
210  mp_clear_free(y);
211  mp_clear_free(g);
212  mp_clear_free(p);
213  mp_clear_free(m);
214  return res;
215 }
struct PGP_PubKey::@5::@7 elg
mp_result mp_int_count_bits(mp_int z)
Definition: imath.c:2073
static mpz_t * mpi_to_bn(PGP_MPI *n)
static mpz_t * mp_new()
mp_result mp_int_exptmod(mp_int a, mp_int b, mp_int m, mp_int c)
Definition: imath.c:1336
static int decide_k_bits(int p_bits)
static PGP_MPI * bn_to_mpi(mpz_t *bn)
static int mp_px_rand(uint32 bits, mpz_t *res)
static void mp_modmul(mpz_t *a, mpz_t *b, mpz_t *p, mpz_t *res)
union PGP_PubKey::@5 pub
#define PXE_PGP_MATH_FAILED
Definition: px.h:90
Definition: imath.h:57
static void mp_clear_free(mpz_t *a)

◆ pgp_encrypt()

int pgp_encrypt ( PGP_Context ctx,
MBuf src,
MBuf dst 
)

Definition at line 611 of file pgp-encrypt.c.

References EncStat::buf, PGP_Context::compress_algo, PGP_Context::compress_level, PGP_Context::convert_crlf, PGP_Context::disable_mdc, init_compress(), init_encdata_packet(), init_litdata_packet(), init_s2k_key(), init_sess_key(), mbuf_avail(), mbuf_grab(), pgp_write_pubenc_sesskey(), PGP_Context::pub_key, pushf_create(), pushf_create_mbuf_writer(), pushf_flush(), pushf_free_all(), pushf_write(), PXE_ARGUMENT_ERROR, PGP_Context::sym_key, PGP_Context::text_mode, write_prefix(), and write_symenc_sesskey().

Referenced by encrypt_internal().

612 {
613  int res;
614  int len;
615  uint8 *buf;
616  PushFilter *pf,
617  *pf_tmp;
618 
619  /*
620  * do we have any key
621  */
622  if (!ctx->sym_key && !ctx->pub_key)
623  return PXE_ARGUMENT_ERROR;
624 
625  /* MBuf writer */
626  res = pushf_create_mbuf_writer(&pf, dst);
627  if (res < 0)
628  goto out;
629 
630  /*
631  * initialize symkey
632  */
633  if (ctx->sym_key)
634  {
635  res = init_s2k_key(ctx);
636  if (res < 0)
637  goto out;
638  }
639 
640  res = init_sess_key(ctx);
641  if (res < 0)
642  goto out;
643 
644  /*
645  * write keypkt
646  */
647  if (ctx->pub_key)
648  res = pgp_write_pubenc_sesskey(ctx, pf);
649  else
650  res = write_symenc_sesskey(ctx, pf);
651  if (res < 0)
652  goto out;
653 
654  /* encrypted data pkt */
655  res = init_encdata_packet(&pf_tmp, ctx, pf);
656  if (res < 0)
657  goto out;
658  pf = pf_tmp;
659 
660  /* encrypter */
661  res = pushf_create(&pf_tmp, &encrypt_filter, ctx, pf);
662  if (res < 0)
663  goto out;
664  pf = pf_tmp;
665 
666  /* hasher */
667  if (ctx->disable_mdc == 0)
668  {
669  res = pushf_create(&pf_tmp, &mdc_filter, ctx, pf);
670  if (res < 0)
671  goto out;
672  pf = pf_tmp;
673  }
674 
675  /* prefix */
676  res = write_prefix(ctx, pf);
677  if (res < 0)
678  goto out;
679 
680  /* compressor */
681  if (ctx->compress_algo > 0 && ctx->compress_level > 0)
682  {
683  res = init_compress(&pf_tmp, ctx, pf);
684  if (res < 0)
685  goto out;
686  pf = pf_tmp;
687  }
688 
689  /* data streamer */
690  res = init_litdata_packet(&pf_tmp, ctx, pf);
691  if (res < 0)
692  goto out;
693  pf = pf_tmp;
694 
695 
696  /* text conversion? */
697  if (ctx->text_mode && ctx->convert_crlf)
698  {
699  res = pushf_create(&pf_tmp, &crlf_filter, ctx, pf);
700  if (res < 0)
701  goto out;
702  pf = pf_tmp;
703  }
704 
705  /*
706  * chain complete
707  */
708 
709  len = mbuf_grab(src, mbuf_avail(src), &buf);
710  res = pushf_write(pf, buf, len);
711  if (res >= 0)
712  res = pushf_flush(pf);
713 out:
714  pushf_free_all(pf);
715  return res;
716 }
int pushf_create_mbuf_writer(PushFilter **res, MBuf *dst)
Definition: mbuf.c:561
#define PXE_ARGUMENT_ERROR
Definition: px.h:74
static int init_s2k_key(PGP_Context *ctx)
Definition: pgp-encrypt.c:570
static const PushFilterOps encrypt_filter
Definition: pgp-encrypt.c:228
int pushf_flush(PushFilter *mp)
Definition: mbuf.c:516
static const PushFilterOps mdc_filter
Definition: pgp-encrypt.c:145
int pgp_write_pubenc_sesskey(PGP_Context *ctx, PushFilter *dst)
Definition: pgp-pubenc.c:195
const uint8 * sym_key
Definition: pgp.h:165
unsigned char uint8
Definition: c.h:304
int compress_level
Definition: pgp.h:146
static int init_encdata_packet(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
Definition: pgp-encrypt.c:461
int disable_mdc
Definition: pgp.h:147
int mbuf_grab(MBuf *mbuf, int len, uint8 **data_p)
Definition: mbuf.c:157
static char * buf
Definition: pg_test_fsync.c:67
int compress_algo
Definition: pgp.h:145
void pushf_free_all(PushFilter *mp)
Definition: mbuf.c:428
int mbuf_avail(MBuf *mbuf)
Definition: mbuf.c:50
int pushf_create(PushFilter **mp_p, const PushFilterOps *op, void *init_arg, PushFilter *next)
Definition: mbuf.c:373
static int init_litdata_packet(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
Definition: pgp-encrypt.c:378
static int init_compress(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
Definition: pgp-encrypt.c:433
static int init_sess_key(PGP_Context *ctx)
Definition: pgp-encrypt.c:586
int convert_crlf
Definition: pgp.h:150
static int write_symenc_sesskey(PGP_Context *ctx, PushFilter *dst)
Definition: pgp-encrypt.c:529
PGP_PubKey * pub_key
Definition: pgp.h:164
int pushf_write(PushFilter *mp, const uint8 *data, int len)
Definition: mbuf.c:456
int text_mode
Definition: pgp.h:149
static int write_prefix(PGP_Context *ctx, PushFilter *dst)
Definition: pgp-encrypt.c:482
static const PushFilterOps crlf_filter
Definition: pgp-encrypt.c:370

◆ pgp_expect_packet_end()

int pgp_expect_packet_end ( PullFilter pkt)

Definition at line 1075 of file pgp-decrypt.c.

References pullf_read(), px_debug(), and PXE_PGP_CORRUPT_DATA.

Referenced by pgp_parse_pubenc_sesskey(), and process_secret_key().

1076 {
1077  int res;
1078  uint8 *tmp;
1079 
1080  res = pullf_read(pkt, 32 * 1024, &tmp);
1081  if (res > 0)
1082  {
1083  px_debug("pgp_expect_packet_end: got data");
1084  return PXE_PGP_CORRUPT_DATA;
1085  }
1086  return res;
1087 }
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:81
int pullf_read(PullFilter *pf, int len, uint8 **data_p)
Definition: mbuf.c:262
unsigned char uint8
Definition: c.h:304
void px_debug(const char *fmt,...)
Definition: px.c:160

◆ pgp_extract_armor_headers()

int pgp_extract_armor_headers ( const uint8 src,
unsigned  len,
int *  nheaders,
char ***  keys,
char ***  values 
)

Definition at line 390 of file pgp-armor.c.

References buf, elog, ERROR, find_header(), palloc(), and PXE_PGP_CORRUPT_ARMOR.

Referenced by pgp_armor_headers().

392 {
393  const uint8 *data_end = src + len;
394  const uint8 *p;
395  const uint8 *base64_start;
396  const uint8 *armor_start;
397  const uint8 *armor_end;
398  Size armor_len;
399  char *line;
400  char *nextline;
401  char *eol,
402  *colon;
403  int hlen;
404  char *buf;
405  int hdrlines;
406  int n;
407 
408  /* armor start */
409  hlen = find_header(src, data_end, &armor_start, 0);
410  if (hlen <= 0)
411  return PXE_PGP_CORRUPT_ARMOR;
412  armor_start += hlen;
413 
414  /* armor end */
415  hlen = find_header(armor_start, data_end, &armor_end, 1);
416  if (hlen <= 0)
417  return PXE_PGP_CORRUPT_ARMOR;
418 
419  /* Count the number of armor header lines. */
420  hdrlines = 0;
421  p = armor_start;
422  while (p < armor_end && *p != '\n' && *p != '\r')
423  {
424  p = memchr(p, '\n', armor_end - p);
425  if (!p)
426  return PXE_PGP_CORRUPT_ARMOR;
427 
428  /* step to start of next line */
429  p++;
430  hdrlines++;
431  }
432  base64_start = p;
433 
434  /*
435  * Make a modifiable copy of the part of the input that contains the
436  * headers. The returned key/value pointers will point inside the buffer.
437  */
438  armor_len = base64_start - armor_start;
439  buf = palloc(armor_len + 1);
440  memcpy(buf, armor_start, armor_len);
441  buf[armor_len] = '\0';
442 
443  /* Allocate return arrays */
444  *keys = (char **) palloc(hdrlines * sizeof(char *));
445  *values = (char **) palloc(hdrlines * sizeof(char *));
446 
447  /*
448  * Split the header lines at newlines and ": " separators, and collect
449  * pointers to the keys and values in the return arrays.
450  */
451  n = 0;
452  line = buf;
453  for (;;)
454  {
455  /* find end of line */
456  eol = strchr(line, '\n');
457  if (!eol)
458  break;
459  nextline = eol + 1;
460  /* if the line ends in CR + LF, strip the CR */
461  if (eol > line && *(eol - 1) == '\r')
462  eol--;
463  *eol = '\0';
464 
465  /* find colon+space separating the key and value */
466  colon = strstr(line, ": ");
467  if (!colon)
468  return PXE_PGP_CORRUPT_ARMOR;
469  *colon = '\0';
470 
471  /* shouldn't happen, we counted the number of lines beforehand */
472  if (n >= hdrlines)
473  elog(ERROR, "unexpected number of armor header lines");
474 
475  (*keys)[n] = line;
476  (*values)[n] = colon + 2;
477  n++;
478 
479  /* step to start of next line */
480  line = nextline;
481  }
482 
483  if (n != hdrlines)
484  elog(ERROR, "unexpected number of armor header lines");
485 
486  *nheaders = n;
487  return 0;
488 }
unsigned char uint8
Definition: c.h:304
#define ERROR
Definition: elog.h:43
static char * buf
Definition: pg_test_fsync.c:67
static int find_header(const uint8 *data, const uint8 *datend, const uint8 **start_p, int is_end)
Definition: pgp-armor.c:266
#define PXE_PGP_CORRUPT_ARMOR
Definition: px.h:82
size_t Size
Definition: c.h:414
static Datum values[MAXATTR]
Definition: bootstrap.c:164
void * palloc(Size size)
Definition: mcxt.c:835
#define elog
Definition: elog.h:219

◆ pgp_free()

int pgp_free ( PGP_Context ctx)

Definition at line 225 of file pgp.c.

References pgp_key_free(), PGP_Context::pub_key, px_free, and px_memset().

Referenced by decrypt_internal(), and encrypt_internal().

226 {
227  if (ctx->pub_key)
228  pgp_key_free(ctx->pub_key);
229  px_memset(ctx, 0, sizeof *ctx);
230  px_free(ctx);
231  return 0;
232 }
#define px_free(p)
Definition: px.h:46
void pgp_key_free(PGP_PubKey *pk)
Definition: pgp-pubkey.c:49
PGP_PubKey * pub_key
Definition: pgp.h:164
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:134

◆ pgp_get_cipher_block_size()

int pgp_get_cipher_block_size ( int  c)

Definition at line 158 of file pgp.c.

References cipher_info::block_len, get_cipher_info(), and i.

Referenced by prefix_init(), process_secret_key(), and write_prefix().

159 {
160  const struct cipher_info *i = get_cipher_info(code);
161 
162  if (i != NULL)
163  return i->block_len;
164  return 0;
165 }
static const struct cipher_info * get_cipher_info(int code)
Definition: pgp.c:94
int block_len
Definition: pgp.c:66
int i
int code
Definition: pgp.c:63

◆ pgp_get_cipher_code()

int pgp_get_cipher_code ( const char *  name)

Definition at line 116 of file pgp.c.

References cipher_info::code, i, cipher_info::name, pg_strcasecmp(), and PXE_PGP_UNSUPPORTED_CIPHER.

Referenced by pgp_set_cipher_algo(), pgp_set_s2k_cipher_algo(), and set_arg().

117 {
118  const struct cipher_info *i;
119 
120  for (i = cipher_list; i->name; i++)
121  if (pg_strcasecmp(i->name, name) == 0)
122  return i->code;
124 }
#define PXE_PGP_UNSUPPORTED_CIPHER
Definition: px.h:84
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
const char * name
Definition: pgp.c:62
const char * name
Definition: encode.c:521
int i
static const struct cipher_info cipher_list[]
Definition: pgp.c:80
int code
Definition: pgp.c:63

◆ pgp_get_cipher_key_size()

int pgp_get_cipher_key_size ( int  c)

Definition at line 148 of file pgp.c.

References get_cipher_info(), i, and cipher_info::key_len.

Referenced by decrypt_key(), init_sess_key(), and pgp_s2k_process().

149 {
150  const struct cipher_info *i = get_cipher_info(code);
151 
152  if (i != NULL)
153  return i->key_len;
154  return 0;
155 }
int key_len
Definition: pgp.c:65
static const struct cipher_info * get_cipher_info(int code)
Definition: pgp.c:94
int i
int code
Definition: pgp.c:63

◆ pgp_get_cipher_name()

const char* pgp_get_cipher_name ( int  code)

Definition at line 138 of file pgp.c.

References get_cipher_info(), i, and cipher_info::name.

139 {
140  const struct cipher_info *i = get_cipher_info(code);
141 
142  if (i != NULL)
143  return i->name;
144  return NULL;
145 }
const char * name
Definition: pgp.c:62
static const struct cipher_info * get_cipher_info(int code)
Definition: pgp.c:94
int i
int code
Definition: pgp.c:63

◆ pgp_get_digest_code()

int pgp_get_digest_code ( const char *  name)

Definition at line 105 of file pgp.c.

References digest_info::code, i, digest_info::name, pg_strcasecmp(), and PXE_PGP_UNSUPPORTED_HASH.

Referenced by pgp_set_s2k_digest_algo(), and set_arg().

106 {
107  const struct digest_info *i;
108 
109  for (i = digest_list; i->name; i++)
110  if (pg_strcasecmp(i->name, name) == 0)
111  return i->code;
113 }
#define PXE_PGP_UNSUPPORTED_HASH
Definition: px.h:85
const char * name
Definition: pgp.c:55
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
int code
Definition: pgp.c:56
const char * name
Definition: encode.c:521
int i
static const struct digest_info digest_list[]
Definition: pgp.c:69

◆ pgp_get_digest_name()

const char* pgp_get_digest_name ( int  code)

Definition at line 127 of file pgp.c.

References digest_info::code, i, and digest_info::name.

Referenced by pgp_load_digest().

128 {
129  const struct digest_info *i;
130 
131  for (i = digest_list; i->name; i++)
132  if (i->code == code)
133  return i->name;
134  return NULL;
135 }
const char * name
Definition: pgp.c:55
int code
Definition: pgp.c:56
int i
static const struct digest_info digest_list[]
Definition: pgp.c:69

◆ pgp_get_keyid()

int pgp_get_keyid ( MBuf pgp_data,
char *  dst 
)

Definition at line 112 of file pgp-info.c.

References any_key, pgp_create_pkt_reader(), pgp_parse_pkt_hdr(), PGP_PKT_MARKER, PGP_PKT_PRIV_61, PGP_PKT_PUBENCRYPTED_SESSKEY, PGP_PKT_PUBLIC_KEY, PGP_PKT_PUBLIC_SUBKEY, PGP_PKT_SECRET_KEY, PGP_PKT_SECRET_SUBKEY, PGP_PKT_SIGNATURE, PGP_PKT_SYMENCRYPTED_DATA, PGP_PKT_SYMENCRYPTED_DATA_MDC, PGP_PKT_SYMENCRYPTED_SESSKEY, PGP_PKT_TRUST, PGP_PKT_USER_ATTR, PGP_PKT_USER_ID, pgp_skip_packet(), print_key(), pullf_create_mbuf_reader(), pullf_free(), PXE_PGP_CORRUPT_DATA, PXE_PGP_MULTIPLE_KEYS, PXE_PGP_NO_USABLE_KEY, read_pubenc_keyid(), and read_pubkey_keyid().

Referenced by pgp_key_id_w().

113 {
114  int res;
115  PullFilter *src;
116  PullFilter *pkt = NULL;
117  int len;
118  uint8 tag;
119  int got_pub_key = 0,
120  got_symenc_key = 0,
121  got_pubenc_key = 0;
122  int got_data = 0;
123  uint8 keyid_buf[8];
124  int got_main_key = 0;
125 
126 
127  res = pullf_create_mbuf_reader(&src, pgp_data);
128  if (res < 0)
129  return res;
130 
131  while (1)
132  {
133  res = pgp_parse_pkt_hdr(src, &tag, &len, 0);
134  if (res <= 0)
135  break;
136  res = pgp_create_pkt_reader(&pkt, src, len, res, NULL);
137  if (res < 0)
138  break;
139 
140  switch (tag)
141  {
142  case PGP_PKT_SECRET_KEY:
143  case PGP_PKT_PUBLIC_KEY:
144  /* main key is for signing, so ignore it */
145  if (!got_main_key)
146  {
147  got_main_key = 1;
148  res = pgp_skip_packet(pkt);
149  }
150  else
151  res = PXE_PGP_MULTIPLE_KEYS;
152  break;
155  res = read_pubkey_keyid(pkt, keyid_buf);
156  if (res < 0)
157  break;
158  if (res > 0)
159  got_pub_key++;
160  break;
162  got_pubenc_key++;
163  res = read_pubenc_keyid(pkt, keyid_buf);
164  break;
167  /* don't skip it, just stop */
168  got_data = 1;
169  break;
171  got_symenc_key++;
172  /* fallthru */
173  case PGP_PKT_SIGNATURE:
174  case PGP_PKT_MARKER:
175  case PGP_PKT_TRUST:
176  case PGP_PKT_USER_ID:
177  case PGP_PKT_USER_ATTR:
178  case PGP_PKT_PRIV_61:
179  res = pgp_skip_packet(pkt);
180  break;
181  default:
182  res = PXE_PGP_CORRUPT_DATA;
183  }
184 
185  if (pkt)
186  pullf_free(pkt);
187  pkt = NULL;
188 
189  if (res < 0 || got_data)
190  break;
191  }
192 
193  pullf_free(src);
194  if (pkt)
195  pullf_free(pkt);
196 
197  if (res < 0)
198  return res;
199 
200  /* now check sanity */
201  if (got_pub_key && got_pubenc_key)
202  res = PXE_PGP_CORRUPT_DATA;
203 
204  if (got_pub_key > 1)
205  res = PXE_PGP_MULTIPLE_KEYS;
206 
207  if (got_pubenc_key > 1)
208  res = PXE_PGP_MULTIPLE_KEYS;
209 
210  /*
211  * if still ok, look what we got
212  */
213  if (res >= 0)
214  {
215  if (got_pubenc_key || got_pub_key)
216  {
217  if (memcmp(keyid_buf, any_key, 8) == 0)
218  {
219  memcpy(dst, "ANYKEY", 7);
220  res = 6;
221  }
222  else
223  res = print_key(keyid_buf, dst);
224  }
225  else if (got_symenc_key)
226  {
227  memcpy(dst, "SYMKEY", 7);
228  res = 6;
229  }
230  else
231  res = PXE_PGP_NO_USABLE_KEY;
232  }
233 
234  return res;
235 }
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:81
static int read_pubenc_keyid(PullFilter *pkt, uint8 *keyid_buf)
Definition: pgp-info.c:71
void pullf_free(PullFilter *pf)
Definition: mbuf.c:245
int pgp_parse_pkt_hdr(PullFilter *src, uint8 *tag, int *len_p, int allow_ctx)
Definition: pgp-decrypt.c:129
unsigned char uint8
Definition: c.h:304
int pullf_create_mbuf_reader(PullFilter **mp_p, MBuf *src)
Definition: mbuf.c:352
static int print_key(uint8 *keyid, char *dst)
Definition: pgp-info.c:90
int pgp_skip_packet(PullFilter *pkt)
Definition: pgp-decrypt.c:1061
#define PXE_PGP_NO_USABLE_KEY
Definition: px.h:100
static int read_pubkey_keyid(PullFilter *pkt, uint8 *keyid_buf)
Definition: pgp-info.c:38
int pgp_create_pkt_reader(PullFilter **pf_p, PullFilter *src, int len, int pkttype, PGP_Context *ctx)
Definition: pgp-decrypt.c:223
#define PXE_PGP_MULTIPLE_KEYS
Definition: px.h:95
static const uint8 any_key[]
Definition: pgp-info.c:105

◆ pgp_get_unicode_mode()

int pgp_get_unicode_mode ( PGP_Context ctx)

Definition at line 352 of file pgp.c.

References PGP_Context::unicode_mode.

Referenced by decrypt_internal(), and encrypt_internal().

353 {
354  return ctx->unicode_mode;
355 }
int unicode_mode
Definition: pgp.h:151

◆ pgp_init()

int pgp_init ( PGP_Context **  ctx)

Definition at line 200 of file pgp.c.

References PGP_Context::cipher_algo, PGP_Context::compress_algo, PGP_Context::compress_level, PGP_Context::convert_crlf, def_cipher_algo, def_compress_algo, def_compress_level, def_convert_crlf, def_disable_mdc, def_s2k_cipher_algo, def_s2k_count, def_s2k_digest_algo, def_s2k_mode, def_text_mode, def_unicode_mode, def_use_sess_key, PGP_Context::disable_mdc, px_alloc, PGP_Context::s2k_cipher_algo, PGP_Context::s2k_count, PGP_Context::s2k_digest_algo, PGP_Context::s2k_mode, PGP_Context::text_mode, PGP_Context::unicode_mode, and PGP_Context::use_sess_key.

Referenced by init_work().

201 {
202  PGP_Context *ctx;
203 
204  ctx = px_alloc(sizeof *ctx);
205  memset(ctx, 0, sizeof *ctx);
206 
209  ctx->s2k_mode = def_s2k_mode;
210  ctx->s2k_count = def_s2k_count;
218  ctx->text_mode = def_text_mode;
219 
220  *ctx_p = ctx;
221  return 0;
222 }
static int def_convert_crlf
Definition: pgp.c:51
int cipher_algo
Definition: pgp.h:144
static int def_use_sess_key
Definition: pgp.c:48
static int def_s2k_mode
Definition: pgp.c:42
int unicode_mode
Definition: pgp.h:151
static int def_s2k_count
Definition: pgp.c:43
int compress_level
Definition: pgp.h:146
static int def_compress_algo
Definition: pgp.c:45
static int def_compress_level
Definition: pgp.c:46
int disable_mdc
Definition: pgp.h:147
int use_sess_key
Definition: pgp.h:148
static int def_text_mode
Definition: pgp.c:49
static int def_s2k_cipher_algo
Definition: pgp.c:41
static int def_unicode_mode
Definition: pgp.c:50
int compress_algo
Definition: pgp.h:145
static int def_cipher_algo
Definition: pgp.c:40
int s2k_cipher_algo
Definition: pgp.h:143
int convert_crlf
Definition: pgp.h:150
#define px_alloc(s)
Definition: px.h:44
int s2k_mode
Definition: pgp.h:140
int s2k_digest_algo
Definition: pgp.h:142
static int def_disable_mdc
Definition: pgp.c:47
static int def_s2k_digest_algo
Definition: pgp.c:44
int text_mode
Definition: pgp.h:149
int s2k_count
Definition: pgp.h:141

◆ pgp_key_alloc()

int pgp_key_alloc ( PGP_PubKey **  pk_p)

Definition at line 38 of file pgp-pubkey.c.

References px_alloc.

Referenced by _pgp_read_public_key().

39 {
40  PGP_PubKey *pk;
41 
42  pk = px_alloc(sizeof(*pk));
43  memset(pk, 0, sizeof(*pk));
44  *pk_p = pk;
45  return 0;
46 }
#define px_alloc(s)
Definition: px.h:44

◆ pgp_key_free()

void pgp_key_free ( PGP_PubKey pk)

Definition at line 49 of file pgp-pubkey.c.

References PGP_PubKey::algo, PGP_PubKey::dsa, PGP_PubKey::elg, pgp_mpi_free(), PGP_PUB_DSA_SIGN, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_PUB_RSA_SIGN, PGP_PubKey::pub, px_free, px_memset(), PGP_PubKey::rsa, and PGP_PubKey::sec.

Referenced by _pgp_read_public_key(), internal_read_key(), pgp_free(), process_secret_key(), and read_pubkey_keyid().

50 {
51  if (pk == NULL)
52  return;
53 
54  switch (pk->algo)
55  {
57  pgp_mpi_free(pk->pub.elg.p);
58  pgp_mpi_free(pk->pub.elg.g);
59  pgp_mpi_free(pk->pub.elg.y);
60  pgp_mpi_free(pk->sec.elg.x);
61  break;
62  case PGP_PUB_RSA_SIGN:
65  pgp_mpi_free(pk->pub.rsa.n);
66  pgp_mpi_free(pk->pub.rsa.e);
67  pgp_mpi_free(pk->sec.rsa.d);
68  pgp_mpi_free(pk->sec.rsa.p);
69  pgp_mpi_free(pk->sec.rsa.q);
70  pgp_mpi_free(pk->sec.rsa.u);
71  break;
72  case PGP_PUB_DSA_SIGN:
73  pgp_mpi_free(pk->pub.dsa.p);
74  pgp_mpi_free(pk->pub.dsa.q);
75  pgp_mpi_free(pk->pub.dsa.g);
76  pgp_mpi_free(pk->pub.dsa.y);
77  pgp_mpi_free(pk->sec.dsa.x);
78  break;
79  }
80  px_memset(pk, 0, sizeof(*pk));
81  px_free(pk);
82 }
struct PGP_PubKey::@5::@7 elg
struct PGP_PubKey::@5::@9 dsa
#define px_free(p)
Definition: px.h:46
struct PGP_PubKey::@5::@8 rsa
int pgp_mpi_free(PGP_MPI *mpi)
Definition: pgp-mpi.c:70
union PGP_PubKey::@6 sec
union PGP_PubKey::@5 pub
uint8 algo
Definition: pgp.h:190
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:134

◆ pgp_load_cipher()

int pgp_load_cipher ( int  c,
PX_Cipher **  res 
)

Definition at line 168 of file pgp.c.

References get_cipher_info(), i, cipher_info::int_name, px_find_cipher(), PXE_PGP_CORRUPT_DATA, and PXE_PGP_UNSUPPORTED_CIPHER.

Referenced by pgp_cfb_create().

169 {
170  int err;
171  const struct cipher_info *i = get_cipher_info(code);
172 
173  if (i == NULL)
174  return PXE_PGP_CORRUPT_DATA;
175 
176  err = px_find_cipher(i->int_name, res);
177  if (err == 0)
178  return 0;
179 
181 }
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:81
#define PXE_PGP_UNSUPPORTED_CIPHER
Definition: px.h:84
static const struct cipher_info * get_cipher_info(int code)
Definition: pgp.c:94
const char * int_name
Definition: pgp.c:64
int i
int px_find_cipher(const char *name, PX_Cipher **res)
Definition: internal.c:597
int code
Definition: pgp.c:63

◆ pgp_load_digest()

int pgp_load_digest ( int  c,
PX_MD **  res 
)

Definition at line 184 of file pgp.c.

References digest_info::name, pgp_get_digest_name(), px_find_digest(), PXE_PGP_CORRUPT_DATA, and PXE_PGP_UNSUPPORTED_HASH.

Referenced by calc_key_id(), check_key_sha1(), mdc_init(), and pgp_s2k_process().

185 {
186  int err;
187  const char *name = pgp_get_digest_name(code);
188 
189  if (name == NULL)
190  return PXE_PGP_CORRUPT_DATA;
191 
192  err = px_find_digest(name, res);
193  if (err == 0)
194  return 0;
195 
197 }
#define PXE_PGP_UNSUPPORTED_HASH
Definition: px.h:85
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:81
const char * pgp_get_digest_name(int code)
Definition: pgp.c:127
const char * name
Definition: encode.c:521
int px_find_digest(const char *name, PX_MD **res)
Definition: internal.c:578
int code
Definition: pgp.c:63

◆ pgp_mpi_alloc()

int pgp_mpi_alloc ( int  bits,
PGP_MPI **  mpi 
)

Definition at line 37 of file pgp-mpi.c.

References PGP_MPI::bits, PGP_MPI::bytes, PGP_MPI::data, px_alloc, px_debug(), and PXE_PGP_CORRUPT_DATA.

Referenced by bn_to_mpi(), pgp_mpi_create(), and pgp_mpi_read().

38 {
39  PGP_MPI *n;
40  int len = (bits + 7) / 8;
41 
42  if (bits < 0 || bits > 0xFFFF)
43  {
44  px_debug("pgp_mpi_alloc: unreasonable request: bits=%d", bits);
45  return PXE_PGP_CORRUPT_DATA;
46  }
47  n = px_alloc(sizeof(*n) + len);
48  n->bits = bits;
49  n->bytes = len;
50  n->data = (uint8 *) (n) + sizeof(*n);
51  *mpi = n;
52  return 0;
53 }
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:81
uint8 * data
Definition: pgp.h:181
unsigned char uint8
Definition: c.h:304
int bytes
Definition: pgp.h:183
Definition: pgp.h:179
void px_debug(const char *fmt,...)
Definition: px.c:160
#define px_alloc(s)
Definition: px.h:44
int bits
Definition: pgp.h:182

◆ pgp_mpi_cksum()

unsigned pgp_mpi_cksum ( unsigned  cksum,
PGP_MPI n 
)

Definition at line 132 of file pgp-mpi.c.

References PGP_MPI::bits, PGP_MPI::bytes, PGP_MPI::data, and i.

Referenced by check_key_cksum().

133 {
134  int i;
135 
136  cksum += n->bits >> 8;
137  cksum += n->bits & 0xFF;
138  for (i = 0; i < n->bytes; i++)
139  cksum += n->data[i];
140 
141  return cksum & 0xFFFF;
142 }
uint8 * data
Definition: pgp.h:181
int bytes
Definition: pgp.h:183
int i
int bits
Definition: pgp.h:182

◆ pgp_mpi_create()

int pgp_mpi_create ( uint8 data,
int  bits,
PGP_MPI **  mpi 
)

Definition at line 56 of file pgp-mpi.c.

References PGP_MPI::bytes, PGP_MPI::data, and pgp_mpi_alloc().

Referenced by create_secmsg().

57 {
58  int res;
59  PGP_MPI *n;
60 
61  res = pgp_mpi_alloc(bits, &n);
62  if (res < 0)
63  return res;
64  memcpy(n->data, data, n->bytes);
65  *mpi = n;
66  return 0;
67 }
uint8 * data
Definition: pgp.h:181
int bytes
Definition: pgp.h:183
int pgp_mpi_alloc(int bits, PGP_MPI **mpi)
Definition: pgp-mpi.c:37
Definition: pgp.h:179

◆ pgp_mpi_free()

int pgp_mpi_free ( PGP_MPI mpi)

Definition at line 70 of file pgp-mpi.c.

References PGP_MPI::bytes, px_free, and px_memset().

Referenced by bn_to_mpi(), decrypt_elgamal(), decrypt_rsa(), encrypt_and_write_elgamal(), encrypt_and_write_rsa(), pgp_key_free(), pgp_mpi_read(), and pgp_parse_pubenc_sesskey().

71 {
72  if (mpi == NULL)
73  return 0;
74  px_memset(mpi, 0, sizeof(*mpi) + mpi->bytes);
75  px_free(mpi);
76  return 0;
77 }
#define px_free(p)
Definition: px.h:46
int bytes
Definition: pgp.h:183
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:134

◆ pgp_mpi_hash()

int pgp_mpi_hash ( PX_MD md,
PGP_MPI n 
)

Definition at line 119 of file pgp-mpi.c.

References PGP_MPI::bits, buf, PGP_MPI::bytes, PGP_MPI::data, and px_md_update.

Referenced by calc_key_id(), and check_key_sha1().

120 {
121  uint8 buf[2];
122 
123  buf[0] = n->bits >> 8;
124  buf[1] = n->bits & 0xFF;
125  px_md_update(md, buf, 2);
126  px_md_update(md, n->data, n->bytes);
127 
128  return 0;
129 }
uint8 * data
Definition: pgp.h:181
#define px_md_update(md, data, dlen)
Definition: px.h:208
unsigned char uint8
Definition: c.h:304
int bytes
Definition: pgp.h:183
static char * buf
Definition: pg_test_fsync.c:67
int bits
Definition: pgp.h:182

◆ pgp_mpi_read()

int pgp_mpi_read ( PullFilter src,
PGP_MPI **  mpi 
)

Definition at line 80 of file pgp-mpi.c.

References PGP_MPI::bytes, PGP_MPI::data, pgp_mpi_alloc(), pgp_mpi_free(), and pullf_read_fixed().

Referenced by _pgp_read_public_key(), decrypt_elgamal(), decrypt_rsa(), and process_secret_key().

81 {
82  int res;
83  uint8 hdr[2];
84  int bits;
85  PGP_MPI *n;
86 
87  res = pullf_read_fixed(src, 2, hdr);
88  if (res < 0)
89  return res;
90  bits = ((unsigned) hdr[0] << 8) + hdr[1];
91 
92  res = pgp_mpi_alloc(bits, &n);
93  if (res < 0)
94  return res;
95 
96  res = pullf_read_fixed(src, n->bytes, n->data);
97  if (res < 0)
98  pgp_mpi_free(n);
99  else
100  *mpi = n;
101  return res;
102 }
uint8 * data
Definition: pgp.h:181
int pullf_read_fixed(PullFilter *src, int len, uint8 *dst)
Definition: mbuf.c:317
unsigned char uint8
Definition: c.h:304
int bytes
Definition: pgp.h:183
int pgp_mpi_alloc(int bits, PGP_MPI **mpi)
Definition: pgp-mpi.c:37
Definition: pgp.h:179
int pgp_mpi_free(PGP_MPI *mpi)
Definition: pgp-mpi.c:70

◆ pgp_mpi_write()

int pgp_mpi_write ( PushFilter dst,
PGP_MPI n 
)

Definition at line 105 of file pgp-mpi.c.

References PGP_MPI::bits, buf, PGP_MPI::bytes, PGP_MPI::data, and pushf_write().

Referenced by encrypt_and_write_elgamal(), and encrypt_and_write_rsa().

106 {
107  int res;
108  uint8 buf[2];
109 
110  buf[0] = n->bits >> 8;
111  buf[1] = n->bits & 0xFF;
112  res = pushf_write(dst, buf, 2);
113  if (res >= 0)
114  res = pushf_write(dst, n->data, n->bytes);
115  return res;
116 }
uint8 * data
Definition: pgp.h:181
unsigned char uint8
Definition: c.h:304
int bytes
Definition: pgp.h:183
static char * buf
Definition: pg_test_fsync.c:67
int pushf_write(PushFilter *mp, const uint8 *data, int len)
Definition: mbuf.c:456
int bits
Definition: pgp.h:182

◆ pgp_parse_pkt_hdr()

int pgp_parse_pkt_hdr ( PullFilter src,
uint8 tag,
int *  len_p,
int  allow_ctx 
)

Definition at line 129 of file pgp-decrypt.c.

References parse_new_len(), parse_old_len(), PKT_CONTEXT, pullf_read(), px_debug(), and PXE_PGP_CORRUPT_DATA.

Referenced by internal_read_key(), pgp_decrypt(), pgp_get_keyid(), and process_data_packets().

130 {
131  int lentype;
132  int res;
133  uint8 *p;
134 
135  /* EOF is normal here, thus we dont use GETBYTE */
136  res = pullf_read(src, 1, &p);
137  if (res < 0)
138  return res;
139  if (res == 0)
140  return 0;
141 
142  if ((*p & 0x80) == 0)
143  {
144  px_debug("pgp_parse_pkt_hdr: not pkt hdr");
145  return PXE_PGP_CORRUPT_DATA;
146  }
147 
148  if (*p & 0x40)
149  {
150  *tag = *p & 0x3f;
151  res = parse_new_len(src, len_p);
152  }
153  else
154  {
155  lentype = *p & 3;
156  *tag = (*p >> 2) & 0x0F;
157  if (lentype == 3)
158  res = allow_ctx ? PKT_CONTEXT : PXE_PGP_CORRUPT_DATA;
159  else
160  res = parse_old_len(src, len_p, lentype);
161  }
162  return res;
163 }
static int parse_new_len(PullFilter *src, int *len_p)
Definition: pgp-decrypt.c:52
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:81
int pullf_read(PullFilter *pf, int len, uint8 **data_p)
Definition: mbuf.c:262
unsigned char uint8
Definition: c.h:304
static int parse_old_len(PullFilter *src, int *len_p, int lentype)
Definition: pgp-decrypt.c:95
#define PKT_CONTEXT
Definition: pgp-decrypt.c:47
void px_debug(const char *fmt,...)
Definition: px.c:160

◆ pgp_parse_pubenc_sesskey()

int pgp_parse_pubenc_sesskey ( PGP_Context ctx,
PullFilter pkt 
)

Definition at line 150 of file pgp-pubdec.c.

References any_key, PGP_MPI::bytes, check_eme_pkcs1_v15(), PGP_Context::cipher_algo, control_cksum(), PGP_MPI::data, decrypt_elgamal(), decrypt_rsa(), GETBYTE, PGP_PubKey::key_id, pgp_expect_packet_end(), pgp_mpi_free(), PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_Context::pub_key, pullf_read_fixed(), px_debug(), PXE_BUG, PXE_PGP_CORRUPT_DATA, PXE_PGP_UNKNOWN_PUBALGO, PXE_PGP_WRONG_KEY, PGP_Context::sess_key, and PGP_Context::sess_key_len.

Referenced by pgp_decrypt().

151 {
152  int ver;
153  int algo;
154  int res;
155  uint8 key_id[8];
156  PGP_PubKey *pk;
157  uint8 *msg;
158  int msglen;
159  PGP_MPI *m;
160 
161  pk = ctx->pub_key;
162  if (pk == NULL)
163  {
164  px_debug("no pubkey?");
165  return PXE_BUG;
166  }
167 
168  GETBYTE(pkt, ver);
169  if (ver != 3)
170  {
171  px_debug("unknown pubenc_sesskey pkt ver=%d", ver);
172  return PXE_PGP_CORRUPT_DATA;
173  }
174 
175  /*
176  * check if keyid's match - user-friendly msg
177  */
178  res = pullf_read_fixed(pkt, 8, key_id);
179  if (res < 0)
180  return res;
181  if (memcmp(key_id, any_key, 8) != 0
182  && memcmp(key_id, pk->key_id, 8) != 0)
183  {
184  px_debug("key_id's does not match");
185  return PXE_PGP_WRONG_KEY;
186  }
187 
188  /*
189  * Decrypt
190  */
191  GETBYTE(pkt, algo);
192  switch (algo)
193  {
194  case PGP_PUB_ELG_ENCRYPT:
195  res = decrypt_elgamal(pk, pkt, &m);
196  break;
197  case PGP_PUB_RSA_ENCRYPT:
199  res = decrypt_rsa(pk, pkt, &m);
200  break;
201  default:
203  }
204  if (res < 0)
205  return res;
206 
207  /*
208  * extract message
209  */
210  msg = check_eme_pkcs1_v15(m->data, m->bytes);
211  if (msg == NULL)
212  {
213  px_debug("check_eme_pkcs1_v15 failed");
214  res = PXE_PGP_WRONG_KEY;
215  goto out;
216  }
217  msglen = m->bytes - (msg - m->data);
218 
219  res = control_cksum(msg, msglen);
220  if (res < 0)
221  goto out;
222 
223  /*
224  * got sesskey
225  */
226  ctx->cipher_algo = *msg;
227  ctx->sess_key_len = msglen - 3;
228  memcpy(ctx->sess_key, msg + 1, ctx->sess_key_len);
229 
230 out:
231  pgp_mpi_free(m);
232  if (res < 0)
233  return res;
234  return pgp_expect_packet_end(pkt);
235 }
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:81
int cipher_algo
Definition: pgp.h:144
uint8 * data
Definition: pgp.h:181
int pullf_read_fixed(PullFilter *src, int len, uint8 *dst)
Definition: mbuf.c:317
unsigned char uint8
Definition: c.h:304
#define PXE_PGP_WRONG_KEY
Definition: px.h:94
int bytes
Definition: pgp.h:183
uint8 sess_key[PGP_MAX_KEY]
Definition: pgp.h:171
#define GETBYTE(x, i)
Definition: hstore_gist.c:32
static int control_cksum(uint8 *msg, int msglen)
Definition: pgp-pubdec.c:74
static const uint8 any_key[]
Definition: pgp-pubdec.c:147
#define PXE_BUG
Definition: px.h:73
Definition: pgp.h:179
int pgp_mpi_free(PGP_MPI *mpi)
Definition: pgp-mpi.c:70
int pgp_expect_packet_end(PullFilter *pkt)
Definition: pgp-decrypt.c:1075
static uint8 * check_eme_pkcs1_v15(uint8 *data, int len)
Definition: pgp-pubdec.c:42
static int decrypt_elgamal(PGP_PubKey *pk, PullFilter *pkt, PGP_MPI **m_p)
Definition: pgp-pubdec.c:97
unsigned sess_key_len
Definition: pgp.h:172
void px_debug(const char *fmt,...)
Definition: px.c:160
uint8 key_id[8]
Definition: pgp.h:235
#define PXE_PGP_UNKNOWN_PUBALGO
Definition: px.h:93
PGP_PubKey * pub_key
Definition: pgp.h:164
static int decrypt_rsa(PGP_PubKey *pk, PullFilter *pkt, PGP_MPI **m_p)
Definition: pgp-pubdec.c:124

◆ pgp_rsa_decrypt()

int pgp_rsa_decrypt ( PGP_PubKey pk,
PGP_MPI c,
PGP_MPI **  m 
)

Definition at line 284 of file pgp-mpi-internal.c.

References bn_to_mpi(), mp_clear_free(), mp_int_exptmod(), mp_new(), mpi_to_bn(), PGP_PubKey::pub, PXE_PGP_MATH_FAILED, PGP_PubKey::rsa, and PGP_PubKey::sec.

Referenced by decrypt_rsa().

285 {
286  int res = PXE_PGP_MATH_FAILED;
287  mpz_t *c = mpi_to_bn(_c);
288  mpz_t *d = mpi_to_bn(pk->sec.rsa.d);
289  mpz_t *n = mpi_to_bn(pk->pub.rsa.n);
290  mpz_t *m = mp_new();
291 
292  if (!m || !d || !n || !c)
293  goto err;
294 
295  /*
296  * m = c ^ d
297  */
298  mp_int_exptmod(c, d, n, m);
299 
300  *m_p = bn_to_mpi(m);
301  if (*m_p)
302  res = 0;
303 err:
304  mp_clear_free(m);
305  mp_clear_free(n);
306  mp_clear_free(d);
307  mp_clear_free(c);
308  return res;
309 }
static mpz_t * mpi_to_bn(PGP_MPI *n)
struct PGP_PubKey::@5::@8 rsa
static mpz_t * mp_new()
mp_result mp_int_exptmod(mp_int a, mp_int b, mp_int m, mp_int c)
Definition: imath.c:1336
static PGP_MPI * bn_to_mpi(mpz_t *bn)
union PGP_PubKey::@6 sec
union PGP_PubKey::@5 pub
#define PXE_PGP_MATH_FAILED
Definition: px.h:90
Definition: imath.h:57
static void mp_clear_free(mpz_t *a)

◆ pgp_rsa_encrypt()

int pgp_rsa_encrypt ( PGP_PubKey pk,
PGP_MPI m,
PGP_MPI **  c 
)

Definition at line 256 of file pgp-mpi-internal.c.

References bn_to_mpi(), mp_clear_free(), mp_int_exptmod(), mp_new(), mpi_to_bn(), PGP_PubKey::pub, PXE_PGP_MATH_FAILED, and PGP_PubKey::rsa.

Referenced by encrypt_and_write_rsa().

257 {
258  int res = PXE_PGP_MATH_FAILED;
259  mpz_t *m = mpi_to_bn(_m);
260  mpz_t *e = mpi_to_bn(pk->pub.rsa.e);
261  mpz_t *n = mpi_to_bn(pk->pub.rsa.n);
262  mpz_t *c = mp_new();
263 
264  if (!m || !e || !n || !c)
265  goto err;
266 
267  /*
268  * c = m ^ e
269  */
270  mp_int_exptmod(m, e, n, c);
271 
272  *c_p = bn_to_mpi(c);
273  if (*c_p)
274  res = 0;
275 err:
276  mp_clear_free(c);
277  mp_clear_free(n);
278  mp_clear_free(e);
279  mp_clear_free(m);
280  return res;
281 }
static mpz_t * mpi_to_bn(PGP_MPI *n)
struct PGP_PubKey::@5::@8 rsa
static mpz_t * mp_new()
mp_result mp_int_exptmod(mp_int a, mp_int b, mp_int m, mp_int c)
Definition: imath.c:1336
static PGP_MPI * bn_to_mpi(mpz_t *bn)
union PGP_PubKey::@5 pub
#define PXE_PGP_MATH_FAILED
Definition: px.h:90
e
Definition: preproc-init.c:82
Definition: imath.h:57
static void mp_clear_free(mpz_t *a)

◆ pgp_s2k_fill()

int pgp_s2k_fill ( PGP_S2K s2k,
int  mode,
int  digest_algo,
int  count 
)

Definition at line 225 of file pgp-s2k.c.

References decide_s2k_iter(), PGP_S2K::digest_algo, PGP_S2K::iter, PGP_S2K::mode, pg_backend_random(), PGP_S2K_ISALTED, PGP_S2K_SALT, PGP_S2K_SALTED, PGP_S2K_SIMPLE, PXE_NO_RANDOM, PXE_PGP_BAD_S2K_MODE, and PGP_S2K::salt.

Referenced by init_s2k_key().

226 {
227  int res = 0;
228  uint8 tmp;
229 
230  s2k->mode = mode;
231  s2k->digest_algo = digest_algo;
232 
233  switch (s2k->mode)
234  {
235  case PGP_S2K_SIMPLE:
236  break;
237  case PGP_S2K_SALTED:
238  if (!pg_backend_random((char *) s2k->salt, PGP_S2K_SALT))
239  return PXE_NO_RANDOM;
240  break;
241  case PGP_S2K_ISALTED:
242  if (!pg_backend_random((char *) s2k->salt, PGP_S2K_SALT))
243  return PXE_NO_RANDOM;
244  if (!pg_backend_random((char *) &tmp, 1))
245  return PXE_NO_RANDOM;
246  s2k->iter = decide_s2k_iter(tmp, count);
247  break;
248  default:
249  res = PXE_PGP_BAD_S2K_MODE;
250  }
251  return res;
252 }
uint8 mode
Definition: pgp.h:124
unsigned char uint8
Definition: c.h:304
#define PXE_NO_RANDOM
Definition: px.h:78
#define PXE_PGP_BAD_S2K_MODE
Definition: px.h:102
uint8 digest_algo
Definition: pgp.h:125
bool pg_backend_random(char *dst, int len)
uint8 salt[8]
Definition: pgp.h:126
#define PGP_S2K_SALT
Definition: pgp.h:115
static uint8 decide_s2k_iter(unsigned rand_byte, int count)
Definition: pgp-s2k.c:211
uint8 iter
Definition: pgp.h:127

◆ pgp_s2k_process()

int pgp_s2k_process ( PGP_S2K s2k,
int  cipher,
const uint8 key,
int  klen 
)

Definition at line 281 of file pgp-s2k.c.

References calc_s2k_iter_salted(), calc_s2k_salted(), calc_s2k_simple(), PGP_S2K::digest_algo, PGP_S2K::key_len, PGP_S2K::mode, pgp_get_cipher_key_size(), pgp_load_digest(), px_md_free, PXE_PGP_BAD_S2K_MODE, and PXE_PGP_UNSUPPORTED_CIPHER.

Referenced by init_s2k_key(), parse_symenc_sesskey(), and process_secret_key().

282 {
283  int res;
284  PX_MD *md;
285 
286  s2k->key_len = pgp_get_cipher_key_size(cipher);
287  if (s2k->key_len <= 0)
289 
290  res = pgp_load_digest(s2k->digest_algo, &md);
291  if (res < 0)
292  return res;
293 
294  switch (s2k->mode)
295  {
296  case 0:
297  res = calc_s2k_simple(s2k, md, key, key_len);
298  break;
299  case 1:
300  res = calc_s2k_salted(s2k, md, key, key_len);
301  break;
302  case 3:
303  res = calc_s2k_iter_salted(s2k, md, key, key_len);
304  break;
305  default:
306  res = PXE_PGP_BAD_S2K_MODE;
307  }
308  px_md_free(md);
309  return res;
310 }
uint8 mode
Definition: pgp.h:124
static int calc_s2k_simple(PGP_S2K *s2k, PX_MD *md, const uint8 *key, unsigned key_len)
Definition: pgp-s2k.c:40
#define PXE_PGP_UNSUPPORTED_CIPHER
Definition: px.h:84
int key_len
Definition: pgp.c:65
static int calc_s2k_salted(PGP_S2K *s2k, PX_MD *md, const uint8 *key, unsigned key_len)
Definition: pgp-s2k.c:84
#define PXE_PGP_BAD_S2K_MODE
Definition: px.h:102
uint8 digest_algo
Definition: pgp.h:125
Definition: px.h:113
int pgp_get_cipher_key_size(int code)
Definition: pgp.c:148
static int calc_s2k_iter_salted(PGP_S2K *s2k, PX_MD *md, const uint8 *key, unsigned key_len)
Definition: pgp-s2k.c:128
#define px_md_free(md)
Definition: px.h:210
int pgp_load_digest(int code, PX_MD **res)
Definition: pgp.c:184
uint8 key_len
Definition: pgp.h:130

◆ pgp_s2k_read()

int pgp_s2k_read ( PullFilter src,
PGP_S2K s2k 
)

Definition at line 255 of file pgp-s2k.c.

References PGP_S2K::digest_algo, GETBYTE, PGP_S2K::iter, PGP_S2K::mode, pullf_read_fixed(), PXE_PGP_BAD_S2K_MODE, and PGP_S2K::salt.

Referenced by parse_symenc_sesskey(), and process_secret_key().

256 {
257  int res = 0;
258 
259  GETBYTE(src, s2k->mode);
260  GETBYTE(src, s2k->digest_algo);
261  switch (s2k->mode)
262  {
263  case 0:
264  break;
265  case 1:
266  res = pullf_read_fixed(src, 8, s2k->salt);
267  break;
268  case 3:
269  res = pullf_read_fixed(src, 8, s2k->salt);
270  if (res < 0)
271  break;
272  GETBYTE(src, s2k->iter);
273  break;
274  default:
275  res = PXE_PGP_BAD_S2K_MODE;
276  }
277  return res;
278 }
uint8 mode
Definition: pgp.h:124
int pullf_read_fixed(PullFilter *src, int len, uint8 *dst)
Definition: mbuf.c:317
#define PXE_PGP_BAD_S2K_MODE
Definition: px.h:102
uint8 digest_algo
Definition: pgp.h:125
#define GETBYTE(x, i)
Definition: hstore_gist.c:32
uint8 salt[8]
Definition: pgp.h:126
uint8 iter
Definition: pgp.h:127

◆ pgp_set_cipher_algo()

int pgp_set_cipher_algo ( PGP_Context ctx,
const char *  name 
)

Definition at line 319 of file pgp.c.

References PGP_Context::cipher_algo, digest_info::code, and pgp_get_cipher_code().

Referenced by set_arg().

320 {
322 
323  if (code < 0)
324  return code;
325  ctx->cipher_algo = code;
326  return 0;
327 }
int pgp_get_cipher_code(const char *name)
Definition: pgp.c:116
int cipher_algo
Definition: pgp.h:144
const char * name
Definition: encode.c:521
int code
Definition: pgp.c:63

◆ pgp_set_compress_algo()

int pgp_set_compress_algo ( PGP_Context ctx,
int  algo 
)

Definition at line 286 of file pgp.c.

References PGP_Context::compress_algo, PGP_COMPR_BZIP2, PGP_COMPR_NONE, PGP_COMPR_ZIP, PGP_COMPR_ZLIB, and PXE_ARGUMENT_ERROR.

Referenced by set_arg().

287 {
288  switch (algo)
289  {
290  case PGP_COMPR_NONE:
291  case PGP_COMPR_ZIP:
292  case PGP_COMPR_ZLIB:
293  case PGP_COMPR_BZIP2:
294  ctx->compress_algo = algo;
295  return 0;
296  }
297  return PXE_ARGUMENT_ERROR;
298 }
#define PXE_ARGUMENT_ERROR
Definition: px.h:74
int compress_algo
Definition: pgp.h:145

◆ pgp_set_compress_level()

int pgp_set_compress_level ( PGP_Context ctx,
int  level 
)

Definition at line 301 of file pgp.c.

References PGP_Context::compress_level, and PXE_ARGUMENT_ERROR.

Referenced by set_arg().

302 {
303  if (level >= 0 && level <= 9)
304  {
305  ctx->compress_level = level;
306  return 0;
307  }
308  return PXE_ARGUMENT_ERROR;
309 }
#define PXE_ARGUMENT_ERROR
Definition: px.h:74
int compress_level
Definition: pgp.h:146

◆ pgp_set_convert_crlf()

int pgp_set_convert_crlf ( PGP_Context ctx,
int  doit 
)

Definition at line 249 of file pgp.c.

References PGP_Context::convert_crlf.

Referenced by set_arg().

250 {
251  ctx->convert_crlf = doit ? 1 : 0;
252  return 0;
253 }
int convert_crlf
Definition: pgp.h:150

◆ pgp_set_pubkey()

int pgp_set_pubkey ( PGP_Context ctx,
MBuf keypkt,
const uint8 key,
int  klen,
int  pubtype 
)

Definition at line 566 of file pgp-pubkey.c.

References internal_read_key(), PGP_Context::pub_key, pullf_create_mbuf_reader(), and pullf_free().

Referenced by decrypt_internal(), and encrypt_internal().

568 {
569  int res;
570  PullFilter *src;
571  PGP_PubKey *pk = NULL;
572 
573  res = pullf_create_mbuf_reader(&src, keypkt);
574  if (res < 0)
575  return res;
576 
577  res = internal_read_key(src, &pk, key, key_len, pubtype);
578  pullf_free(src);
579 
580  if (res >= 0)
581  ctx->pub_key = pk;
582 
583  return res < 0 ? res : 0;
584 }
void pullf_free(PullFilter *pf)
Definition: mbuf.c:245
int key_len
Definition: pgp.c:65
int pullf_create_mbuf_reader(PullFilter **mp_p, MBuf *src)
Definition: mbuf.c:352
static int internal_read_key(PullFilter *src, PGP_PubKey **pk_p, const uint8 *psw, int psw_len, int pubtype)
Definition: pgp-pubkey.c:459
PGP_PubKey * pub_key
Definition: pgp.h:164

◆ pgp_set_s2k_cipher_algo()

int pgp_set_s2k_cipher_algo ( PGP_Context ctx,
const char *  name 
)

Definition at line 330 of file pgp.c.

References digest_info::code, pgp_get_cipher_code(), and PGP_Context::s2k_cipher_algo.

Referenced by set_arg().

331 {
333 
334  if (code < 0)
335  return code;
336  ctx->s2k_cipher_algo = code;
337  return 0;
338 }
int pgp_get_cipher_code(const char *name)
Definition: pgp.c:116
int s2k_cipher_algo
Definition: pgp.h:143
const char * name
Definition: encode.c:521
int code
Definition: pgp.c:63

◆ pgp_set_s2k_count()

int pgp_set_s2k_count ( PGP_Context ctx,
int  count 
)

Definition at line 275 of file pgp.c.

References PGP_S2K_ISALTED, PXE_ARGUMENT_ERROR, PXE_OK, PGP_Context::s2k_count, and PGP_Context::s2k_mode.

Referenced by set_arg().

276 {
277  if (ctx->s2k_mode == PGP_S2K_ISALTED && count >= 1024 && count <= 65011712)
278  {
279  ctx->s2k_count = count;
280  return PXE_OK;
281  }
282  return PXE_ARGUMENT_ERROR;
283 }
#define PXE_OK
Definition: px.h:62
#define PXE_ARGUMENT_ERROR
Definition: px.h:74
int s2k_mode
Definition: pgp.h:140
int s2k_count
Definition: pgp.h:141

◆ pgp_set_s2k_digest_algo()

int pgp_set_s2k_digest_algo ( PGP_Context ctx,
const char *  name 
)

Definition at line 341 of file pgp.c.

References digest_info::code, pgp_get_digest_code(), and PGP_Context::s2k_digest_algo.

Referenced by set_arg().

342 {
344 
345  if (code < 0)
346  return code;
347  ctx->s2k_digest_algo = code;
348  return 0;
349 }
int pgp_get_digest_code(const char *name)
Definition: pgp.c:105
const char * name
Definition: encode.c:521
int s2k_digest_algo
Definition: pgp.h:142
int code
Definition: pgp.c:63

◆ pgp_set_s2k_mode()

int pgp_set_s2k_mode ( PGP_Context ctx,
int  type 
)

Definition at line 256 of file pgp.c.

References PGP_S2K_ISALTED, PGP_S2K_SALTED, PGP_S2K_SIMPLE, PXE_ARGUMENT_ERROR, PXE_OK, and PGP_Context::s2k_mode.

Referenced by set_arg().

257 {
258  int err = PXE_OK;
259 
260  switch (mode)
261  {
262  case PGP_S2K_SIMPLE:
263  case PGP_S2K_SALTED:
264  case PGP_S2K_ISALTED:
265  ctx->s2k_mode = mode;
266  break;
267  default:
268  err = PXE_ARGUMENT_ERROR;
269  break;
270  }
271  return err;
272 }
#define PXE_OK
Definition: px.h:62
#define PXE_ARGUMENT_ERROR
Definition: px.h:74
int s2k_mode
Definition: pgp.h:140

◆ pgp_set_sess_key()

int pgp_set_sess_key ( PGP_Context ctx,
int  use 
)

Definition at line 242 of file pgp.c.

References PGP_Context::use_sess_key.

Referenced by set_arg().

243 {
244  ctx->use_sess_key = use ? 1 : 0;
245  return 0;
246 }
int use_sess_key
Definition: pgp.h:148

◆ pgp_set_symkey()

int pgp_set_symkey ( PGP_Context ctx,
const uint8 key,
int  klen 
)

Definition at line 365 of file pgp.c.

References PXE_ARGUMENT_ERROR, PGP_Context::sym_key, and PGP_Context::sym_key_len.

Referenced by decrypt_internal(), and encrypt_internal().

366 {
367  if (key == NULL || len < 1)
368  return PXE_ARGUMENT_ERROR;
369  ctx->sym_key = key;
370  ctx->sym_key_len = len;
371  return 0;
372 }
#define PXE_ARGUMENT_ERROR
Definition: px.h:74
int sym_key_len
Definition: pgp.h:166
const uint8 * sym_key
Definition: pgp.h:165

◆ pgp_set_text_mode()

int pgp_set_text_mode ( PGP_Context ctx,
int  mode 
)

Definition at line 312 of file pgp.c.

References PGP_Context::text_mode.

Referenced by init_work().

313 {
314  ctx->text_mode = mode;
315  return 0;
316 }
int text_mode
Definition: pgp.h:149

◆ pgp_set_unicode_mode()

int pgp_set_unicode_mode ( PGP_Context ctx,
int  mode 
)

Definition at line 358 of file pgp.c.

References PGP_Context::unicode_mode.

Referenced by set_arg().

359 {
360  ctx->unicode_mode = mode ? 1 : 0;
361  return 0;
362 }
int unicode_mode
Definition: pgp.h:151

◆ pgp_skip_packet()

int pgp_skip_packet ( PullFilter pkt)

Definition at line 1061 of file pgp-decrypt.c.

References pullf_read().

Referenced by internal_read_key(), pgp_decrypt(), pgp_get_keyid(), read_pubenc_keyid(), and read_pubkey_keyid().

1062 {
1063  int res = 1;
1064  uint8 *tmp;
1065 
1066  while (res > 0)
1067  res = pullf_read(pkt, 32 * 1024, &tmp);
1068  return res;
1069 }
int pullf_read(PullFilter *pf, int len, uint8 **data_p)
Definition: mbuf.c:262
unsigned char uint8
Definition: c.h:304

◆ pgp_write_pubenc_sesskey()

int pgp_write_pubenc_sesskey ( PGP_Context ctx,
PushFilter dst 
)

Definition at line 195 of file pgp-pubenc.c.

References PGP_PubKey::algo, encrypt_and_write_elgamal(), encrypt_and_write_rsa(), PGP_PubKey::key_id, pgp_create_pkt_writer(), PGP_PKT_PUBENCRYPTED_SESSKEY, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_Context::pub_key, pushf_flush(), pushf_free(), pushf_write(), px_debug(), and PXE_BUG.

Referenced by pgp_encrypt().

196 {
197  int res;
198  PGP_PubKey *pk = ctx->pub_key;
199  uint8 ver = 3;
200  PushFilter *pkt = NULL;
201  uint8 algo;
202 
203  if (pk == NULL)
204  {
205  px_debug("no pubkey?\n");
206  return PXE_BUG;
207  }
208 
209  algo = pk->algo;
210 
211  /*
212  * now write packet
213  */
215  if (res < 0)
216  goto err;
217  res = pushf_write(pkt, &ver, 1);
218  if (res < 0)
219  goto err;
220  res = pushf_write(pkt, pk->key_id, 8);
221  if (res < 0)
222  goto err;
223  res = pushf_write(pkt, &algo, 1);
224  if (res < 0)
225  goto err;
226 
227  switch (algo)
228  {
229  case PGP_PUB_ELG_ENCRYPT:
230  res = encrypt_and_write_elgamal(ctx, pk, pkt);
231  break;
232  case PGP_PUB_RSA_ENCRYPT:
234  res = encrypt_and_write_rsa(ctx, pk, pkt);
235  break;
236  }
237  if (res < 0)
238  goto err;
239 
240  /*
241  * done, signal packet end
242  */
243  res = pushf_flush(pkt);
244 err:
245  if (pkt)
246  pushf_free(pkt);
247 
248  return res;
249 }
void pushf_free(PushFilter *mp)
Definition: mbuf.c:412
int pushf_flush(PushFilter *mp)
Definition: mbuf.c:516
unsigned char uint8
Definition: c.h:304
static int encrypt_and_write_rsa(PGP_Context *ctx, PGP_PubKey *pk, PushFilter *pkt)
Definition: pgp-pubenc.c:169
int pgp_create_pkt_writer(PushFilter *dst, int tag, PushFilter **res_p)
Definition: pgp-encrypt.c:315
static int encrypt_and_write_elgamal(PGP_Context *ctx, PGP_PubKey *pk, PushFilter *pkt)
Definition: pgp-pubenc.c:138
#define PXE_BUG
Definition: px.h:73
void px_debug(const char *fmt,...)
Definition: px.c:160
uint8 key_id[8]
Definition: pgp.h:235
uint8 algo
Definition: pgp.h:190
PGP_PubKey * pub_key
Definition: pgp.h:164
int pushf_write(PushFilter *mp, const uint8 *data, int len)
Definition: mbuf.c:456

Variable Documentation

◆ pgp_decrypt_filter

struct PullFilterOps pgp_decrypt_filter

Definition at line 313 of file pgp-decrypt.c.

Referenced by process_secret_key().