PostgreSQL Source Code  git master
pgp.h File Reference
#include "lib/stringinfo.h"
#include "mbuf.h"
#include "px.h"
Include dependency graph for pgp.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  PGP_S2K
 
struct  PGP_Context
 
struct  PGP_MPI
 
struct  PGP_PubKey
 

Macros

#define PGP_MAX_KEY   (256/8)
 
#define PGP_MAX_BLOCK   (256/8)
 
#define PGP_MAX_DIGEST   (512/8)
 
#define PGP_S2K_SALT   8
 
#define s2k_decode_count(cval)   (((unsigned) 16 + (cval & 15)) << ((cval >> 4) + 6))
 

Typedefs

typedef struct PGP_MPI PGP_MPI
 
typedef struct PGP_PubKey PGP_PubKey
 
typedef struct PGP_Context PGP_Context
 
typedef struct PGP_S2K PGP_S2K
 
typedef struct PGP_CFB PGP_CFB
 

Enumerations

enum  PGP_S2K_TYPE { PGP_S2K_SIMPLE = 0, PGP_S2K_SALTED = 1, PGP_S2K_ISALTED = 3 }
 
enum  PGP_PKT_TYPE {
  PGP_PKT_RESERVED = 0, PGP_PKT_PUBENCRYPTED_SESSKEY = 1, PGP_PKT_SIGNATURE = 2, PGP_PKT_SYMENCRYPTED_SESSKEY = 3,
  PGP_PKT_SECRET_KEY = 5, PGP_PKT_PUBLIC_KEY = 6, PGP_PKT_SECRET_SUBKEY = 7, PGP_PKT_COMPRESSED_DATA = 8,
  PGP_PKT_SYMENCRYPTED_DATA = 9, PGP_PKT_MARKER = 10, PGP_PKT_LITERAL_DATA = 11, PGP_PKT_TRUST = 12,
  PGP_PKT_USER_ID = 13, PGP_PKT_PUBLIC_SUBKEY = 14, PGP_PKT_USER_ATTR = 17, PGP_PKT_SYMENCRYPTED_DATA_MDC = 18,
  PGP_PKT_MDC = 19, PGP_PKT_PRIV_61 = 61
}
 
enum  PGP_PUB_ALGO_TYPE {
  PGP_PUB_RSA_ENCRYPT_SIGN = 1, PGP_PUB_RSA_ENCRYPT = 2, PGP_PUB_RSA_SIGN = 3, PGP_PUB_ELG_ENCRYPT = 16,
  PGP_PUB_DSA_SIGN = 17
}
 
enum  PGP_SYMENC_TYPE {
  PGP_SYM_PLAIN = 0, PGP_SYM_IDEA = 1, PGP_SYM_DES3 = 2, PGP_SYM_CAST5 = 3,
  PGP_SYM_BLOWFISH = 4, PGP_SYM_SAFER_SK128 = 5, PGP_SYM_DES_SK = 6, PGP_SYM_AES_128 = 7,
  PGP_SYM_AES_192 = 8, PGP_SYM_AES_256 = 9, PGP_SYM_TWOFISH = 10
}
 
enum  PGP_COMPR_TYPE { PGP_COMPR_NONE = 0, PGP_COMPR_ZIP = 1, PGP_COMPR_ZLIB = 2, PGP_COMPR_BZIP2 = 3 }
 
enum  PGP_DIGEST_TYPE {
  PGP_DIGEST_MD5 = 1, PGP_DIGEST_SHA1 = 2, PGP_DIGEST_RIPEMD160 = 3, PGP_DIGEST_XSHA = 4,
  PGP_DIGEST_MD2 = 5, PGP_DIGEST_TIGER192 = 6, PGP_DIGEST_HAVAL5_160 = 7, PGP_DIGEST_SHA256 = 8,
  PGP_DIGEST_SHA384 = 9, PGP_DIGEST_SHA512 = 10
}
 

Functions

int pgp_init (PGP_Context **ctx)
 
int pgp_encrypt (PGP_Context *ctx, MBuf *src, MBuf *dst)
 
int pgp_decrypt (PGP_Context *ctx, MBuf *src, MBuf *dst)
 
int pgp_free (PGP_Context *ctx)
 
int pgp_get_digest_code (const char *name)
 
int pgp_get_cipher_code (const char *name)
 
const char * pgp_get_digest_name (int code)
 
const char * pgp_get_cipher_name (int code)
 
int pgp_set_cipher_algo (PGP_Context *ctx, const char *name)
 
int pgp_set_s2k_mode (PGP_Context *ctx, int type)
 
int pgp_set_s2k_count (PGP_Context *ctx, int count)
 
int pgp_set_s2k_cipher_algo (PGP_Context *ctx, const char *name)
 
int pgp_set_s2k_digest_algo (PGP_Context *ctx, const char *name)
 
int pgp_set_convert_crlf (PGP_Context *ctx, int doit)
 
int pgp_disable_mdc (PGP_Context *ctx, int disable)
 
int pgp_set_sess_key (PGP_Context *ctx, int use)
 
int pgp_set_compress_algo (PGP_Context *ctx, int algo)
 
int pgp_set_compress_level (PGP_Context *ctx, int level)
 
int pgp_set_text_mode (PGP_Context *ctx, int mode)
 
int pgp_set_unicode_mode (PGP_Context *ctx, int mode)
 
int pgp_get_unicode_mode (PGP_Context *ctx)
 
int pgp_set_symkey (PGP_Context *ctx, const uint8 *key, int klen)
 
int pgp_set_pubkey (PGP_Context *ctx, MBuf *keypkt, const uint8 *key, int klen, int pubtype)
 
int pgp_get_keyid (MBuf *pgp_data, char *dst)
 
int pgp_load_digest (int c, PX_MD **res)
 
int pgp_load_cipher (int c, PX_Cipher **res)
 
int pgp_get_cipher_key_size (int c)
 
int pgp_get_cipher_block_size (int c)
 
int pgp_s2k_fill (PGP_S2K *s2k, int mode, int digest_algo, int count)
 
int pgp_s2k_read (PullFilter *src, PGP_S2K *s2k)
 
int pgp_s2k_process (PGP_S2K *s2k, int cipher, const uint8 *key, int klen)
 
int pgp_cfb_create (PGP_CFB **ctx_p, int algo, const uint8 *key, int key_len, int resync, uint8 *iv)
 
void pgp_cfb_free (PGP_CFB *ctx)
 
int pgp_cfb_encrypt (PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
 
int pgp_cfb_decrypt (PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
 
void pgp_armor_encode (const uint8 *src, unsigned len, StringInfo dst, int num_headers, char **keys, char **values)
 
int pgp_armor_decode (const uint8 *src, int len, StringInfo dst)
 
int pgp_extract_armor_headers (const uint8 *src, unsigned len, int *nheaders, char ***keys, char ***values)
 
int pgp_compress_filter (PushFilter **res, PGP_Context *ctx, PushFilter *dst)
 
int pgp_decompress_filter (PullFilter **res, PGP_Context *ctx, PullFilter *src)
 
int pgp_key_alloc (PGP_PubKey **pk_p)
 
void pgp_key_free (PGP_PubKey *pk)
 
int _pgp_read_public_key (PullFilter *pkt, PGP_PubKey **pk_p)
 
int pgp_parse_pubenc_sesskey (PGP_Context *ctx, PullFilter *pkt)
 
int pgp_create_pkt_reader (PullFilter **pf_p, PullFilter *src, int len, int pkttype, PGP_Context *ctx)
 
int pgp_parse_pkt_hdr (PullFilter *src, uint8 *tag, int *len_p, int allow_ctx)
 
int pgp_skip_packet (PullFilter *pkt)
 
int pgp_expect_packet_end (PullFilter *pkt)
 
int pgp_write_pubenc_sesskey (PGP_Context *ctx, PushFilter *dst)
 
int pgp_create_pkt_writer (PushFilter *dst, int tag, PushFilter **res_p)
 
int pgp_mpi_alloc (int bits, PGP_MPI **mpi)
 
int pgp_mpi_create (uint8 *data, int bits, PGP_MPI **mpi)
 
int pgp_mpi_free (PGP_MPI *mpi)
 
int pgp_mpi_read (PullFilter *src, PGP_MPI **mpi)
 
int pgp_mpi_write (PushFilter *dst, PGP_MPI *n)
 
int pgp_mpi_hash (PX_MD *md, PGP_MPI *n)
 
unsigned pgp_mpi_cksum (unsigned cksum, PGP_MPI *n)
 
int pgp_elgamal_encrypt (PGP_PubKey *pk, PGP_MPI *m, PGP_MPI **c1, PGP_MPI **c2)
 
int pgp_elgamal_decrypt (PGP_PubKey *pk, PGP_MPI *c1, PGP_MPI *c2, PGP_MPI **m)
 
int pgp_rsa_encrypt (PGP_PubKey *pk, PGP_MPI *m, PGP_MPI **c)
 
int pgp_rsa_decrypt (PGP_PubKey *pk, PGP_MPI *c, PGP_MPI **m)
 

Variables

struct PullFilterOps pgp_decrypt_filter
 

Macro Definition Documentation

◆ PGP_MAX_BLOCK

#define PGP_MAX_BLOCK   (256/8)

Definition at line 113 of file pgp.h.

Referenced by prefix_init(), and write_prefix().

◆ PGP_MAX_DIGEST

#define PGP_MAX_DIGEST   (512/8)

Definition at line 114 of file pgp.h.

Referenced by calc_s2k_iter_salted(), calc_s2k_salted(), and calc_s2k_simple().

◆ PGP_MAX_KEY

#define PGP_MAX_KEY   (256/8)

Definition at line 112 of file pgp.h.

Referenced by parse_symenc_sesskey().

◆ PGP_S2K_SALT

#define PGP_S2K_SALT   8

Definition at line 115 of file pgp.h.

Referenced by calc_s2k_iter_salted(), calc_s2k_salted(), and pgp_s2k_fill().

◆ s2k_decode_count

#define s2k_decode_count (   cval)    (((unsigned) 16 + (cval & 15)) << ((cval >> 4) + 6))

Definition at line 176 of file pgp.h.

Referenced by calc_s2k_iter_salted(), decide_s2k_iter(), and parse_symenc_sesskey().

Typedef Documentation

◆ PGP_CFB

typedef struct PGP_CFB PGP_CFB

Definition at line 280 of file pgp.h.

◆ PGP_Context

typedef struct PGP_Context PGP_Context

Definition at line 119 of file pgp.h.

◆ PGP_MPI

typedef struct PGP_MPI PGP_MPI

Definition at line 117 of file pgp.h.

◆ PGP_PubKey

typedef struct PGP_PubKey PGP_PubKey

Definition at line 118 of file pgp.h.

◆ PGP_S2K

typedef struct PGP_S2K PGP_S2K

Definition at line 120 of file pgp.h.

Enumeration Type Documentation

◆ PGP_COMPR_TYPE

Enumerator
PGP_COMPR_NONE 
PGP_COMPR_ZIP 
PGP_COMPR_ZLIB 
PGP_COMPR_BZIP2 

Definition at line 90 of file pgp.h.

91 {
92  PGP_COMPR_NONE = 0, /* must */
93  PGP_COMPR_ZIP = 1, /* should */
94  PGP_COMPR_ZLIB = 2,
95  PGP_COMPR_BZIP2 = 3
96 };

◆ PGP_DIGEST_TYPE

Enumerator
PGP_DIGEST_MD5 
PGP_DIGEST_SHA1 
PGP_DIGEST_RIPEMD160 
PGP_DIGEST_XSHA 
PGP_DIGEST_MD2 
PGP_DIGEST_TIGER192 
PGP_DIGEST_HAVAL5_160 
PGP_DIGEST_SHA256 
PGP_DIGEST_SHA384 
PGP_DIGEST_SHA512 

Definition at line 98 of file pgp.h.

99 {
100  PGP_DIGEST_MD5 = 1, /* should, deprecated */
101  PGP_DIGEST_SHA1 = 2, /* must */
103  PGP_DIGEST_XSHA = 4, /* obsolete */
104  PGP_DIGEST_MD2 = 5, /* obsolete */
105  PGP_DIGEST_TIGER192 = 6, /* obsolete */
106  PGP_DIGEST_HAVAL5_160 = 7, /* obsolete */
107  PGP_DIGEST_SHA256 = 8,
108  PGP_DIGEST_SHA384 = 9,
109  PGP_DIGEST_SHA512 = 10
110 };

◆ PGP_PKT_TYPE

Enumerator
PGP_PKT_RESERVED 
PGP_PKT_PUBENCRYPTED_SESSKEY 
PGP_PKT_SIGNATURE 
PGP_PKT_SYMENCRYPTED_SESSKEY 
PGP_PKT_SECRET_KEY 
PGP_PKT_PUBLIC_KEY 
PGP_PKT_SECRET_SUBKEY 
PGP_PKT_COMPRESSED_DATA 
PGP_PKT_SYMENCRYPTED_DATA 
PGP_PKT_MARKER 
PGP_PKT_LITERAL_DATA 
PGP_PKT_TRUST 
PGP_PKT_USER_ID 
PGP_PKT_PUBLIC_SUBKEY 
PGP_PKT_USER_ATTR 
PGP_PKT_SYMENCRYPTED_DATA_MDC 
PGP_PKT_MDC 
PGP_PKT_PRIV_61 

Definition at line 44 of file pgp.h.

◆ PGP_PUB_ALGO_TYPE

Enumerator
PGP_PUB_RSA_ENCRYPT_SIGN 
PGP_PUB_RSA_ENCRYPT 
PGP_PUB_RSA_SIGN 
PGP_PUB_ELG_ENCRYPT 
PGP_PUB_DSA_SIGN 

Definition at line 66 of file pgp.h.

◆ PGP_S2K_TYPE

Enumerator
PGP_S2K_SIMPLE 
PGP_S2K_SALTED 
PGP_S2K_ISALTED 

Definition at line 37 of file pgp.h.

38 {
39  PGP_S2K_SIMPLE = 0,
40  PGP_S2K_SALTED = 1,
41  PGP_S2K_ISALTED = 3
42 };

◆ PGP_SYMENC_TYPE

Enumerator
PGP_SYM_PLAIN 
PGP_SYM_IDEA 
PGP_SYM_DES3 
PGP_SYM_CAST5 
PGP_SYM_BLOWFISH 
PGP_SYM_SAFER_SK128 
PGP_SYM_DES_SK 
PGP_SYM_AES_128 
PGP_SYM_AES_192 
PGP_SYM_AES_256 
PGP_SYM_TWOFISH 

Definition at line 75 of file pgp.h.

76 {
77  PGP_SYM_PLAIN = 0, /* ?? */
78  PGP_SYM_IDEA = 1, /* obsolete, PGP 2.6 compat */
79  PGP_SYM_DES3 = 2, /* must */
80  PGP_SYM_CAST5 = 3, /* should */
81  PGP_SYM_BLOWFISH = 4,
82  PGP_SYM_SAFER_SK128 = 5, /* obsolete */
83  PGP_SYM_DES_SK = 6, /* obsolete */
84  PGP_SYM_AES_128 = 7, /* should */
85  PGP_SYM_AES_192 = 8,
86  PGP_SYM_AES_256 = 9,
87  PGP_SYM_TWOFISH = 10
88 };

Function Documentation

◆ _pgp_read_public_key()

int _pgp_read_public_key ( PullFilter pkt,
PGP_PubKey **  pk_p 
)

Definition at line 159 of file pgp-pubkey.c.

References PGP_PubKey::algo, calc_key_id(), PGP_PubKey::can_encrypt, PGP_PubKey::dsa, PGP_PubKey::elg, GETBYTE, pgp_key_alloc(), pgp_key_free(), pgp_mpi_read(), PGP_PUB_DSA_SIGN, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_PUB_RSA_SIGN, PGP_PubKey::pub, pullf_read_fixed(), px_debug(), PXE_PGP_NOT_V4_KEYPKT, PXE_PGP_UNKNOWN_PUBALGO, PGP_PubKey::rsa, PGP_PubKey::time, and PGP_PubKey::ver.

Referenced by internal_read_key(), process_secret_key(), and read_pubkey_keyid().

160 {
161  int res;
162  PGP_PubKey *pk;
163 
164  res = pgp_key_alloc(&pk);
165  if (res < 0)
166  return res;
167 
168  /* get version */
169  GETBYTE(pkt, pk->ver);
170  if (pk->ver != 4)
171  {
172  res = PXE_PGP_NOT_V4_KEYPKT;
173  goto out;
174  }
175 
176  /* read time */
177  res = pullf_read_fixed(pkt, 4, pk->time);
178  if (res < 0)
179  goto out;
180 
181  /* pubkey algorithm */
182  GETBYTE(pkt, pk->algo);
183 
184  switch (pk->algo)
185  {
186  case PGP_PUB_DSA_SIGN:
187  res = pgp_mpi_read(pkt, &pk->pub.dsa.p);
188  if (res < 0)
189  break;
190  res = pgp_mpi_read(pkt, &pk->pub.dsa.q);
191  if (res < 0)
192  break;
193  res = pgp_mpi_read(pkt, &pk->pub.dsa.g);
194  if (res < 0)
195  break;
196  res = pgp_mpi_read(pkt, &pk->pub.dsa.y);
197  if (res < 0)
198  break;
199 
200  res = calc_key_id(pk);
201  break;
202 
203  case PGP_PUB_RSA_SIGN:
204  case PGP_PUB_RSA_ENCRYPT:
206  res = pgp_mpi_read(pkt, &pk->pub.rsa.n);
207  if (res < 0)
208  break;
209  res = pgp_mpi_read(pkt, &pk->pub.rsa.e);
210  if (res < 0)
211  break;
212 
213  res = calc_key_id(pk);
214 
215  if (pk->algo != PGP_PUB_RSA_SIGN)
216  pk->can_encrypt = 1;
217  break;
218 
219  case PGP_PUB_ELG_ENCRYPT:
220  res = pgp_mpi_read(pkt, &pk->pub.elg.p);
221  if (res < 0)
222  break;
223  res = pgp_mpi_read(pkt, &pk->pub.elg.g);
224  if (res < 0)
225  break;
226  res = pgp_mpi_read(pkt, &pk->pub.elg.y);
227  if (res < 0)
228  break;
229 
230  res = calc_key_id(pk);
231 
232  pk->can_encrypt = 1;
233  break;
234 
235  default:
236  px_debug("unknown public algo: %d", pk->algo);
238  }
239 
240 out:
241  if (res < 0)
242  pgp_key_free(pk);
243  else
244  *pk_p = pk;
245 
246  return res;
247 }
struct PGP_PubKey::@5::@7 elg
uint8 ver
Definition: pgp.h:188
int pullf_read_fixed(PullFilter *src, int len, uint8 *dst)
Definition: mbuf.c:317
struct PGP_PubKey::@5::@9 dsa
uint8 time[4]
Definition: pgp.h:189
static int calc_key_id(PGP_PubKey *pk)
Definition: pgp-pubkey.c:85
int pgp_key_alloc(PGP_PubKey **pk_p)
Definition: pgp-pubkey.c:38
struct PGP_PubKey::@5::@8 rsa
#define GETBYTE(x, i)
Definition: hstore_gist.c:29
void pgp_key_free(PGP_PubKey *pk)
Definition: pgp-pubkey.c:49
int pgp_mpi_read(PullFilter *src, PGP_MPI **mpi)
Definition: pgp-mpi.c:80
void px_debug(const char *fmt,...)
Definition: px.c:152
#define PXE_PGP_UNKNOWN_PUBALGO
Definition: px.h:90
union PGP_PubKey::@5 pub
uint8 algo
Definition: pgp.h:190
#define PXE_PGP_NOT_V4_KEYPKT
Definition: px.h:95
int can_encrypt
Definition: pgp.h:236

◆ pgp_armor_decode()

int pgp_armor_decode ( const uint8 src,
int  len,
StringInfo  dst 
)

Definition at line 314 of file pgp-armor.c.

References buf, crc24(), StringInfoData::data, elog, enlargeStringInfo(), FATAL, find_header(), StringInfoData::len, pg_base64_dec_len(), pg_base64_decode(), and PXE_PGP_CORRUPT_ARMOR.

Referenced by pg_dearmor().

315 {
316  const uint8 *p = src;
317  const uint8 *data_end = src + len;
318  long crc;
319  const uint8 *base64_start,
320  *armor_end;
321  const uint8 *base64_end = NULL;
322  uint8 buf[4];
323  int hlen;
324  int blen;
325  int res = PXE_PGP_CORRUPT_ARMOR;
326 
327  /* armor start */
328  hlen = find_header(src, data_end, &p, 0);
329  if (hlen <= 0)
330  goto out;
331  p += hlen;
332 
333  /* armor end */
334  hlen = find_header(p, data_end, &armor_end, 1);
335  if (hlen <= 0)
336  goto out;
337 
338  /* skip comments - find empty line */
339  while (p < armor_end && *p != '\n' && *p != '\r')
340  {
341  p = memchr(p, '\n', armor_end - p);
342  if (!p)
343  goto out;
344 
345  /* step to start of next line */
346  p++;
347  }
348  base64_start = p;
349 
350  /* find crc pos */
351  for (p = armor_end; p >= base64_start; p--)
352  if (*p == '=')
353  {
354  base64_end = p - 1;
355  break;
356  }
357  if (base64_end == NULL)
358  goto out;
359 
360  /* decode crc */
361  if (pg_base64_decode(p + 1, 4, buf) != 3)
362  goto out;
363  crc = (((long) buf[0]) << 16) + (((long) buf[1]) << 8) + (long) buf[2];
364 
365  /* decode data */
366  blen = (int) pg_base64_dec_len(len);
367  enlargeStringInfo(dst, blen);
368  res = pg_base64_decode(base64_start, base64_end - base64_start, (uint8 *) dst->data);
369  if (res > blen)
370  elog(FATAL, "overflow - decode estimate too small");
371  if (res >= 0)
372  {
373  if (crc24((uint8 *) dst->data, res) == crc)
374  dst->len += res;
375  else
376  res = PXE_PGP_CORRUPT_ARMOR;
377  }
378 out:
379  return res;
380 }
unsigned char uint8
Definition: c.h:356
static int pg_base64_decode(const uint8 *src, unsigned len, uint8 *dst)
Definition: pgp-armor.c:95
#define FATAL
Definition: elog.h:52
static char * buf
Definition: pg_test_fsync.c:68
static long crc24(const uint8 *data, unsigned len)
Definition: pgp-armor.c:188
static int find_header(const uint8 *data, const uint8 *datend, const uint8 **start_p, int is_end)
Definition: pgp-armor.c:266
void enlargeStringInfo(StringInfo str, int needed)
Definition: stringinfo.c:270
#define PXE_PGP_CORRUPT_ARMOR
Definition: px.h:79
#define elog(elevel,...)
Definition: elog.h:226
static unsigned pg_base64_dec_len(unsigned srclen)
Definition: pgp-armor.c:172

◆ pgp_armor_encode()

void pgp_armor_encode ( const uint8 src,
unsigned  len,
StringInfo  dst,
int  num_headers,
char **  keys,
char **  values 
)

Definition at line 207 of file pgp-armor.c.

References _base64, appendStringInfo(), appendStringInfoChar(), appendStringInfoString(), armor_footer, armor_header, crc24(), StringInfoData::data, elog, enlargeStringInfo(), FATAL, StringInfoData::len, pg_base64_enc_len(), and pg_base64_encode().

Referenced by pg_armor().

209 {
210  int n;
211  int res;
212  unsigned b64len;
213  unsigned crc = crc24(src, len);
214 
216 
217  for (n = 0; n < num_headers; n++)
218  appendStringInfo(dst, "%s: %s\n", keys[n], values[n]);
219  appendStringInfoChar(dst, '\n');
220 
221  /* make sure we have enough room to pg_base64_encode() */
222  b64len = pg_base64_enc_len(len);
223  enlargeStringInfo(dst, (int) b64len);
224 
225  res = pg_base64_encode(src, len, (uint8 *) dst->data + dst->len);
226  if (res > b64len)
227  elog(FATAL, "overflow - encode estimate too small");
228  dst->len += res;
229 
230  if (*(dst->data + dst->len - 1) != '\n')
231  appendStringInfoChar(dst, '\n');
232 
233  appendStringInfoChar(dst, '=');
234  appendStringInfoChar(dst, _base64[(crc >> 18) & 0x3f]);
235  appendStringInfoChar(dst, _base64[(crc >> 12) & 0x3f]);
236  appendStringInfoChar(dst, _base64[(crc >> 6) & 0x3f]);
237  appendStringInfoChar(dst, _base64[crc & 0x3f]);
238 
240 }
unsigned char uint8
Definition: c.h:356
static const char * armor_footer
Definition: pgp-armor.c:182
static unsigned pg_base64_enc_len(unsigned srclen)
Definition: pgp-armor.c:163
void appendStringInfo(StringInfo str, const char *fmt,...)
Definition: stringinfo.c:78
#define FATAL
Definition: elog.h:52
void appendStringInfoString(StringInfo str, const char *s)
Definition: stringinfo.c:163
static long crc24(const uint8 *data, unsigned len)
Definition: pgp-armor.c:188
void enlargeStringInfo(StringInfo str, int needed)
Definition: stringinfo.c:270
static const char * armor_header
Definition: pgp-armor.c:181
void appendStringInfoChar(StringInfo str, char ch)
Definition: stringinfo.c:175
static const unsigned char _base64[]
Definition: pgp-armor.c:41
static int pg_base64_encode(const uint8 *src, unsigned len, uint8 *dst)
Definition: pgp-armor.c:45
static Datum values[MAXATTR]
Definition: bootstrap.c:167
#define elog(elevel,...)
Definition: elog.h:226

◆ pgp_cfb_create()

int pgp_cfb_create ( PGP_CFB **  ctx_p,
int  algo,
const uint8 key,
int  key_len,
int  resync,
uint8 iv 
)

Definition at line 52 of file pgp-cfb.c.

References PGP_CFB::block_size, PGP_CFB::ciph, PGP_CFB::fr, pgp_load_cipher(), px_alloc, px_cipher_block_size, px_cipher_free, px_cipher_init, and PGP_CFB::resync.

Referenced by decrypt_key(), encrypt_init(), parse_symenc_data(), parse_symenc_mdc_data(), process_secret_key(), and symencrypt_sesskey().

54 {
55  int res;
56  PX_Cipher *ciph;
57  PGP_CFB *ctx;
58 
59  res = pgp_load_cipher(algo, &ciph);
60  if (res < 0)
61  return res;
62 
63  res = px_cipher_init(ciph, key, key_len, NULL);
64  if (res < 0)
65  {
66  px_cipher_free(ciph);
67  return res;
68  }
69 
70  ctx = px_alloc(sizeof(*ctx));
71  memset(ctx, 0, sizeof(*ctx));
72  ctx->ciph = ciph;
73  ctx->block_size = px_cipher_block_size(ciph);
74  ctx->resync = resync;
75 
76  if (iv)
77  memcpy(ctx->fr, iv, ctx->block_size);
78 
79  *ctx_p = ctx;
80  return 0;
81 }
#define px_cipher_init(c, k, klen, iv)
Definition: px.h:221
int key_len
Definition: pgp.c:64
#define px_cipher_free(c)
Definition: px.h:226
PX_Cipher * ciph
Definition: pgp-cfb.c:41
uint8 fr[PGP_MAX_BLOCK]
Definition: pgp-cfb.c:46
int pgp_load_cipher(int code, PX_Cipher **res)
Definition: pgp.c:167
int resync
Definition: pgp-cfb.c:45
int block_size
Definition: pgp-cfb.c:42
#define px_cipher_block_size(c)
Definition: px.h:219
Definition: px.h:151
#define px_alloc(s)
Definition: px.h:44

◆ pgp_cfb_decrypt()

int pgp_cfb_decrypt ( PGP_CFB ctx,
const uint8 data,
int  len,
uint8 dst 
)

Definition at line 259 of file pgp-cfb.c.

References cfb_process(), mix, mix_decrypt_normal(), mix_decrypt_resync(), and PGP_CFB::resync.

Referenced by decrypt_key(), and decrypt_read().

260 {
262 
263  return cfb_process(ctx, data, len, dst, mix);
264 }
#define mix(a, b, c)
Definition: hashfn.c:84
static int cfb_process(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst, mix_data_t mix_data)
Definition: pgp-cfb.c:198
static int mix_decrypt_normal(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:106
int resync
Definition: pgp-cfb.c:45
static int mix_decrypt_resync(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:158
int(* mix_data_t)(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:37

◆ pgp_cfb_encrypt()

int pgp_cfb_encrypt ( PGP_CFB ctx,
const uint8 data,
int  len,
uint8 dst 
)

Definition at line 251 of file pgp-cfb.c.

References cfb_process(), mix, mix_encrypt_normal(), mix_encrypt_resync(), and PGP_CFB::resync.

Referenced by encrypt_process(), and symencrypt_sesskey().

252 {
254 
255  return cfb_process(ctx, data, len, dst, mix);
256 }
#define mix(a, b, c)
Definition: hashfn.c:84
static int cfb_process(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst, mix_data_t mix_data)
Definition: pgp-cfb.c:198
int resync
Definition: pgp-cfb.c:45
static int mix_encrypt_normal(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:95
static int mix_encrypt_resync(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:126
int(* mix_data_t)(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
Definition: pgp-cfb.c:37

◆ pgp_cfb_free()

void pgp_cfb_free ( PGP_CFB ctx)

Definition at line 84 of file pgp-cfb.c.

References PGP_CFB::ciph, px_cipher_free, px_free, and px_memset().

Referenced by decrypt_key(), encrypt_free(), parse_symenc_data(), parse_symenc_mdc_data(), process_secret_key(), and symencrypt_sesskey().

85 {
86  px_cipher_free(ctx->ciph);
87  px_memset(ctx, 0, sizeof(*ctx));
88  px_free(ctx);
89 }
#define px_free(p)
Definition: px.h:46
#define px_cipher_free(c)
Definition: px.h:226
PX_Cipher * ciph
Definition: pgp-cfb.c:41
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:126

◆ pgp_compress_filter()

int pgp_compress_filter ( PushFilter **  res,
PGP_Context ctx,
PushFilter dst 
)

Definition at line 317 of file pgp-compress.c.

References PXE_PGP_UNSUPPORTED_COMPR.

Referenced by init_compress().

318 {
320 }
#define PXE_PGP_UNSUPPORTED_COMPR
Definition: px.h:80

◆ pgp_create_pkt_reader()

int pgp_create_pkt_reader ( PullFilter **  pf_p,
PullFilter src,
int  len,
int  pkttype,
PGP_Context ctx 
)

Definition at line 223 of file pgp-decrypt.c.

References PktData::len, pullf_create(), px_alloc, px_free, and PktData::type.

Referenced by internal_read_key(), pgp_decrypt(), pgp_get_keyid(), and process_data_packets().

225 {
226  int res;
227  struct PktData *pkt = px_alloc(sizeof(*pkt));
228 
229  pkt->type = pkttype;
230  pkt->len = len;
231  res = pullf_create(pf_p, &pktreader_filter, pkt, src);
232  if (res < 0)
233  px_free(pkt);
234  return res;
235 }
int pullf_create(PullFilter **pf_p, const PullFilterOps *op, void *init_arg, PullFilter *src)
Definition: mbuf.c:206
#define px_free(p)
Definition: px.h:46
int type
Definition: pgp-decrypt.c:170
#define px_alloc(s)
Definition: px.h:44
static struct PullFilterOps pktreader_filter
Definition: pgp-decrypt.c:217

◆ pgp_create_pkt_writer()

int pgp_create_pkt_writer ( PushFilter dst,
int  tag,
PushFilter **  res_p 
)

Definition at line 313 of file pgp-encrypt.c.

References pushf_create(), and write_tag_only().

Referenced by pgp_write_pubenc_sesskey().

314 {
315  int res;
316 
317  res = write_tag_only(dst, tag);
318  if (res < 0)
319  return res;
320 
321  return pushf_create(res_p, &pkt_stream_filter, NULL, dst);
322 }
static int write_tag_only(PushFilter *dst, int tag)
Definition: pgp-encrypt.c:69
static const PushFilterOps pkt_stream_filter
Definition: pgp-encrypt.c:308
int pushf_create(PushFilter **mp_p, const PushFilterOps *op, void *init_arg, PushFilter *next)
Definition: mbuf.c:373

◆ pgp_decompress_filter()

int pgp_decompress_filter ( PullFilter **  res,
PGP_Context ctx,
PullFilter src 
)

Definition at line 323 of file pgp-compress.c.

References PXE_PGP_UNSUPPORTED_COMPR.

Referenced by parse_compressed_data().

324 {
326 }
#define PXE_PGP_UNSUPPORTED_COMPR
Definition: px.h:80

◆ pgp_decrypt()

int pgp_decrypt ( PGP_Context ctx,
MBuf src,
MBuf dst 
)

Definition at line 1093 of file pgp-decrypt.c.

References PGP_Context::corrupt_prefix, PGP_Context::disable_mdc, PktData::len, NO_CTX_SIZE, parse_symenc_data(), parse_symenc_mdc_data(), parse_symenc_sesskey(), pgp_create_pkt_reader(), pgp_parse_pkt_hdr(), pgp_parse_pubenc_sesskey(), PGP_PKT_MARKER, PGP_PKT_PUBENCRYPTED_SESSKEY, PGP_PKT_SYMENCRYPTED_DATA, PGP_PKT_SYMENCRYPTED_DATA_MDC, PGP_PKT_SYMENCRYPTED_SESSKEY, pgp_skip_packet(), pullf_create_mbuf_reader(), pullf_free(), px_debug(), PXE_PGP_CORRUPT_DATA, PXE_PGP_NOT_TEXT, PXE_PGP_UNSUPPORTED_COMPR, PGP_Context::unexpected_binary, and PGP_Context::unsupported_compr.

Referenced by decrypt_internal().

1094 {
1095  int res;
1096  PullFilter *src = NULL;
1097  PullFilter *pkt = NULL;
1098  uint8 tag;
1099  int len;
1100  int got_key = 0;
1101  int got_data = 0;
1102 
1103  res = pullf_create_mbuf_reader(&src, msrc);
1104 
1105  while (res >= 0)
1106  {
1107  res = pgp_parse_pkt_hdr(src, &tag, &len, NO_CTX_SIZE);
1108  if (res <= 0)
1109  break;
1110 
1111  res = pgp_create_pkt_reader(&pkt, src, len, res, ctx);
1112  if (res < 0)
1113  break;
1114 
1115  res = PXE_PGP_CORRUPT_DATA;
1116  switch (tag)
1117  {
1118  case PGP_PKT_MARKER:
1119  res = pgp_skip_packet(pkt);
1120  break;
1122  /* fixme: skip those */
1123  res = pgp_parse_pubenc_sesskey(ctx, pkt);
1124  got_key = 1;
1125  break;
1127  if (got_key)
1128 
1129  /*
1130  * Theoretically, there could be several keys, both public
1131  * and symmetric, all of which encrypt same session key.
1132  * Decrypt should try with each one, before failing.
1133  */
1134  px_debug("pgp_decrypt: using first of several keys");
1135  else
1136  {
1137  got_key = 1;
1138  res = parse_symenc_sesskey(ctx, pkt);
1139  }
1140  break;
1142  if (!got_key)
1143  px_debug("pgp_decrypt: have data but no key");
1144  else if (got_data)
1145  px_debug("pgp_decrypt: got second data packet");
1146  else
1147  {
1148  got_data = 1;
1149  ctx->disable_mdc = 1;
1150  res = parse_symenc_data(ctx, pkt, mdst);
1151  }
1152  break;
1154  if (!got_key)
1155  px_debug("pgp_decrypt: have data but no key");
1156  else if (got_data)
1157  px_debug("pgp_decrypt: several data pkts not supported");
1158  else
1159  {
1160  got_data = 1;
1161  ctx->disable_mdc = 0;
1162  res = parse_symenc_mdc_data(ctx, pkt, mdst);
1163  }
1164  break;
1165  default:
1166  px_debug("pgp_decrypt: unknown tag: 0x%02x", tag);
1167  }
1168  pullf_free(pkt);
1169  pkt = NULL;
1170  }
1171 
1172  if (pkt)
1173  pullf_free(pkt);
1174 
1175  if (src)
1176  pullf_free(src);
1177 
1178  if (res < 0)
1179  return res;
1180 
1181  /*
1182  * Report a failure of the prefix_init() "quick check" now, rather than
1183  * upon detection, to hinder timing attacks. pgcrypto is not generally
1184  * secure against timing attacks, but this helps.
1185  */
1186  if (!got_data || ctx->corrupt_prefix)
1187  return PXE_PGP_CORRUPT_DATA;
1188 
1189  /*
1190  * Code interpreting purportedly-decrypted data prior to this stage shall
1191  * report no error other than PXE_PGP_CORRUPT_DATA. (PXE_BUG is okay so
1192  * long as it remains unreachable.) This ensures that an attacker able to
1193  * choose a ciphertext and receive a corresponding decryption error
1194  * message cannot use that oracle to gather clues about the decryption
1195  * key. See "An Attack on CFB Mode Encryption As Used By OpenPGP" by
1196  * Serge Mister and Robert Zuccherato.
1197  *
1198  * A problematic value in the first octet of a Literal Data or Compressed
1199  * Data packet may indicate a simple user error, such as the need to call
1200  * pgp_sym_decrypt_bytea instead of pgp_sym_decrypt. Occasionally,
1201  * though, it is the first symptom of the encryption key not matching the
1202  * decryption key. When this was the only problem encountered, report a
1203  * specific error to guide the user; otherwise, we will have reported
1204  * PXE_PGP_CORRUPT_DATA before now. A key mismatch makes the other errors
1205  * into red herrings, and this avoids leaking clues to attackers.
1206  */
1207  if (ctx->unsupported_compr)
1209  if (ctx->unexpected_binary)
1210  return PXE_PGP_NOT_TEXT;
1211 
1212  return res;
1213 }
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:78
void pullf_free(PullFilter *pf)
Definition: mbuf.c:245
int unexpected_binary
Definition: pgp.h:159
int pgp_parse_pkt_hdr(PullFilter *src, uint8 *tag, int *len_p, int allow_ctx)
Definition: pgp-decrypt.c:129
unsigned char uint8
Definition: c.h:356
static int parse_symenc_mdc_data(PGP_Context *ctx, PullFilter *pkt, MBuf *dst)
Definition: pgp-decrypt.c:1012
int pullf_create_mbuf_reader(PullFilter **mp_p, MBuf *src)
Definition: mbuf.c:352
int pgp_skip_packet(PullFilter *pkt)
Definition: pgp-decrypt.c:1064
int unsupported_compr
Definition: pgp.h:158
int pgp_parse_pubenc_sesskey(PGP_Context *ctx, PullFilter *pkt)
Definition: pgp-pubdec.c:150
int disable_mdc
Definition: pgp.h:147
#define NO_CTX_SIZE
Definition: pgp-decrypt.c:38
#define PXE_PGP_UNSUPPORTED_COMPR
Definition: px.h:80
int pgp_create_pkt_reader(PullFilter **pf_p, PullFilter *src, int len, int pkttype, PGP_Context *ctx)
Definition: pgp-decrypt.c:223
#define PXE_PGP_NOT_TEXT
Definition: px.h:84
int corrupt_prefix
Definition: pgp.h:157
static int parse_symenc_sesskey(PGP_Context *ctx, PullFilter *src)
Definition: pgp-decrypt.c:624
void px_debug(const char *fmt,...)
Definition: px.c:152
static int parse_symenc_data(PGP_Context *ctx, PullFilter *pkt, MBuf *dst)
Definition: pgp-decrypt.c:978

◆ pgp_disable_mdc()

int pgp_disable_mdc ( PGP_Context ctx,
int  disable 
)

Definition at line 234 of file pgp.c.

References PGP_Context::disable_mdc.

Referenced by set_arg().

235 {
236  ctx->disable_mdc = disable ? 1 : 0;
237  return 0;
238 }
int disable_mdc
Definition: pgp.h:147

◆ pgp_elgamal_decrypt()

int pgp_elgamal_decrypt ( PGP_PubKey pk,
PGP_MPI c1,
PGP_MPI c2,
PGP_MPI **  m 
)

Definition at line 214 of file pgp-mpi-internal.c.

References bn_to_mpi(), PGP_PubKey::elg, mp_clear_free(), mp_int_exptmod(), mp_int_invmod(), mp_modmul(), mp_new(), mpi_to_bn(), PGP_PubKey::pub, PXE_PGP_MATH_FAILED, and PGP_PubKey::sec.

Referenced by decrypt_elgamal().

216 {
217  int res = PXE_PGP_MATH_FAILED;
218  mpz_t *c1 = mpi_to_bn(_c1);
219  mpz_t *c2 = mpi_to_bn(_c2);
220  mpz_t *p = mpi_to_bn(pk->pub.elg.p);
221  mpz_t *x = mpi_to_bn(pk->sec.elg.x);
222  mpz_t *c1x = mp_new();
223  mpz_t *div = mp_new();
224  mpz_t *m = mp_new();
225 
226  if (!c1 || !c2 || !p || !x || !c1x || !div || !m)
227  goto err;
228 
229  /*
230  * m = c2 / (c1^x)
231  */
232  mp_int_exptmod(c1, x, p, c1x);
233  mp_int_invmod(c1x, p, div);
234  mp_modmul(c2, div, p, m);
235 
236  /* result */
237  *msg_p = bn_to_mpi(m);
238  if (*msg_p)
239  res = 0;
240 err:
241  mp_clear_free(m);
242  mp_clear_free(div);
243  mp_clear_free(c1x);
244  mp_clear_free(x);
245  mp_clear_free(p);
246  mp_clear_free(c2);
247  mp_clear_free(c1);
248  return res;
249 }
mp_result mp_int_invmod(mp_int a, mp_int m, mp_int c)
Definition: imath.c:1474
struct PGP_PubKey::@5::@7 elg
Definition: imath.h:52
static mpz_t * mpi_to_bn(PGP_MPI *n)
static mpz_t * mp_new()
mp_result mp_int_exptmod(mp_int a, mp_int b, mp_int m, mp_int c)
Definition: imath.c:1369
static PGP_MPI * bn_to_mpi(mpz_t *bn)
union PGP_PubKey::@6 sec
static void mp_modmul(mpz_t *a, mpz_t *b, mpz_t *p, mpz_t *res)
union PGP_PubKey::@5 pub
#define PXE_PGP_MATH_FAILED
Definition: px.h:87
static void mp_clear_free(mpz_t *a)

◆ pgp_elgamal_encrypt()

int pgp_elgamal_encrypt ( PGP_PubKey pk,
PGP_MPI m,
PGP_MPI **  c1,
PGP_MPI **  c2 
)

Definition at line 164 of file pgp-mpi-internal.c.

References bn_to_mpi(), decide_k_bits(), PGP_PubKey::elg, mp_clear_free(), mp_int_count_bits(), mp_int_exptmod(), mp_modmul(), mp_new(), mp_px_rand(), mpi_to_bn(), PGP_PubKey::pub, and PXE_PGP_MATH_FAILED.

Referenced by encrypt_and_write_elgamal().

166 {
167  int res = PXE_PGP_MATH_FAILED;
168  int k_bits;
169  mpz_t *m = mpi_to_bn(_m);
170  mpz_t *p = mpi_to_bn(pk->pub.elg.p);
171  mpz_t *g = mpi_to_bn(pk->pub.elg.g);
172  mpz_t *y = mpi_to_bn(pk->pub.elg.y);
173  mpz_t *k = mp_new();
174  mpz_t *yk = mp_new();
175  mpz_t *c1 = mp_new();
176  mpz_t *c2 = mp_new();
177 
178  if (!m || !p || !g || !y || !k || !yk || !c1 || !c2)
179  goto err;
180 
181  /*
182  * generate k
183  */
184  k_bits = decide_k_bits(mp_int_count_bits(p));
185  res = mp_px_rand(k_bits, k);
186  if (res < 0)
187  return res;
188 
189  /*
190  * c1 = g^k c2 = m * y^k
191  */
192  mp_int_exptmod(g, k, p, c1);
193  mp_int_exptmod(y, k, p, yk);
194  mp_modmul(m, yk, p, c2);
195 
196  /* result */
197  *c1_p = bn_to_mpi(c1);
198  *c2_p = bn_to_mpi(c2);
199  if (*c1_p && *c2_p)
200  res = 0;
201 err:
202  mp_clear_free(c2);
203  mp_clear_free(c1);
204  mp_clear_free(yk);
205  mp_clear_free(k);
206  mp_clear_free(y);
207  mp_clear_free(g);
208  mp_clear_free(p);
209  mp_clear_free(m);
210  return res;
211 }
struct PGP_PubKey::@5::@7 elg
Definition: imath.h:52
mp_result mp_int_count_bits(mp_int z)
Definition: imath.c:2038
static mpz_t * mpi_to_bn(PGP_MPI *n)
static mpz_t * mp_new()
mp_result mp_int_exptmod(mp_int a, mp_int b, mp_int m, mp_int c)
Definition: imath.c:1369
static int decide_k_bits(int p_bits)
static PGP_MPI * bn_to_mpi(mpz_t *bn)
static int mp_px_rand(uint32 bits, mpz_t *res)
static void mp_modmul(mpz_t *a, mpz_t *b, mpz_t *p, mpz_t *res)
union PGP_PubKey::@5 pub
#define PXE_PGP_MATH_FAILED
Definition: px.h:87
static void mp_clear_free(mpz_t *a)

◆ pgp_encrypt()

int pgp_encrypt ( PGP_Context ctx,
MBuf src,
MBuf dst 
)

Definition at line 601 of file pgp-encrypt.c.

References EncStat::buf, PGP_Context::compress_algo, PGP_Context::compress_level, PGP_Context::convert_crlf, PGP_Context::disable_mdc, init_compress(), init_encdata_packet(), init_litdata_packet(), init_s2k_key(), init_sess_key(), mbuf_avail(), mbuf_grab(), pgp_write_pubenc_sesskey(), PGP_Context::pub_key, pushf_create(), pushf_create_mbuf_writer(), pushf_flush(), pushf_free_all(), pushf_write(), PXE_ARGUMENT_ERROR, PGP_Context::sym_key, PGP_Context::text_mode, write_prefix(), and write_symenc_sesskey().

Referenced by encrypt_internal().

602 {
603  int res;
604  int len;
605  uint8 *buf;
606  PushFilter *pf,
607  *pf_tmp;
608 
609  /*
610  * do we have any key
611  */
612  if (!ctx->sym_key && !ctx->pub_key)
613  return PXE_ARGUMENT_ERROR;
614 
615  /* MBuf writer */
616  res = pushf_create_mbuf_writer(&pf, dst);
617  if (res < 0)
618  goto out;
619 
620  /*
621  * initialize sym_key
622  */
623  if (ctx->sym_key)
624  {
625  res = init_s2k_key(ctx);
626  if (res < 0)
627  goto out;
628  }
629 
630  res = init_sess_key(ctx);
631  if (res < 0)
632  goto out;
633 
634  /*
635  * write keypkt
636  */
637  if (ctx->pub_key)
638  res = pgp_write_pubenc_sesskey(ctx, pf);
639  else
640  res = write_symenc_sesskey(ctx, pf);
641  if (res < 0)
642  goto out;
643 
644  /* encrypted data pkt */
645  res = init_encdata_packet(&pf_tmp, ctx, pf);
646  if (res < 0)
647  goto out;
648  pf = pf_tmp;
649 
650  /* encrypter */
651  res = pushf_create(&pf_tmp, &encrypt_filter, ctx, pf);
652  if (res < 0)
653  goto out;
654  pf = pf_tmp;
655 
656  /* hasher */
657  if (ctx->disable_mdc == 0)
658  {
659  res = pushf_create(&pf_tmp, &mdc_filter, ctx, pf);
660  if (res < 0)
661  goto out;
662  pf = pf_tmp;
663  }
664 
665  /* prefix */
666  res = write_prefix(ctx, pf);
667  if (res < 0)
668  goto out;
669 
670  /* compressor */
671  if (ctx->compress_algo > 0 && ctx->compress_level > 0)
672  {
673  res = init_compress(&pf_tmp, ctx, pf);
674  if (res < 0)
675  goto out;
676  pf = pf_tmp;
677  }
678 
679  /* data streamer */
680  res = init_litdata_packet(&pf_tmp, ctx, pf);
681  if (res < 0)
682  goto out;
683  pf = pf_tmp;
684 
685 
686  /* text conversion? */
687  if (ctx->text_mode && ctx->convert_crlf)
688  {
689  res = pushf_create(&pf_tmp, &crlf_filter, ctx, pf);
690  if (res < 0)
691  goto out;
692  pf = pf_tmp;
693  }
694 
695  /*
696  * chain complete
697  */
698 
699  len = mbuf_grab(src, mbuf_avail(src), &buf);
700  res = pushf_write(pf, buf, len);
701  if (res >= 0)
702  res = pushf_flush(pf);
703 out:
704  pushf_free_all(pf);
705  return res;
706 }
int pushf_create_mbuf_writer(PushFilter **res, MBuf *dst)
Definition: mbuf.c:561
#define PXE_ARGUMENT_ERROR
Definition: px.h:71
static int init_s2k_key(PGP_Context *ctx)
Definition: pgp-encrypt.c:564
static const PushFilterOps encrypt_filter
Definition: pgp-encrypt.c:226
int pushf_flush(PushFilter *mp)
Definition: mbuf.c:516
static const PushFilterOps mdc_filter
Definition: pgp-encrypt.c:143
int pgp_write_pubenc_sesskey(PGP_Context *ctx, PushFilter *dst)
Definition: pgp-pubenc.c:190
const uint8 * sym_key
Definition: pgp.h:165
unsigned char uint8
Definition: c.h:356
int compress_level
Definition: pgp.h:146
static int init_encdata_packet(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
Definition: pgp-encrypt.c:459
int disable_mdc
Definition: pgp.h:147
int mbuf_grab(MBuf *mbuf, int len, uint8 **data_p)
Definition: mbuf.c:157
static char * buf
Definition: pg_test_fsync.c:68
int compress_algo
Definition: pgp.h:145
void pushf_free_all(PushFilter *mp)
Definition: mbuf.c:428
int mbuf_avail(MBuf *mbuf)
Definition: mbuf.c:50
int pushf_create(PushFilter **mp_p, const PushFilterOps *op, void *init_arg, PushFilter *next)
Definition: mbuf.c:373
static int init_litdata_packet(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
Definition: pgp-encrypt.c:376
static int init_compress(PushFilter **pf_res, PGP_Context *ctx, PushFilter *dst)
Definition: pgp-encrypt.c:431
static int init_sess_key(PGP_Context *ctx)
Definition: pgp-encrypt.c:580
int convert_crlf
Definition: pgp.h:150
static int write_symenc_sesskey(PGP_Context *ctx, PushFilter *dst)
Definition: pgp-encrypt.c:523
PGP_PubKey * pub_key
Definition: pgp.h:164
int pushf_write(PushFilter *mp, const uint8 *data, int len)
Definition: mbuf.c:456
int text_mode
Definition: pgp.h:149
static int write_prefix(PGP_Context *ctx, PushFilter *dst)
Definition: pgp-encrypt.c:480
static const PushFilterOps crlf_filter
Definition: pgp-encrypt.c:368

◆ pgp_expect_packet_end()

int pgp_expect_packet_end ( PullFilter pkt)

Definition at line 1078 of file pgp-decrypt.c.

References pullf_read(), px_debug(), and PXE_PGP_CORRUPT_DATA.

Referenced by pgp_parse_pubenc_sesskey(), and process_secret_key().

1079 {
1080  int res;
1081  uint8 *tmp;
1082 
1083  res = pullf_read(pkt, 32 * 1024, &tmp);
1084  if (res > 0)
1085  {
1086  px_debug("pgp_expect_packet_end: got data");
1087  return PXE_PGP_CORRUPT_DATA;
1088  }
1089  return res;
1090 }
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:78
int pullf_read(PullFilter *pf, int len, uint8 **data_p)
Definition: mbuf.c:262
unsigned char uint8
Definition: c.h:356
void px_debug(const char *fmt,...)
Definition: px.c:152

◆ pgp_extract_armor_headers()

int pgp_extract_armor_headers ( const uint8 src,
unsigned  len,
int *  nheaders,
char ***  keys,
char ***  values 
)

Definition at line 390 of file pgp-armor.c.

References buf, elog, ERROR, find_header(), palloc(), and PXE_PGP_CORRUPT_ARMOR.

Referenced by pgp_armor_headers().

392 {
393  const uint8 *data_end = src + len;
394  const uint8 *p;
395  const uint8 *base64_start;
396  const uint8 *armor_start;
397  const uint8 *armor_end;
398  Size armor_len;
399  char *line;
400  char *nextline;
401  char *eol,
402  *colon;
403  int hlen;
404  char *buf;
405  int hdrlines;
406  int n;
407 
408  /* armor start */
409  hlen = find_header(src, data_end, &armor_start, 0);
410  if (hlen <= 0)
411  return PXE_PGP_CORRUPT_ARMOR;
412  armor_start += hlen;
413 
414  /* armor end */
415  hlen = find_header(armor_start, data_end, &armor_end, 1);
416  if (hlen <= 0)
417  return PXE_PGP_CORRUPT_ARMOR;
418 
419  /* Count the number of armor header lines. */
420  hdrlines = 0;
421  p = armor_start;
422  while (p < armor_end && *p != '\n' && *p != '\r')
423  {
424  p = memchr(p, '\n', armor_end - p);
425  if (!p)
426  return PXE_PGP_CORRUPT_ARMOR;
427 
428  /* step to start of next line */
429  p++;
430  hdrlines++;
431  }
432  base64_start = p;
433 
434  /*
435  * Make a modifiable copy of the part of the input that contains the
436  * headers. The returned key/value pointers will point inside the buffer.
437  */
438  armor_len = base64_start - armor_start;
439  buf = palloc(armor_len + 1);
440  memcpy(buf, armor_start, armor_len);
441  buf[armor_len] = '\0';
442 
443  /* Allocate return arrays */
444  *keys = (char **) palloc(hdrlines * sizeof(char *));
445  *values = (char **) palloc(hdrlines * sizeof(char *));
446 
447  /*
448  * Split the header lines at newlines and ": " separators, and collect
449  * pointers to the keys and values in the return arrays.
450  */
451  n = 0;
452  line = buf;
453  for (;;)
454  {
455  /* find end of line */
456  eol = strchr(line, '\n');
457  if (!eol)
458  break;
459  nextline = eol + 1;
460  /* if the line ends in CR + LF, strip the CR */
461  if (eol > line && *(eol - 1) == '\r')
462  eol--;
463  *eol = '\0';
464 
465  /* find colon+space separating the key and value */
466  colon = strstr(line, ": ");
467  if (!colon)
468  return PXE_PGP_CORRUPT_ARMOR;
469  *colon = '\0';
470 
471  /* shouldn't happen, we counted the number of lines beforehand */
472  if (n >= hdrlines)
473  elog(ERROR, "unexpected number of armor header lines");
474 
475  (*keys)[n] = line;
476  (*values)[n] = colon + 2;
477  n++;
478 
479  /* step to start of next line */
480  line = nextline;
481  }
482 
483  if (n != hdrlines)
484  elog(ERROR, "unexpected number of armor header lines");
485 
486  *nheaders = n;
487  return 0;
488 }
unsigned char uint8
Definition: c.h:356
#define ERROR
Definition: elog.h:43
static char * buf
Definition: pg_test_fsync.c:68
static int find_header(const uint8 *data, const uint8 *datend, const uint8 **start_p, int is_end)
Definition: pgp-armor.c:266
#define PXE_PGP_CORRUPT_ARMOR
Definition: px.h:79
size_t Size
Definition: c.h:466
static Datum values[MAXATTR]
Definition: bootstrap.c:167
void * palloc(Size size)
Definition: mcxt.c:949
#define elog(elevel,...)
Definition: elog.h:226

◆ pgp_free()

int pgp_free ( PGP_Context ctx)

Definition at line 224 of file pgp.c.

References pgp_key_free(), PGP_Context::pub_key, px_free, and px_memset().

Referenced by decrypt_internal(), and encrypt_internal().

225 {
226  if (ctx->pub_key)
227  pgp_key_free(ctx->pub_key);
228  px_memset(ctx, 0, sizeof *ctx);
229  px_free(ctx);
230  return 0;
231 }
#define px_free(p)
Definition: px.h:46
void pgp_key_free(PGP_PubKey *pk)
Definition: pgp-pubkey.c:49
PGP_PubKey * pub_key
Definition: pgp.h:164
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:126

◆ pgp_get_cipher_block_size()

int pgp_get_cipher_block_size ( int  c)

Definition at line 157 of file pgp.c.

References cipher_info::block_len, get_cipher_info(), and i.

Referenced by prefix_init(), process_secret_key(), and write_prefix().

158 {
159  const struct cipher_info *i = get_cipher_info(code);
160 
161  if (i != NULL)
162  return i->block_len;
163  return 0;
164 }
static const struct cipher_info * get_cipher_info(int code)
Definition: pgp.c:93
int block_len
Definition: pgp.c:65
int i
int code
Definition: pgp.c:62

◆ pgp_get_cipher_code()

int pgp_get_cipher_code ( const char *  name)

Definition at line 115 of file pgp.c.

References cipher_info::code, i, cipher_info::name, pg_strcasecmp(), and PXE_PGP_UNSUPPORTED_CIPHER.

Referenced by pgp_set_cipher_algo(), pgp_set_s2k_cipher_algo(), and set_arg().

116 {
117  const struct cipher_info *i;
118 
119  for (i = cipher_list; i->name; i++)
120  if (pg_strcasecmp(i->name, name) == 0)
121  return i->code;
123 }
#define PXE_PGP_UNSUPPORTED_CIPHER
Definition: px.h:81
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
const char * name
Definition: pgp.c:61
const char * name
Definition: encode.c:521
int i
static const struct cipher_info cipher_list[]
Definition: pgp.c:79
int code
Definition: pgp.c:62

◆ pgp_get_cipher_key_size()

int pgp_get_cipher_key_size ( int  c)

Definition at line 147 of file pgp.c.

References get_cipher_info(), i, and cipher_info::key_len.

Referenced by decrypt_key(), init_sess_key(), and pgp_s2k_process().

148 {
149  const struct cipher_info *i = get_cipher_info(code);
150 
151  if (i != NULL)
152  return i->key_len;
153  return 0;
154 }
int key_len
Definition: pgp.c:64
static const struct cipher_info * get_cipher_info(int code)
Definition: pgp.c:93
int i
int code
Definition: pgp.c:62

◆ pgp_get_cipher_name()

const char* pgp_get_cipher_name ( int  code)

Definition at line 137 of file pgp.c.

References get_cipher_info(), i, and cipher_info::name.

138 {
139  const struct cipher_info *i = get_cipher_info(code);
140 
141  if (i != NULL)
142  return i->name;
143  return NULL;
144 }
const char * name
Definition: pgp.c:61
static const struct cipher_info * get_cipher_info(int code)
Definition: pgp.c:93
int i
int code
Definition: pgp.c:62

◆ pgp_get_digest_code()

int pgp_get_digest_code ( const char *  name)

Definition at line 104 of file pgp.c.

References digest_info::code, i, digest_info::name, pg_strcasecmp(), and PXE_PGP_UNSUPPORTED_HASH.

Referenced by pgp_set_s2k_digest_algo(), and set_arg().

105 {
106  const struct digest_info *i;
107 
108  for (i = digest_list; i->name; i++)
109  if (pg_strcasecmp(i->name, name) == 0)
110  return i->code;
112 }
#define PXE_PGP_UNSUPPORTED_HASH
Definition: px.h:82
const char * name
Definition: pgp.c:55
int pg_strcasecmp(const char *s1, const char *s2)
Definition: pgstrcasecmp.c:36
int code
Definition: pgp.c:56
const char * name
Definition: encode.c:521
int i
static const struct digest_info digest_list[]
Definition: pgp.c:68

◆ pgp_get_digest_name()

const char* pgp_get_digest_name ( int  code)

Definition at line 126 of file pgp.c.

References digest_info::code, i, and digest_info::name.

Referenced by pgp_load_digest().

127 {
128  const struct digest_info *i;
129 
130  for (i = digest_list; i->name; i++)
131  if (i->code == code)
132  return i->name;
133  return NULL;
134 }
const char * name
Definition: pgp.c:55
int code
Definition: pgp.c:56
int i
static const struct digest_info digest_list[]
Definition: pgp.c:68

◆ pgp_get_keyid()

int pgp_get_keyid ( MBuf pgp_data,
char *  dst 
)

Definition at line 112 of file pgp-info.c.

References any_key, pgp_create_pkt_reader(), pgp_parse_pkt_hdr(), PGP_PKT_MARKER, PGP_PKT_PRIV_61, PGP_PKT_PUBENCRYPTED_SESSKEY, PGP_PKT_PUBLIC_KEY, PGP_PKT_PUBLIC_SUBKEY, PGP_PKT_SECRET_KEY, PGP_PKT_SECRET_SUBKEY, PGP_PKT_SIGNATURE, PGP_PKT_SYMENCRYPTED_DATA, PGP_PKT_SYMENCRYPTED_DATA_MDC, PGP_PKT_SYMENCRYPTED_SESSKEY, PGP_PKT_TRUST, PGP_PKT_USER_ATTR, PGP_PKT_USER_ID, pgp_skip_packet(), print_key(), pullf_create_mbuf_reader(), pullf_free(), PXE_PGP_CORRUPT_DATA, PXE_PGP_MULTIPLE_KEYS, PXE_PGP_NO_USABLE_KEY, read_pubenc_keyid(), and read_pubkey_keyid().

Referenced by pgp_key_id_w().

113 {
114  int res;
115  PullFilter *src;
116  PullFilter *pkt = NULL;
117  int len;
118  uint8 tag;
119  int got_pub_key = 0,
120  got_symenc_key = 0,
121  got_pubenc_key = 0;
122  int got_data = 0;
123  uint8 keyid_buf[8];
124  int got_main_key = 0;
125 
126 
127  res = pullf_create_mbuf_reader(&src, pgp_data);
128  if (res < 0)
129  return res;
130 
131  while (1)
132  {
133  res = pgp_parse_pkt_hdr(src, &tag, &len, 0);
134  if (res <= 0)
135  break;
136  res = pgp_create_pkt_reader(&pkt, src, len, res, NULL);
137  if (res < 0)
138  break;
139 
140  switch (tag)
141  {
142  case PGP_PKT_SECRET_KEY:
143  case PGP_PKT_PUBLIC_KEY:
144  /* main key is for signing, so ignore it */
145  if (!got_main_key)
146  {
147  got_main_key = 1;
148  res = pgp_skip_packet(pkt);
149  }
150  else
151  res = PXE_PGP_MULTIPLE_KEYS;
152  break;
155  res = read_pubkey_keyid(pkt, keyid_buf);
156  if (res < 0)
157  break;
158  if (res > 0)
159  got_pub_key++;
160  break;
162  got_pubenc_key++;
163  res = read_pubenc_keyid(pkt, keyid_buf);
164  break;
167  /* don't skip it, just stop */
168  got_data = 1;
169  break;
171  got_symenc_key++;
172  /* fallthru */
173  case PGP_PKT_SIGNATURE:
174  case PGP_PKT_MARKER:
175  case PGP_PKT_TRUST:
176  case PGP_PKT_USER_ID:
177  case PGP_PKT_USER_ATTR:
178  case PGP_PKT_PRIV_61:
179  res = pgp_skip_packet(pkt);
180  break;
181  default:
182  res = PXE_PGP_CORRUPT_DATA;
183  }
184 
185  if (pkt)
186  pullf_free(pkt);
187  pkt = NULL;
188 
189  if (res < 0 || got_data)
190  break;
191  }
192 
193  pullf_free(src);
194  if (pkt)
195  pullf_free(pkt);
196 
197  if (res < 0)
198  return res;
199 
200  /* now check sanity */
201  if (got_pub_key && got_pubenc_key)
202  res = PXE_PGP_CORRUPT_DATA;
203 
204  if (got_pub_key > 1)
205  res = PXE_PGP_MULTIPLE_KEYS;
206 
207  if (got_pubenc_key > 1)
208  res = PXE_PGP_MULTIPLE_KEYS;
209 
210  /*
211  * if still ok, look what we got
212  */
213  if (res >= 0)
214  {
215  if (got_pubenc_key || got_pub_key)
216  {
217  if (memcmp(keyid_buf, any_key, 8) == 0)
218  {
219  memcpy(dst, "ANYKEY", 7);
220  res = 6;
221  }
222  else
223  res = print_key(keyid_buf, dst);
224  }
225  else if (got_symenc_key)
226  {
227  memcpy(dst, "SYMKEY", 7);
228  res = 6;
229  }
230  else
231  res = PXE_PGP_NO_USABLE_KEY;
232  }
233 
234  return res;
235 }
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:78
static int read_pubenc_keyid(PullFilter *pkt, uint8 *keyid_buf)
Definition: pgp-info.c:71
void pullf_free(PullFilter *pf)
Definition: mbuf.c:245
int pgp_parse_pkt_hdr(PullFilter *src, uint8 *tag, int *len_p, int allow_ctx)
Definition: pgp-decrypt.c:129
unsigned char uint8
Definition: c.h:356
int pullf_create_mbuf_reader(PullFilter **mp_p, MBuf *src)
Definition: mbuf.c:352
static int print_key(uint8 *keyid, char *dst)
Definition: pgp-info.c:90
int pgp_skip_packet(PullFilter *pkt)
Definition: pgp-decrypt.c:1064
#define PXE_PGP_NO_USABLE_KEY
Definition: px.h:97
static int read_pubkey_keyid(PullFilter *pkt, uint8 *keyid_buf)
Definition: pgp-info.c:38
int pgp_create_pkt_reader(PullFilter **pf_p, PullFilter *src, int len, int pkttype, PGP_Context *ctx)
Definition: pgp-decrypt.c:223
#define PXE_PGP_MULTIPLE_KEYS
Definition: px.h:92
static const uint8 any_key[]
Definition: pgp-info.c:105

◆ pgp_get_unicode_mode()

int pgp_get_unicode_mode ( PGP_Context ctx)

Definition at line 351 of file pgp.c.

References PGP_Context::unicode_mode.

Referenced by decrypt_internal(), and encrypt_internal().

352 {
353  return ctx->unicode_mode;
354 }
int unicode_mode
Definition: pgp.h:151

◆ pgp_init()

int pgp_init ( PGP_Context **  ctx)

Definition at line 199 of file pgp.c.

References PGP_Context::cipher_algo, PGP_Context::compress_algo, PGP_Context::compress_level, PGP_Context::convert_crlf, def_cipher_algo, def_compress_algo, def_compress_level, def_convert_crlf, def_disable_mdc, def_s2k_cipher_algo, def_s2k_count, def_s2k_digest_algo, def_s2k_mode, def_text_mode, def_unicode_mode, def_use_sess_key, PGP_Context::disable_mdc, px_alloc, PGP_Context::s2k_cipher_algo, PGP_Context::s2k_count, PGP_Context::s2k_digest_algo, PGP_Context::s2k_mode, PGP_Context::text_mode, PGP_Context::unicode_mode, and PGP_Context::use_sess_key.

Referenced by init_work().

200 {
201  PGP_Context *ctx;
202 
203  ctx = px_alloc(sizeof *ctx);
204  memset(ctx, 0, sizeof *ctx);
205 
208  ctx->s2k_mode = def_s2k_mode;
209  ctx->s2k_count = def_s2k_count;
217  ctx->text_mode = def_text_mode;
218 
219  *ctx_p = ctx;
220  return 0;
221 }
static int def_convert_crlf
Definition: pgp.c:51
int cipher_algo
Definition: pgp.h:144
static int def_use_sess_key
Definition: pgp.c:48
static int def_s2k_mode
Definition: pgp.c:42
int unicode_mode
Definition: pgp.h:151
static int def_s2k_count
Definition: pgp.c:43
int compress_level
Definition: pgp.h:146
static int def_compress_algo
Definition: pgp.c:45
static int def_compress_level
Definition: pgp.c:46
int disable_mdc
Definition: pgp.h:147
int use_sess_key
Definition: pgp.h:148
static int def_text_mode
Definition: pgp.c:49
static int def_s2k_cipher_algo
Definition: pgp.c:41
static int def_unicode_mode
Definition: pgp.c:50
int compress_algo
Definition: pgp.h:145
static int def_cipher_algo
Definition: pgp.c:40
int s2k_cipher_algo
Definition: pgp.h:143
int convert_crlf
Definition: pgp.h:150
#define px_alloc(s)
Definition: px.h:44
int s2k_mode
Definition: pgp.h:140
int s2k_digest_algo
Definition: pgp.h:142
static int def_disable_mdc
Definition: pgp.c:47
static int def_s2k_digest_algo
Definition: pgp.c:44
int text_mode
Definition: pgp.h:149
int s2k_count
Definition: pgp.h:141

◆ pgp_key_alloc()

int pgp_key_alloc ( PGP_PubKey **  pk_p)

Definition at line 38 of file pgp-pubkey.c.

References px_alloc.

Referenced by _pgp_read_public_key().

39 {
40  PGP_PubKey *pk;
41 
42  pk = px_alloc(sizeof(*pk));
43  memset(pk, 0, sizeof(*pk));
44  *pk_p = pk;
45  return 0;
46 }
#define px_alloc(s)
Definition: px.h:44

◆ pgp_key_free()

void pgp_key_free ( PGP_PubKey pk)

Definition at line 49 of file pgp-pubkey.c.

References PGP_PubKey::algo, PGP_PubKey::dsa, PGP_PubKey::elg, pgp_mpi_free(), PGP_PUB_DSA_SIGN, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_PUB_RSA_SIGN, PGP_PubKey::pub, px_free, px_memset(), PGP_PubKey::rsa, and PGP_PubKey::sec.

Referenced by _pgp_read_public_key(), internal_read_key(), pgp_free(), process_secret_key(), and read_pubkey_keyid().

50 {
51  if (pk == NULL)
52  return;
53 
54  switch (pk->algo)
55  {
57  pgp_mpi_free(pk->pub.elg.p);
58  pgp_mpi_free(pk->pub.elg.g);
59  pgp_mpi_free(pk->pub.elg.y);
60  pgp_mpi_free(pk->sec.elg.x);
61  break;
62  case PGP_PUB_RSA_SIGN:
65  pgp_mpi_free(pk->pub.rsa.n);
66  pgp_mpi_free(pk->pub.rsa.e);
67  pgp_mpi_free(pk->sec.rsa.d);
68  pgp_mpi_free(pk->sec.rsa.p);
69  pgp_mpi_free(pk->sec.rsa.q);
70  pgp_mpi_free(pk->sec.rsa.u);
71  break;
72  case PGP_PUB_DSA_SIGN:
73  pgp_mpi_free(pk->pub.dsa.p);
74  pgp_mpi_free(pk->pub.dsa.q);
75  pgp_mpi_free(pk->pub.dsa.g);
76  pgp_mpi_free(pk->pub.dsa.y);
77  pgp_mpi_free(pk->sec.dsa.x);
78  break;
79  }
80  px_memset(pk, 0, sizeof(*pk));
81  px_free(pk);
82 }
struct PGP_PubKey::@5::@7 elg
struct PGP_PubKey::@5::@9 dsa
#define px_free(p)
Definition: px.h:46
struct PGP_PubKey::@5::@8 rsa
int pgp_mpi_free(PGP_MPI *mpi)
Definition: pgp-mpi.c:70
union PGP_PubKey::@6 sec
union PGP_PubKey::@5 pub
uint8 algo
Definition: pgp.h:190
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:126

◆ pgp_load_cipher()

int pgp_load_cipher ( int  c,
PX_Cipher **  res 
)

Definition at line 167 of file pgp.c.

References get_cipher_info(), i, cipher_info::int_name, px_find_cipher(), PXE_PGP_CORRUPT_DATA, and PXE_PGP_UNSUPPORTED_CIPHER.

Referenced by pgp_cfb_create().

168 {
169  int err;
170  const struct cipher_info *i = get_cipher_info(code);
171 
172  if (i == NULL)
173  return PXE_PGP_CORRUPT_DATA;
174 
175  err = px_find_cipher(i->int_name, res);
176  if (err == 0)
177  return 0;
178 
180 }
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:78
#define PXE_PGP_UNSUPPORTED_CIPHER
Definition: px.h:81
static const struct cipher_info * get_cipher_info(int code)
Definition: pgp.c:93
const char * int_name
Definition: pgp.c:63
int i
int px_find_cipher(const char *name, PX_Cipher **res)
Definition: internal.c:578
int code
Definition: pgp.c:62

◆ pgp_load_digest()

int pgp_load_digest ( int  c,
PX_MD **  res 
)

Definition at line 183 of file pgp.c.

References digest_info::name, pgp_get_digest_name(), px_find_digest(), PXE_PGP_CORRUPT_DATA, and PXE_PGP_UNSUPPORTED_HASH.

Referenced by calc_key_id(), check_key_sha1(), mdc_init(), and pgp_s2k_process().

184 {
185  int err;
186  const char *name = pgp_get_digest_name(code);
187 
188  if (name == NULL)
189  return PXE_PGP_CORRUPT_DATA;
190 
191  err = px_find_digest(name, res);
192  if (err == 0)
193  return 0;
194 
196 }
#define PXE_PGP_UNSUPPORTED_HASH
Definition: px.h:82
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:78
const char * pgp_get_digest_name(int code)
Definition: pgp.c:126
const char * name
Definition: encode.c:521
int px_find_digest(const char *name, PX_MD **res)
Definition: internal.c:559
int code
Definition: pgp.c:62

◆ pgp_mpi_alloc()

int pgp_mpi_alloc ( int  bits,
PGP_MPI **  mpi 
)

Definition at line 37 of file pgp-mpi.c.

References PGP_MPI::bits, PGP_MPI::bytes, PGP_MPI::data, px_alloc, px_debug(), and PXE_PGP_CORRUPT_DATA.

Referenced by bn_to_mpi(), pgp_mpi_create(), and pgp_mpi_read().

38 {
39  PGP_MPI *n;
40  int len = (bits + 7) / 8;
41 
42  if (bits < 0 || bits > 0xFFFF)
43  {
44  px_debug("pgp_mpi_alloc: unreasonable request: bits=%d", bits);
45  return PXE_PGP_CORRUPT_DATA;
46  }
47  n = px_alloc(sizeof(*n) + len);
48  n->bits = bits;
49  n->bytes = len;
50  n->data = (uint8 *) (n) + sizeof(*n);
51  *mpi = n;
52  return 0;
53 }
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:78
uint8 * data
Definition: pgp.h:181
unsigned char uint8
Definition: c.h:356
int bytes
Definition: pgp.h:183
Definition: pgp.h:179
void px_debug(const char *fmt,...)
Definition: px.c:152
#define px_alloc(s)
Definition: px.h:44
int bits
Definition: pgp.h:182

◆ pgp_mpi_cksum()

unsigned pgp_mpi_cksum ( unsigned  cksum,
PGP_MPI n 
)

Definition at line 132 of file pgp-mpi.c.

References PGP_MPI::bits, PGP_MPI::bytes, PGP_MPI::data, and i.

Referenced by check_key_cksum().

133 {
134  int i;
135 
136  cksum += n->bits >> 8;
137  cksum += n->bits & 0xFF;
138  for (i = 0; i < n->bytes; i++)
139  cksum += n->data[i];
140 
141  return cksum & 0xFFFF;
142 }
uint8 * data
Definition: pgp.h:181
int bytes
Definition: pgp.h:183
int i
int bits
Definition: pgp.h:182

◆ pgp_mpi_create()

int pgp_mpi_create ( uint8 data,
int  bits,
PGP_MPI **  mpi 
)

Definition at line 56 of file pgp-mpi.c.

References PGP_MPI::bytes, PGP_MPI::data, and pgp_mpi_alloc().

Referenced by create_secmsg().

57 {
58  int res;
59  PGP_MPI *n;
60 
61  res = pgp_mpi_alloc(bits, &n);
62  if (res < 0)
63  return res;
64  memcpy(n->data, data, n->bytes);
65  *mpi = n;
66  return 0;
67 }
uint8 * data
Definition: pgp.h:181
int bytes
Definition: pgp.h:183
int pgp_mpi_alloc(int bits, PGP_MPI **mpi)
Definition: pgp-mpi.c:37
Definition: pgp.h:179

◆ pgp_mpi_free()

int pgp_mpi_free ( PGP_MPI mpi)

Definition at line 70 of file pgp-mpi.c.

References PGP_MPI::bytes, px_free, and px_memset().

Referenced by bn_to_mpi(), decrypt_elgamal(), decrypt_rsa(), encrypt_and_write_elgamal(), encrypt_and_write_rsa(), pgp_key_free(), pgp_mpi_read(), and pgp_parse_pubenc_sesskey().

71 {
72  if (mpi == NULL)
73  return 0;
74  px_memset(mpi, 0, sizeof(*mpi) + mpi->bytes);
75  px_free(mpi);
76  return 0;
77 }
#define px_free(p)
Definition: px.h:46
int bytes
Definition: pgp.h:183
void px_memset(void *ptr, int c, size_t len)
Definition: px.c:126

◆ pgp_mpi_hash()

int pgp_mpi_hash ( PX_MD md,
PGP_MPI n 
)

Definition at line 119 of file pgp-mpi.c.

References PGP_MPI::bits, buf, PGP_MPI::bytes, PGP_MPI::data, and px_md_update.

Referenced by calc_key_id(), and check_key_sha1().

120 {
121  uint8 buf[2];
122 
123  buf[0] = n->bits >> 8;
124  buf[1] = n->bits & 0xFF;
125  px_md_update(md, buf, 2);
126  px_md_update(md, n->data, n->bytes);
127 
128  return 0;
129 }
uint8 * data
Definition: pgp.h:181
#define px_md_update(md, data, dlen)
Definition: px.h:205
unsigned char uint8
Definition: c.h:356
int bytes
Definition: pgp.h:183
static char * buf
Definition: pg_test_fsync.c:68
int bits
Definition: pgp.h:182

◆ pgp_mpi_read()

int pgp_mpi_read ( PullFilter src,
PGP_MPI **  mpi 
)

Definition at line 80 of file pgp-mpi.c.

References PGP_MPI::bytes, PGP_MPI::data, pgp_mpi_alloc(), pgp_mpi_free(), and pullf_read_fixed().

Referenced by _pgp_read_public_key(), decrypt_elgamal(), decrypt_rsa(), and process_secret_key().

81 {
82  int res;
83  uint8 hdr[2];
84  int bits;
85  PGP_MPI *n;
86 
87  res = pullf_read_fixed(src, 2, hdr);
88  if (res < 0)
89  return res;
90  bits = ((unsigned) hdr[0] << 8) + hdr[1];
91 
92  res = pgp_mpi_alloc(bits, &n);
93  if (res < 0)
94  return res;
95 
96  res = pullf_read_fixed(src, n->bytes, n->data);
97  if (res < 0)
98  pgp_mpi_free(n);
99  else
100  *mpi = n;
101  return res;
102 }
uint8 * data
Definition: pgp.h:181
int pullf_read_fixed(PullFilter *src, int len, uint8 *dst)
Definition: mbuf.c:317
unsigned char uint8
Definition: c.h:356
int bytes
Definition: pgp.h:183
int pgp_mpi_alloc(int bits, PGP_MPI **mpi)
Definition: pgp-mpi.c:37
Definition: pgp.h:179
int pgp_mpi_free(PGP_MPI *mpi)
Definition: pgp-mpi.c:70

◆ pgp_mpi_write()

int pgp_mpi_write ( PushFilter dst,
PGP_MPI n 
)

Definition at line 105 of file pgp-mpi.c.

References PGP_MPI::bits, buf, PGP_MPI::bytes, PGP_MPI::data, and pushf_write().

Referenced by encrypt_and_write_elgamal(), and encrypt_and_write_rsa().

106 {
107  int res;
108  uint8 buf[2];
109 
110  buf[0] = n->bits >> 8;
111  buf[1] = n->bits & 0xFF;
112  res = pushf_write(dst, buf, 2);
113  if (res >= 0)
114  res = pushf_write(dst, n->data, n->bytes);
115  return res;
116 }
uint8 * data
Definition: pgp.h:181
unsigned char uint8
Definition: c.h:356
int bytes
Definition: pgp.h:183
static char * buf
Definition: pg_test_fsync.c:68
int pushf_write(PushFilter *mp, const uint8 *data, int len)
Definition: mbuf.c:456
int bits
Definition: pgp.h:182

◆ pgp_parse_pkt_hdr()

int pgp_parse_pkt_hdr ( PullFilter src,
uint8 tag,
int *  len_p,
int  allow_ctx 
)

Definition at line 129 of file pgp-decrypt.c.

References parse_new_len(), parse_old_len(), PKT_CONTEXT, pullf_read(), px_debug(), and PXE_PGP_CORRUPT_DATA.

Referenced by internal_read_key(), pgp_decrypt(), pgp_get_keyid(), and process_data_packets().

130 {
131  int lentype;
132  int res;
133  uint8 *p;
134 
135  /* EOF is normal here, thus we don't use GETBYTE */
136  res = pullf_read(src, 1, &p);
137  if (res < 0)
138  return res;
139  if (res == 0)
140  return 0;
141 
142  if ((*p & 0x80) == 0)
143  {
144  px_debug("pgp_parse_pkt_hdr: not pkt hdr");
145  return PXE_PGP_CORRUPT_DATA;
146  }
147 
148  if (*p & 0x40)
149  {
150  *tag = *p & 0x3f;
151  res = parse_new_len(src, len_p);
152  }
153  else
154  {
155  lentype = *p & 3;
156  *tag = (*p >> 2) & 0x0F;
157  if (lentype == 3)
158  res = allow_ctx ? PKT_CONTEXT : PXE_PGP_CORRUPT_DATA;
159  else
160  res = parse_old_len(src, len_p, lentype);
161  }
162  return res;
163 }
static int parse_new_len(PullFilter *src, int *len_p)
Definition: pgp-decrypt.c:52
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:78
int pullf_read(PullFilter *pf, int len, uint8 **data_p)
Definition: mbuf.c:262
unsigned char uint8
Definition: c.h:356
static int parse_old_len(PullFilter *src, int *len_p, int lentype)
Definition: pgp-decrypt.c:95
#define PKT_CONTEXT
Definition: pgp-decrypt.c:47
void px_debug(const char *fmt,...)
Definition: px.c:152

◆ pgp_parse_pubenc_sesskey()

int pgp_parse_pubenc_sesskey ( PGP_Context ctx,
PullFilter pkt 
)

Definition at line 150 of file pgp-pubdec.c.

References any_key, PGP_MPI::bytes, check_eme_pkcs1_v15(), PGP_Context::cipher_algo, control_cksum(), PGP_MPI::data, decrypt_elgamal(), decrypt_rsa(), GETBYTE, PGP_PubKey::key_id, pgp_expect_packet_end(), pgp_mpi_free(), PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_Context::pub_key, pullf_read_fixed(), px_debug(), PXE_BUG, PXE_PGP_CORRUPT_DATA, PXE_PGP_UNKNOWN_PUBALGO, PXE_PGP_WRONG_KEY, PGP_Context::sess_key, and PGP_Context::sess_key_len.

Referenced by pgp_decrypt().

151 {
152  int ver;
153  int algo;
154  int res;
155  uint8 key_id[8];
156  PGP_PubKey *pk;
157  uint8 *msg;
158  int msglen;
159  PGP_MPI *m;
160 
161  pk = ctx->pub_key;
162  if (pk == NULL)
163  {
164  px_debug("no pubkey?");
165  return PXE_BUG;
166  }
167 
168  GETBYTE(pkt, ver);
169  if (ver != 3)
170  {
171  px_debug("unknown pubenc_sesskey pkt ver=%d", ver);
172  return PXE_PGP_CORRUPT_DATA;
173  }
174 
175  /*
176  * check if keyid's match - user-friendly msg
177  */
178  res = pullf_read_fixed(pkt, 8, key_id);
179  if (res < 0)
180  return res;
181  if (memcmp(key_id, any_key, 8) != 0
182  && memcmp(key_id, pk->key_id, 8) != 0)
183  {
184  px_debug("key_id's does not match");
185  return PXE_PGP_WRONG_KEY;
186  }
187 
188  /*
189  * Decrypt
190  */
191  GETBYTE(pkt, algo);
192  switch (algo)
193  {
194  case PGP_PUB_ELG_ENCRYPT:
195  res = decrypt_elgamal(pk, pkt, &m);
196  break;
197  case PGP_PUB_RSA_ENCRYPT:
199  res = decrypt_rsa(pk, pkt, &m);
200  break;
201  default:
203  }
204  if (res < 0)
205  return res;
206 
207  /*
208  * extract message
209  */
210  msg = check_eme_pkcs1_v15(m->data, m->bytes);
211  if (msg == NULL)
212  {
213  px_debug("check_eme_pkcs1_v15 failed");
214  res = PXE_PGP_WRONG_KEY;
215  goto out;
216  }
217  msglen = m->bytes - (msg - m->data);
218 
219  res = control_cksum(msg, msglen);
220  if (res < 0)
221  goto out;
222 
223  /*
224  * got sesskey
225  */
226  ctx->cipher_algo = *msg;
227  ctx->sess_key_len = msglen - 3;
228  memcpy(ctx->sess_key, msg + 1, ctx->sess_key_len);
229 
230 out:
231  pgp_mpi_free(m);
232  if (res < 0)
233  return res;
234  return pgp_expect_packet_end(pkt);
235 }
#define PXE_PGP_CORRUPT_DATA
Definition: px.h:78
int cipher_algo
Definition: pgp.h:144
uint8 * data
Definition: pgp.h:181
int pullf_read_fixed(PullFilter *src, int len, uint8 *dst)
Definition: mbuf.c:317
unsigned char uint8
Definition: c.h:356
#define PXE_PGP_WRONG_KEY
Definition: px.h:91
int bytes
Definition: pgp.h:183
uint8 sess_key[PGP_MAX_KEY]
Definition: pgp.h:171
#define GETBYTE(x, i)
Definition: hstore_gist.c:29
static int control_cksum(uint8 *msg, int msglen)
Definition: pgp-pubdec.c:74
static const uint8 any_key[]
Definition: pgp-pubdec.c:147
#define PXE_BUG
Definition: px.h:70
Definition: pgp.h:179
int pgp_mpi_free(PGP_MPI *mpi)
Definition: pgp-mpi.c:70
int pgp_expect_packet_end(PullFilter *pkt)
Definition: pgp-decrypt.c:1078
static uint8 * check_eme_pkcs1_v15(uint8 *data, int len)
Definition: pgp-pubdec.c:42
static int decrypt_elgamal(PGP_PubKey *pk, PullFilter *pkt, PGP_MPI **m_p)
Definition: pgp-pubdec.c:97
unsigned sess_key_len
Definition: pgp.h:172
void px_debug(const char *fmt,...)
Definition: px.c:152
uint8 key_id[8]
Definition: pgp.h:235
#define PXE_PGP_UNKNOWN_PUBALGO
Definition: px.h:90
PGP_PubKey * pub_key
Definition: pgp.h:164
static int decrypt_rsa(PGP_PubKey *pk, PullFilter *pkt, PGP_MPI **m_p)
Definition: pgp-pubdec.c:124

◆ pgp_rsa_decrypt()

int pgp_rsa_decrypt ( PGP_PubKey pk,
PGP_MPI c,
PGP_MPI **  m 
)

Definition at line 280 of file pgp-mpi-internal.c.

References bn_to_mpi(), mp_clear_free(), mp_int_exptmod(), mp_new(), mpi_to_bn(), PGP_PubKey::pub, PXE_PGP_MATH_FAILED, PGP_PubKey::rsa, and PGP_PubKey::sec.

Referenced by decrypt_rsa().

281 {
282  int res = PXE_PGP_MATH_FAILED;
283  mpz_t *c = mpi_to_bn(_c);
284  mpz_t *d = mpi_to_bn(pk->sec.rsa.d);
285  mpz_t *n = mpi_to_bn(pk->pub.rsa.n);
286  mpz_t *m = mp_new();
287 
288  if (!m || !d || !n || !c)
289  goto err;
290 
291  /*
292  * m = c ^ d
293  */
294  mp_int_exptmod(c, d, n, m);
295 
296  *m_p = bn_to_mpi(m);
297  if (*m_p)
298  res = 0;
299 err:
300  mp_clear_free(m);
301  mp_clear_free(n);
302  mp_clear_free(d);
303  mp_clear_free(c);
304  return res;
305 }
Definition: imath.h:52
static mpz_t * mpi_to_bn(PGP_MPI *n)
struct PGP_PubKey::@5::@8 rsa
static mpz_t * mp_new()
mp_result mp_int_exptmod(mp_int a, mp_int b, mp_int m, mp_int c)
Definition: imath.c:1369
static PGP_MPI * bn_to_mpi(mpz_t *bn)
union PGP_PubKey::@6 sec
union PGP_PubKey::@5 pub
#define PXE_PGP_MATH_FAILED
Definition: px.h:87
static void mp_clear_free(mpz_t *a)

◆ pgp_rsa_encrypt()

int pgp_rsa_encrypt ( PGP_PubKey pk,
PGP_MPI m,
PGP_MPI **  c 
)

Definition at line 252 of file pgp-mpi-internal.c.

References bn_to_mpi(), mp_clear_free(), mp_int_exptmod(), mp_new(), mpi_to_bn(), PGP_PubKey::pub, PXE_PGP_MATH_FAILED, and PGP_PubKey::rsa.

Referenced by encrypt_and_write_rsa().

253 {
254  int res = PXE_PGP_MATH_FAILED;
255  mpz_t *m = mpi_to_bn(_m);
256  mpz_t *e = mpi_to_bn(pk->pub.rsa.e);
257  mpz_t *n = mpi_to_bn(pk->pub.rsa.n);
258  mpz_t *c = mp_new();
259 
260  if (!m || !e || !n || !c)
261  goto err;
262 
263  /*
264  * c = m ^ e
265  */
266  mp_int_exptmod(m, e, n, c);
267 
268  *c_p = bn_to_mpi(c);
269  if (*c_p)
270  res = 0;
271 err:
272  mp_clear_free(c);
273  mp_clear_free(n);
274  mp_clear_free(e);
275  mp_clear_free(m);
276  return res;
277 }
Definition: imath.h:52
static mpz_t * mpi_to_bn(PGP_MPI *n)
struct PGP_PubKey::@5::@8 rsa
static mpz_t * mp_new()
mp_result mp_int_exptmod(mp_int a, mp_int b, mp_int m, mp_int c)
Definition: imath.c:1369
static PGP_MPI * bn_to_mpi(mpz_t *bn)
union PGP_PubKey::@5 pub
#define PXE_PGP_MATH_FAILED
Definition: px.h:87
e
Definition: preproc-init.c:82
static void mp_clear_free(mpz_t *a)

◆ pgp_s2k_fill()

int pgp_s2k_fill ( PGP_S2K s2k,
int  mode,
int  digest_algo,
int  count 
)

Definition at line 224 of file pgp-s2k.c.

References decide_s2k_iter(), PGP_S2K::digest_algo, PGP_S2K::iter, mode, PGP_S2K::mode, pg_strong_random(), PGP_S2K_ISALTED, PGP_S2K_SALT, PGP_S2K_SALTED, PGP_S2K_SIMPLE, PXE_NO_RANDOM, PXE_PGP_BAD_S2K_MODE, and PGP_S2K::salt.

Referenced by init_s2k_key().

225 {
226  int res = 0;
227  uint8 tmp;
228 
229  s2k->mode = mode;
230  s2k->digest_algo = digest_algo;
231 
232  switch (s2k->mode)
233  {
234  case PGP_S2K_SIMPLE:
235  break;
236  case PGP_S2K_SALTED:
237  if (!pg_strong_random(s2k->salt, PGP_S2K_SALT))
238  return PXE_NO_RANDOM;
239  break;
240  case PGP_S2K_ISALTED:
241  if (!pg_strong_random(s2k->salt, PGP_S2K_SALT))
242  return PXE_NO_RANDOM;
243  if (!pg_strong_random(&tmp, 1))
244  return PXE_NO_RANDOM;
245  s2k->iter = decide_s2k_iter(tmp, count);
246  break;
247  default:
248  res = PXE_PGP_BAD_S2K_MODE;
249  }
250  return res;
251 }
uint8 mode
Definition: pgp.h:124
static PgChecksumMode mode
Definition: pg_checksums.c:61
unsigned char uint8
Definition: c.h:356
#define PXE_NO_RANDOM
Definition: px.h:75
#define PXE_PGP_BAD_S2K_MODE
Definition: px.h:99
uint8 digest_algo
Definition: pgp.h:125
uint8 salt[8]
Definition: pgp.h:126
#define PGP_S2K_SALT
Definition: pgp.h:115
bool pg_strong_random(void *buf, size_t len)
static uint8 decide_s2k_iter(unsigned rand_byte, int count)
Definition: pgp-s2k.c:210
uint8 iter
Definition: pgp.h:127

◆ pgp_s2k_process()

int pgp_s2k_process ( PGP_S2K s2k,
int  cipher,
const uint8 key,
int  klen 
)

Definition at line 280 of file pgp-s2k.c.

References calc_s2k_iter_salted(), calc_s2k_salted(), calc_s2k_simple(), PGP_S2K::digest_algo, PGP_S2K::key_len, PGP_S2K::mode, pgp_get_cipher_key_size(), pgp_load_digest(), px_md_free, PXE_PGP_BAD_S2K_MODE, and PXE_PGP_UNSUPPORTED_CIPHER.

Referenced by init_s2k_key(), parse_symenc_sesskey(), and process_secret_key().

281 {
282  int res;
283  PX_MD *md;
284 
285  s2k->key_len = pgp_get_cipher_key_size(cipher);
286  if (s2k->key_len <= 0)
288 
289  res = pgp_load_digest(s2k->digest_algo, &md);
290  if (res < 0)
291  return res;
292 
293  switch (s2k->mode)
294  {
295  case 0:
296  res = calc_s2k_simple(s2k, md, key, key_len);
297  break;
298  case 1:
299  res = calc_s2k_salted(s2k, md, key, key_len);
300  break;
301  case 3:
302  res = calc_s2k_iter_salted(s2k, md, key, key_len);
303  break;
304  default:
305  res = PXE_PGP_BAD_S2K_MODE;
306  }
307  px_md_free(md);
308  return res;
309 }
uint8 mode
Definition: pgp.h:124
static int calc_s2k_simple(PGP_S2K *s2k, PX_MD *md, const uint8 *key, unsigned key_len)
Definition: pgp-s2k.c:39
#define PXE_PGP_UNSUPPORTED_CIPHER
Definition: px.h:81
int key_len
Definition: pgp.c:64
static int calc_s2k_salted(PGP_S2K *s2k, PX_MD *md, const uint8 *key, unsigned key_len)
Definition: pgp-s2k.c:83
#define PXE_PGP_BAD_S2K_MODE
Definition: px.h:99
uint8 digest_algo
Definition: pgp.h:125
Definition: px.h:110
int pgp_get_cipher_key_size(int code)
Definition: pgp.c:147
static int calc_s2k_iter_salted(PGP_S2K *s2k, PX_MD *md, const uint8 *key, unsigned key_len)
Definition: pgp-s2k.c:127
#define px_md_free(md)
Definition: px.h:207
int pgp_load_digest(int code, PX_MD **res)
Definition: pgp.c:183
uint8 key_len
Definition: pgp.h:130

◆ pgp_s2k_read()

int pgp_s2k_read ( PullFilter src,
PGP_S2K s2k 
)

Definition at line 254 of file pgp-s2k.c.

References PGP_S2K::digest_algo, GETBYTE, PGP_S2K::iter, PGP_S2K::mode, pullf_read_fixed(), PXE_PGP_BAD_S2K_MODE, and PGP_S2K::salt.

Referenced by parse_symenc_sesskey(), and process_secret_key().

255 {
256  int res = 0;
257 
258  GETBYTE(src, s2k->mode);
259  GETBYTE(src, s2k->digest_algo);
260  switch (s2k->mode)
261  {
262  case 0:
263  break;
264  case 1:
265  res = pullf_read_fixed(src, 8, s2k->salt);
266  break;
267  case 3:
268  res = pullf_read_fixed(src, 8, s2k->salt);
269  if (res < 0)
270  break;
271  GETBYTE(src, s2k->iter);
272  break;
273  default:
274  res = PXE_PGP_BAD_S2K_MODE;
275  }
276  return res;
277 }
uint8 mode
Definition: pgp.h:124
int pullf_read_fixed(PullFilter *src, int len, uint8 *dst)
Definition: mbuf.c:317
#define PXE_PGP_BAD_S2K_MODE
Definition: px.h:99
uint8 digest_algo
Definition: pgp.h:125
#define GETBYTE(x, i)
Definition: hstore_gist.c:29
uint8 salt[8]
Definition: pgp.h:126
uint8 iter
Definition: pgp.h:127

◆ pgp_set_cipher_algo()

int pgp_set_cipher_algo ( PGP_Context ctx,
const char *  name 
)

Definition at line 318 of file pgp.c.

References PGP_Context::cipher_algo, digest_info::code, and pgp_get_cipher_code().

Referenced by set_arg().

319 {
321 
322  if (code < 0)
323  return code;
324  ctx->cipher_algo = code;
325  return 0;
326 }
int pgp_get_cipher_code(const char *name)
Definition: pgp.c:115
int cipher_algo
Definition: pgp.h:144
const char * name
Definition: encode.c:521
int code
Definition: pgp.c:62

◆ pgp_set_compress_algo()

int pgp_set_compress_algo ( PGP_Context ctx,
int  algo 
)

Definition at line 285 of file pgp.c.

References PGP_Context::compress_algo, PGP_COMPR_BZIP2, PGP_COMPR_NONE, PGP_COMPR_ZIP, PGP_COMPR_ZLIB, and PXE_ARGUMENT_ERROR.

Referenced by set_arg().

286 {
287  switch (algo)
288  {
289  case PGP_COMPR_NONE:
290  case PGP_COMPR_ZIP:
291  case PGP_COMPR_ZLIB:
292  case PGP_COMPR_BZIP2:
293  ctx->compress_algo = algo;
294  return 0;
295  }
296  return PXE_ARGUMENT_ERROR;
297 }
#define PXE_ARGUMENT_ERROR
Definition: px.h:71
int compress_algo
Definition: pgp.h:145

◆ pgp_set_compress_level()

int pgp_set_compress_level ( PGP_Context ctx,
int  level 
)

Definition at line 300 of file pgp.c.

References PGP_Context::compress_level, and PXE_ARGUMENT_ERROR.

Referenced by set_arg().

301 {
302  if (level >= 0 && level <= 9)
303  {
304  ctx->compress_level = level;
305  return 0;
306  }
307  return PXE_ARGUMENT_ERROR;
308 }
#define PXE_ARGUMENT_ERROR
Definition: px.h:71
int compress_level
Definition: pgp.h:146

◆ pgp_set_convert_crlf()

int pgp_set_convert_crlf ( PGP_Context ctx,
int  doit 
)

Definition at line 248 of file pgp.c.

References PGP_Context::convert_crlf.

Referenced by set_arg().

249 {
250  ctx->convert_crlf = doit ? 1 : 0;
251  return 0;
252 }
int convert_crlf
Definition: pgp.h:150

◆ pgp_set_pubkey()

int pgp_set_pubkey ( PGP_Context ctx,
MBuf keypkt,
const uint8 key,
int  klen,
int  pubtype 
)

Definition at line 566 of file pgp-pubkey.c.

References internal_read_key(), PGP_Context::pub_key, pullf_create_mbuf_reader(), and pullf_free().

Referenced by decrypt_internal(), and encrypt_internal().

568 {
569  int res;
570  PullFilter *src;
571  PGP_PubKey *pk = NULL;
572 
573  res = pullf_create_mbuf_reader(&src, keypkt);
574  if (res < 0)
575  return res;
576 
577  res = internal_read_key(src, &pk, key, key_len, pubtype);
578  pullf_free(src);
579 
580  if (res >= 0)
581  ctx->pub_key = pk;
582 
583  return res < 0 ? res : 0;
584 }
void pullf_free(PullFilter *pf)
Definition: mbuf.c:245
int key_len
Definition: pgp.c:64
int pullf_create_mbuf_reader(PullFilter **mp_p, MBuf *src)
Definition: mbuf.c:352
static int internal_read_key(PullFilter *src, PGP_PubKey **pk_p, const uint8 *psw, int psw_len, int pubtype)
Definition: pgp-pubkey.c:459
PGP_PubKey * pub_key
Definition: pgp.h:164

◆ pgp_set_s2k_cipher_algo()

int pgp_set_s2k_cipher_algo ( PGP_Context ctx,
const char *  name 
)

Definition at line 329 of file pgp.c.

References digest_info::code, pgp_get_cipher_code(), and PGP_Context::s2k_cipher_algo.

Referenced by set_arg().

330 {
332 
333  if (code < 0)
334  return code;
335  ctx->s2k_cipher_algo = code;
336  return 0;
337 }
int pgp_get_cipher_code(const char *name)
Definition: pgp.c:115
int s2k_cipher_algo
Definition: pgp.h:143
const char * name
Definition: encode.c:521
int code
Definition: pgp.c:62

◆ pgp_set_s2k_count()

int pgp_set_s2k_count ( PGP_Context ctx,
int  count 
)

Definition at line 274 of file pgp.c.

References PGP_S2K_ISALTED, PXE_ARGUMENT_ERROR, PXE_OK, PGP_Context::s2k_count, and PGP_Context::s2k_mode.

Referenced by set_arg().

275 {
276  if (ctx->s2k_mode == PGP_S2K_ISALTED && count >= 1024 && count <= 65011712)
277  {
278  ctx->s2k_count = count;
279  return PXE_OK;
280  }
281  return PXE_ARGUMENT_ERROR;
282 }
#define PXE_OK
Definition: px.h:59
#define PXE_ARGUMENT_ERROR
Definition: px.h:71
int s2k_mode
Definition: pgp.h:140
int s2k_count
Definition: pgp.h:141

◆ pgp_set_s2k_digest_algo()

int pgp_set_s2k_digest_algo ( PGP_Context ctx,
const char *  name 
)

Definition at line 340 of file pgp.c.

References digest_info::code, pgp_get_digest_code(), and PGP_Context::s2k_digest_algo.

Referenced by set_arg().

341 {
343 
344  if (code < 0)
345  return code;
346  ctx->s2k_digest_algo = code;
347  return 0;
348 }
int pgp_get_digest_code(const char *name)
Definition: pgp.c:104
const char * name
Definition: encode.c:521
int s2k_digest_algo
Definition: pgp.h:142
int code
Definition: pgp.c:62

◆ pgp_set_s2k_mode()

int pgp_set_s2k_mode ( PGP_Context ctx,
int  type 
)

Definition at line 255 of file pgp.c.

References mode, PGP_S2K_ISALTED, PGP_S2K_SALTED, PGP_S2K_SIMPLE, PXE_ARGUMENT_ERROR, PXE_OK, and PGP_Context::s2k_mode.

Referenced by set_arg().

256 {
257  int err = PXE_OK;
258 
259  switch (mode)
260  {
261  case PGP_S2K_SIMPLE:
262  case PGP_S2K_SALTED:
263  case PGP_S2K_ISALTED:
264  ctx->s2k_mode = mode;
265  break;
266  default:
267  err = PXE_ARGUMENT_ERROR;
268  break;
269  }
270  return err;
271 }
#define PXE_OK
Definition: px.h:59
static PgChecksumMode mode
Definition: pg_checksums.c:61
#define PXE_ARGUMENT_ERROR
Definition: px.h:71
int s2k_mode
Definition: pgp.h:140

◆ pgp_set_sess_key()

int pgp_set_sess_key ( PGP_Context ctx,
int  use 
)

Definition at line 241 of file pgp.c.

References PGP_Context::use_sess_key.

Referenced by set_arg().

242 {
243  ctx->use_sess_key = use ? 1 : 0;
244  return 0;
245 }
int use_sess_key
Definition: pgp.h:148

◆ pgp_set_symkey()

int pgp_set_symkey ( PGP_Context ctx,
const uint8 key,
int  klen 
)

Definition at line 364 of file pgp.c.

References sort-test::key, PXE_ARGUMENT_ERROR, PGP_Context::sym_key, and PGP_Context::sym_key_len.

Referenced by decrypt_internal(), and encrypt_internal().

365 {
366  if (key == NULL || len < 1)
367  return PXE_ARGUMENT_ERROR;
368  ctx->sym_key = key;
369  ctx->sym_key_len = len;
370  return 0;
371 }
#define PXE_ARGUMENT_ERROR
Definition: px.h:71
int sym_key_len
Definition: pgp.h:166
const uint8 * sym_key
Definition: pgp.h:165

◆ pgp_set_text_mode()

int pgp_set_text_mode ( PGP_Context ctx,
int  mode 
)

Definition at line 311 of file pgp.c.

References mode, and PGP_Context::text_mode.

Referenced by init_work().

312 {
313  ctx->text_mode = mode;
314  return 0;
315 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
int text_mode
Definition: pgp.h:149

◆ pgp_set_unicode_mode()

int pgp_set_unicode_mode ( PGP_Context ctx,
int  mode 
)

Definition at line 357 of file pgp.c.

References PGP_Context::unicode_mode.

Referenced by set_arg().

358 {
359  ctx->unicode_mode = mode ? 1 : 0;
360  return 0;
361 }
static PgChecksumMode mode
Definition: pg_checksums.c:61
int unicode_mode
Definition: pgp.h:151

◆ pgp_skip_packet()

int pgp_skip_packet ( PullFilter pkt)

Definition at line 1064 of file pgp-decrypt.c.

References pullf_read().

Referenced by internal_read_key(), pgp_decrypt(), pgp_get_keyid(), read_pubenc_keyid(), and read_pubkey_keyid().

1065 {
1066  int res = 1;
1067  uint8 *tmp;
1068 
1069  while (res > 0)
1070  res = pullf_read(pkt, 32 * 1024, &tmp);
1071  return res;
1072 }
int pullf_read(PullFilter *pf, int len, uint8 **data_p)
Definition: mbuf.c:262
unsigned char uint8
Definition: c.h:356

◆ pgp_write_pubenc_sesskey()

int pgp_write_pubenc_sesskey ( PGP_Context ctx,
PushFilter dst 
)

Definition at line 190 of file pgp-pubenc.c.

References PGP_PubKey::algo, encrypt_and_write_elgamal(), encrypt_and_write_rsa(), PGP_PubKey::key_id, pgp_create_pkt_writer(), PGP_PKT_PUBENCRYPTED_SESSKEY, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_Context::pub_key, pushf_flush(), pushf_free(), pushf_write(), px_debug(), and PXE_BUG.

Referenced by pgp_encrypt().

191 {
192  int res;
193  PGP_PubKey *pk = ctx->pub_key;
194  uint8 ver = 3;
195  PushFilter *pkt = NULL;
196  uint8 algo;
197 
198  if (pk == NULL)
199  {
200  px_debug("no pubkey?\n");
201  return PXE_BUG;
202  }
203 
204  algo = pk->algo;
205 
206  /*
207  * now write packet
208  */
210  if (res < 0)
211  goto err;
212  res = pushf_write(pkt, &ver, 1);
213  if (res < 0)
214  goto err;
215  res = pushf_write(pkt, pk->key_id, 8);
216  if (res < 0)
217  goto err;
218  res = pushf_write(pkt, &algo, 1);
219  if (res < 0)
220  goto err;
221 
222  switch (algo)
223  {
224  case PGP_PUB_ELG_ENCRYPT:
225  res = encrypt_and_write_elgamal(ctx, pk, pkt);
226  break;
227  case PGP_PUB_RSA_ENCRYPT:
229  res = encrypt_and_write_rsa(ctx, pk, pkt);
230  break;
231  }
232  if (res < 0)
233  goto err;
234 
235  /*
236  * done, signal packet end
237  */
238  res = pushf_flush(pkt);
239 err:
240  if (pkt)
241  pushf_free(pkt);
242 
243  return res;
244 }
void pushf_free(PushFilter *mp)
Definition: mbuf.c:412
int pushf_flush(PushFilter *mp)
Definition: mbuf.c:516
unsigned char uint8
Definition: c.h:356
static int encrypt_and_write_rsa(PGP_Context *ctx, PGP_PubKey *pk, PushFilter *pkt)
Definition: pgp-pubenc.c:164
int pgp_create_pkt_writer(PushFilter *dst, int tag, PushFilter **res_p)
Definition: pgp-encrypt.c:313
static int encrypt_and_write_elgamal(PGP_Context *ctx, PGP_PubKey *pk, PushFilter *pkt)
Definition: pgp-pubenc.c:133
#define PXE_BUG
Definition: px.h:70
void px_debug(const char *fmt,...)
Definition: px.c:152
uint8 key_id[8]
Definition: pgp.h:235
uint8 algo
Definition: pgp.h:190
PGP_PubKey * pub_key
Definition: pgp.h:164
int pushf_write(PushFilter *mp, const uint8 *data, int len)
Definition: mbuf.c:456

Variable Documentation

◆ pgp_decrypt_filter

struct PullFilterOps pgp_decrypt_filter

Definition at line 313 of file pgp-decrypt.c.

Referenced by process_secret_key().