pgp.h File Reference

#include "lib/stringinfo.h"
#include "mbuf.h"
#include "px.h"

Include dependency graph for pgp.h:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures
struct	PGP_S2K
struct	PGP_Context
struct	PGP_MPI
struct	PGP_PubKey

Macros
#define	PGP_MAX_KEY   (256/8)
#define	PGP_MAX_BLOCK   (256/8)
#define	PGP_MAX_DIGEST   (512/8)
#define	PGP_S2K_SALT   8
#define	s2k_decode_count(cval)   (((unsigned) 16 + (cval & 15)) << ((cval >> 4) + 6))

Typedefs
typedef struct PGP_MPI	PGP_MPI
typedef struct PGP_PubKey	PGP_PubKey
typedef struct PGP_Context	PGP_Context
typedef struct PGP_S2K	PGP_S2K
typedef struct PGP_CFB	PGP_CFB

Enumerations
enum	PGP_S2K_TYPE { PGP_S2K_SIMPLE = 0, PGP_S2K_SALTED = 1, PGP_S2K_ISALTED = 3 }
enum	PGP_PKT_TYPE {   PGP_PKT_RESERVED = 0, PGP_PKT_PUBENCRYPTED_SESSKEY = 1, PGP_PKT_SIGNATURE = 2, PGP_PKT_SYMENCRYPTED_SESSKEY = 3,   PGP_PKT_SECRET_KEY = 5, PGP_PKT_PUBLIC_KEY = 6, PGP_PKT_SECRET_SUBKEY = 7, PGP_PKT_COMPRESSED_DATA = 8,   PGP_PKT_SYMENCRYPTED_DATA = 9, PGP_PKT_MARKER = 10, PGP_PKT_LITERAL_DATA = 11, PGP_PKT_TRUST = 12,   PGP_PKT_USER_ID = 13, PGP_PKT_PUBLIC_SUBKEY = 14, PGP_PKT_USER_ATTR = 17, PGP_PKT_SYMENCRYPTED_DATA_MDC = 18,   PGP_PKT_MDC = 19, PGP_PKT_PRIV_61 = 61 }
enum	PGP_PUB_ALGO_TYPE {   PGP_PUB_RSA_ENCRYPT_SIGN = 1, PGP_PUB_RSA_ENCRYPT = 2, PGP_PUB_RSA_SIGN = 3, PGP_PUB_ELG_ENCRYPT = 16,   PGP_PUB_DSA_SIGN = 17 }
enum	PGP_SYMENC_TYPE {   PGP_SYM_PLAIN = 0, PGP_SYM_IDEA = 1, PGP_SYM_DES3 = 2, PGP_SYM_CAST5 = 3,   PGP_SYM_BLOWFISH = 4, PGP_SYM_SAFER_SK128 = 5, PGP_SYM_DES_SK = 6, PGP_SYM_AES_128 = 7,   PGP_SYM_AES_192 = 8, PGP_SYM_AES_256 = 9, PGP_SYM_TWOFISH = 10 }
enum	PGP_COMPR_TYPE { PGP_COMPR_NONE = 0, PGP_COMPR_ZIP = 1, PGP_COMPR_ZLIB = 2, PGP_COMPR_BZIP2 = 3 }
enum	PGP_DIGEST_TYPE {   PGP_DIGEST_MD5 = 1, PGP_DIGEST_SHA1 = 2, PGP_DIGEST_RIPEMD160 = 3, PGP_DIGEST_XSHA = 4,   PGP_DIGEST_MD2 = 5, PGP_DIGEST_TIGER192 = 6, PGP_DIGEST_HAVAL5_160 = 7, PGP_DIGEST_SHA256 = 8,   PGP_DIGEST_SHA384 = 9, PGP_DIGEST_SHA512 = 10 }

Functions
int	pgp_init (PGP_Context **ctx)
int	pgp_encrypt (PGP_Context *ctx, MBuf *src, MBuf *dst)
int	pgp_decrypt (PGP_Context *ctx, MBuf *src, MBuf *dst)
int	pgp_free (PGP_Context *ctx)
int	pgp_get_digest_code (const char *name)
int	pgp_get_cipher_code (const char *name)
const char *	pgp_get_digest_name (int code)
const char *	pgp_get_cipher_name (int code)
int	pgp_set_cipher_algo (PGP_Context *ctx, const char *name)
int	pgp_set_s2k_mode (PGP_Context *ctx, int type)
int	pgp_set_s2k_count (PGP_Context *ctx, int count)
int	pgp_set_s2k_cipher_algo (PGP_Context *ctx, const char *name)
int	pgp_set_s2k_digest_algo (PGP_Context *ctx, const char *name)
int	pgp_set_convert_crlf (PGP_Context *ctx, int doit)
int	pgp_disable_mdc (PGP_Context *ctx, int disable)
int	pgp_set_sess_key (PGP_Context *ctx, int use)
int	pgp_set_compress_algo (PGP_Context *ctx, int algo)
int	pgp_set_compress_level (PGP_Context *ctx, int level)
int	pgp_set_text_mode (PGP_Context *ctx, int mode)
int	pgp_set_unicode_mode (PGP_Context *ctx, int mode)
int	pgp_get_unicode_mode (PGP_Context *ctx)
int	pgp_set_symkey (PGP_Context *ctx, const uint8 *key, int klen)
int	pgp_set_pubkey (PGP_Context *ctx, MBuf *keypkt, const uint8 *key, int klen, int pubtype)
int	pgp_get_keyid (MBuf *pgp_data, char *dst)
int	pgp_load_digest (int c, PX_MD **res)
int	pgp_load_cipher (int c, PX_Cipher **res)
int	pgp_get_cipher_key_size (int c)
int	pgp_get_cipher_block_size (int c)
int	pgp_s2k_fill (PGP_S2K *s2k, int mode, int digest_algo, int count)
int	pgp_s2k_read (PullFilter *src, PGP_S2K *s2k)
int	pgp_s2k_process (PGP_S2K *s2k, int cipher, const uint8 *key, int klen)
int	pgp_cfb_create (PGP_CFB **ctx_p, int algo, const uint8 *key, int key_len, int recync, uint8 *iv)
void	pgp_cfb_free (PGP_CFB *ctx)
int	pgp_cfb_encrypt (PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
int	pgp_cfb_decrypt (PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst)
void	pgp_armor_encode (const uint8 *src, unsigned len, StringInfo dst, int num_headers, char **keys, char **values)
int	pgp_armor_decode (const uint8 *src, int len, StringInfo dst)
int	pgp_extract_armor_headers (const uint8 *src, unsigned len, int *nheaders, char ***keys, char ***values)
int	pgp_compress_filter (PushFilter **res, PGP_Context *ctx, PushFilter *dst)
int	pgp_decompress_filter (PullFilter **res, PGP_Context *ctx, PullFilter *src)
int	pgp_key_alloc (PGP_PubKey **pk_p)
void	pgp_key_free (PGP_PubKey *pk)
int	_pgp_read_public_key (PullFilter *pkt, PGP_PubKey **pk_p)
int	pgp_parse_pubenc_sesskey (PGP_Context *ctx, PullFilter *pkt)
int	pgp_create_pkt_reader (PullFilter **pf_p, PullFilter *src, int len, int pkttype, PGP_Context *ctx)
int	pgp_parse_pkt_hdr (PullFilter *src, uint8 *tag, int *len_p, int allow_ctx)
int	pgp_skip_packet (PullFilter *pkt)
int	pgp_expect_packet_end (PullFilter *pkt)
int	pgp_write_pubenc_sesskey (PGP_Context *ctx, PushFilter *dst)
int	pgp_create_pkt_writer (PushFilter *dst, int tag, PushFilter **res_p)
int	pgp_mpi_alloc (int bits, PGP_MPI **mpi)
int	pgp_mpi_create (uint8 *data, int bits, PGP_MPI **mpi)
int	pgp_mpi_free (PGP_MPI *mpi)
int	pgp_mpi_read (PullFilter *src, PGP_MPI **mpi)
int	pgp_mpi_write (PushFilter *dst, PGP_MPI *n)
int	pgp_mpi_hash (PX_MD *md, PGP_MPI *n)
unsigned	pgp_mpi_cksum (unsigned cksum, PGP_MPI *n)
int	pgp_elgamal_encrypt (PGP_PubKey *pk, PGP_MPI *m, PGP_MPI **c1, PGP_MPI **c2)
int	pgp_elgamal_decrypt (PGP_PubKey *pk, PGP_MPI *c1, PGP_MPI *c2, PGP_MPI **m)
int	pgp_rsa_encrypt (PGP_PubKey *pk, PGP_MPI *m, PGP_MPI **c)
int	pgp_rsa_decrypt (PGP_PubKey *pk, PGP_MPI *c, PGP_MPI **m)

Variables
struct PullFilterOps	pgp_decrypt_filter

Macro Definition Documentation

#define PGP_MAX_BLOCK   (256/8)

Definition at line 113 of file pgp.h.

Referenced by prefix_init(), and write_prefix().

#define PGP_MAX_DIGEST   (512/8)

Definition at line 114 of file pgp.h.

Referenced by calc_s2k_iter_salted(), calc_s2k_salted(), and calc_s2k_simple().

#define PGP_MAX_KEY   (256/8)

Definition at line 112 of file pgp.h.

Referenced by parse_symenc_sesskey().

#define PGP_S2K_SALT   8

Definition at line 115 of file pgp.h.

Referenced by calc_s2k_iter_salted(), calc_s2k_salted(), and pgp_s2k_fill().

#define s2k_decode_count

(

cval

)

(((unsigned) 16 + (cval & 15)) << ((cval >> 4) + 6))

Definition at line 176 of file pgp.h.

Referenced by calc_s2k_iter_salted(), decide_s2k_iter(), and parse_symenc_sesskey().

Typedef Documentation

typedef struct PGP_CFB PGP_CFB

Definition at line 280 of file pgp.h.

typedef struct PGP_Context PGP_Context

Definition at line 119 of file pgp.h.

typedef struct PGP_MPI PGP_MPI

Definition at line 117 of file pgp.h.

typedef struct PGP_PubKey PGP_PubKey

Definition at line 118 of file pgp.h.

typedef struct PGP_S2K PGP_S2K

Definition at line 120 of file pgp.h.

Enumeration Type Documentation

enum PGP_COMPR_TYPE

Enumerator
PGP_COMPR_NONE
PGP_COMPR_ZIP
PGP_COMPR_ZLIB
PGP_COMPR_BZIP2

Definition at line 90 of file pgp.h.

{
    PGP_COMPR_NONE = 0,         /* must */
    PGP_COMPR_ZIP = 1,          /* should */
    PGP_COMPR_ZLIB = 2,
    PGP_COMPR_BZIP2 = 3
};

enum PGP_DIGEST_TYPE

Enumerator
PGP_DIGEST_MD5
PGP_DIGEST_SHA1
PGP_DIGEST_RIPEMD160
PGP_DIGEST_XSHA
PGP_DIGEST_MD2
PGP_DIGEST_TIGER192
PGP_DIGEST_HAVAL5_160
PGP_DIGEST_SHA256
PGP_DIGEST_SHA384
PGP_DIGEST_SHA512

Definition at line 98 of file pgp.h.

{
    PGP_DIGEST_MD5 = 1,         /* should, deprecated  */
    PGP_DIGEST_SHA1 = 2,        /* must */
    PGP_DIGEST_RIPEMD160 = 3,
    PGP_DIGEST_XSHA = 4,        /* obsolete */
    PGP_DIGEST_MD2 = 5,         /* obsolete */
    PGP_DIGEST_TIGER192 = 6,    /* obsolete */
    PGP_DIGEST_HAVAL5_160 = 7,  /* obsolete */
    PGP_DIGEST_SHA256 = 8,
    PGP_DIGEST_SHA384 = 9,
    PGP_DIGEST_SHA512 = 10
};

enum PGP_PKT_TYPE

Enumerator
PGP_PKT_RESERVED
PGP_PKT_PUBENCRYPTED_SESSKEY
PGP_PKT_SIGNATURE
PGP_PKT_SYMENCRYPTED_SESSKEY
PGP_PKT_SECRET_KEY
PGP_PKT_PUBLIC_KEY
PGP_PKT_SECRET_SUBKEY
PGP_PKT_COMPRESSED_DATA
PGP_PKT_SYMENCRYPTED_DATA
PGP_PKT_MARKER
PGP_PKT_LITERAL_DATA
PGP_PKT_TRUST
PGP_PKT_USER_ID
PGP_PKT_PUBLIC_SUBKEY
PGP_PKT_USER_ATTR
PGP_PKT_SYMENCRYPTED_DATA_MDC
PGP_PKT_MDC
PGP_PKT_PRIV_61

Definition at line 44 of file pgp.h.

{
    PGP_PKT_RESERVED = 0,
    PGP_PKT_PUBENCRYPTED_SESSKEY = 1,
    PGP_PKT_SIGNATURE = 2,
    PGP_PKT_SYMENCRYPTED_SESSKEY = 3,
    PGP_PKT_SECRET_KEY = 5,
    PGP_PKT_PUBLIC_KEY = 6,
    PGP_PKT_SECRET_SUBKEY = 7,
    PGP_PKT_COMPRESSED_DATA = 8,
    PGP_PKT_SYMENCRYPTED_DATA = 9,
    PGP_PKT_MARKER = 10,
    PGP_PKT_LITERAL_DATA = 11,
    PGP_PKT_TRUST = 12,
    PGP_PKT_USER_ID = 13,
    PGP_PKT_PUBLIC_SUBKEY = 14,
    PGP_PKT_USER_ATTR = 17,
    PGP_PKT_SYMENCRYPTED_DATA_MDC = 18,
    PGP_PKT_MDC = 19,
    PGP_PKT_PRIV_61 = 61        /* occurs in gpg secring */
};

enum PGP_PUB_ALGO_TYPE

Enumerator
PGP_PUB_RSA_ENCRYPT_SIGN
PGP_PUB_RSA_ENCRYPT
PGP_PUB_RSA_SIGN
PGP_PUB_ELG_ENCRYPT
PGP_PUB_DSA_SIGN

Definition at line 66 of file pgp.h.

{
    PGP_PUB_RSA_ENCRYPT_SIGN = 1,
    PGP_PUB_RSA_ENCRYPT = 2,
    PGP_PUB_RSA_SIGN = 3,
    PGP_PUB_ELG_ENCRYPT = 16,
    PGP_PUB_DSA_SIGN = 17
};

enum PGP_S2K_TYPE

Enumerator
PGP_S2K_SIMPLE
PGP_S2K_SALTED
PGP_S2K_ISALTED

Definition at line 37 of file pgp.h.

{
    PGP_S2K_SIMPLE = 0,
    PGP_S2K_SALTED = 1,
    PGP_S2K_ISALTED = 3
};

enum PGP_SYMENC_TYPE

Enumerator
PGP_SYM_PLAIN
PGP_SYM_IDEA
PGP_SYM_DES3
PGP_SYM_CAST5
PGP_SYM_BLOWFISH
PGP_SYM_SAFER_SK128
PGP_SYM_DES_SK
PGP_SYM_AES_128
PGP_SYM_AES_192
PGP_SYM_AES_256
PGP_SYM_TWOFISH

Definition at line 75 of file pgp.h.

{
    PGP_SYM_PLAIN = 0,          /* ?? */
    PGP_SYM_IDEA = 1,           /* obsolete, PGP 2.6 compat */
    PGP_SYM_DES3 = 2,           /* must */
    PGP_SYM_CAST5 = 3,          /* should */
    PGP_SYM_BLOWFISH = 4,
    PGP_SYM_SAFER_SK128 = 5,    /* obsolete */
    PGP_SYM_DES_SK = 6,         /* obsolete */
    PGP_SYM_AES_128 = 7,        /* should */
    PGP_SYM_AES_192 = 8,
    PGP_SYM_AES_256 = 9,
    PGP_SYM_TWOFISH = 10
};

Function Documentation

int _pgp_read_public_key	(	PullFilter *	pkt,
		PGP_PubKey **	pk_p
	)

Definition at line 159 of file pgp-pubkey.c.

References PGP_PubKey::algo, calc_key_id(), PGP_PubKey::can_encrypt, PGP_PubKey::dsa, PGP_PubKey::elg, GETBYTE, pgp_key_alloc(), pgp_key_free(), pgp_mpi_read(), PGP_PUB_DSA_SIGN, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_PUB_RSA_SIGN, PGP_PubKey::pub, pullf_read_fixed(), px_debug(), PXE_PGP_NOT_V4_KEYPKT, PXE_PGP_UNKNOWN_PUBALGO, PGP_PubKey::rsa, PGP_PubKey::time, and PGP_PubKey::ver.

Referenced by internal_read_key(), process_secret_key(), and read_pubkey_keyid().

{
    int         res;
    PGP_PubKey *pk;

    res = pgp_key_alloc(&pk);
    if (res < 0)
        return res;

    /* get version */
    GETBYTE(pkt, pk->ver);
    if (pk->ver != 4)
    {
        res = PXE_PGP_NOT_V4_KEYPKT;
        goto out;
    }

    /* read time */
    res = pullf_read_fixed(pkt, 4, pk->time);
    if (res < 0)
        goto out;

    /* pubkey algorithm */
    GETBYTE(pkt, pk->algo);

    switch (pk->algo)
    {
        case PGP_PUB_DSA_SIGN:
            res = pgp_mpi_read(pkt, &pk->pub.dsa.p);
            if (res < 0)
                break;
            res = pgp_mpi_read(pkt, &pk->pub.dsa.q);
            if (res < 0)
                break;
            res = pgp_mpi_read(pkt, &pk->pub.dsa.g);
            if (res < 0)
                break;
            res = pgp_mpi_read(pkt, &pk->pub.dsa.y);
            if (res < 0)
                break;

            res = calc_key_id(pk);
            break;

        case PGP_PUB_RSA_SIGN:
        case PGP_PUB_RSA_ENCRYPT:
        case PGP_PUB_RSA_ENCRYPT_SIGN:
            res = pgp_mpi_read(pkt, &pk->pub.rsa.n);
            if (res < 0)
                break;
            res = pgp_mpi_read(pkt, &pk->pub.rsa.e);
            if (res < 0)
                break;

            res = calc_key_id(pk);

            if (pk->algo != PGP_PUB_RSA_SIGN)
                pk->can_encrypt = 1;
            break;

        case PGP_PUB_ELG_ENCRYPT:
            res = pgp_mpi_read(pkt, &pk->pub.elg.p);
            if (res < 0)
                break;
            res = pgp_mpi_read(pkt, &pk->pub.elg.g);
            if (res < 0)
                break;
            res = pgp_mpi_read(pkt, &pk->pub.elg.y);
            if (res < 0)
                break;

            res = calc_key_id(pk);

            pk->can_encrypt = 1;
            break;

        default:
            px_debug("unknown public algo: %d", pk->algo);
            res = PXE_PGP_UNKNOWN_PUBALGO;
    }

out:
    if (res < 0)
        pgp_key_free(pk);
    else
        *pk_p = pk;

    return res;
}

int pgp_armor_decode	(	const uint8 *	src,
		int	len,
		StringInfo	dst
	)

Definition at line 314 of file pgp-armor.c.

References b64_dec_len(), b64_decode(), buf, crc24(), StringInfoData::data, elog, enlargeStringInfo(), FATAL, find_header(), StringInfoData::len, and PXE_PGP_CORRUPT_ARMOR.

Referenced by pg_dearmor().

{
    const uint8 *p = src;
    const uint8 *data_end = src + len;
    long        crc;
    const uint8 *base64_start,
               *armor_end;
    const uint8 *base64_end = NULL;
    uint8       buf[4];
    int         hlen;
    int         blen;
    int         res = PXE_PGP_CORRUPT_ARMOR;

    /* armor start */
    hlen = find_header(src, data_end, &p, 0);
    if (hlen <= 0)
        goto out;
    p += hlen;

    /* armor end */
    hlen = find_header(p, data_end, &armor_end, 1);
    if (hlen <= 0)
        goto out;

    /* skip comments - find empty line */
    while (p < armor_end && *p != '\n' && *p != '\r')
    {
        p = memchr(p, '\n', armor_end - p);
        if (!p)
            goto out;

        /* step to start of next line */
        p++;
    }
    base64_start = p;

    /* find crc pos */
    for (p = armor_end; p >= base64_start; p--)
        if (*p == '=')
        {
            base64_end = p - 1;
            break;
        }
    if (base64_end == NULL)
        goto out;

    /* decode crc */
    if (b64_decode(p + 1, 4, buf) != 3)
        goto out;
    crc = (((long) buf[0]) << 16) + (((long) buf[1]) << 8) + (long) buf[2];

    /* decode data */
    blen = (int) b64_dec_len(len);
    enlargeStringInfo(dst, blen);
    res = b64_decode(base64_start, base64_end - base64_start, (uint8 *) dst->data);
    if (res > blen)
        elog(FATAL, "overflow - decode estimate too small");
    if (res >= 0)
    {
        if (crc24((uint8 *) dst->data, res) == crc)
            dst->len += res;
        else
            res = PXE_PGP_CORRUPT_ARMOR;
    }
out:
    return res;
}

void pgp_armor_encode	(	const uint8 *	src,
		unsigned	len,
		StringInfo	dst,
		int	num_headers,
		char **	keys,
		char **	values
	)

Definition at line 207 of file pgp-armor.c.

References _base64, appendStringInfo(), appendStringInfoChar(), appendStringInfoString(), armor_footer, armor_header, b64_enc_len(), b64_encode(), crc24(), StringInfoData::data, elog, enlargeStringInfo(), FATAL, and StringInfoData::len.

Referenced by pg_armor().

{
    int         n;
    int         res;
    unsigned    b64len;
    unsigned    crc = crc24(src, len);

    appendStringInfoString(dst, armor_header);

    for (n = 0; n < num_headers; n++)
        appendStringInfo(dst, "%s: %s\n", keys[n], values[n]);
    appendStringInfoChar(dst, '\n');

    /* make sure we have enough room to b64_encode() */
    b64len = b64_enc_len(len);
    enlargeStringInfo(dst, (int) b64len);

    res = b64_encode(src, len, (uint8 *) dst->data + dst->len);
    if (res > b64len)
        elog(FATAL, "overflow - encode estimate too small");
    dst->len += res;

    if (*(dst->data + dst->len - 1) != '\n')
        appendStringInfoChar(dst, '\n');

    appendStringInfoChar(dst, '=');
    appendStringInfoChar(dst, _base64[(crc >> 18) & 0x3f]);
    appendStringInfoChar(dst, _base64[(crc >> 12) & 0x3f]);
    appendStringInfoChar(dst, _base64[(crc >> 6) & 0x3f]);
    appendStringInfoChar(dst, _base64[crc & 0x3f]);

    appendStringInfoString(dst, armor_footer);
}

int pgp_cfb_create	(	PGP_CFB **	ctx_p,
		int	algo,
		const uint8 *	key,
		int	key_len,
		int	recync,
		uint8 *	iv
	)

Definition at line 52 of file pgp-cfb.c.

References PGP_CFB::block_size, PGP_CFB::ciph, PGP_CFB::fr, pgp_load_cipher(), px_alloc, px_cipher_block_size, px_cipher_free, px_cipher_init, and PGP_CFB::resync.

Referenced by decrypt_key(), encrypt_init(), parse_symenc_data(), parse_symenc_mdc_data(), process_secret_key(), and symencrypt_sesskey().

{
    int         res;
    PX_Cipher  *ciph;
    PGP_CFB    *ctx;

    res = pgp_load_cipher(algo, &ciph);
    if (res < 0)
        return res;

    res = px_cipher_init(ciph, key, key_len, NULL);
    if (res < 0)
    {
        px_cipher_free(ciph);
        return res;
    }

    ctx = px_alloc(sizeof(*ctx));
    memset(ctx, 0, sizeof(*ctx));
    ctx->ciph = ciph;
    ctx->block_size = px_cipher_block_size(ciph);
    ctx->resync = resync;

    if (iv)
        memcpy(ctx->fr, iv, ctx->block_size);

    *ctx_p = ctx;
    return 0;
}

int pgp_cfb_decrypt	(	PGP_CFB *	ctx,
		const uint8 *	data,
		int	len,
		uint8 *	dst
	)

Definition at line 259 of file pgp-cfb.c.

References cfb_process(), mix, mix_decrypt_normal(), mix_decrypt_resync(), and PGP_CFB::resync.

Referenced by decrypt_key(), and decrypt_read().

{
    mix_data_t  mix = ctx->resync ? mix_decrypt_resync : mix_decrypt_normal;

    return cfb_process(ctx, data, len, dst, mix);
}

int pgp_cfb_encrypt	(	PGP_CFB *	ctx,
		const uint8 *	data,
		int	len,
		uint8 *	dst
	)

Definition at line 251 of file pgp-cfb.c.

References cfb_process(), mix, mix_encrypt_normal(), mix_encrypt_resync(), and PGP_CFB::resync.

Referenced by encrypt_process(), and symencrypt_sesskey().

{
    mix_data_t  mix = ctx->resync ? mix_encrypt_resync : mix_encrypt_normal;

    return cfb_process(ctx, data, len, dst, mix);
}

void pgp_cfb_free

(

PGP_CFB *

ctx

)

Definition at line 84 of file pgp-cfb.c.

References PGP_CFB::ciph, px_cipher_free, px_free, and px_memset().

Referenced by decrypt_key(), encrypt_free(), parse_symenc_data(), parse_symenc_mdc_data(), process_secret_key(), and symencrypt_sesskey().

{
    px_cipher_free(ctx->ciph);
    px_memset(ctx, 0, sizeof(*ctx));
    px_free(ctx);
}

int pgp_compress_filter	(	PushFilter **	res,
		PGP_Context *	ctx,
		PushFilter *	dst
	)

Definition at line 317 of file pgp-compress.c.

References PXE_PGP_UNSUPPORTED_COMPR.

Referenced by init_compress().

{
    return PXE_PGP_UNSUPPORTED_COMPR;
}

int pgp_create_pkt_reader	(	PullFilter **	pf_p,
		PullFilter *	src,
		int	len,
		int	pkttype,
		PGP_Context *	ctx
	)

Definition at line 223 of file pgp-decrypt.c.

References PktData::len, pullf_create(), px_alloc, px_free, and PktData::type.

Referenced by internal_read_key(), pgp_decrypt(), pgp_get_keyid(), and process_data_packets().

{
    int         res;
    struct PktData *pkt = px_alloc(sizeof(*pkt));

    pkt->type = pkttype;
    pkt->len = len;
    res = pullf_create(pf_p, &pktreader_filter, pkt, src);
    if (res < 0)
        px_free(pkt);
    return res;
}

int pgp_create_pkt_writer	(	PushFilter *	dst,
		int	tag,
		PushFilter **	res_p
	)

Definition at line 315 of file pgp-encrypt.c.

References pushf_create(), and write_tag_only().

Referenced by pgp_write_pubenc_sesskey().

{
    int         res;

    res = write_tag_only(dst, tag);
    if (res < 0)
        return res;

    return pushf_create(res_p, &pkt_stream_filter, NULL, dst);
}

int pgp_decompress_filter	(	PullFilter **	res,
		PGP_Context *	ctx,
		PullFilter *	src
	)

Definition at line 323 of file pgp-compress.c.

References PXE_PGP_UNSUPPORTED_COMPR.

Referenced by parse_compressed_data().

{
    return PXE_PGP_UNSUPPORTED_COMPR;
}

int pgp_decrypt	(	PGP_Context *	ctx,
		MBuf *	src,
		MBuf *	dst
	)

Definition at line 1090 of file pgp-decrypt.c.

References PGP_Context::corrupt_prefix, PGP_Context::disable_mdc, NO_CTX_SIZE, parse_symenc_data(), parse_symenc_mdc_data(), parse_symenc_sesskey(), pgp_create_pkt_reader(), pgp_parse_pkt_hdr(), pgp_parse_pubenc_sesskey(), PGP_PKT_MARKER, PGP_PKT_PUBENCRYPTED_SESSKEY, PGP_PKT_SYMENCRYPTED_DATA, PGP_PKT_SYMENCRYPTED_DATA_MDC, PGP_PKT_SYMENCRYPTED_SESSKEY, pgp_skip_packet(), pullf_create_mbuf_reader(), pullf_free(), px_debug(), PXE_PGP_CORRUPT_DATA, PXE_PGP_NOT_TEXT, PXE_PGP_UNSUPPORTED_COMPR, PGP_Context::unexpected_binary, and PGP_Context::unsupported_compr.

Referenced by decrypt_internal().

{
    int         res;
    PullFilter *src = NULL;
    PullFilter *pkt = NULL;
    uint8       tag;
    int         len;
    int         got_key = 0;
    int         got_data = 0;

    res = pullf_create_mbuf_reader(&src, msrc);

    while (res >= 0)
    {
        res = pgp_parse_pkt_hdr(src, &tag, &len, NO_CTX_SIZE);
        if (res <= 0)
            break;

        res = pgp_create_pkt_reader(&pkt, src, len, res, ctx);
        if (res < 0)
            break;

        res = PXE_PGP_CORRUPT_DATA;
        switch (tag)
        {
            case PGP_PKT_MARKER:
                res = pgp_skip_packet(pkt);
                break;
            case PGP_PKT_PUBENCRYPTED_SESSKEY:
                /* fixme: skip those */
                res = pgp_parse_pubenc_sesskey(ctx, pkt);
                got_key = 1;
                break;
            case PGP_PKT_SYMENCRYPTED_SESSKEY:
                if (got_key)

                    /*
                     * Theoretically, there could be several keys, both public
                     * and symmetric, all of which encrypt same session key.
                     * Decrypt should try with each one, before failing.
                     */
                    px_debug("pgp_decrypt: using first of several keys");
                else
                {
                    got_key = 1;
                    res = parse_symenc_sesskey(ctx, pkt);
                }
                break;
            case PGP_PKT_SYMENCRYPTED_DATA:
                if (!got_key)
                    px_debug("pgp_decrypt: have data but no key");
                else if (got_data)
                    px_debug("pgp_decrypt: got second data packet");
                else
                {
                    got_data = 1;
                    ctx->disable_mdc = 1;
                    res = parse_symenc_data(ctx, pkt, mdst);
                }
                break;
            case PGP_PKT_SYMENCRYPTED_DATA_MDC:
                if (!got_key)
                    px_debug("pgp_decrypt: have data but no key");
                else if (got_data)
                    px_debug("pgp_decrypt: several data pkts not supported");
                else
                {
                    got_data = 1;
                    ctx->disable_mdc = 0;
                    res = parse_symenc_mdc_data(ctx, pkt, mdst);
                }
                break;
            default:
                px_debug("pgp_decrypt: unknown tag: 0x%02x", tag);
        }
        pullf_free(pkt);
        pkt = NULL;
    }

    if (pkt)
        pullf_free(pkt);

    if (src)
        pullf_free(src);

    if (res < 0)
        return res;

    /*
     * Report a failure of the prefix_init() "quick check" now, rather than
     * upon detection, to hinder timing attacks.  pgcrypto is not generally
     * secure against timing attacks, but this helps.
     */
    if (!got_data || ctx->corrupt_prefix)
        return PXE_PGP_CORRUPT_DATA;

    /*
     * Code interpreting purportedly-decrypted data prior to this stage shall
     * report no error other than PXE_PGP_CORRUPT_DATA.  (PXE_BUG is okay so
     * long as it remains unreachable.)  This ensures that an attacker able to
     * choose a ciphertext and receive a corresponding decryption error
     * message cannot use that oracle to gather clues about the decryption
     * key.  See "An Attack on CFB Mode Encryption As Used By OpenPGP" by
     * Serge Mister and Robert Zuccherato.
     *
     * A problematic value in the first octet of a Literal Data or Compressed
     * Data packet may indicate a simple user error, such as the need to call
     * pgp_sym_decrypt_bytea instead of pgp_sym_decrypt.  Occasionally,
     * though, it is the first symptom of the encryption key not matching the
     * decryption key.  When this was the only problem encountered, report a
     * specific error to guide the user; otherwise, we will have reported
     * PXE_PGP_CORRUPT_DATA before now.  A key mismatch makes the other errors
     * into red herrings, and this avoids leaking clues to attackers.
     */
    if (ctx->unsupported_compr)
        return PXE_PGP_UNSUPPORTED_COMPR;
    if (ctx->unexpected_binary)
        return PXE_PGP_NOT_TEXT;

    return res;
}

int pgp_disable_mdc	(	PGP_Context *	ctx,
		int	disable
	)

Definition at line 235 of file pgp.c.

References PGP_Context::disable_mdc.

Referenced by set_arg().

{
    ctx->disable_mdc = disable ? 1 : 0;
    return 0;
}

int pgp_elgamal_decrypt	(	PGP_PubKey *	pk,
		PGP_MPI *	c1,
		PGP_MPI *	c2,
		PGP_MPI **	m
	)

Definition at line 218 of file pgp-mpi-internal.c.

References bn_to_mpi(), PGP_PubKey::elg, mp_clear_free(), mp_int_exptmod(), mp_int_invmod(), mp_modmul(), mp_new(), mpi_to_bn(), PGP_PubKey::pub, PXE_PGP_MATH_FAILED, and PGP_PubKey::sec.

Referenced by decrypt_elgamal().

{
    int         res = PXE_PGP_MATH_FAILED;
    mpz_t      *c1 = mpi_to_bn(_c1);
    mpz_t      *c2 = mpi_to_bn(_c2);
    mpz_t      *p = mpi_to_bn(pk->pub.elg.p);
    mpz_t      *x = mpi_to_bn(pk->sec.elg.x);
    mpz_t      *c1x = mp_new();
    mpz_t      *div = mp_new();
    mpz_t      *m = mp_new();

    if (!c1 || !c2 || !p || !x || !c1x || !div || !m)
        goto err;

    /*
     * m = c2 / (c1^x)
     */
    mp_int_exptmod(c1, x, p, c1x);
    mp_int_invmod(c1x, p, div);
    mp_modmul(c2, div, p, m);

    /* result */
    *msg_p = bn_to_mpi(m);
    if (*msg_p)
        res = 0;
err:
    mp_clear_free(m);
    mp_clear_free(div);
    mp_clear_free(c1x);
    mp_clear_free(x);
    mp_clear_free(p);
    mp_clear_free(c2);
    mp_clear_free(c1);
    return res;
}

int pgp_elgamal_encrypt	(	PGP_PubKey *	pk,
		PGP_MPI *	m,
		PGP_MPI **	c1,
		PGP_MPI **	c2
	)

Definition at line 168 of file pgp-mpi-internal.c.

References bn_to_mpi(), decide_k_bits(), PGP_PubKey::elg, mp_clear_free(), mp_int_count_bits(), mp_int_exptmod(), mp_modmul(), mp_new(), mp_px_rand(), mpi_to_bn(), PGP_PubKey::pub, and PXE_PGP_MATH_FAILED.

Referenced by encrypt_and_write_elgamal().

{
    int         res = PXE_PGP_MATH_FAILED;
    int         k_bits;
    mpz_t      *m = mpi_to_bn(_m);
    mpz_t      *p = mpi_to_bn(pk->pub.elg.p);
    mpz_t      *g = mpi_to_bn(pk->pub.elg.g);
    mpz_t      *y = mpi_to_bn(pk->pub.elg.y);
    mpz_t      *k = mp_new();
    mpz_t      *yk = mp_new();
    mpz_t      *c1 = mp_new();
    mpz_t      *c2 = mp_new();

    if (!m || !p || !g || !y || !k || !yk || !c1 || !c2)
        goto err;

    /*
     * generate k
     */
    k_bits = decide_k_bits(mp_int_count_bits(p));
    res = mp_px_rand(k_bits, k);
    if (res < 0)
        return res;

    /*
     * c1 = g^k c2 = m * y^k
     */
    mp_int_exptmod(g, k, p, c1);
    mp_int_exptmod(y, k, p, yk);
    mp_modmul(m, yk, p, c2);

    /* result */
    *c1_p = bn_to_mpi(c1);
    *c2_p = bn_to_mpi(c2);
    if (*c1_p && *c2_p)
        res = 0;
err:
    mp_clear_free(c2);
    mp_clear_free(c1);
    mp_clear_free(yk);
    mp_clear_free(k);
    mp_clear_free(y);
    mp_clear_free(g);
    mp_clear_free(p);
    mp_clear_free(m);
    return res;
}

int pgp_encrypt	(	PGP_Context *	ctx,
		MBuf *	src,
		MBuf *	dst
	)

Definition at line 611 of file pgp-encrypt.c.

References buf, PGP_Context::compress_algo, PGP_Context::compress_level, PGP_Context::convert_crlf, PGP_Context::disable_mdc, init_compress(), init_encdata_packet(), init_litdata_packet(), init_s2k_key(), init_sess_key(), mbuf_avail(), mbuf_grab(), pgp_write_pubenc_sesskey(), PGP_Context::pub_key, pushf_create(), pushf_create_mbuf_writer(), pushf_flush(), pushf_free_all(), pushf_write(), PXE_ARGUMENT_ERROR, PGP_Context::sym_key, PGP_Context::text_mode, write_prefix(), and write_symenc_sesskey().

Referenced by encrypt_internal().

{
    int         res;
    int         len;
    uint8      *buf;
    PushFilter *pf,
               *pf_tmp;

    /*
     * do we have any key
     */
    if (!ctx->sym_key && !ctx->pub_key)
        return PXE_ARGUMENT_ERROR;

    /* MBuf writer */
    res = pushf_create_mbuf_writer(&pf, dst);
    if (res < 0)
        goto out;

    /*
     * initialize symkey
     */
    if (ctx->sym_key)
    {
        res = init_s2k_key(ctx);
        if (res < 0)
            goto out;
    }

    res = init_sess_key(ctx);
    if (res < 0)
        goto out;

    /*
     * write keypkt
     */
    if (ctx->pub_key)
        res = pgp_write_pubenc_sesskey(ctx, pf);
    else
        res = write_symenc_sesskey(ctx, pf);
    if (res < 0)
        goto out;

    /* encrypted data pkt */
    res = init_encdata_packet(&pf_tmp, ctx, pf);
    if (res < 0)
        goto out;
    pf = pf_tmp;

    /* encrypter */
    res = pushf_create(&pf_tmp, &encrypt_filter, ctx, pf);
    if (res < 0)
        goto out;
    pf = pf_tmp;

    /* hasher */
    if (ctx->disable_mdc == 0)
    {
        res = pushf_create(&pf_tmp, &mdc_filter, ctx, pf);
        if (res < 0)
            goto out;
        pf = pf_tmp;
    }

    /* prefix */
    res = write_prefix(ctx, pf);
    if (res < 0)
        goto out;

    /* compressor */
    if (ctx->compress_algo > 0 && ctx->compress_level > 0)
    {
        res = init_compress(&pf_tmp, ctx, pf);
        if (res < 0)
            goto out;
        pf = pf_tmp;
    }

    /* data streamer */
    res = init_litdata_packet(&pf_tmp, ctx, pf);
    if (res < 0)
        goto out;
    pf = pf_tmp;


    /* text conversion? */
    if (ctx->text_mode && ctx->convert_crlf)
    {
        res = pushf_create(&pf_tmp, &crlf_filter, ctx, pf);
        if (res < 0)
            goto out;
        pf = pf_tmp;
    }

    /*
     * chain complete
     */

    len = mbuf_grab(src, mbuf_avail(src), &buf);
    res = pushf_write(pf, buf, len);
    if (res >= 0)
        res = pushf_flush(pf);
out:
    pushf_free_all(pf);
    return res;
}

int pgp_expect_packet_end

(

PullFilter *

pkt

)

Definition at line 1075 of file pgp-decrypt.c.

References pullf_read(), px_debug(), and PXE_PGP_CORRUPT_DATA.

Referenced by pgp_parse_pubenc_sesskey(), and process_secret_key().

{
    int         res;
    uint8      *tmp;

    res = pullf_read(pkt, 32 * 1024, &tmp);
    if (res > 0)
    {
        px_debug("pgp_expect_packet_end: got data");
        return PXE_PGP_CORRUPT_DATA;
    }
    return res;
}

int pgp_extract_armor_headers	(	const uint8 *	src,
		unsigned	len,
		int *	nheaders,
		char ***	keys,
		char ***	values
	)

Definition at line 390 of file pgp-armor.c.

References buf, elog, ERROR, find_header(), palloc(), and PXE_PGP_CORRUPT_ARMOR.

Referenced by pgp_armor_headers().

{
    const uint8 *data_end = src + len;
    const uint8 *p;
    const uint8 *base64_start;
    const uint8 *armor_start;
    const uint8 *armor_end;
    Size        armor_len;
    char       *line;
    char       *nextline;
    char       *eol,
               *colon;
    int         hlen;
    char       *buf;
    int         hdrlines;
    int         n;

    /* armor start */
    hlen = find_header(src, data_end, &armor_start, 0);
    if (hlen <= 0)
        return PXE_PGP_CORRUPT_ARMOR;
    armor_start += hlen;

    /* armor end */
    hlen = find_header(armor_start, data_end, &armor_end, 1);
    if (hlen <= 0)
        return PXE_PGP_CORRUPT_ARMOR;

    /* Count the number of armor header lines. */
    hdrlines = 0;
    p = armor_start;
    while (p < armor_end && *p != '\n' && *p != '\r')
    {
        p = memchr(p, '\n', armor_end - p);
        if (!p)
            return PXE_PGP_CORRUPT_ARMOR;

        /* step to start of next line */
        p++;
        hdrlines++;
    }
    base64_start = p;

    /*
     * Make a modifiable copy of the part of the input that contains the
     * headers. The returned key/value pointers will point inside the buffer.
     */
    armor_len = base64_start - armor_start;
    buf = palloc(armor_len + 1);
    memcpy(buf, armor_start, armor_len);
    buf[armor_len] = '\0';

    /* Allocate return arrays */
    *keys = (char **) palloc(hdrlines * sizeof(char *));
    *values = (char **) palloc(hdrlines * sizeof(char *));

    /*
     * Split the header lines at newlines and ": " separators, and collect
     * pointers to the keys and values in the return arrays.
     */
    n = 0;
    line = buf;
    for (;;)
    {
        /* find end of line */
        eol = strchr(line, '\n');
        if (!eol)
            break;
        nextline = eol + 1;
        /* if the line ends in CR + LF, strip the CR */
        if (eol > line && *(eol - 1) == '\r')
            eol--;
        *eol = '\0';

        /* find colon+space separating the key and value */
        colon = strstr(line, ": ");
        if (!colon)
            return PXE_PGP_CORRUPT_ARMOR;
        *colon = '\0';

        /* shouldn't happen, we counted the number of lines beforehand */
        if (n >= hdrlines)
            elog(ERROR, "unexpected number of armor header lines");

        (*keys)[n] = line;
        (*values)[n] = colon + 2;
        n++;

        /* step to start of next line */
        line = nextline;
    }

    if (n != hdrlines)
        elog(ERROR, "unexpected number of armor header lines");

    *nheaders = n;
    return 0;
}

int pgp_free

(

PGP_Context *

ctx

)

Definition at line 225 of file pgp.c.

References pgp_key_free(), PGP_Context::pub_key, px_free, and px_memset().

Referenced by decrypt_internal(), and encrypt_internal().

{
    if (ctx->pub_key)
        pgp_key_free(ctx->pub_key);
    px_memset(ctx, 0, sizeof *ctx);
    px_free(ctx);
    return 0;
}

int pgp_get_cipher_block_size

(

int

c

)

Definition at line 158 of file pgp.c.

References cipher_info::block_len, get_cipher_info(), and i.

Referenced by prefix_init(), process_secret_key(), and write_prefix().

{
    const struct cipher_info *i = get_cipher_info(code);

    if (i != NULL)
        return i->block_len;
    return 0;
}

int pgp_get_cipher_code

(

const char *

name

)

Definition at line 116 of file pgp.c.

References cipher_info::code, i, cipher_info::name, pg_strcasecmp(), and PXE_PGP_UNSUPPORTED_CIPHER.

Referenced by pgp_set_cipher_algo(), pgp_set_s2k_cipher_algo(), and set_arg().

{
    const struct cipher_info *i;

    for (i = cipher_list; i->name; i++)
        if (pg_strcasecmp(i->name, name) == 0)
            return i->code;
    return PXE_PGP_UNSUPPORTED_CIPHER;
}

int pgp_get_cipher_key_size

(

int

c

)

Definition at line 148 of file pgp.c.

References get_cipher_info(), i, and cipher_info::key_len.

Referenced by decrypt_key(), init_sess_key(), and pgp_s2k_process().

{
    const struct cipher_info *i = get_cipher_info(code);

    if (i != NULL)
        return i->key_len;
    return 0;
}

const char* pgp_get_cipher_name

(

int

code

)

Definition at line 138 of file pgp.c.

References get_cipher_info(), i, and cipher_info::name.

{
    const struct cipher_info *i = get_cipher_info(code);

    if (i != NULL)
        return i->name;
    return NULL;
}

int pgp_get_digest_code

(

const char *

name

)

Definition at line 105 of file pgp.c.

References digest_info::code, i, digest_info::name, pg_strcasecmp(), and PXE_PGP_UNSUPPORTED_HASH.

Referenced by pgp_set_s2k_digest_algo(), and set_arg().

{
    const struct digest_info *i;

    for (i = digest_list; i->name; i++)
        if (pg_strcasecmp(i->name, name) == 0)
            return i->code;
    return PXE_PGP_UNSUPPORTED_HASH;
}

const char* pgp_get_digest_name

(

int

code

)

Definition at line 127 of file pgp.c.

References digest_info::code, i, and digest_info::name.

Referenced by pgp_load_digest().

{
    const struct digest_info *i;

    for (i = digest_list; i->name; i++)
        if (i->code == code)
            return i->name;
    return NULL;
}

int pgp_get_keyid	(	MBuf *	pgp_data,
		char *	dst
	)

Definition at line 112 of file pgp-info.c.

References any_key, pgp_create_pkt_reader(), pgp_parse_pkt_hdr(), PGP_PKT_MARKER, PGP_PKT_PRIV_61, PGP_PKT_PUBENCRYPTED_SESSKEY, PGP_PKT_PUBLIC_KEY, PGP_PKT_PUBLIC_SUBKEY, PGP_PKT_SECRET_KEY, PGP_PKT_SECRET_SUBKEY, PGP_PKT_SIGNATURE, PGP_PKT_SYMENCRYPTED_DATA, PGP_PKT_SYMENCRYPTED_DATA_MDC, PGP_PKT_SYMENCRYPTED_SESSKEY, PGP_PKT_TRUST, PGP_PKT_USER_ATTR, PGP_PKT_USER_ID, pgp_skip_packet(), print_key(), pullf_create_mbuf_reader(), pullf_free(), PXE_PGP_CORRUPT_DATA, PXE_PGP_MULTIPLE_KEYS, PXE_PGP_NO_USABLE_KEY, read_pubenc_keyid(), and read_pubkey_keyid().

Referenced by pgp_key_id_w().

{
    int         res;
    PullFilter *src;
    PullFilter *pkt = NULL;
    int         len;
    uint8       tag;
    int         got_pub_key = 0,
                got_symenc_key = 0,
                got_pubenc_key = 0;
    int         got_data = 0;
    uint8       keyid_buf[8];
    int         got_main_key = 0;


    res = pullf_create_mbuf_reader(&src, pgp_data);
    if (res < 0)
        return res;

    while (1)
    {
        res = pgp_parse_pkt_hdr(src, &tag, &len, 0);
        if (res <= 0)
            break;
        res = pgp_create_pkt_reader(&pkt, src, len, res, NULL);
        if (res < 0)
            break;

        switch (tag)
        {
            case PGP_PKT_SECRET_KEY:
            case PGP_PKT_PUBLIC_KEY:
                /* main key is for signing, so ignore it */
                if (!got_main_key)
                {
                    got_main_key = 1;
                    res = pgp_skip_packet(pkt);
                }
                else
                    res = PXE_PGP_MULTIPLE_KEYS;
                break;
            case PGP_PKT_SECRET_SUBKEY:
            case PGP_PKT_PUBLIC_SUBKEY:
                res = read_pubkey_keyid(pkt, keyid_buf);
                if (res < 0)
                    break;
                if (res > 0)
                    got_pub_key++;
                break;
            case PGP_PKT_PUBENCRYPTED_SESSKEY:
                got_pubenc_key++;
                res = read_pubenc_keyid(pkt, keyid_buf);
                break;
            case PGP_PKT_SYMENCRYPTED_DATA:
            case PGP_PKT_SYMENCRYPTED_DATA_MDC:
                /* don't skip it, just stop */
                got_data = 1;
                break;
            case PGP_PKT_SYMENCRYPTED_SESSKEY:
                got_symenc_key++;
                /* fallthru */
            case PGP_PKT_SIGNATURE:
            case PGP_PKT_MARKER:
            case PGP_PKT_TRUST:
            case PGP_PKT_USER_ID:
            case PGP_PKT_USER_ATTR:
            case PGP_PKT_PRIV_61:
                res = pgp_skip_packet(pkt);
                break;
            default:
                res = PXE_PGP_CORRUPT_DATA;
        }

        if (pkt)
            pullf_free(pkt);
        pkt = NULL;

        if (res < 0 || got_data)
            break;
    }

    pullf_free(src);
    if (pkt)
        pullf_free(pkt);

    if (res < 0)
        return res;

    /* now check sanity */
    if (got_pub_key && got_pubenc_key)
        res = PXE_PGP_CORRUPT_DATA;

    if (got_pub_key > 1)
        res = PXE_PGP_MULTIPLE_KEYS;

    if (got_pubenc_key > 1)
        res = PXE_PGP_MULTIPLE_KEYS;

    /*
     * if still ok, look what we got
     */
    if (res >= 0)
    {
        if (got_pubenc_key || got_pub_key)
        {
            if (memcmp(keyid_buf, any_key, 8) == 0)
            {
                memcpy(dst, "ANYKEY", 7);
                res = 6;
            }
            else
                res = print_key(keyid_buf, dst);
        }
        else if (got_symenc_key)
        {
            memcpy(dst, "SYMKEY", 7);
            res = 6;
        }
        else
            res = PXE_PGP_NO_USABLE_KEY;
    }

    return res;
}

int pgp_get_unicode_mode

(

PGP_Context *

ctx

)

Definition at line 352 of file pgp.c.

References PGP_Context::unicode_mode.

Referenced by decrypt_internal(), and encrypt_internal().

{
    return ctx->unicode_mode;
}

int pgp_init

(

PGP_Context **

ctx

)

Definition at line 200 of file pgp.c.

References PGP_Context::cipher_algo, PGP_Context::compress_algo, PGP_Context::compress_level, PGP_Context::convert_crlf, def_cipher_algo, def_compress_algo, def_compress_level, def_convert_crlf, def_disable_mdc, def_s2k_cipher_algo, def_s2k_count, def_s2k_digest_algo, def_s2k_mode, def_text_mode, def_unicode_mode, def_use_sess_key, PGP_Context::disable_mdc, px_alloc, PGP_Context::s2k_cipher_algo, PGP_Context::s2k_count, PGP_Context::s2k_digest_algo, PGP_Context::s2k_mode, PGP_Context::text_mode, PGP_Context::unicode_mode, and PGP_Context::use_sess_key.

Referenced by init_work().

{
    PGP_Context *ctx;

    ctx = px_alloc(sizeof *ctx);
    memset(ctx, 0, sizeof *ctx);

    ctx->cipher_algo = def_cipher_algo;
    ctx->s2k_cipher_algo = def_s2k_cipher_algo;
    ctx->s2k_mode = def_s2k_mode;
    ctx->s2k_count = def_s2k_count;
    ctx->s2k_digest_algo = def_s2k_digest_algo;
    ctx->compress_algo = def_compress_algo;
    ctx->compress_level = def_compress_level;
    ctx->disable_mdc = def_disable_mdc;
    ctx->use_sess_key = def_use_sess_key;
    ctx->unicode_mode = def_unicode_mode;
    ctx->convert_crlf = def_convert_crlf;
    ctx->text_mode = def_text_mode;

    *ctx_p = ctx;
    return 0;
}

int pgp_key_alloc

(

PGP_PubKey **

pk_p

)

Definition at line 38 of file pgp-pubkey.c.

References px_alloc.

Referenced by _pgp_read_public_key().

{
    PGP_PubKey *pk;

    pk = px_alloc(sizeof(*pk));
    memset(pk, 0, sizeof(*pk));
    *pk_p = pk;
    return 0;
}

void pgp_key_free

(

PGP_PubKey *

pk

)

Definition at line 49 of file pgp-pubkey.c.

References PGP_PubKey::algo, PGP_PubKey::dsa, PGP_PubKey::elg, pgp_mpi_free(), PGP_PUB_DSA_SIGN, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_PUB_RSA_SIGN, PGP_PubKey::pub, px_free, px_memset(), PGP_PubKey::rsa, and PGP_PubKey::sec.

Referenced by _pgp_read_public_key(), internal_read_key(), pgp_free(), process_secret_key(), and read_pubkey_keyid().

{
    if (pk == NULL)
        return;

    switch (pk->algo)
    {
        case PGP_PUB_ELG_ENCRYPT:
            pgp_mpi_free(pk->pub.elg.p);
            pgp_mpi_free(pk->pub.elg.g);
            pgp_mpi_free(pk->pub.elg.y);
            pgp_mpi_free(pk->sec.elg.x);
            break;
        case PGP_PUB_RSA_SIGN:
        case PGP_PUB_RSA_ENCRYPT:
        case PGP_PUB_RSA_ENCRYPT_SIGN:
            pgp_mpi_free(pk->pub.rsa.n);
            pgp_mpi_free(pk->pub.rsa.e);
            pgp_mpi_free(pk->sec.rsa.d);
            pgp_mpi_free(pk->sec.rsa.p);
            pgp_mpi_free(pk->sec.rsa.q);
            pgp_mpi_free(pk->sec.rsa.u);
            break;
        case PGP_PUB_DSA_SIGN:
            pgp_mpi_free(pk->pub.dsa.p);
            pgp_mpi_free(pk->pub.dsa.q);
            pgp_mpi_free(pk->pub.dsa.g);
            pgp_mpi_free(pk->pub.dsa.y);
            pgp_mpi_free(pk->sec.dsa.x);
            break;
    }
    px_memset(pk, 0, sizeof(*pk));
    px_free(pk);
}

int pgp_load_cipher	(	int	c,
		PX_Cipher **	res
	)

Definition at line 168 of file pgp.c.

References get_cipher_info(), i, cipher_info::int_name, px_find_cipher(), PXE_PGP_CORRUPT_DATA, and PXE_PGP_UNSUPPORTED_CIPHER.

Referenced by pgp_cfb_create().

{
    int         err;
    const struct cipher_info *i = get_cipher_info(code);

    if (i == NULL)
        return PXE_PGP_CORRUPT_DATA;

    err = px_find_cipher(i->int_name, res);
    if (err == 0)
        return 0;

    return PXE_PGP_UNSUPPORTED_CIPHER;
}

int pgp_load_digest	(	int	c,
		PX_MD **	res
	)

Definition at line 184 of file pgp.c.

References name, pgp_get_digest_name(), px_find_digest(), PXE_PGP_CORRUPT_DATA, and PXE_PGP_UNSUPPORTED_HASH.

Referenced by calc_key_id(), check_key_sha1(), mdc_init(), and pgp_s2k_process().

{
    int         err;
    const char *name = pgp_get_digest_name(code);

    if (name == NULL)
        return PXE_PGP_CORRUPT_DATA;

    err = px_find_digest(name, res);
    if (err == 0)
        return 0;

    return PXE_PGP_UNSUPPORTED_HASH;
}

int pgp_mpi_alloc	(	int	bits,
		PGP_MPI **	mpi
	)

Definition at line 37 of file pgp-mpi.c.

References PGP_MPI::bits, PGP_MPI::bytes, PGP_MPI::data, px_alloc, px_debug(), and PXE_PGP_CORRUPT_DATA.

Referenced by bn_to_mpi(), pgp_mpi_create(), and pgp_mpi_read().

{
    PGP_MPI    *n;
    int         len = (bits + 7) / 8;

    if (bits < 0 || bits > 0xFFFF)
    {
        px_debug("pgp_mpi_alloc: unreasonable request: bits=%d", bits);
        return PXE_PGP_CORRUPT_DATA;
    }
    n = px_alloc(sizeof(*n) + len);
    n->bits = bits;
    n->bytes = len;
    n->data = (uint8 *) (n) + sizeof(*n);
    *mpi = n;
    return 0;
}

unsigned pgp_mpi_cksum	(	unsigned	cksum,
		PGP_MPI *	n
	)

Definition at line 132 of file pgp-mpi.c.

References PGP_MPI::bits, PGP_MPI::bytes, PGP_MPI::data, and i.

Referenced by check_key_cksum().

{
    int         i;

    cksum += n->bits >> 8;
    cksum += n->bits & 0xFF;
    for (i = 0; i < n->bytes; i++)
        cksum += n->data[i];

    return cksum & 0xFFFF;
}

int pgp_mpi_create	(	uint8 *	data,
		int	bits,
		PGP_MPI **	mpi
	)

Definition at line 56 of file pgp-mpi.c.

References PGP_MPI::bytes, PGP_MPI::data, and pgp_mpi_alloc().

Referenced by create_secmsg().

{
    int         res;
    PGP_MPI    *n;

    res = pgp_mpi_alloc(bits, &n);
    if (res < 0)
        return res;
    memcpy(n->data, data, n->bytes);
    *mpi = n;
    return 0;
}

int pgp_mpi_free

(

PGP_MPI *

mpi

)

Definition at line 70 of file pgp-mpi.c.

References PGP_MPI::bytes, px_free, and px_memset().

Referenced by bn_to_mpi(), decrypt_elgamal(), decrypt_rsa(), encrypt_and_write_elgamal(), encrypt_and_write_rsa(), pgp_key_free(), pgp_mpi_read(), and pgp_parse_pubenc_sesskey().

{
    if (mpi == NULL)
        return 0;
    px_memset(mpi, 0, sizeof(*mpi) + mpi->bytes);
    px_free(mpi);
    return 0;
}

int pgp_mpi_hash	(	PX_MD *	md,
		PGP_MPI *	n
	)

Definition at line 119 of file pgp-mpi.c.

References PGP_MPI::bits, buf, PGP_MPI::bytes, PGP_MPI::data, and px_md_update.

Referenced by calc_key_id(), and check_key_sha1().

{
    uint8       buf[2];

    buf[0] = n->bits >> 8;
    buf[1] = n->bits & 0xFF;
    px_md_update(md, buf, 2);
    px_md_update(md, n->data, n->bytes);

    return 0;
}

int pgp_mpi_read	(	PullFilter *	src,
		PGP_MPI **	mpi
	)

Definition at line 80 of file pgp-mpi.c.

References PGP_MPI::bytes, PGP_MPI::data, pgp_mpi_alloc(), pgp_mpi_free(), and pullf_read_fixed().

Referenced by _pgp_read_public_key(), decrypt_elgamal(), decrypt_rsa(), and process_secret_key().

{
    int         res;
    uint8       hdr[2];
    int         bits;
    PGP_MPI    *n;

    res = pullf_read_fixed(src, 2, hdr);
    if (res < 0)
        return res;
    bits = ((unsigned) hdr[0] << 8) + hdr[1];

    res = pgp_mpi_alloc(bits, &n);
    if (res < 0)
        return res;

    res = pullf_read_fixed(src, n->bytes, n->data);
    if (res < 0)
        pgp_mpi_free(n);
    else
        *mpi = n;
    return res;
}

int pgp_mpi_write	(	PushFilter *	dst,
		PGP_MPI *	n
	)

Definition at line 105 of file pgp-mpi.c.

References PGP_MPI::bits, buf, PGP_MPI::bytes, PGP_MPI::data, and pushf_write().

Referenced by encrypt_and_write_elgamal(), and encrypt_and_write_rsa().

{
    int         res;
    uint8       buf[2];

    buf[0] = n->bits >> 8;
    buf[1] = n->bits & 0xFF;
    res = pushf_write(dst, buf, 2);
    if (res >= 0)
        res = pushf_write(dst, n->data, n->bytes);
    return res;
}

int pgp_parse_pkt_hdr	(	PullFilter *	src,
		uint8 *	tag,
		int *	len_p,
		int	allow_ctx
	)

Definition at line 129 of file pgp-decrypt.c.

References parse_new_len(), parse_old_len(), PKT_CONTEXT, pullf_read(), px_debug(), and PXE_PGP_CORRUPT_DATA.

Referenced by internal_read_key(), pgp_decrypt(), pgp_get_keyid(), and process_data_packets().

{
    int         lentype;
    int         res;
    uint8      *p;

    /* EOF is normal here, thus we dont use GETBYTE */
    res = pullf_read(src, 1, &p);
    if (res < 0)
        return res;
    if (res == 0)
        return 0;

    if ((*p & 0x80) == 0)
    {
        px_debug("pgp_parse_pkt_hdr: not pkt hdr");
        return PXE_PGP_CORRUPT_DATA;
    }

    if (*p & 0x40)
    {
        *tag = *p & 0x3f;
        res = parse_new_len(src, len_p);
    }
    else
    {
        lentype = *p & 3;
        *tag = (*p >> 2) & 0x0F;
        if (lentype == 3)
            res = allow_ctx ? PKT_CONTEXT : PXE_PGP_CORRUPT_DATA;
        else
            res = parse_old_len(src, len_p, lentype);
    }
    return res;
}

int pgp_parse_pubenc_sesskey	(	PGP_Context *	ctx,
		PullFilter *	pkt
	)

Definition at line 150 of file pgp-pubdec.c.

References any_key, PGP_MPI::bytes, check_eme_pkcs1_v15(), PGP_Context::cipher_algo, control_cksum(), PGP_MPI::data, decrypt_elgamal(), decrypt_rsa(), GETBYTE, PGP_PubKey::key_id, pgp_expect_packet_end(), pgp_mpi_free(), PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_Context::pub_key, pullf_read_fixed(), px_debug(), PXE_BUG, PXE_PGP_CORRUPT_DATA, PXE_PGP_UNKNOWN_PUBALGO, PXE_PGP_WRONG_KEY, PGP_Context::sess_key, and PGP_Context::sess_key_len.

Referenced by pgp_decrypt().

{
    int         ver;
    int         algo;
    int         res;
    uint8       key_id[8];
    PGP_PubKey *pk;
    uint8      *msg;
    int         msglen;
    PGP_MPI    *m;

    pk = ctx->pub_key;
    if (pk == NULL)
    {
        px_debug("no pubkey?");
        return PXE_BUG;
    }

    GETBYTE(pkt, ver);
    if (ver != 3)
    {
        px_debug("unknown pubenc_sesskey pkt ver=%d", ver);
        return PXE_PGP_CORRUPT_DATA;
    }

    /*
     * check if keyid's match - user-friendly msg
     */
    res = pullf_read_fixed(pkt, 8, key_id);
    if (res < 0)
        return res;
    if (memcmp(key_id, any_key, 8) != 0
        && memcmp(key_id, pk->key_id, 8) != 0)
    {
        px_debug("key_id's does not match");
        return PXE_PGP_WRONG_KEY;
    }

    /*
     * Decrypt
     */
    GETBYTE(pkt, algo);
    switch (algo)
    {
        case PGP_PUB_ELG_ENCRYPT:
            res = decrypt_elgamal(pk, pkt, &m);
            break;
        case PGP_PUB_RSA_ENCRYPT:
        case PGP_PUB_RSA_ENCRYPT_SIGN:
            res = decrypt_rsa(pk, pkt, &m);
            break;
        default:
            res = PXE_PGP_UNKNOWN_PUBALGO;
    }
    if (res < 0)
        return res;

    /*
     * extract message
     */
    msg = check_eme_pkcs1_v15(m->data, m->bytes);
    if (msg == NULL)
    {
        px_debug("check_eme_pkcs1_v15 failed");
        res = PXE_PGP_WRONG_KEY;
        goto out;
    }
    msglen = m->bytes - (msg - m->data);

    res = control_cksum(msg, msglen);
    if (res < 0)
        goto out;

    /*
     * got sesskey
     */
    ctx->cipher_algo = *msg;
    ctx->sess_key_len = msglen - 3;
    memcpy(ctx->sess_key, msg + 1, ctx->sess_key_len);

out:
    pgp_mpi_free(m);
    if (res < 0)
        return res;
    return pgp_expect_packet_end(pkt);
}

int pgp_rsa_decrypt	(	PGP_PubKey *	pk,
		PGP_MPI *	c,
		PGP_MPI **	m
	)

Definition at line 284 of file pgp-mpi-internal.c.

References bn_to_mpi(), mp_clear_free(), mp_int_exptmod(), mp_new(), mpi_to_bn(), PGP_PubKey::pub, PXE_PGP_MATH_FAILED, PGP_PubKey::rsa, and PGP_PubKey::sec.

Referenced by decrypt_rsa().

{
    int         res = PXE_PGP_MATH_FAILED;
    mpz_t      *c = mpi_to_bn(_c);
    mpz_t      *d = mpi_to_bn(pk->sec.rsa.d);
    mpz_t      *n = mpi_to_bn(pk->pub.rsa.n);
    mpz_t      *m = mp_new();

    if (!m || !d || !n || !c)
        goto err;

    /*
     * m = c ^ d
     */
    mp_int_exptmod(c, d, n, m);

    *m_p = bn_to_mpi(m);
    if (*m_p)
        res = 0;
err:
    mp_clear_free(m);
    mp_clear_free(n);
    mp_clear_free(d);
    mp_clear_free(c);
    return res;
}

int pgp_rsa_encrypt	(	PGP_PubKey *	pk,
		PGP_MPI *	m,
		PGP_MPI **	c
	)

Definition at line 256 of file pgp-mpi-internal.c.

References bn_to_mpi(), mp_clear_free(), mp_int_exptmod(), mp_new(), mpi_to_bn(), PGP_PubKey::pub, PXE_PGP_MATH_FAILED, and PGP_PubKey::rsa.

Referenced by encrypt_and_write_rsa().

{
    int         res = PXE_PGP_MATH_FAILED;
    mpz_t      *m = mpi_to_bn(_m);
    mpz_t      *e = mpi_to_bn(pk->pub.rsa.e);
    mpz_t      *n = mpi_to_bn(pk->pub.rsa.n);
    mpz_t      *c = mp_new();

    if (!m || !e || !n || !c)
        goto err;

    /*
     * c = m ^ e
     */
    mp_int_exptmod(m, e, n, c);

    *c_p = bn_to_mpi(c);
    if (*c_p)
        res = 0;
err:
    mp_clear_free(c);
    mp_clear_free(n);
    mp_clear_free(e);
    mp_clear_free(m);
    return res;
}

int pgp_s2k_fill	(	PGP_S2K *	s2k,
		int	mode,
		int	digest_algo,
		int	count
	)

Definition at line 225 of file pgp-s2k.c.

References decide_s2k_iter(), PGP_S2K::digest_algo, PGP_S2K::iter, PGP_S2K::mode, pg_backend_random(), PGP_S2K_ISALTED, PGP_S2K_SALT, PGP_S2K_SALTED, PGP_S2K_SIMPLE, PXE_NO_RANDOM, PXE_PGP_BAD_S2K_MODE, and PGP_S2K::salt.

Referenced by init_s2k_key().

{
    int         res = 0;
    uint8       tmp;

    s2k->mode = mode;
    s2k->digest_algo = digest_algo;

    switch (s2k->mode)
    {
        case PGP_S2K_SIMPLE:
            break;
        case PGP_S2K_SALTED:
            if (!pg_backend_random((char *) s2k->salt, PGP_S2K_SALT))
                return PXE_NO_RANDOM;
            break;
        case PGP_S2K_ISALTED:
            if (!pg_backend_random((char *) s2k->salt, PGP_S2K_SALT))
                return PXE_NO_RANDOM;
            if (!pg_backend_random((char *) &tmp, 1))
                return PXE_NO_RANDOM;
            s2k->iter = decide_s2k_iter(tmp, count);
            break;
        default:
            res = PXE_PGP_BAD_S2K_MODE;
    }
    return res;
}

int pgp_s2k_process	(	PGP_S2K *	s2k,
		int	cipher,
		const uint8 *	key,
		int	klen
	)

Definition at line 281 of file pgp-s2k.c.

References calc_s2k_iter_salted(), calc_s2k_salted(), calc_s2k_simple(), PGP_S2K::digest_algo, PGP_S2K::key_len, PGP_S2K::mode, pgp_get_cipher_key_size(), pgp_load_digest(), px_md_free, PXE_PGP_BAD_S2K_MODE, and PXE_PGP_UNSUPPORTED_CIPHER.

Referenced by init_s2k_key(), parse_symenc_sesskey(), and process_secret_key().

{
    int         res;
    PX_MD      *md;

    s2k->key_len = pgp_get_cipher_key_size(cipher);
    if (s2k->key_len <= 0)
        return PXE_PGP_UNSUPPORTED_CIPHER;

    res = pgp_load_digest(s2k->digest_algo, &md);
    if (res < 0)
        return res;

    switch (s2k->mode)
    {
        case 0:
            res = calc_s2k_simple(s2k, md, key, key_len);
            break;
        case 1:
            res = calc_s2k_salted(s2k, md, key, key_len);
            break;
        case 3:
            res = calc_s2k_iter_salted(s2k, md, key, key_len);
            break;
        default:
            res = PXE_PGP_BAD_S2K_MODE;
    }
    px_md_free(md);
    return res;
}

int pgp_s2k_read	(	PullFilter *	src,
		PGP_S2K *	s2k
	)

Definition at line 255 of file pgp-s2k.c.

References PGP_S2K::digest_algo, GETBYTE, PGP_S2K::iter, PGP_S2K::mode, pullf_read_fixed(), PXE_PGP_BAD_S2K_MODE, and PGP_S2K::salt.

Referenced by parse_symenc_sesskey(), and process_secret_key().

{
    int         res = 0;

    GETBYTE(src, s2k->mode);
    GETBYTE(src, s2k->digest_algo);
    switch (s2k->mode)
    {
        case 0:
            break;
        case 1:
            res = pullf_read_fixed(src, 8, s2k->salt);
            break;
        case 3:
            res = pullf_read_fixed(src, 8, s2k->salt);
            if (res < 0)
                break;
            GETBYTE(src, s2k->iter);
            break;
        default:
            res = PXE_PGP_BAD_S2K_MODE;
    }
    return res;
}

int pgp_set_cipher_algo	(	PGP_Context *	ctx,
		const char *	name
	)

Definition at line 319 of file pgp.c.

References PGP_Context::cipher_algo, cipher_info::code, and pgp_get_cipher_code().

Referenced by set_arg().

{
    int         code = pgp_get_cipher_code(name);

    if (code < 0)
        return code;
    ctx->cipher_algo = code;
    return 0;
}

int pgp_set_compress_algo	(	PGP_Context *	ctx,
		int	algo
	)

Definition at line 286 of file pgp.c.

References PGP_Context::compress_algo, PGP_COMPR_BZIP2, PGP_COMPR_NONE, PGP_COMPR_ZIP, PGP_COMPR_ZLIB, and PXE_ARGUMENT_ERROR.

Referenced by set_arg().

{
    switch (algo)
    {
        case PGP_COMPR_NONE:
        case PGP_COMPR_ZIP:
        case PGP_COMPR_ZLIB:
        case PGP_COMPR_BZIP2:
            ctx->compress_algo = algo;
            return 0;
    }
    return PXE_ARGUMENT_ERROR;
}

int pgp_set_compress_level	(	PGP_Context *	ctx,
		int	level
	)

Definition at line 301 of file pgp.c.

References PGP_Context::compress_level, and PXE_ARGUMENT_ERROR.

Referenced by set_arg().

{
    if (level >= 0 && level <= 9)
    {
        ctx->compress_level = level;
        return 0;
    }
    return PXE_ARGUMENT_ERROR;
}

int pgp_set_convert_crlf	(	PGP_Context *	ctx,
		int	doit
	)

Definition at line 249 of file pgp.c.

References PGP_Context::convert_crlf.

Referenced by set_arg().

{
    ctx->convert_crlf = doit ? 1 : 0;
    return 0;
}

int pgp_set_pubkey	(	PGP_Context *	ctx,
		MBuf *	keypkt,
		const uint8 *	key,
		int	klen,
		int	pubtype
	)

Definition at line 566 of file pgp-pubkey.c.

References internal_read_key(), PGP_Context::pub_key, pullf_create_mbuf_reader(), and pullf_free().

Referenced by decrypt_internal(), and encrypt_internal().

{
    int         res;
    PullFilter *src;
    PGP_PubKey *pk = NULL;

    res = pullf_create_mbuf_reader(&src, keypkt);
    if (res < 0)
        return res;

    res = internal_read_key(src, &pk, key, key_len, pubtype);
    pullf_free(src);

    if (res >= 0)
        ctx->pub_key = pk;

    return res < 0 ? res : 0;
}

int pgp_set_s2k_cipher_algo	(	PGP_Context *	ctx,
		const char *	name
	)

Definition at line 330 of file pgp.c.

References cipher_info::code, pgp_get_cipher_code(), and PGP_Context::s2k_cipher_algo.

Referenced by set_arg().

{
    int         code = pgp_get_cipher_code(name);

    if (code < 0)
        return code;
    ctx->s2k_cipher_algo = code;
    return 0;
}

int pgp_set_s2k_count	(	PGP_Context *	ctx,
		int	count
	)

Definition at line 275 of file pgp.c.

References PGP_S2K_ISALTED, PXE_ARGUMENT_ERROR, PXE_OK, PGP_Context::s2k_count, and PGP_Context::s2k_mode.

Referenced by set_arg().

{
    if (ctx->s2k_mode == PGP_S2K_ISALTED && count >= 1024 && count <= 65011712)
    {
        ctx->s2k_count = count;
        return PXE_OK;
    }
    return PXE_ARGUMENT_ERROR;
}

int pgp_set_s2k_digest_algo	(	PGP_Context *	ctx,
		const char *	name
	)

Definition at line 341 of file pgp.c.

References cipher_info::code, pgp_get_digest_code(), and PGP_Context::s2k_digest_algo.

Referenced by set_arg().

{
    int         code = pgp_get_digest_code(name);

    if (code < 0)
        return code;
    ctx->s2k_digest_algo = code;
    return 0;
}

int pgp_set_s2k_mode	(	PGP_Context *	ctx,
		int	type
	)

Definition at line 256 of file pgp.c.

References PGP_S2K_ISALTED, PGP_S2K_SALTED, PGP_S2K_SIMPLE, PXE_ARGUMENT_ERROR, PXE_OK, and PGP_Context::s2k_mode.

Referenced by set_arg().

{
    int         err = PXE_OK;

    switch (mode)
    {
        case PGP_S2K_SIMPLE:
        case PGP_S2K_SALTED:
        case PGP_S2K_ISALTED:
            ctx->s2k_mode = mode;
            break;
        default:
            err = PXE_ARGUMENT_ERROR;
            break;
    }
    return err;
}

int pgp_set_sess_key	(	PGP_Context *	ctx,
		int	use
	)

Definition at line 242 of file pgp.c.

References PGP_Context::use_sess_key.

Referenced by set_arg().

{
    ctx->use_sess_key = use ? 1 : 0;
    return 0;
}

int pgp_set_symkey	(	PGP_Context *	ctx,
		const uint8 *	key,
		int	klen
	)

Definition at line 365 of file pgp.c.

References PXE_ARGUMENT_ERROR, PGP_Context::sym_key, and PGP_Context::sym_key_len.

Referenced by decrypt_internal(), and encrypt_internal().

{
    if (key == NULL || len < 1)
        return PXE_ARGUMENT_ERROR;
    ctx->sym_key = key;
    ctx->sym_key_len = len;
    return 0;
}

int pgp_set_text_mode	(	PGP_Context *	ctx,
		int	mode
	)

Definition at line 312 of file pgp.c.

References PGP_Context::text_mode.

Referenced by init_work().

{
    ctx->text_mode = mode;
    return 0;
}

int pgp_set_unicode_mode	(	PGP_Context *	ctx,
		int	mode
	)

Definition at line 358 of file pgp.c.

References PGP_Context::unicode_mode.

Referenced by set_arg().

{
    ctx->unicode_mode = mode ? 1 : 0;
    return 0;
}

int pgp_skip_packet

(

PullFilter *

pkt

)

Definition at line 1061 of file pgp-decrypt.c.

References pullf_read().

Referenced by internal_read_key(), pgp_decrypt(), pgp_get_keyid(), read_pubenc_keyid(), and read_pubkey_keyid().

{
    int         res = 1;
    uint8      *tmp;

    while (res > 0)
        res = pullf_read(pkt, 32 * 1024, &tmp);
    return res;
}

int pgp_write_pubenc_sesskey	(	PGP_Context *	ctx,
		PushFilter *	dst
	)

Definition at line 195 of file pgp-pubenc.c.

References PGP_PubKey::algo, encrypt_and_write_elgamal(), encrypt_and_write_rsa(), PGP_PubKey::key_id, pgp_create_pkt_writer(), PGP_PKT_PUBENCRYPTED_SESSKEY, PGP_PUB_ELG_ENCRYPT, PGP_PUB_RSA_ENCRYPT, PGP_PUB_RSA_ENCRYPT_SIGN, PGP_Context::pub_key, pushf_flush(), pushf_free(), pushf_write(), px_debug(), and PXE_BUG.

Referenced by pgp_encrypt().

{
    int         res;
    PGP_PubKey *pk = ctx->pub_key;
    uint8       ver = 3;
    PushFilter *pkt = NULL;
    uint8       algo;

    if (pk == NULL)
    {
        px_debug("no pubkey?\n");
        return PXE_BUG;
    }

    algo = pk->algo;

    /*
     * now write packet
     */
    res = pgp_create_pkt_writer(dst, PGP_PKT_PUBENCRYPTED_SESSKEY, &pkt);
    if (res < 0)
        goto err;
    res = pushf_write(pkt, &ver, 1);
    if (res < 0)
        goto err;
    res = pushf_write(pkt, pk->key_id, 8);
    if (res < 0)
        goto err;
    res = pushf_write(pkt, &algo, 1);
    if (res < 0)
        goto err;

    switch (algo)
    {
        case PGP_PUB_ELG_ENCRYPT:
            res = encrypt_and_write_elgamal(ctx, pk, pkt);
            break;
        case PGP_PUB_RSA_ENCRYPT:
        case PGP_PUB_RSA_ENCRYPT_SIGN:
            res = encrypt_and_write_rsa(ctx, pk, pkt);
            break;
    }
    if (res < 0)
        goto err;

    /*
     * done, signal packet end
     */
    res = pushf_flush(pkt);
err:
    if (pkt)
        pushf_free(pkt);

    return res;
}

Variable Documentation

struct PullFilterOps pgp_decrypt_filter

Definition at line 313 of file pgp-decrypt.c.

Referenced by process_secret_key().