search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Patrick Welche <prlw1@cam.ac.uk>
[netbsd-mini2440.git] / crypto / external / bsd / netpgp / dist / src / lib / packet.h
blob1e8ff1132fb806582af740591d77c135ae8d4337
1 /*-
2 * Copyright (c) 2009 The NetBSD Foundation, Inc.
3 * All rights reserved.
4 *
5 * This code is derived from software contributed to The NetBSD Foundation
6 * by Alistair Crooks (agc@NetBSD.org)
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
18 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
19 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
20 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
21 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 * POSSIBILITY OF SUCH DAMAGE.
28 */
29 /*
30 * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
31 * All rights reserved.
32 * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
33 * their moral rights under the UK Copyright Design and Patents Act 1988 to
34 * be recorded as the authors of this copyright work.
35 *
36 * Licensed under the Apache License, Version 2.0 (the "License"); you may not
37 * use this file except in compliance with the License.
38 *
39 * You may obtain a copy of the License at
40 * http://www.apache.org/licenses/LICENSE-2.0
41 *
42 * Unless required by applicable law or agreed to in writing, software
43 * distributed under the License is distributed on an "AS IS" BASIS,
44 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
45 *
46 * See the License for the specific language governing permissions and
47 * limitations under the License.
48 */
49
50 /** \file
51 * packet related headers.
52 */
53
54 #ifndef PACKET_H_
55 #define PACKET_H_
56
57 #include <time.h>
58
59 #ifdef HAVE_OPENSSL_BN_H
60 #include <openssl/bn.h>
61 #endif
62
63 #include "types.h"
64 #include "errors.h"
65
66 /** General-use structure for variable-length data
67 */
68
69 typedef struct {
70 size_t len;
71 unsigned char *contents;
72 unsigned char mmapped; /* contents need an munmap(2) */
73 } __ops_data_t;
74
75 /************************************/
76 /* Packet Tags - RFC4880, 4.2 */
77 /************************************/
78
79 /** Packet Tag - Bit 7 Mask (this bit is always set).
80 * The first byte of a packet is the "Packet Tag". It always
81 * has bit 7 set. This is the mask for it.
82 *
83 * \see RFC4880 4.2
84 */
85 #define OPS_PTAG_ALWAYS_SET 0x80
86
87 /** Packet Tag - New Format Flag.
88 * Bit 6 of the Packet Tag is the packet format indicator.
89 * If it is set, the new format is used, if cleared the
90 * old format is used.
91 *
92 * \see RFC4880 4.2
93 */
94 #define OPS_PTAG_NEW_FORMAT 0x40
95
96
97 /** Old Packet Format: Mask for content tag.
98 * In the old packet format bits 5 to 2 (including)
99 * are the content tag. This is the mask to apply
100 * to the packet tag. Note that you need to
101 * shift by #OPS_PTAG_OF_CONTENT_TAG_SHIFT bits.
102 *
103 * \see RFC4880 4.2
104 */
105 #define OPS_PTAG_OF_CONTENT_TAG_MASK 0x3c
106 /** Old Packet Format: Offset for the content tag.
107 * As described at #OPS_PTAG_OF_CONTENT_TAG_MASK the
108 * content tag needs to be shifted after being masked
109 * out from the Packet Tag.
110 *
111 * \see RFC4880 4.2
112 */
113 #define OPS_PTAG_OF_CONTENT_TAG_SHIFT 2
114 /** Old Packet Format: Mask for length type.
115 * Bits 1 and 0 of the packet tag are the length type
116 * in the old packet format.
117 *
118 * See #__ops_ptag_of_lt_t for the meaning of the values.
119 *
120 * \see RFC4880 4.2
121 */
122 #define OPS_PTAG_OF_LENGTH_TYPE_MASK 0x03
123
124
125 /** Old Packet Format Lengths.
126 * Defines the meanings of the 2 bits for length type in the
127 * old packet format.
128 *
129 * \see RFC4880 4.2.1
130 */
131 typedef enum {
132 OPS_PTAG_OLD_LEN_1 = 0x00, /* Packet has a 1 byte length -
133 * header is 2 bytes long. */
134 OPS_PTAG_OLD_LEN_2 = 0x01, /* Packet has a 2 byte length -
135 * header is 3 bytes long. */
136 OPS_PTAG_OLD_LEN_4 = 0x02, /* Packet has a 4 byte
137 * length - header is 5 bytes
138 * long. */
139 OPS_PTAG_OLD_LEN_INDETERMINATE = 0x03 /* Packet has a
140 * indeterminate length. */
141 } __ops_ptag_of_lt_t;
142
143
144 /** New Packet Format: Mask for content tag.
145 * In the new packet format the 6 rightmost bits
146 * are the content tag. This is the mask to apply
147 * to the packet tag. Note that you need to
148 * shift by #OPS_PTAG_NF_CONTENT_TAG_SHIFT bits.
149 *
150 * \see RFC4880 4.2
151 */
152 #define OPS_PTAG_NF_CONTENT_TAG_MASK 0x3f
153 /** New Packet Format: Offset for the content tag.
154 * As described at #OPS_PTAG_NF_CONTENT_TAG_MASK the
155 * content tag needs to be shifted after being masked
156 * out from the Packet Tag.
157 *
158 * \see RFC4880 4.2
159 */
160 #define OPS_PTAG_NF_CONTENT_TAG_SHIFT 0
161
162 /* PTag Content Tags */
163 /***************************/
164
165 /** Package Tags (aka Content Tags) and signature subpacket types.
166 * This enumerates all rfc-defined packet tag values and the
167 * signature subpacket type values that we understand.
168 *
169 * \see RFC4880 4.3
170 * \see RFC4880 5.2.3.1
171 */
172 typedef enum {
173 OPS_PTAG_CT_RESERVED = 0, /* Reserved - a packet tag must
174 * not have this value */
175 OPS_PTAG_CT_PK_SESSION_KEY = 1, /* Public-Key Encrypted Session
176 * Key Packet */
177 OPS_PTAG_CT_SIGNATURE = 2, /* Signature Packet */
178 OPS_PTAG_CT_SK_SESSION_KEY = 3, /* Symmetric-Key Encrypted Session
179 * Key Packet */
180 OPS_PTAG_CT_1_PASS_SIG = 4, /* One-Pass Signature
181 * Packet */
182 OPS_PTAG_CT_SECRET_KEY = 5, /* Secret Key Packet */
183 OPS_PTAG_CT_PUBLIC_KEY = 6, /* Public Key Packet */
184 OPS_PTAG_CT_SECRET_SUBKEY = 7, /* Secret Subkey Packet */
185 OPS_PTAG_CT_COMPRESSED = 8, /* Compressed Data Packet */
186 OPS_PTAG_CT_SE_DATA = 9,/* Symmetrically Encrypted Data Packet */
187 OPS_PTAG_CT_MARKER = 10,/* Marker Packet */
188 OPS_PTAG_CT_LITDATA = 11, /* Literal Data Packet */
189 OPS_PTAG_CT_TRUST = 12, /* Trust Packet */
190 OPS_PTAG_CT_USER_ID = 13, /* User ID Packet */
191 OPS_PTAG_CT_PUBLIC_SUBKEY = 14, /* Public Subkey Packet */
192 OPS_PTAG_CT_RESERVED2 = 15, /* reserved */
193 OPS_PTAG_CT_RESERVED3 = 16, /* reserved */
194 OPS_PTAG_CT_USER_ATTR = 17, /* User Attribute Packet */
195 OPS_PTAG_CT_SE_IP_DATA = 18, /* Sym. Encrypted and Integrity
196 * Protected Data Packet */
197 OPS_PTAG_CT_MDC = 19, /* Modification Detection Code Packet */
198
199 OPS_PARSER_PTAG = 0x100,/* Internal Use: The packet is the "Packet
200 * Tag" itself - used when callback sends
201 * back the PTag. */
202 OPS_PTAG_RAW_SS = 0x101,/* Internal Use: content is raw sig subtag */
203 OPS_PTAG_SS_ALL = 0x102,/* Internal Use: select all subtags */
204 OPS_PARSER_PACKET_END = 0x103,
205
206 /* signature subpackets (0x200-2ff) (type+0x200) */
207 /* only those we can parse are listed here */
208 OPS_PTAG_SIG_SUBPKT_BASE = 0x200, /* Base for signature
209 * subpacket types - All
210 * signature type values
211 * are relative to this
212 * value. */
213 OPS_PTAG_SS_CREATION_TIME = 0x200 + 2, /* signature creation time */
214 OPS_PTAG_SS_EXPIRATION_TIME = 0x200 + 3, /* signature
215 * expiration time */
216
217 OPS_PTAG_SS_EXPORT_CERT = 0x200 + 4, /* exportable certification */
218 OPS_PTAG_SS_TRUST = 0x200 + 5, /* trust signature */
219 OPS_PTAG_SS_REGEXP = 0x200 + 6, /* regular expression */
220 OPS_PTAG_SS_REVOCABLE = 0x200 + 7, /* revocable */
221 OPS_PTAG_SS_KEY_EXPIRY = 0x200 + 9, /* key expiration
222 * time */
223 OPS_PTAG_SS_RESERVED = 0x200 + 10, /* reserved */
224 OPS_PTAG_SS_PREFERRED_SKA = 0x200 + 11, /* preferred symmetric
225 * algs */
226 OPS_PTAG_SS_REVOCATION_KEY = 0x200 + 12, /* revocation key */
227 OPS_PTAG_SS_ISSUER_KEY_ID = 0x200 + 16, /* issuer key ID */
228 OPS_PTAG_SS_NOTATION_DATA = 0x200 + 20, /* notation data */
229 OPS_PTAG_SS_PREFERRED_HASH = 0x200 + 21, /* preferred hash
230 * algs */
231 OPS_PTAG_SS_PREF_COMPRESS = 0x200 + 22, /* preferred
232 * compression
233 * algorithms */
234 OPS_PTAG_SS_KEYSERV_PREFS = 0x200 + 23, /* key server
235 * preferences */
236 OPS_PTAG_SS_PREF_KEYSERV = 0x200 + 24, /* Preferred Key
237 * Server */
238 OPS_PTAG_SS_PRIMARY_USER_ID = 0x200 + 25, /* primary User ID */
239 OPS_PTAG_SS_POLICY_URI = 0x200 + 26, /* Policy URI */
240 OPS_PTAG_SS_KEY_FLAGS = 0x200 + 27, /* key flags */
241 OPS_PTAG_SS_SIGNERS_USER_ID = 0x200 + 28, /* Signer's User ID */
242 OPS_PTAG_SS_REVOCATION_REASON = 0x200 + 29, /* reason for
243 * revocation */
244 OPS_PTAG_SS_FEATURES = 0x200 + 30, /* features */
245 OPS_PTAG_SS_SIGNATURE_TARGET = 0x200 + 31, /* signature target */
246 OPS_PTAG_SS_EMBEDDED_SIGNATURE = 0x200 + 32, /* embedded signature */
247
248 OPS_PTAG_SS_USERDEFINED00 = 0x200 + 100, /* internal or
249 * user-defined */
250 OPS_PTAG_SS_USERDEFINED01 = 0x200 + 101,
251 OPS_PTAG_SS_USERDEFINED02 = 0x200 + 102,
252 OPS_PTAG_SS_USERDEFINED03 = 0x200 + 103,
253 OPS_PTAG_SS_USERDEFINED04 = 0x200 + 104,
254 OPS_PTAG_SS_USERDEFINED05 = 0x200 + 105,
255 OPS_PTAG_SS_USERDEFINED06 = 0x200 + 106,
256 OPS_PTAG_SS_USERDEFINED07 = 0x200 + 107,
257 OPS_PTAG_SS_USERDEFINED08 = 0x200 + 108,
258 OPS_PTAG_SS_USERDEFINED09 = 0x200 + 109,
259 OPS_PTAG_SS_USERDEFINED10 = 0x200 + 110,
260
261 /* pseudo content types */
262 OPS_PTAG_CT_LITDATA_HEADER = 0x300,
263 OPS_PTAG_CT_LITDATA_BODY = 0x300 + 1,
264 OPS_PTAG_CT_SIGNATURE_HEADER = 0x300 + 2,
265 OPS_PTAG_CT_SIGNATURE_FOOTER = 0x300 + 3,
266 OPS_PTAG_CT_ARMOUR_HEADER = 0x300 + 4,
267 OPS_PTAG_CT_ARMOUR_TRAILER = 0x300 + 5,
268 OPS_PTAG_CT_SIGNED_CLEARTEXT_HEADER = 0x300 + 6,
269 OPS_PTAG_CT_SIGNED_CLEARTEXT_BODY = 0x300 + 7,
270 OPS_PTAG_CT_SIGNED_CLEARTEXT_TRAILER = 0x300 + 8,
271 OPS_PTAG_CT_UNARMOURED_TEXT = 0x300 + 9,
272 OPS_PTAG_CT_ENCRYPTED_SECRET_KEY = 0x300 + 10, /* In this case the
273 * algorithm specific
274 * fields will not be
275 * initialised */
276 OPS_PTAG_CT_SE_DATA_HEADER = 0x300 + 11,
277 OPS_PTAG_CT_SE_DATA_BODY = 0x300 + 12,
278 OPS_PTAG_CT_SE_IP_DATA_HEADER = 0x300 + 13,
279 OPS_PTAG_CT_SE_IP_DATA_BODY = 0x300 + 14,
280 OPS_PTAG_CT_ENCRYPTED_PK_SESSION_KEY = 0x300 + 15,
281
282 /* commands to the callback */
283 OPS_GET_PASSPHRASE = 0x400,
284 OPS_GET_SECKEY = 0x400 + 1,
285
286 /* Errors */
287 OPS_PARSER_ERROR = 0x500, /* Internal Use: Parser Error */
288 OPS_PARSER_ERRCODE = 0x500 + 1 /* Internal Use: Parser Error
289 * with errcode returned */
290 } __ops_content_tag_t;
291
292 typedef __ops_content_tag_t __ops_packet_tag_t;
293 typedef __ops_content_tag_t __ops_ss_type_t;
294
295 /** Structure to hold one parse error string. */
296 typedef struct {
297 const char *error; /* error message. */
298 } __ops_parser_error_t;
299
300 /** Structure to hold one error code */
301 typedef struct {
302 __ops_errcode_t errcode;
303 } __ops_parser_errcode_t;
304
305 /** Structure to hold one packet tag.
306 * \see RFC4880 4.2
307 */
308 typedef struct {
309 unsigned new_format; /* Whether this packet tag is new
310 * (1) or old format (0) */
311 unsigned type; /* content_tag value - See
312 * #__ops_content_tag_t for meanings */
313 __ops_ptag_of_lt_t length_type; /* Length type (#__ops_ptag_of_lt_t)
314 * - only if this packet tag is old
315 * format. Set to 0 if new format. */
316 unsigned length; /* The length of the packet. This value
317 * is set when we read and compute the length
318 * information, not at the same moment we
319 * create the packet tag structure. Only
320 * defined if #readc is set. *//* XXX: Ben, is this correct? */
321 unsigned position; /* The position (within the
322 * current reader) of the packet */
323 unsigned size; /* number of bits */
324 } __ops_ptag_t;
325
326 /** Public Key Algorithm Numbers.
327 * OpenPGP assigns a unique Algorithm Number to each algorithm that is part of OpenPGP.
328 *
329 * This lists algorithm numbers for public key algorithms.
330 *
331 * \see RFC4880 9.1
332 */
333 typedef enum {
334 OPS_PKA_NOTHING = 0, /* No PKA */
335 OPS_PKA_RSA = 1, /* RSA (Encrypt or Sign) */
336 OPS_PKA_RSA_ENCRYPT_ONLY = 2, /* RSA Encrypt-Only (deprecated -
337 * \see RFC4880 13.5) */
338 OPS_PKA_RSA_SIGN_ONLY = 3, /* RSA Sign-Only (deprecated -
339 * \see RFC4880 13.5) */
340 OPS_PKA_ELGAMAL = 16, /* Elgamal (Encrypt-Only) */
341 OPS_PKA_DSA = 17, /* DSA (Digital Signature Algorithm) */
342 OPS_PKA_RESERVED_ELLIPTIC_CURVE = 18, /* Reserved for Elliptic
343 * Curve */
344 OPS_PKA_RESERVED_ECDSA = 19, /* Reserved for ECDSA */
345 OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN = 20, /* Deprecated. */
346 OPS_PKA_RESERVED_DH = 21, /* Reserved for Diffie-Hellman
347 * (X9.42, as defined for
348 * IETF-S/MIME) */
349 OPS_PKA_PRIVATE00 = 100,/* Private/Experimental Algorithm */
350 OPS_PKA_PRIVATE01 = 101,/* Private/Experimental Algorithm */
351 OPS_PKA_PRIVATE02 = 102,/* Private/Experimental Algorithm */
352 OPS_PKA_PRIVATE03 = 103,/* Private/Experimental Algorithm */
353 OPS_PKA_PRIVATE04 = 104,/* Private/Experimental Algorithm */
354 OPS_PKA_PRIVATE05 = 105,/* Private/Experimental Algorithm */
355 OPS_PKA_PRIVATE06 = 106,/* Private/Experimental Algorithm */
356 OPS_PKA_PRIVATE07 = 107,/* Private/Experimental Algorithm */
357 OPS_PKA_PRIVATE08 = 108,/* Private/Experimental Algorithm */
358 OPS_PKA_PRIVATE09 = 109,/* Private/Experimental Algorithm */
359 OPS_PKA_PRIVATE10 = 110 /* Private/Experimental Algorithm */
360 } __ops_pubkey_alg_t;
361
362 /** Structure to hold one DSA public key params.
363 *
364 * \see RFC4880 5.5.2
365 */
366 typedef struct {
367 BIGNUM *p; /* DSA prime p */
368 BIGNUM *q; /* DSA group order q */
369 BIGNUM *g; /* DSA group generator g */
370 BIGNUM *y; /* DSA public key value y (= g^x mod p
371 * with x being the secret) */
372 } __ops_dsa_pubkey_t;
373
374 /** Structure to hold an RSA public key.
375 *
376 * \see RFC4880 5.5.2
377 */
378 typedef struct {
379 BIGNUM *n; /* RSA public modulus n */
380 BIGNUM *e; /* RSA public encryption exponent e */
381 } __ops_rsa_pubkey_t;
382
383 /** Structure to hold an ElGamal public key params.
384 *
385 * \see RFC4880 5.5.2
386 */
387 typedef struct {
388 BIGNUM *p; /* ElGamal prime p */
389 BIGNUM *g; /* ElGamal group generator g */
390 BIGNUM *y; /* ElGamal public key value y (= g^x mod p
391 * with x being the secret) */
392 } __ops_elgamal_pubkey_t;
393
394 /** Union to hold public key params of any algorithm */
395 typedef union {
396 __ops_dsa_pubkey_t dsa; /* A DSA public key */
397 __ops_rsa_pubkey_t rsa; /* An RSA public key */
398 __ops_elgamal_pubkey_t elgamal; /* An ElGamal public key */
399 } __ops_pubkey_union_t;
400
401 /** Version.
402 * OpenPGP has two different protocol versions: version 3 and version 4.
403 *
404 * \see RFC4880 5.2
405 */
406 typedef enum {
407 OPS_V2 = 2, /* Version 2 (essentially the same as v3) */
408 OPS_V3 = 3, /* Version 3 */
409 OPS_V4 = 4 /* Version 4 */
410 } __ops_version_t;
411
412 /** Structure to hold a pgp public key */
413 typedef struct {
414 __ops_version_t version;/* version of the key (v3, v4...) */
415 time_t birthtime;
416 /* when the key was created. Note that
417 * interpretation varies with key version. */
418 unsigned days_valid;
419 /* validity period of the key in days since
420 * creation. A value of 0 has a special meaning
421 * indicating this key does not expire. Only used with
422 * v3 keys. */
423 __ops_pubkey_alg_t alg; /* Public Key Algorithm type */
424 __ops_pubkey_union_t key; /* Public Key Parameters */
425 } __ops_pubkey_t;
426
427 /** Structure to hold data for one RSA secret key
428 */
429 typedef struct {
430 BIGNUM *d;
431 BIGNUM *p;
432 BIGNUM *q;
433 BIGNUM *u;
434 } __ops_rsa_seckey_t;
435
436 /** __ops_dsa_seckey_t */
437 typedef struct {
438 BIGNUM *x;
439 } __ops_dsa_seckey_t;
440
441 /** __ops_seckey_union_t */
442 typedef union {
443 __ops_rsa_seckey_t rsa;
444 __ops_dsa_seckey_t dsa;
445 } __ops_seckey_union_t;
446
447 /** s2k_usage_t
448 */
449 typedef enum {
450 OPS_S2KU_NONE = 0,
451 OPS_S2KU_ENCRYPTED_AND_HASHED = 254,
452 OPS_S2KU_ENCRYPTED = 255
453 } __ops_s2k_usage_t;
454
455 /** s2k_specifier_t
456 */
457 typedef enum {
458 OPS_S2KS_SIMPLE = 0,
459 OPS_S2KS_SALTED = 1,
460 OPS_S2KS_ITERATED_AND_SALTED = 3
461 } __ops_s2k_specifier_t;
462
463 /** Symmetric Key Algorithm Numbers.
464 * OpenPGP assigns a unique Algorithm Number to each algorithm that is
465 * part of OpenPGP.
466 *
467 * This lists algorithm numbers for symmetric key algorithms.
468 *
469 * \see RFC4880 9.2
470 */
471 typedef enum {
472 OPS_SA_PLAINTEXT = 0, /* Plaintext or unencrypted data */
473 OPS_SA_IDEA = 1, /* IDEA */
474 OPS_SA_TRIPLEDES = 2, /* TripleDES */
475 OPS_SA_CAST5 = 3, /* CAST5 */
476 OPS_SA_BLOWFISH = 4, /* Blowfish */
477 OPS_SA_AES_128 = 7, /* AES with 128-bit key (AES) */
478 OPS_SA_AES_192 = 8, /* AES with 192-bit key */
479 OPS_SA_AES_256 = 9, /* AES with 256-bit key */
480 OPS_SA_TWOFISH = 10 /* Twofish with 256-bit key (TWOFISH) */
481 } __ops_symm_alg_t;
482
483 /** Hashing Algorithm Numbers.
484 * OpenPGP assigns a unique Algorithm Number to each algorithm that is
485 * part of OpenPGP.
486 *
487 * This lists algorithm numbers for hash algorithms.
488 *
489 * \see RFC4880 9.4
490 */
491 typedef enum {
492 OPS_HASH_UNKNOWN = -1, /* used to indicate errors */
493 OPS_HASH_MD5 = 1, /* MD5 */
494 OPS_HASH_SHA1 = 2, /* SHA-1 */
495 OPS_HASH_RIPEMD = 3, /* RIPEMD160 */
496
497 OPS_HASH_SHA256 = 8, /* SHA256 */
498 OPS_HASH_SHA384 = 9, /* SHA384 */
499 OPS_HASH_SHA512 = 10, /* SHA512 */
500 OPS_HASH_SHA224 = 11 /* SHA224 */
501 } __ops_hash_alg_t;
502
503 void __ops_calc_mdc_hash(const unsigned char *,
504 const size_t,
505 const unsigned char *,
506 const unsigned int,
507 unsigned char *);
508 unsigned __ops_is_hash_alg_supported(const __ops_hash_alg_t *);
509
510 /* Maximum block size for symmetric crypto */
511 #define OPS_MAX_BLOCK_SIZE 16
512
513 /* Maximum key size for symmetric crypto */
514 #define OPS_MAX_KEY_SIZE 32
515
516 /* Salt size for hashing */
517 #define OPS_SALT_SIZE 8
518
519 /* Max hash size */
520 #define OPS_MAX_HASH_SIZE 64
521
522 /** __ops_seckey_t
523 */
524 typedef struct {
525 __ops_pubkey_t pubkey;
526 __ops_s2k_usage_t s2k_usage;
527 __ops_s2k_specifier_t s2k_specifier;
528 __ops_symm_alg_t alg;
529 __ops_hash_alg_t hash_alg;
530 unsigned char salt[OPS_SALT_SIZE];
531 unsigned octetc;
532 unsigned char iv[OPS_MAX_BLOCK_SIZE];
533 __ops_seckey_union_t key;
534 unsigned checksum;
535 unsigned char *checkhash;
536 } __ops_seckey_t;
537
538 /** Structure to hold one trust packet's data */
539
540 typedef struct {
541 __ops_data_t data; /* Trust Packet */
542 } __ops_trust_t;
543
544 /** Structure to hold one user id */
545 typedef struct {
546 unsigned char *userid;/* User ID - UTF-8 string */
547 } __ops_userid_t;
548
549 /** Structure to hold one user attribute */
550 typedef struct {
551 __ops_data_t data; /* User Attribute */
552 } __ops_userattr_t;
553
554 /** Signature Type.
555 * OpenPGP defines different signature types that allow giving
556 * different meanings to signatures. Signature types include 0x10 for
557 * generitc User ID certifications (used when Ben signs Weasel's key),
558 * Subkey binding signatures, document signatures, key revocations,
559 * etc.
560 *
561 * Different types are used in different places, and most make only
562 * sense in their intended location (for instance a subkey binding has
563 * no place on a UserID).
564 *
565 * \see RFC4880 5.2.1
566 */
567 typedef enum {
568 OPS_SIG_BINARY = 0x00, /* Signature of a binary document */
569 OPS_SIG_TEXT = 0x01, /* Signature of a canonical text document */
570 OPS_SIG_STANDALONE = 0x02, /* Standalone signature */
571
572 OPS_CERT_GENERIC = 0x10,/* Generic certification of a User ID and
573 * Public Key packet */
574 OPS_CERT_PERSONA = 0x11,/* Persona certification of a User ID and
575 * Public Key packet */
576 OPS_CERT_CASUAL = 0x12, /* Casual certification of a User ID and
577 * Public Key packet */
578 OPS_CERT_POSITIVE = 0x13, /* Positive certification of a
579 * User ID and Public Key packet */
580
581 OPS_SIG_SUBKEY = 0x18, /* Subkey Binding Signature */
582 OPS_SIG_PRIMARY = 0x19, /* Primary Key Binding Signature */
583 OPS_SIG_DIRECT = 0x1f, /* Signature directly on a key */
584
585 OPS_SIG_REV_KEY = 0x20, /* Key revocation signature */
586 OPS_SIG_REV_SUBKEY = 0x28, /* Subkey revocation signature */
587 OPS_SIG_REV_CERT = 0x30,/* Certification revocation signature */
588
589 OPS_SIG_TIMESTAMP = 0x40, /* Timestamp signature */
590
591 OPS_SIG_3RD_PARTY = 0x50/* Third-Party Confirmation signature */
592 } __ops_sig_type_t;
593
594 /** Struct to hold params of an RSA signature */
595 typedef struct {
596 BIGNUM *sig; /* the signature value (m^d % n) */
597 } __ops_rsa_sig_t;
598
599 /** Struct to hold params of a DSA signature */
600 typedef struct {
601 BIGNUM *r; /* DSA value r */
602 BIGNUM *s; /* DSA value s */
603 } __ops_dsa_sig_t;
604
605 /** __ops_elgamal_signature_t */
606 typedef struct {
607 BIGNUM *r;
608 BIGNUM *s;
609 } __ops_elgamal_sig_t;
610
611 /** Struct to hold data for a private/experimental signature */
612 typedef struct {
613 __ops_data_t data;
614 } __ops_unknown_sig_t;
615
616 /** Union to hold signature params of any algorithm */
617 typedef union {
618 __ops_rsa_sig_t rsa;/* An RSA Signature */
619 __ops_dsa_sig_t dsa;/* A DSA Signature */
620 __ops_elgamal_sig_t elgamal; /* deprecated */
621 __ops_unknown_sig_t unknown; /* private or experimental */
622 } __ops_sig_union_t;
623
624 #define OPS_KEY_ID_SIZE 8
625 #define OPS_FINGERPRINT_SIZE 20
626
627 /** Struct to hold a signature packet.
628 *
629 * \see RFC4880 5.2.2
630 * \see RFC4880 5.2.3
631 */
632 typedef struct {
633 __ops_version_t version;/* signature version number */
634 __ops_sig_type_t type; /* signature type value */
635 time_t birthtime; /* creation time of the signature */
636 unsigned char signer_id[OPS_KEY_ID_SIZE]; /* Eight-octet key ID
637 * of signer */
638 __ops_pubkey_alg_t key_alg; /* public key
639 * algorithm number */
640 __ops_hash_alg_t hash_alg; /* hashing algorithm
641 * number */
642 __ops_sig_union_t sig; /* signature params */
643 size_t v4_hashlen;
644 unsigned char *v4_hashed;
645 unsigned birthtime_set:1;
646 unsigned signer_id_set:1;
647 } __ops_sig_info_t;
648
649 /** Struct used when parsing a signature */
650 typedef struct __ops_sig_t {
651 __ops_sig_info_t info; /* The signature information */
652 /* The following fields are only used while parsing the signature */
653 unsigned char hash2[2]; /* high 2 bytes of hashed value -
654 * for quick test */
655 size_t v4_hashstart; /* only valid if accumulate
656 * is set */
657 __ops_hash_t *hash; /* if set, the hash filled in for the data
658 * so far */
659 } __ops_sig_t;
660
661 /** The raw bytes of a signature subpacket */
662
663 typedef struct {
664 __ops_content_tag_t tag;
665 size_t length;
666 unsigned char *raw;
667 } __ops_ss_raw_t;
668
669 /** Signature Subpacket : Trust Level */
670
671 typedef struct {
672 unsigned char level; /* Trust Level */
673 unsigned char amount; /* Amount */
674 } __ops_ss_trust_t;
675
676 /** Signature Subpacket : Revocable */
677 typedef struct {
678 unsigned revocable;
679 } __ops_ss_revocable_t;
680
681 /** Signature Subpacket : Time */
682 typedef struct {
683 time_t time;
684 } __ops_ss_time_t;
685
686 /** Signature Subpacket : Key ID */
687 typedef struct {
688 unsigned char key_id[OPS_KEY_ID_SIZE];
689 } __ops_ss_key_id_t;
690
691 /** Signature Subpacket : Notation Data */
692 typedef struct {
693 __ops_data_t flags;
694 __ops_data_t name;
695 __ops_data_t value;
696 } __ops_ss_notation_t;
697
698 /** Signature Subpacket : User Defined */
699 typedef struct {
700 __ops_data_t data;
701 } __ops_ss_userdef_t;
702
703 /** Signature Subpacket : Unknown */
704 typedef struct {
705 __ops_data_t data;
706 } __ops_ss_unknown_t;
707
708 /** Signature Subpacket : Preferred Symmetric Key Algorithm */
709 typedef struct {
710 __ops_data_t data;
711 /*
712 * Note that value 0 may represent the plaintext algorithm so we
713 * cannot expect data->contents to be a null-terminated list
714 */
715 } __ops_ss_skapref_t;
716
717 /** Signature Subpacket : Preferrred Hash Algorithm */
718 typedef struct {
719 __ops_data_t data;
720 } __ops_ss_hashpref_t;
721
722 /** Signature Subpacket : Preferred Compression */
723 typedef struct {
724 __ops_data_t data;
725 } __ops_ss_zpref_t;
726
727 /** Signature Subpacket : Key Flags */
728 typedef struct {
729 __ops_data_t data;
730 } __ops_ss_key_flags_t;
731
732 /** Signature Subpacket : Key Server Preferences */
733 typedef struct {
734 __ops_data_t data;
735 } __ops_ss_key_server_prefs_t;
736
737 /** Signature Subpacket : Features */
738 typedef struct {
739 __ops_data_t data;
740 } __ops_ss_features_t;
741
742 /** Signature Subpacket : Signature Target */
743 typedef struct {
744 __ops_pubkey_alg_t pka_alg;
745 __ops_hash_alg_t hash_alg;
746 __ops_data_t hash;
747 } __ops_ss_sig_target_t;
748
749 /** Signature Subpacket : Embedded Signature */
750 typedef struct {
751 __ops_data_t sig;
752 } __ops_ss_embedded_sig_t;
753
754 /** __ops_subpacket_t */
755
756 typedef struct __ops_subpacket_t {
757 size_t length;
758 unsigned char *raw;
759 } __ops_subpacket_t;
760
761 /** Types of Compression */
762 typedef enum {
763 OPS_C_NONE = 0,
764 OPS_C_ZIP = 1,
765 OPS_C_ZLIB = 2,
766 OPS_C_BZIP2 = 3
767 } __ops_compression_type_t;
768
769 /*
770 * unlike most structures, this will feed its data as a stream to the
771 * application instead of directly including it
772 */
773 /** __ops_compressed_t */
774 typedef struct {
775 __ops_compression_type_t type;
776 } __ops_compressed_t;
777
778 /** __ops_one_pass_sig_t */
779 typedef struct {
780 unsigned char version;
781 __ops_sig_type_t sig_type;
782 __ops_hash_alg_t hash_alg;
783 __ops_pubkey_alg_t key_alg;
784 unsigned char keyid[OPS_KEY_ID_SIZE];
785 unsigned nested;
786 } __ops_one_pass_sig_t;
787
788 /** Signature Subpacket : Primary User ID */
789 typedef struct {
790 unsigned primary_userid;
791 } __ops_ss_primary_userid_t;
792
793 /** Signature Subpacket : Regexp */
794 typedef struct {
795 char *regexp;
796 } __ops_ss_regexp_t;
797
798 /** Signature Subpacket : Policy URL */
799 typedef struct {
800 char *url;
801 } __ops_ss_policy_t;
802
803 /** Signature Subpacket : Preferred Key Server */
804 typedef struct {
805 char *name;
806 } __ops_ss_keyserv_t;
807
808 /** Signature Subpacket : Revocation Key */
809 typedef struct {
810 unsigned char class;
811 unsigned char algid;
812 unsigned char fingerprint[OPS_FINGERPRINT_SIZE];
813 } __ops_ss_revocation_key_t;
814
815 /** Signature Subpacket : Revocation Reason */
816 typedef struct {
817 unsigned char code;
818 char *reason;
819 } __ops_ss_revocation_t;
820
821 /** litdata_type_t */
822 typedef enum {
823 OPS_LDT_BINARY = 'b',
824 OPS_LDT_TEXT = 't',
825 OPS_LDT_UTF8 = 'u',
826 OPS_LDT_LOCAL = 'l',
827 OPS_LDT_LOCAL2 = '1'
828 } __ops_litdata_type_t;
829
830 /** __ops_litdata_header_t */
831 typedef struct {
832 __ops_litdata_type_t format;
833 char filename[256];
834 time_t mtime;
835 } __ops_litdata_header_t;
836
837 /** __ops_litdata_body_t */
838 typedef struct {
839 unsigned length;
840 unsigned char *data;
841 void *mem; /* __ops_memory_t pointer */
842 } __ops_litdata_body_t;
843
844 /** __ops_mdc_t */
845 typedef struct {
846 unsigned length;
847 unsigned char *data;
848 } __ops_mdc_t;
849
850 /** __ops_header_var_t */
851 typedef struct {
852 char *key;
853 char *value;
854 } __ops_header_var_t;
855
856 /** __ops_headers_t */
857 typedef struct {
858 __ops_header_var_t *headers;
859 unsigned headerc;
860 } __ops_headers_t;
861
862 /** __ops_armour_header_t */
863 typedef struct {
864 const char *type;
865 __ops_headers_t headers;
866 } __ops_armour_header_t;
867
868 /** __ops_armour_trailer_t */
869 typedef struct {
870 const char *type;
871 } __ops_armour_trailer_t;
872
873 /** __ops_cleartext_head_t */
874 typedef struct {
875 __ops_headers_t headers;
876 } __ops_cleartext_head_t;
877
878 /** __ops_cleartext_body_t */
879 typedef struct {
880 unsigned length;
881 unsigned char data[8192]; /* \todo fix hard-coded value? */
882 } __ops_cleartext_body_t;
883
884 /** __ops_cleartext_trailer_t */
885 typedef struct {
886 struct _ops_hash_t *hash; /* This will not have been
887 * finalised, but will have seen all
888 * the cleartext data in canonical
889 * form */
890 } __ops_cleartext_trailer_t;
891
892 /** __ops_unarmoured_text_t */
893 typedef struct {
894 unsigned length;
895 unsigned char *data;
896 } __ops_unarmoured_text_t;
897
898 typedef enum {
899 SE_IP_DATA_VERSION = 1
900 } __ops_se_ip_data_version_t;
901
902 typedef enum {
903 OPS_PKSK_V3 = 3
904 } __ops_pk_sesskey_version_t;
905
906 /** __ops_pk_sesskey_params_rsa_t */
907 typedef struct {
908 BIGNUM *encrypted_m;
909 BIGNUM *m;
910 } __ops_pk_sesskey_params_rsa_t;
911
912 /** __ops_pk_sesskey_params_elgamal_t */
913 typedef struct {
914 BIGNUM *g_to_k;
915 BIGNUM *encrypted_m;
916 } __ops_pk_sesskey_params_elgamal_t;
917
918 /** __ops_pk_sesskey_params_t */
919 typedef union {
920 __ops_pk_sesskey_params_rsa_t rsa;
921 __ops_pk_sesskey_params_elgamal_t elgamal;
922 } __ops_pk_sesskey_params_t;
923
924 /** __ops_pk_sesskey_t */
925 typedef struct {
926 __ops_pk_sesskey_version_t version;
927 unsigned char key_id[OPS_KEY_ID_SIZE];
928 __ops_pubkey_alg_t alg;
929 __ops_pk_sesskey_params_t params;
930 __ops_symm_alg_t symm_alg;
931 unsigned char key[OPS_MAX_KEY_SIZE];
932 unsigned short checksum;
933 } __ops_pk_sesskey_t;
934
935 /** __ops_seckey_passphrase_t */
936 typedef struct {
937 const __ops_seckey_t *seckey;
938 char **passphrase; /* point somewhere that gets filled
939 * in to work around constness of
940 * content */
941 } __ops_seckey_passphrase_t;
942
943 typedef enum {
944 OPS_SE_IP_V1 = 1
945 } __ops_se_ip_version_t;
946
947 /** __ops_se_ip_data_header_t */
948 typedef struct {
949 __ops_se_ip_version_t version;
950 } __ops_se_ip_data_header_t;
951
952 /** __ops_se_ip_data_body_t */
953 typedef struct {
954 unsigned length;
955 unsigned char *data; /* \todo remember to free this */
956 } __ops_se_ip_data_body_t;
957
958 /** __ops_se_data_body_t */
959 typedef struct {
960 unsigned length;
961 unsigned char data[8192]; /* \todo parameterise this! */
962 } __ops_se_data_body_t;
963
964 /** __ops_get_seckey_t */
965 typedef struct {
966 const __ops_seckey_t **seckey;
967 const __ops_pk_sesskey_t *pk_sesskey;
968 } __ops_get_seckey_t;
969
970 /** __ops_parser_union_content_t */
971 typedef union {
972 __ops_parser_error_t error;
973 __ops_parser_errcode_t errcode;
974 __ops_ptag_t ptag;
975 __ops_pubkey_t pubkey;
976 __ops_trust_t trust;
977 __ops_userid_t userid;
978 __ops_userattr_t userattr;
979 __ops_sig_t sig;
980 __ops_ss_raw_t ss_raw;
981 __ops_ss_trust_t ss_trust;
982 __ops_ss_revocable_t ss_revocable;
983 __ops_ss_time_t ss_time;
984 __ops_ss_key_id_t ss_issuer;
985 __ops_ss_notation_t ss_notation;
986 __ops_subpacket_t packet;
987 __ops_compressed_t compressed;
988 __ops_one_pass_sig_t one_pass_sig;
989 __ops_ss_skapref_t ss_skapref;
990 __ops_ss_hashpref_t ss_hashpref;
991 __ops_ss_zpref_t ss_zpref;
992 __ops_ss_key_flags_t ss_key_flags;
993 __ops_ss_key_server_prefs_t ss_key_server_prefs;
994 __ops_ss_primary_userid_t ss_primary_userid;
995 __ops_ss_regexp_t ss_regexp;
996 __ops_ss_policy_t ss_policy;
997 __ops_ss_keyserv_t ss_keyserv;
998 __ops_ss_revocation_key_t ss_revocation_key;
999 __ops_ss_userdef_t ss_userdef;
1000 __ops_ss_unknown_t ss_unknown;
1001 __ops_litdata_header_t litdata_header;
1002 __ops_litdata_body_t litdata_body;
1003 __ops_mdc_t mdc;
1004 __ops_ss_features_t ss_features;
1005 __ops_ss_sig_target_t ss_sig_target;
1006 __ops_ss_embedded_sig_t ss_embedded_sig;
1007 __ops_ss_revocation_t ss_revocation;
1008 __ops_seckey_t seckey;
1009 __ops_userid_t ss_signer;
1010 __ops_armour_header_t armour_header;
1011 __ops_armour_trailer_t armour_trailer;
1012 __ops_cleartext_head_t cleartext_head;
1013 __ops_cleartext_body_t cleartext_body;
1014 __ops_cleartext_trailer_t cleartext_trailer;
1015 __ops_unarmoured_text_t unarmoured_text;
1016 __ops_pk_sesskey_t pk_sesskey;
1017 __ops_seckey_passphrase_t skey_passphrase;
1018 __ops_se_ip_data_header_t se_ip_data_header;
1019 __ops_se_ip_data_body_t se_ip_data_body;
1020 __ops_se_data_body_t se_data_body;
1021 __ops_get_seckey_t get_seckey;
1022 } __ops_contents_t;
1023
1024 /** __ops_packet_t */
1025 struct __ops_packet_t {
1026 __ops_content_tag_t tag; /* type of contents */
1027 unsigned char critical; /* for sig subpackets */
1028 __ops_contents_t u; /* union for contents */
1029 };
1030
1031 /** __ops_fingerprint_t */
1032 typedef struct {
1033 unsigned char fingerprint[OPS_FINGERPRINT_SIZE];
1034 unsigned length;
1035 } __ops_fingerprint_t;
1036
1037 void __ops_init(void);
1038 void __ops_finish(void);
1039 void __ops_keyid(unsigned char *, const size_t, const __ops_pubkey_t *);
1040 void __ops_fingerprint(__ops_fingerprint_t *, const __ops_pubkey_t *);
1041 void __ops_pubkey_free(__ops_pubkey_t *);
1042 void __ops_userid_free(__ops_userid_t *);
1043 void __ops_userattr_free(__ops_userattr_t *);
1044 void __ops_sig_free(__ops_sig_t *);
1045 void __ops_trust_free(__ops_trust_t *);
1046 void __ops_ss_skapref_free(__ops_ss_skapref_t *);
1047 void __ops_ss_hashpref_free(__ops_ss_hashpref_t *);
1048 void __ops_ss_zpref_free(__ops_ss_zpref_t *);
1049 void __ops_ss_key_flags_free(__ops_ss_key_flags_t *);
1050 void __ops_ss_key_server_prefs_free(__ops_ss_key_server_prefs_t *);
1051 void __ops_ss_features_free(__ops_ss_features_t *);
1052 void __ops_ss_notation_free(__ops_ss_notation_t *);
1053 void __ops_ss_policy_free(__ops_ss_policy_t *);
1054 void __ops_ss_keyserv_free(__ops_ss_keyserv_t *);
1055 void __ops_ss_regexp_free(__ops_ss_regexp_t *);
1056 void __ops_ss_userdef_free(__ops_ss_userdef_t *);
1057 void __ops_ss_reserved_free(__ops_ss_unknown_t *);
1058 void __ops_ss_revocation_free(__ops_ss_revocation_t *);
1059 void __ops_ss_sig_target_free(__ops_ss_sig_target_t *);
1060 void __ops_ss_embedded_sig_free(__ops_ss_embedded_sig_t *);
1061
1062 void __ops_subpacket_free(__ops_subpacket_t *);
1063 void __ops_parser_content_free(__ops_packet_t *);
1064 void __ops_seckey_free(__ops_seckey_t *);
1065 void __ops_pk_sesskey_free(__ops_pk_sesskey_t *);
1066
1067 int __ops_print_packet(const __ops_packet_t *);
1068
1069 #define DYNARRAY(type, arr) \
1070 unsigned arr##c; unsigned arr##vsize; type *arr##s
1071
1072 #define EXPAND_ARRAY(str, arr) do { \
1073 if (str->arr##c == str->arr##vsize) { \
1074 void *__newarr; \
1075 str->arr##vsize = (str->arr##vsize * 2) + 10; \
1076 if ((__newarr = realloc(str->arr##s, \
1077 str->arr##vsize * sizeof(*str->arr##s))) == NULL) { \
1078 (void) fprintf(stderr, "EXPAND_ARRAY - bad realloc\n"); \
1079 } \
1080 str->arr##s = __newarr; \
1081 } \
1082 } while(/*CONSTCOND*/0)
1083
1084 /** __ops_keydata_key_t
1085 */
1086 typedef union {
1087 __ops_pubkey_t pubkey;
1088 __ops_seckey_t seckey;
1089 } __ops_keydata_key_t;
1090
1091
1092 /** sigpacket_t */
1093 typedef struct {
1094 __ops_userid_t *userid;
1095 __ops_subpacket_t *packet;
1096 } sigpacket_t;
1097
1098 /* XXX: gonna have to expand this to hold onto subkeys, too... */
1099 /** \struct __ops_keydata
1100 * \todo expand to hold onto subkeys
1101 */
1102 struct __ops_key_t {
1103 DYNARRAY(__ops_userid_t, uid);
1104 DYNARRAY(__ops_subpacket_t, packet);
1105 DYNARRAY(sigpacket_t, sig);
1106 unsigned char key_id[OPS_KEY_ID_SIZE];
1107 __ops_fingerprint_t fingerprint;
1108 __ops_content_tag_t type;
1109 __ops_keydata_key_t key;
1110 };
1111
1112 #define MDC_PKT_TAG 0xd3
1113
1114 #endif /* PACKET_H_ */
NetBSD on the FriendlyARM MINI2440