1/*-
2 * Copyright (c) 2009 The NetBSD Foundation, Inc.
3 * All rights reserved.
4 *
5 * This code is derived from software contributed to The NetBSD Foundation
6 * by Alistair Crooks (agc@NetBSD.org)
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
18 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
19 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
20 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
21 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
22 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27 * POSSIBILITY OF SUCH DAMAGE.
28 */
29/*
30 * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
31 * All rights reserved.
32 * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
33 * their moral rights under the UK Copyright Design and Patents Act 1988 to
34 * be recorded as the authors of this copyright work.
35 *
36 * Licensed under the Apache License, Version 2.0 (the "License"); you may not
37 * use this file except in compliance with the License.
38 *
39 * You may obtain a copy of the License at
40 * http://www.apache.org/licenses/LICENSE-2.0
41 *
42 * Unless required by applicable law or agreed to in writing, software
43 * distributed under the License is distributed on an "AS IS" BASIS,
44 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
45 *
46 * See the License for the specific language governing permissions and
47 * limitations under the License.
48 */
49
50/** \file
51 */
52
53#ifndef CRYPTO_H_
54#define CRYPTO_H_
55
56#include "keyring.h"
57#include "packet.h"
58#include "memory.h"
59#include "packet-parse.h"
60
61#include <openssl/dsa.h>
62
63#define PGP_MIN_HASH_SIZE 16
64
65/** pgp_hash_t */
66struct pgp_hash_t {
67 pgp_hash_alg_t alg; /* algorithm */
68 size_t size; /* size */
69 const char *name; /* what it's known as */
70 int (*init)(pgp_hash_t *);
71 void (*add)(pgp_hash_t *, const uint8_t *, unsigned);
72 unsigned (*finish)(pgp_hash_t *, uint8_t *);
73 void *data; /* blob for data */
74};
75
76/** pgp_crypt_t */
77struct pgp_crypt_t {
78 pgp_symm_alg_t alg;
79 size_t blocksize;
80 size_t keysize;
81 void (*set_iv)(pgp_crypt_t *, const uint8_t *);
82 void (*set_crypt_key)(pgp_crypt_t *, const uint8_t *);
83 int (*base_init)(pgp_crypt_t *);
84 void (*decrypt_resync)(pgp_crypt_t *);
85 /* encrypt/decrypt one block */
86 void (*block_encrypt)(pgp_crypt_t *, void *, const void *);
87 void (*block_decrypt)(pgp_crypt_t *, void *, const void *);
88 /* Standard CFB encrypt/decrypt (as used by Sym Enc Int Prot packets) */
89 void (*cfb_encrypt)(pgp_crypt_t *, void *, const void *, size_t);
90 void (*cfb_decrypt)(pgp_crypt_t *, void *, const void *, size_t);
91 void (*decrypt_finish)(pgp_crypt_t *);
92 uint8_t iv[PGP_MAX_BLOCK_SIZE];
93 uint8_t civ[PGP_MAX_BLOCK_SIZE];
94 uint8_t siv[PGP_MAX_BLOCK_SIZE];
95 /* siv is needed for weird v3 resync */
96 uint8_t key[PGP_MAX_KEY_SIZE];
97 int num;
98 /* num is offset - see openssl _encrypt doco */
99 void *encrypt_key;
100 void *decrypt_key;
101};
102
103void pgp_crypto_finish(void);
104void pgp_hash_md5(pgp_hash_t *);
105void pgp_hash_sha1(pgp_hash_t *);
106void pgp_hash_sha256(pgp_hash_t *);
107void pgp_hash_sha512(pgp_hash_t *);
108void pgp_hash_sha384(pgp_hash_t *);
109void pgp_hash_sha224(pgp_hash_t *);
110void pgp_hash_any(pgp_hash_t *, pgp_hash_alg_t);
111pgp_hash_alg_t pgp_str_to_hash_alg(const char *);
112const char *pgp_text_from_hash(pgp_hash_t *);
113unsigned pgp_hash_size(pgp_hash_alg_t);
114unsigned pgp_hash(uint8_t *, pgp_hash_alg_t, const void *, size_t);
115
116void pgp_hash_add_int(pgp_hash_t *, unsigned, unsigned);
117
118unsigned pgp_dsa_verify(const uint8_t *, size_t,
119 const pgp_dsa_sig_t *,
120 const pgp_dsa_pubkey_t *);
121
122int pgp_rsa_public_decrypt(uint8_t *, const uint8_t *, size_t,
123 const pgp_rsa_pubkey_t *);
124int pgp_rsa_public_encrypt(uint8_t *, const uint8_t *, size_t,
125 const pgp_rsa_pubkey_t *);
126
127int pgp_rsa_private_encrypt(uint8_t *, const uint8_t *, size_t,
128 const pgp_rsa_seckey_t *, const pgp_rsa_pubkey_t *);
129int pgp_rsa_private_decrypt(uint8_t *, const uint8_t *, size_t,
130 const pgp_rsa_seckey_t *, const pgp_rsa_pubkey_t *);
131
132int pgp_elgamal_public_encrypt(uint8_t *, uint8_t *, const uint8_t *, size_t,
133 const pgp_elgamal_pubkey_t *);
134int pgp_elgamal_private_decrypt(uint8_t *, const uint8_t *, const uint8_t *, size_t,
135 const pgp_elgamal_seckey_t *, const pgp_elgamal_pubkey_t *);
136
137pgp_symm_alg_t pgp_str_to_cipher(const char *);
138unsigned pgp_block_size(pgp_symm_alg_t);
139unsigned pgp_key_size(pgp_symm_alg_t);
140
141int pgp_decrypt_data(pgp_content_enum, pgp_region_t *,
142 pgp_stream_t *);
143
144int pgp_crypt_any(pgp_crypt_t *, pgp_symm_alg_t);
145void pgp_decrypt_init(pgp_crypt_t *);
146void pgp_encrypt_init(pgp_crypt_t *);
147size_t pgp_decrypt_se(pgp_crypt_t *, void *, const void *, size_t);
148size_t pgp_encrypt_se(pgp_crypt_t *, void *, const void *, size_t);
149size_t pgp_decrypt_se_ip(pgp_crypt_t *, void *, const void *, size_t);
150size_t pgp_encrypt_se_ip(pgp_crypt_t *, void *, const void *, size_t);
151unsigned pgp_is_sa_supported(pgp_symm_alg_t);
152
153void pgp_reader_push_decrypt(pgp_stream_t *, pgp_crypt_t *,
154 pgp_region_t *);
155void pgp_reader_pop_decrypt(pgp_stream_t *);
156
157/* Hash everything that's read */
158void pgp_reader_push_hash(pgp_stream_t *, pgp_hash_t *);
159void pgp_reader_pop_hash(pgp_stream_t *);
160
161int pgp_decrypt_decode_mpi(uint8_t *, unsigned, const BIGNUM *,
162 const BIGNUM *, const pgp_seckey_t *);
163
164unsigned pgp_rsa_encrypt_mpi(const uint8_t *, const size_t,
165 const pgp_pubkey_t *,
166 pgp_pk_sesskey_params_t *);
167unsigned pgp_elgamal_encrypt_mpi(const uint8_t *, const size_t,
168 const pgp_pubkey_t *,
169 pgp_pk_sesskey_params_t *);
170
171/* Encrypt everything that's written */
172struct pgp_key_data;
173void pgp_writer_push_encrypt(pgp_output_t *,
174 const struct pgp_key_data *);
175
176unsigned pgp_encrypt_file(pgp_io_t *, const char *, const char *,
177 const pgp_key_t *,
178 const unsigned, const unsigned, const char *);
179unsigned pgp_decrypt_file(pgp_io_t *,
180 const char *,
181 const char *,
182 pgp_keyring_t *,
183 pgp_keyring_t *,
184 const unsigned,
185 const unsigned,
186 const unsigned,
187 void *,
188 int,
189 pgp_cbfunc_t *);
190
191pgp_memory_t *
192pgp_encrypt_buf(pgp_io_t *, const void *, const size_t,
193 const pgp_key_t *,
194 const unsigned, const char *);
195pgp_memory_t *
196pgp_decrypt_buf(pgp_io_t *,
197 const void *,
198 const size_t,
199 pgp_keyring_t *,
200 pgp_keyring_t *,
201 const unsigned,
202 const unsigned,
203 void *,
204 int,
205 pgp_cbfunc_t *);
206
207/* Keys */
208pgp_key_t *pgp_rsa_new_selfsign_key(const int,
209 const unsigned long, uint8_t *, const char *,
210 const char *);
211
212int pgp_dsa_size(const pgp_dsa_pubkey_t *);
213DSA_SIG *pgp_dsa_sign(uint8_t *, unsigned,
214 const pgp_dsa_seckey_t *,
215 const pgp_dsa_pubkey_t *);
216
217int openssl_read_pem_seckey(const char *, pgp_key_t *, const char *, int);
218
219/** pgp_reader_t */
220struct pgp_reader_t {
221 pgp_reader_func_t *reader; /* reader func to get parse data */
222 pgp_reader_destroyer_t *destroyer;
223 void *arg; /* args to pass to reader function */
224 unsigned accumulate:1; /* set to gather packet data */
225 uint8_t *accumulated; /* the accumulated data */
226 unsigned asize; /* size of the buffer */
227 unsigned alength;/* used buffer */
228 unsigned position; /* reader-specific offset */
229 pgp_reader_t *next;
230 pgp_stream_t *parent;/* parent parse_info structure */
231};
232
233
234/** pgp_cryptinfo_t
235 Encrypt/decrypt settings
236*/
237struct pgp_cryptinfo_t {
238 char *passphrase;
239 pgp_keyring_t *secring;
240 const pgp_key_t *keydata;
241 pgp_cbfunc_t *getpassphrase;
242 pgp_keyring_t *pubring;
243};
244
245/** pgp_cbdata_t */
246struct pgp_cbdata_t {
247 pgp_cbfunc_t *cbfunc; /* callback function */
248 void *arg; /* args to pass to callback func */
249 pgp_error_t **errors; /* address of error stack */
250 pgp_cbdata_t *next;
251 pgp_output_t *output; /* when writing out parsed info */
252 pgp_io_t *io; /* error/output messages */
253 void *passfp; /* fp for passphrase input */
254 pgp_cryptinfo_t cryptinfo; /* used when decrypting */
255 pgp_printstate_t printstate; /* used to keep printing state */
256 pgp_seckey_t *sshseckey; /* secret key for ssh */
257 int numtries; /* # of passphrase attempts */
258 int gotpass; /* when passphrase entered */
259};
260
261/** pgp_hashtype_t */
262typedef struct {
263 pgp_hash_t hash; /* hashes we should hash data with */
264 uint8_t keyid[PGP_KEY_ID_SIZE];
265} pgp_hashtype_t;
266
267#define NTAGS 0x100 /* == 256 */
268
269/** \brief Structure to hold information about a packet parse.
270 *
271 * This information includes options about the parse:
272 * - whether the packet contents should be accumulated or not
273 * - whether signature subpackets should be parsed or left raw
274 *
275 * It contains options specific to the parsing of armoured data:
276 * - whether headers are allowed in armoured data without a gap
277 * - whether a blank line is allowed at the start of the armoured data
278 *
279 * It also specifies :
280 * - the callback function to use and its arguments
281 * - the reader function to use and its arguments
282 *
283 * It also contains information about the current state of the parse:
284 * - offset from the beginning
285 * - the accumulated data, if any
286 * - the size of the buffer, and how much has been used
287 *
288 * It has a linked list of errors.
289 */
290
291struct pgp_stream_t {
292 uint8_t ss_raw[NTAGS / 8];
293 /* 1 bit / sig-subpkt type; set to get raw data */
294 uint8_t ss_parsed[NTAGS / 8];
295 /* 1 bit / sig-subpkt type; set to get parsed data */
296 pgp_reader_t readinfo;
297 pgp_cbdata_t cbinfo;
298 pgp_error_t *errors;
299 void *io; /* io streams */
300 pgp_crypt_t decrypt;
301 pgp_cryptinfo_t cryptinfo;
302 size_t hashc;
303 pgp_hashtype_t *hashes;
304 unsigned reading_v3_secret:1;
305 unsigned reading_mpi_len:1;
306 unsigned exact_read:1;
307 unsigned partial_read:1;
308 unsigned coalescing:1;
309 /* used for partial length coalescing */
310 unsigned virtualc;
311 unsigned virtualoff;
312 uint8_t *virtualpkt;
313};
314
315#endif /* CRYPTO_H_ */
316