rpm  5.2.1
rpmpgp.h
Go to the documentation of this file.
1 #ifndef H_RPMPGP
2 #define H_RPMPGP
3 
13 #include <string.h>
14 #include <popt.h>
15 #include <rpmiotypes.h>
16 #include <yarn.h>
17 
18 #if defined(_RPMPGP_INTERNAL)
19 #include <rpmsw.h>
20 
24 struct pgpDigParams_s {
25 /*@only@*/ /*@null@*/
26  const char * userid;
27 /*@only@*/ /*@null@*/
28  const rpmuint8_t * hash;
29  const char * params[4];
30  rpmuint8_t tag;
31 
32  rpmuint8_t version;
33  rpmuint8_t time[4];
34  rpmuint8_t pubkey_algo;
36  rpmuint8_t hash_algo;
37  rpmuint8_t sigtype;
38  size_t hashlen;
39  rpmuint8_t signhash16[2];
40  rpmuint8_t signid[8];
41  rpmuint8_t saved;
42 #define PGPDIG_SAVED_TIME (1 << 0)
43 #define PGPDIG_SAVED_ID (1 << 1)
44 
45 };
46 
50 struct pgpDig_s {
51  struct rpmioItem_s _item;
52  struct pgpDigParams_s signature;
53  struct pgpDigParams_s pubkey;
54 
55  rpmuint32_t sigtag;
56  rpmuint32_t sigtype;
57 /*@relnull@*/
58  const void * sig;
59  rpmuint32_t siglen;
62  struct rpmop_s dops;
63  struct rpmop_s sops;
65  int (*findPubkey) (void * _ts, /*@null@*/ void * _dig)
66  /*@modifies *_ts, *_dig @*/;
67 /*@null@*/
68  void * _ts;
70  rpmuint8_t ** ppkts;
71  int npkts;
72  size_t nbytes;
74 /*@only@*/ /*@null@*/
75  DIGEST_CTX sha1ctx;
76 /*@only@*/ /*@null@*/
77  DIGEST_CTX hdrsha1ctx;
78 /*@only@*/ /*@null@*/
79  void * sha1;
80  size_t sha1len;
82 /*@only@*/ /*@null@*/
83  DIGEST_CTX md5ctx;
84 /*@only@*/ /*@null@*/
85  DIGEST_CTX hdrctx;
86 /*@only@*/ /*@null@*/
87  void * md5;
88  size_t md5len;
89 /*@owned@*/ /*@relnull@*/
90  void * impl;
91 #if defined(__LCLINT__)
92 /*@refs@*/
93  int nrefs;
94 #endif
95 };
96 #endif
97 
100 typedef const struct pgpValTbl_s {
101  int val;
102 /*@observer@*/
103  const char * str;
104 } * pgpValTbl;
105 
113 typedef enum pgpTag_e {
132  PGPTAG_MDC = 19,
137 } pgpTag;
138 
141 /*@observer@*/ /*@unchecked@*/ /*@unused@*/
142 extern struct pgpValTbl_s pgpTagTbl[];
143 
178 typedef struct pgpPktPubkey_s {
182 } pgpPktPubkey;
183 
190 /*@-typeuse@*/
191 typedef enum pgpSigType_e {
210 } pgpSigType;
211 /*@=typeuse@*/
212 
215 /*@observer@*/ /*@unchecked@*/ /*@unused@*/
216 extern struct pgpValTbl_s pgpSigTypeTbl[];
217 
241 /*@-typeuse@*/
242 typedef enum pgpPubkeyAlgo_e {
252 } pgpPubkeyAlgo;
253 /*@=typeuse@*/
254 
257 /*@observer@*/ /*@unchecked@*/ /*@unused@*/
258 extern struct pgpValTbl_s pgpPubkeyTbl[];
259 
285 /*@-typeuse@*/
286 typedef enum pgpSymkeyAlgo_e {
299 } pgpSymkeyAlgo;
300 /*@=typeuse@*/
301 
305 /*@observer@*/ /*@unchecked@*/ /*@unused@*/
306 extern struct pgpValTbl_s pgpSymkeyTbl[];
307 
323 /*@-typeuse@*/
324 typedef enum pgpCompressAlgo_e {
330 /*@=typeuse@*/
331 
335 /*@observer@*/ /*@unchecked@*/ /*@unused@*/
336 extern struct pgpValTbl_s pgpCompressionTbl[];
337 
341 /*@observer@*/ /*@unchecked@*/ /*@unused@*/
342 extern struct pgpValTbl_s pgpHashTbl[];
343 
365 typedef struct pgpPktSigV3_s {
374 } * pgpPktSigV3;
375 
397 typedef struct pgpPktSigV4_s {
403 } * pgpPktSigV4;
404 
483 /*@-typeuse@*/
484 typedef enum pgpSubType_e {
524 } pgpSubType;
525 /*@=typeuse@*/
526 
530 /*@observer@*/ /*@unchecked@*/ /*@unused@*/
531 extern struct pgpValTbl_s pgpSubTypeTbl[];
532 
553 typedef union pgpPktSig_u {
556 } * pgpPktSig;
557 
586 typedef struct pgpPktSymkey_s {
590 } pgpPktSymkey;
591 
621 typedef struct pgpPktOnepass_s {
628 } * pgpPktOnepass;
629 
702 typedef struct pgpPktKeyV3_s {
707 } * pgpPktKeyV3;
708 
740 typedef struct pgpPktKeyV4_s {
744 } * pgpPktKeyV4;
745 
810 typedef union pgpPktKey_u {
813 } pgpPktKey;
814 
839 typedef struct pgpPktCdata_s {
842 } pgpPktCdata;
843 
878 typedef struct pgpPktEdata_s {
880 } pgpPktEdata;
881 
898 /*
899  * 5.9. Literal Data Packet (Tag 11)
900  *
901  * A Literal Data packet contains the body of a message; data that is
902  * not to be further interpreted.
903  *
904  * The body of this packet consists of:
905  * - A one-octet field that describes how the data is formatted.
906  *
907  * If it is a 'b' (0x62), then the literal packet contains binary data.
908  * If it is a 't' (0x74), then it contains text data, and thus may need
909  * line ends converted to local form, or other text-mode changes. RFC
910  * 1991 also defined a value of 'l' as a 'local' mode for machine-local
911  * conversions. This use is now deprecated.
912  * - File name as a string (one-octet length, followed by file name),
913  * if the encrypted data should be saved as a file.
914  *
915  * If the special name "_CONSOLE" is used, the message is considered to
916  * be "for your eyes only". This advises that the message data is
917  * unusually sensitive, and the receiving program should process it more
918  * carefully, perhaps avoiding storing the received data to disk, for
919  * example.
920  * - A four-octet number that indicates the modification date of the
921  * file, or the creation time of the packet, or a zero that
922  * indicates the present time.
923  * - The remainder of the packet is literal data.
924  *
925  * Text data is stored with <CR><LF> text endings (i.e. network-normal
926  * line endings). These should be converted to native line endings by
927  * the receiving software.
928  */
929 typedef struct pgpPktLdata_s {
933 } pgpPktLdata;
934 
948 typedef struct pgpPktTrust_s {
950 } pgpPktTrust;
951 
962 typedef struct pgpPktUid_s {
964 } pgpPktUid;
965 
968 union pgpPktPre_u {
980 };
981 
984 /*@-typeuse@*/
985 typedef enum pgpArmor_e {
993 #define PGPARMOR_ERROR PGPARMOR_ERR_NO_BEGIN_PGP
1002 } pgpArmor;
1003 /*@=typeuse@*/
1004 
1008 /*@observer@*/ /*@unchecked@*/ /*@unused@*/
1009 extern struct pgpValTbl_s pgpArmorTbl[];
1010 
1013 /*@-typeuse@*/
1014 typedef enum pgpArmorKey_e {
1020 } pgpArmorKey;
1021 /*@=typeuse@*/
1022 
1026 /*@observer@*/ /*@unchecked@*/ /*@unused@*/
1027 extern struct pgpValTbl_s pgpArmorKeyTbl[];
1028 
1029 /*@-fcnuse@*/
1030 #ifdef __cplusplus
1031 extern "C" {
1032 #endif
1033 
1040 /*@unused@*/ static inline
1041 unsigned int pgpGrab(const rpmuint8_t * s, size_t nbytes)
1042  /*@*/
1043 {
1044  unsigned int i = 0;
1045  size_t nb = (nbytes <= sizeof(i) ? nbytes : sizeof(i));
1046  while (nb--)
1047  i = (i << 8) | *s++;
1048  return i;
1049 }
1050 
1057 /*@unused@*/ static inline
1058 unsigned int pgpLen(const rpmuint8_t * s, /*@out@*/ unsigned int * lenp)
1059  /*@modifies *lenp @*/
1060 {
1061  if (*s < (rpmuint8_t)192) {
1062  *lenp = (unsigned int) *s++;
1063  return 1;
1064  } else if (*s < (rpmuint8_t)255) {
1065  *lenp = (unsigned int) ((((unsigned)s[0]) - 192) << 8) + (unsigned)s[1] + 192;
1066  return 2;
1067  } else {
1068  *lenp = pgpGrab(s+1, 4);
1069  return 5;
1070  }
1071 }
1072 
1078 /*@unused@*/ static inline
1079 unsigned int pgpMpiBits(const rpmuint8_t * p)
1080  /*@requires maxRead(p) >= 1 @*/
1081  /*@*/
1082 {
1083  return (unsigned int) ((p[0] << 8) | p[1]);
1084 }
1085 
1091 /*@unused@*/ static inline
1092 unsigned int pgpMpiLen(const rpmuint8_t * p)
1093  /*@requires maxRead(p) >= 1 @*/
1094  /*@*/
1095 {
1096  return (2 + ((pgpMpiBits(p)+7)>>3));
1097 }
1098 
1106 /*@unused@*/ static inline
1107 char * pgpHexCvt(/*@returned@*/ char * t, const rpmuint8_t * s, size_t nbytes)
1108  /*@modifies *t @*/
1109 {
1110  static char hex[] = "0123456789abcdef";
1111  while (nbytes-- > 0) {
1112  unsigned int i;
1113  i = (unsigned int) *s++;
1114  *t++ = hex[ (i >> 4) & 0xf ];
1115  *t++ = hex[ (i ) & 0xf ];
1116  }
1117  *t = '\0';
1118  return t;
1119 }
1120 
1128 /*@unused@*/ static inline /*@observer@*/
1129 char * pgpHexStr(const rpmuint8_t * p, size_t plen)
1130  /*@*/
1131 {
1132  static char prbuf[8*BUFSIZ]; /* XXX ick */
1133  char *t = prbuf;
1134  t = pgpHexCvt(t, p, plen);
1135  return prbuf;
1136 }
1137 
1144 /*@unused@*/ static inline /*@observer@*/
1145 const char * pgpMpiStr(const rpmuint8_t * p)
1146  /*@requires maxRead(p) >= 3 @*/
1147  /*@*/
1148 {
1149  static char prbuf[8*BUFSIZ]; /* XXX ick */
1150  char *t = prbuf;
1151  sprintf(t, "[%4u]: ", pgpGrab(p, 2));
1152  t += strlen(t);
1153  t = pgpHexCvt(t, p+2, pgpMpiLen(p)-2);
1154  return prbuf;
1155 }
1156 
1163 /*@unused@*/ static inline /*@observer@*/
1165  /*@*/
1166 {
1167  do {
1168  if (vs->val == (int)val)
1169  break;
1170  } while ((++vs)->val != -1);
1171  return vs->str;
1172 }
1173 
1181 /*@unused@*/ static inline
1182 int pgpValTok(pgpValTbl vs, const char * s, const char * se)
1183  /*@*/
1184 {
1185  do {
1186  size_t vlen = strlen(vs->str);
1187  if (vlen <= (size_t)(se-s) && !strncmp(s, vs->str, vlen))
1188  break;
1189  } while ((++vs)->val != -1);
1190  return vs->val;
1191 }
1192 
1199 /*@-exportlocal@*/
1200 void pgpPrtVal(const char * pre, pgpValTbl vs, rpmuint8_t val)
1201  /*@globals fileSystem @*/
1202  /*@modifies fileSystem @*/;
1203 /*@=exportlocal@*/
1204 
1212 /*@-exportlocal@*/
1213 int pgpPrtSubType(const rpmuint8_t * h, size_t hlen, pgpSigType sigtype)
1214  /*@globals fileSystem @*/
1215  /*@modifies fileSystem @*/;
1216 /*@=exportlocal@*/
1217 
1223 /*@-exportlocal@*/
1224 int pgpPrtSig(const pgpPkt pp)
1225  /*@globals fileSystem, internalState @*/
1226  /*@modifies fileSystem, internalState @*/;
1227 /*@=exportlocal@*/
1228 
1234 int pgpPrtKey(const pgpPkt pp)
1235  /*@globals fileSystem, internalState @*/
1236  /*@modifies fileSystem, internalState @*/;
1237 
1243 /*@-exportlocal@*/
1244 int pgpPrtUserID(const pgpPkt pp)
1245  /*@globals fileSystem, internalState @*/
1246  /*@modifies fileSystem, internalState @*/;
1247 /*@=exportlocal@*/
1248 
1254 /*@-exportlocal@*/
1255 int pgpPrtComment(const pgpPkt pp)
1256  /*@globals fileSystem @*/
1257  /*@modifies fileSystem @*/;
1258 /*@=exportlocal@*/
1259 
1268 /*@-exportlocal@*/
1269 int pgpPubkeyFingerprint(const rpmuint8_t * pkt, size_t pktlen,
1270  /*@out@*/ rpmuint8_t * keyid)
1271  /*@modifies *keyid @*/;
1272 /*@=exportlocal@*/
1273 
1281 int pgpExtractPubkeyFingerprint(const char * b64pkt,
1282  /*@out@*/ rpmuint8_t * keyid)
1283  /*@modifies *keyid @*/;
1284 
1292 int pgpPktLen(const rpmuint8_t * pkt, size_t pleft, /*@out@*/ pgpPkt pp)
1293  /*@modifies pp @*/;
1294 
1301 /*@-exportlocal@*/
1302 int pgpPrtPkt(const rpmuint8_t * pkt, size_t pleft)
1303  /*@globals fileSystem, internalState @*/
1304  /*@modifies fileSystem, internalState @*/;
1305 /*@=exportlocal@*/
1306 
1315 int pgpPrtPkts(const rpmuint8_t * pkts, size_t pktlen, pgpDig dig, int printing)
1316  /*@globals fileSystem, internalState @*/
1317  /*@modifies dig, fileSystem, internalState @*/;
1318 
1326 pgpArmor pgpReadPkts(const char * fn,
1327  /*@out@*/ rpmuint8_t ** pkt, /*@out@*/ size_t * pktlen)
1328  /*@globals h_errno, fileSystem, internalState @*/
1329  /*@modifies *pkt, *pktlen, fileSystem, internalState @*/;
1330 
1338 char * pgpArmorWrap(rpmuint8_t atype, const unsigned char * s, size_t ns)
1339  /*@*/;
1340 
1347 pgpHashAlgo pgpHashAlgoStringToNumber(const char *name, size_t name_len)
1348  /*@*/;
1349 
1353 /*@unchecked@*/
1354 extern pgpVSFlags pgpDigVSFlags;
1355 
1362 /*@unused@*/ /*@null@*/
1363 pgpDig pgpDigUnlink (/*@killref@*/ /*@only@*/ /*@null@*/ pgpDig dig,
1364  /*@null@*/ const char * msg)
1365  /*@modifies dig @*/;
1366 #define pgpDigUnlink(_dig, _msg) \
1367  ((pgpDig)rpmioUnlinkPoolItem((rpmioItem)(_dig), _msg, __FILE__, __LINE__))
1368 
1375 /*@unused@*/ /*@newref@*/ /*@null@*/
1376 pgpDig pgpDigLink (/*@null@*/ pgpDig dig, /*@null@*/ const char * msg)
1377  /*@modifies dig @*/;
1378 #define pgpDigLink(_dig, _msg) \
1379  ((pgpDig)rpmioLinkPoolItem((rpmioItem)(_dig), _msg, __FILE__, __LINE__))
1380 
1386 /*@unused@*/ /*@null@*/
1387 pgpDig pgpDigFree(/*@killref@*/ /*@only@*/ /*@null@*/ pgpDig dig)
1388  /*@modifies dig @*/;
1389 #define pgpDigFree(_dig, _msg) \
1390  ((pgpDig)rpmioFreePoolItem((rpmioItem)(_dig), _msg, __FILE__, __LINE__))
1391 
1396 /*@relnull@*/
1397 pgpDig pgpDigNew(/*@unused@*/ pgpVSFlags vsflags)
1398  /*@globals fileSystem @*/
1399  /*@modifies fileSystem @*/;
1400 
1405 void pgpDigClean(/*@null@*/ pgpDig dig)
1406  /*@modifies dig @*/;
1407 
1413 /*@exposed@*/
1414 pgpDigParams pgpGetPubkey(const pgpDig dig)
1415  /*@*/;
1416 
1422 /*@exposed@*/
1424  /*@*/;
1425 
1431 rpmuint32_t pgpGetSigtag(const pgpDig dig)
1432  /*@*/;
1433 
1439 rpmuint32_t pgpGetSigtype(const pgpDig dig)
1440  /*@*/;
1441 
1447 /*@observer@*/ /*@null@*/
1448 extern const void * pgpGetSig(const pgpDig dig)
1449  /*@*/;
1450 
1456 rpmuint32_t pgpGetSiglen(const pgpDig dig)
1457  /*@*/;
1458 
1468 int pgpSetSig(pgpDig dig,
1469  rpmuint32_t sigtag, rpmuint32_t sigtype,
1470  /*@kept@*/ /*@null@*/ const void * sig, rpmuint32_t siglen)
1471  /*@modifies dig @*/;
1472 
1479 /*@null@*/
1480 void * pgpStatsAccumulator(pgpDig dig, int opx)
1481  /*@*/;
1482 
1490 int pgpSetFindPubkey(pgpDig dig,
1491  /*@null@*/ int (*findPubkey) (void *ts, /*@null@*/ void *dig),
1492  /*@exposed@*/ /*@null@*/ void * _ts)
1493  /*@modifies dig @*/;
1494 
1500 int pgpFindPubkey(pgpDig dig)
1501  /*@modifies dig @*/;
1502 
1509 /*@unused@*/ static inline
1510 int pgpIsPkt(const rpmuint8_t * p, /*@null@*/ pgpTag * tagp)
1511  /*@modifies *tagp @*/
1512 {
1513  unsigned int val = (unsigned int) *p++;
1514  pgpTag tag;
1515  int rc;
1516 
1517  /* XXX can't deal with these. */
1518  if (!(val & 0x80))
1519  return 0;
1520 
1521  if (val & 0x40)
1522  tag = (pgpTag)(val & 0x3f);
1523  else
1524  tag = (pgpTag)((val >> 2) & 0xf);
1525 
1526  switch (tag) {
1527  case PGPTAG_MARKER:
1530  case PGPTAG_PUBLIC_KEY:
1531  case PGPTAG_SECRET_KEY:
1533  case PGPTAG_SIGNATURE:
1534  case PGPTAG_COMMENT:
1535  case PGPTAG_COMMENT_OLD:
1536  case PGPTAG_LITERAL_DATA:
1538  case PGPTAG_SYMMETRIC_DATA:
1539  rc = 1;
1540  break;
1541  case PGPTAG_PUBLIC_SUBKEY:
1542  case PGPTAG_SECRET_SUBKEY:
1543  case PGPTAG_USER_ID:
1544  case PGPTAG_RESERVED:
1545  case PGPTAG_TRUST:
1546  case PGPTAG_PHOTOID:
1547  case PGPTAG_ENCRYPTED_MDC:
1548  case PGPTAG_MDC:
1549  case PGPTAG_PRIVATE_60:
1550  case PGPTAG_PRIVATE_62:
1551  case PGPTAG_CONTROL:
1552  default:
1553  rc = 0;
1554  break;
1555  }
1556  if (tagp != NULL)
1557  *tagp = tag;
1558  return rc;
1559 }
1560 
1561 #define CRC24_INIT 0xb704ce
1562 #define CRC24_POLY 0x1864cfb
1563 
1570 /*@unused@*/ static inline
1571 unsigned int pgpCRC(const rpmuint8_t * octets, size_t len)
1572  /*@*/
1573 {
1574  unsigned int crc = CRC24_INIT;
1575  int i;
1576 
1577  while (len--) {
1578  crc ^= (*octets++) << 16;
1579  for (i = 0; i < 8; i++) {
1580  crc <<= 1;
1581  if (crc & 0x1000000)
1582  crc ^= CRC24_POLY;
1583  }
1584  }
1585  return crc & 0xffffff;
1586 }
1587 
1590 typedef int (*pgpImplSet_t) (/*@only@*/ DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
1591  /*@modifies ctx, dig @*/;
1592 
1595 typedef int (*pgpImplVerify_t) (pgpDig dig)
1596  /*@*/;
1597 
1600 typedef int (*pgpImplMpiItem_t) (const char * pre, pgpDig dig, int itemno,
1601  const rpmuint8_t * p, /*@null@*/ const rpmuint8_t * pend)
1602  /*@globals fileSystem @*/
1603  /*@modifies dig, fileSystem @*/;
1604 
1607 typedef void (*pgpImplClean_t) (void * impl)
1608  /*@modifies impl @*/;
1609 
1612 typedef void * (*pgpImplFree_t) (/*@only@*/ void * impl)
1613  /*@modifies impl @*/;
1614 
1617 typedef void * (*pgpImplInit_t) (void)
1618  /*@*/;
1619 
1620 
1623 typedef struct pgpImplVecs_s {
1634 } pgpImplVecs_t;
1635 
1638 /*@unchecked@*/
1639 extern pgpImplVecs_t * pgpImplVecs;
1640 
1641 /*@-mustmod@*/
1644 /*@unused@*/ static inline
1645 int pgpImplSetRSA(/*@only@*/ DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
1646  /*@modifies ctx, dig @*/
1647 {
1648  return (*pgpImplVecs->_pgpSetRSA) (ctx, dig, sigp);
1649 }
1650 
1653 /*@unused@*/ static inline
1655  /*@*/
1656 {
1657  return (*pgpImplVecs->_pgpVerifyRSA) (dig);
1658 }
1659 
1662 /*@unused@*/ static inline
1663 int pgpImplSetDSA(/*@only@*/ DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
1664  /*@modifies ctx, dig @*/
1665 {
1666  return (*pgpImplVecs->_pgpSetDSA) (ctx, dig, sigp);
1667 }
1668 
1671 /*@unused@*/ static inline
1673  /*@*/
1674 {
1675  return (*pgpImplVecs->_pgpVerifyDSA) (dig);
1676 }
1677 
1680 /*@unused@*/ static inline
1681 int pgpImplSetECDSA(/*@only@*/ DIGEST_CTX ctx, pgpDig dig, pgpDigParams sigp)
1682  /*@modifies ctx, dig @*/
1683 {
1684  return (*pgpImplVecs->_pgpSetECDSA) (ctx, dig, sigp);
1685 }
1686 
1689 /*@unused@*/ static inline
1691  /*@*/
1692 {
1693  return (*pgpImplVecs->_pgpVerifyECDSA) (dig);
1694 }
1695 
1698 /*@unused@*/ static inline
1699 int pgpImplMpiItem(const char * pre, pgpDig dig, int itemno,
1700  const rpmuint8_t * p, /*@null@*/ const rpmuint8_t * pend)
1701  /*@modifies dig @*/
1702 {
1703  return (*pgpImplVecs->_pgpMpiItem) (pre, dig, itemno, p, pend);
1704 }
1705 
1708 /*@unused@*/ static inline
1709 void pgpImplClean(void * impl)
1710  /*@modifies impl @*/
1711 {
1712 /*@-noeffectuncon@*/
1713  (*pgpImplVecs->_pgpClean) (impl);
1714 /*@=noeffectuncon@*/
1715 }
1716 
1719 /*@unused@*/ static inline
1720 /*@null@*/
1721 void * pgpImplFree(/*@only@*/ void * impl)
1722  /*@modifies impl @*/
1723 {
1724  return (*pgpImplVecs->_pgpFree) (impl);
1725 }
1726 
1729 /*@unused@*/ static inline
1730 void * pgpImplInit(void)
1731  /*@*/
1732 {
1733  return (*pgpImplVecs->_pgpInit) ();
1734 }
1735 /*@=mustmod@*/
1736 
1737 #ifdef __cplusplus
1738 }
1739 #endif
1740 /*@=fcnuse@*/
1741 
1742 #endif /* H_RPMPGP */