1/*- 2 * Copyright (c) 2012 Alistair Crooks <agc@NetBSD.org> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */
| 1/*- 2 * Copyright (c) 2012 Alistair Crooks <agc@NetBSD.org> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24 */
|
25#ifndef VERIFY_H_ 26#define VERIFY_H_ 20120325
| 25#ifndef NETPGP_VERIFY_H_ 26#define NETPGP_VERIFY_H_ 20120928
|
27
| 27
|
28#include "bn.h" 29#include "rsa.h"
| 28#include <sys/types.h>
|
30
| 29
|
| 30#include <netpgp/bn.h> 31 32#include <inttypes.h> 33 34#ifndef PGPV_ARRAY 35/* creates 2 unsigned vars called "name"c and "name"size in current scope */ 36/* also creates an array called "name"s in current scope */ 37#define PGPV_ARRAY(type, name) \ 38 unsigned name##c; unsigned name##vsize; type *name##s 39#endif 40 41/* 64bit key ids */ 42#define PGPV_KEYID_LEN 8 43#define PGPV_STR_KEYID_LEN (PGPV_KEYID_LEN + PGPV_KEYID_LEN + 1) 44 45typedef struct pgpv_bignum_t { 46 BIGNUM *bn; 47 uint16_t bits; 48} pgpv_bignum_t; 49 50#define PGPV_MAX_HASH_LEN 20 51 52typedef struct fingerprint_t { 53 uint8_t hashalg; 54 uint8_t v[PGPV_MAX_HASH_LEN]; 55 uint32_t len; 56} pgpv_fingerprint_t; 57 58#define PGPV_MAX_PUBKEY_BN 4 59 60typedef struct pgpv_pubkey_t { 61 pgpv_fingerprint_t fingerprint; 62 uint8_t keyid[PGPV_KEYID_LEN]; 63 uint64_t primary_id; 64 int64_t birth; 65 int64_t expiry; 66 pgpv_bignum_t bn[PGPV_MAX_PUBKEY_BN]; 67 uint8_t keyalg; 68 uint8_t hashalg; 69 uint8_t version; /* key version */ 70} pgpv_pubkey_t; 71 72#define PGPV_MAX_SESSKEY_BN 2 73 74typedef struct pgpv_string_t { 75 size_t size; 76 uint8_t *data; 77} pgpv_string_t; 78 79typedef struct pgpv_ref_t { 80 void *vp; 81 size_t offset; 82 unsigned mem; 83} pgpv_ref_t; 84 85#define PGPV_MAX_SECKEY_BN 4 86 87typedef struct pgpv_compress_t { 88 pgpv_string_t s; 89 uint8_t compalg; 90} pgpv_compress_t; 91 92/* a packet dealing with trust */ 93typedef struct pgpv_trust_t { 94 uint8_t level; 95 uint8_t amount; 96} pgpv_trust_t; 97 98/* a signature sub packet */ 99typedef struct pgpv_sigsubpkt_t { 100 pgpv_string_t s; 101 uint8_t tag; 102 uint8_t critical; 103} pgpv_sigsubpkt_t; 104 105#define PGPV_MAX_SIG_BN 2 106 107typedef struct pgpv_signature_t { 108 uint8_t *signer; /* key id of signer */ 109 uint8_t *userid; 110 pgpv_ref_t hashstart; 111 uint8_t *hash2; 112 uint8_t *mpi; 113 int64_t birth; 114 int64_t keyexpiry; 115 int64_t expiry; 116 uint32_t hashlen; 117 uint8_t version; 118 uint8_t type; 119 uint8_t keyalg; 120 uint8_t hashalg; 121 uint8_t trustlevel; 122 uint8_t trustamount; 123 pgpv_bignum_t bn[PGPV_MAX_SIG_BN]; 124 char *regexp; 125 char *key_server_prefs; 126 char *policy; 127 char *features; 128 char *why_revoked; 129 uint8_t trustsig; 130 uint8_t revocable; 131 uint8_t pref_symm_alg; 132 uint8_t pref_hash_alg; 133 uint8_t pref_compress_alg; 134 uint8_t notation; 135 uint8_t type_key; 136} pgpv_signature_t; 137 138/* a signature packet */ 139typedef struct pgpv_sigpkt_t { 140 pgpv_signature_t sig; 141 uint16_t subslen; 142 uint16_t unhashlen; 143 PGPV_ARRAY(pgpv_sigsubpkt_t, subpkts); 144} pgpv_sigpkt_t; 145 146/* a one-pass signature packet */ 147typedef struct pgpv_onepass_t { 148 uint8_t keyid[PGPV_KEYID_LEN]; 149 uint8_t version; 150 uint8_t type; 151 uint8_t hashalg; 152 uint8_t keyalg; 153 uint8_t nested; 154} pgpv_onepass_t; 155 156/* a literal data packet */ 157typedef struct pgpv_litdata_t { 158 uint8_t *filename; 159 pgpv_string_t s; 160 uint32_t secs; 161 uint8_t namelen; 162 char format; 163 unsigned mem; 164 size_t offset; 165 size_t len; 166} pgpv_litdata_t; 167 168/* user attributes - images */ 169typedef struct pgpv_userattr_t { 170 size_t len; 171 PGPV_ARRAY(pgpv_string_t, subattrs); 172} pgpv_userattr_t; 173 174/* a general PGP packet */ 175typedef struct pgpv_pkt_t { 176 uint8_t tag; 177 uint8_t newfmt; 178 uint8_t allocated; 179 uint8_t mement; 180 size_t offset; 181 pgpv_string_t s; 182 union { 183 pgpv_sigpkt_t sigpkt; 184 pgpv_onepass_t onepass; 185 pgpv_litdata_t litdata; 186 pgpv_compress_t compressed; 187 pgpv_trust_t trust; 188 pgpv_pubkey_t pubkey; 189 pgpv_string_t userid; 190 pgpv_userattr_t userattr; 191 } u; 192} pgpv_pkt_t; 193 194/* a memory structure */ 195typedef struct pgpv_mem_t { 196 size_t size; 197 size_t cc; 198 uint8_t *mem; 199 FILE *fp; 200 uint8_t dealloc; 201 const char *allowed; /* the types of packet that are allowed */ 202} pgpv_mem_t; 203 204/* packet parser */ 205 206typedef struct pgpv_signed_userid_t { 207 pgpv_string_t userid; 208 PGPV_ARRAY(pgpv_signature_t, sigs); 209} pgpv_signed_userid_t; 210 211typedef struct pgpv_signed_userattr_t { 212 pgpv_userattr_t userattr; 213 PGPV_ARRAY(pgpv_signature_t, sigs); 214} pgpv_signed_userattr_t; 215 216typedef struct pgpv_signed_subkey_t { 217 pgpv_pubkey_t subkey; 218 pgpv_signature_t revoc_self_sig; 219 PGPV_ARRAY(pgpv_signature_t, sigs); 220} pgpv_signed_subkey_t; 221 222typedef struct pgpv_primarykey_t { 223 pgpv_pubkey_t primary; 224 pgpv_signature_t revoc_self_sig; 225 PGPV_ARRAY(pgpv_signature_t, direct_sigs); 226 PGPV_ARRAY(pgpv_signed_userid_t, signed_userids); 227 PGPV_ARRAY(pgpv_signed_userattr_t, signed_userattrs); 228 PGPV_ARRAY(pgpv_signed_subkey_t, signed_subkeys); 229 size_t fmtsize; 230} pgpv_primarykey_t; 231 232/* everything stems from this structure */ 233typedef struct pgpv_t { 234 PGPV_ARRAY(pgpv_pkt_t, pkts); /* packet array */ 235 PGPV_ARRAY(pgpv_primarykey_t, primaries); /* array of primary keys */ 236 PGPV_ARRAY(pgpv_mem_t, areas); /* areas we read packets from */ 237 PGPV_ARRAY(size_t, datastarts); /* starts of data packets */ 238 size_t pkt; /* when parsing, current pkt number */ 239 const char *op; /* the operation we're doing */ 240} pgpv_t; 241 242/* when searching, we define a cursor, and fill in an array of subscripts */ 243typedef struct pgpv_cursor_t { 244 pgpv_t *pgp; /* pointer to pgp tree */ 245 char *field; /* field we're searching on */ 246 char *op; /* operation we're doing */ 247 char *value; /* value we're searching for */ 248 void *ptr; /* for regexps etc */ 249 PGPV_ARRAY(uint32_t, found); /* array of matched subscripts */ 250 int64_t sigtime; /* time of signature */ 251 char why[128]; /* reason for bad signature */ 252} pgpv_cursor_t; 253
|
31#ifndef __BEGIN_DECLS 32# if defined(__cplusplus) 33# define __BEGIN_DECLS extern "C" { 34# define __END_DECLS } 35# else 36# define __BEGIN_DECLS 37# define __END_DECLS 38# endif 39#endif 40 41__BEGIN_DECLS 42
| 254#ifndef __BEGIN_DECLS 255# if defined(__cplusplus) 256# define __BEGIN_DECLS extern "C" { 257# define __END_DECLS } 258# else 259# define __BEGIN_DECLS 260# define __END_DECLS 261# endif 262#endif 263 264__BEGIN_DECLS 265
|
43int RSA_public_decrypt(int flen, const uint8_t *from, uint8_t *to, RSA *rsa, int padding);
| 266int pgpv_read_pubring(pgpv_t */*pgp*/, const char */*keyring*/);
|
44
| 267
|
| 268int pgpv_verify(pgpv_cursor_t */*cursor*/, pgpv_t */*pgp*/, const void */*mem/file*/, ssize_t /*size*/); 269int pgpv_verify_print(pgpv_cursor_t */*cursor*/); 270 271size_t pgpv_get_entry(pgpv_t */*pgp*/, unsigned /*ent*/, char **/*ret*/); 272 273int pgpv_close(pgpv_t */*pgp*/); 274
|
45__END_DECLS 46 47#endif
| 275__END_DECLS 276 277#endif
|