src/TortoiseProc/UpdateCrypto.h

   1 // TortoiseGit - a Windows shell extension for easy version control
   2
   3 // Copyright (C) 2013-2014, 2019 Sven Strickroth <email@cs-ware.de>
   4 // Copyright (C) VLC project (http://videolan.org)
   5
   6 // This program is free software; you can redistribute it and/or
   7 // modify it under the terms of the GNU General Public License
   8 // as published by the Free Software Foundation; either version 2
   9 // of the License, or (at your option) any later version.
  10
  11 // This program is distributed in the hope that it will be useful,
  12 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14 // GNU General Public License for more details.
  15
  16 // You should have received a copy of the GNU General Public License
  17 // along with this program; if not, write to the Free Software Foundation,
  18 // 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  19 //
  20
  21 #include <stdint.h>
  22 #include <WinCrypt.h>
  23 #include "UpdateDownloader.h"
  24
  25 enum    /* Public key algorithms */
  26 {
  27         PUBLIC_KEY_ALGO_RSA = 0x01,
  28         PUBLIC_KEY_ALGO_DSA = 0x11
  29 };
  30
  31 enum    /* Digest algorithms */
  32 {
  33         DIGEST_ALGO_SHA1    = 0x02,
  34         DIGEST_ALGO_SHA256  = 0x08,
  35         DIGEST_ALGO_SHA384  = 0x09,
  36         DIGEST_ALGO_SHA512  = 0x0A,
  37 };
  38
  39 enum    /* Packet types */
  40 {
  41         SIGNATURE_PACKET    = 0x02,
  42         PUBLIC_KEY_PACKET   = 0x06,
  43         USER_ID_PACKET      = 0x0d
  44 };
  45
  46 enum    /* Signature types */
  47 {
  48         BINARY_SIGNATURE        = 0x00,
  49         TEXT_SIGNATURE          = 0x01,
  50
  51         /* Public keys signatures */
  52         GENERIC_KEY_SIGNATURE   = 0x10, /* No assumption of verification */
  53         PERSONA_KEY_SIGNATURE   = 0x11, /* No verification has been made */
  54         CASUAL_KEY_SIGNATURE    = 0x12, /* Some casual verification */
  55         POSITIVE_KEY_SIGNATURE  = 0x13  /* Substantial verification */
  56 };
  57
  58 enum    /* Signature subpacket types */
  59 {
  60         ISSUER_SUBPACKET    = 0x10
  61 };
  62
  63 struct public_key_packet_t
  64 {
  65         uint8_t version;      /* we use only version 4 */
  66         uint8_t timestamp[4]; /* creation time of the key */
  67         uint8_t algo;         /* we only use DSA or RSA */
  68         /* the multi precision integers, with their 2 bytes length header */
  69         union {
  70 #ifdef TGIT_UPDATECRYPTO_DSA
  71                 struct {
  72                         uint8_t p[2 + 128];
  73                         uint8_t q[2 + 20];
  74                         uint8_t g[2 + 128];
  75                         uint8_t y[2 + 128];
  76                 } dsa;
  77 #endif
  78                 struct {
  79                         uint8_t n[2 + 4096 / 8];
  80                         uint8_t e[2 + 4096 / 8];
  81                 } rsa;
  82         } sig;
  83 };
  84
  85 /* used for public key and file signatures */
  86 struct signature_packet_t
  87 {
  88         uint8_t version; /* 3 or 4 */
  89
  90         uint8_t type;
  91         uint8_t public_key_algo;    /* DSA or RSA */
  92         uint8_t digest_algo;
  93
  94         uint8_t hash_verification[2];
  95         uint8_t issuer_longid[8];
  96
  97         union   /* version specific data */
  98         {
  99                 struct
 100                 {
 101                         uint8_t hashed_data_len[2];     /* scalar number */
 102                         uint8_t *hashed_data;           /* hashed_data_len bytes */
 103                         uint8_t unhashed_data_len[2];   /* scalar number */
 104                         uint8_t *unhashed_data;         /* unhashed_data_len bytes */
 105                 } v4;
 106         } specific;
 107
 108 /* The part below is made of consecutive MPIs, their number and size being
 109  * public-key-algorithm dependent.
 110  */
 111         union {
 112 #ifdef TGIT_UPDATECRYPTO_DSA
 113                 struct {
 114                         uint8_t r[2 + 20];
 115                         uint8_t s[2 + 20];
 116                 } dsa;
 117 #endif
 118                 struct {
 119                         uint8_t s[2 + 4096 / 8];
 120                 } rsa;
 121         } algo_specific;
 122 };
 123
 124 typedef struct public_key_packet_t public_key_packet_t;
 125 typedef struct signature_packet_t signature_packet_t;
 126
 127 struct public_key_t
 128 {
 129         uint8_t longid[8];       /* Long id */
 130         uint8_t *psz_username;    /* USER ID */
 131
 132         public_key_packet_t key;       /* Public key packet */
 133
 134         signature_packet_t sig;     /* Signature packet, by the embedded key */
 135 };
 136
 137 typedef struct public_key_t public_key_t;
 138
 139 #ifdef TGIT_UPDATECRYPTO_DSA
 140 typedef struct _DSAKEY
 141 {
 142   BLOBHEADER blobheader;
 143   DSSPUBKEY_VER3 dsspubkeyver3;
 144   BYTE p[128]; // prime modulus
 145   BYTE q[20]; // large factor of P-1
 146   BYTE g[128]; // the generator parameter
 147   BYTE y[128]; // (G^X) mod P
 148 } DSAKEY;
 149 #endif
 150
 151 typedef struct _RSAKEY
 152 {
 153         BLOBHEADER blobheader;
 154         RSAPUBKEY rsapubkey;
 155         BYTE n[4096 / 8];
 156 } RSAKEY;
 157
 158 int VerifyIntegrity(const CString &filename, const CString &signatureFilename, CUpdateDownloader *updateDownloader);