src/TortoiseProc/UpdateCrypto.h

   1 // TortoiseGit - a Windows shell extension for easy version control
   2
   3 // Copyright (C) 2013-2014 Sven Strickroth <email@cs-ware.de>
   4 // Copyright (C) VLC project (http://videolan.org)
   5
   6 // This program is free software; you can redistribute it and/or
   7 // modify it under the terms of the GNU General Public License
   8 // as published by the Free Software Foundation; either version 2
   9 // of the License, or (at your option) any later version.
  10
  11 // This program is distributed in the hope that it will be useful,
  12 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14 // GNU General Public License for more details.
  15
  16 // You should have received a copy of the GNU General Public License
  17 // along with this program; if not, write to the Free Software Foundation,
  18 // 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  19 //
  20
  21 #include <stdint.h>
  22 #include <WinCrypt.h>
  23 #include "UpdateDownloader.h"
  24
  25 enum    /* Public key algorithms */
  26 {
  27         /* we will only use DSA public keys */
  28         PUBLIC_KEY_ALGO_DSA = 0x11
  29 };
  30
  31 enum    /* Digest algorithms */
  32 {
  33         /* and DSA use SHA-1 digest */
  34         DIGEST_ALGO_SHA1    = 0x02
  35 };
  36
  37 enum    /* Packet types */
  38 {
  39         SIGNATURE_PACKET    = 0x02,
  40         PUBLIC_KEY_PACKET   = 0x06,
  41         USER_ID_PACKET      = 0x0d
  42 };
  43
  44 enum    /* Signature types */
  45 {
  46         BINARY_SIGNATURE        = 0x00,
  47         TEXT_SIGNATURE          = 0x01,
  48
  49         /* Public keys signatures */
  50         GENERIC_KEY_SIGNATURE   = 0x10, /* No assumption of verification */
  51         PERSONA_KEY_SIGNATURE   = 0x11, /* No verification has been made */
  52         CASUAL_KEY_SIGNATURE    = 0x12, /* Some casual verification */
  53         POSITIVE_KEY_SIGNATURE  = 0x13  /* Substantial verification */
  54 };
  55
  56 enum    /* Signature subpacket types */
  57 {
  58         ISSUER_SUBPACKET    = 0x10
  59 };
  60
  61 struct public_key_packet_t
  62 { /* a public key packet (DSA/SHA-1) is 418 bytes */
  63
  64         uint8_t version;      /* we use only version 4 */
  65         uint8_t timestamp[4]; /* creation time of the key */
  66         uint8_t algo;         /* we only use DSA */
  67         /* the multi precision integers, with their 2 bytes length header */
  68         uint8_t p[2+128];
  69         uint8_t q[2+20];
  70         uint8_t g[2+128];
  71         uint8_t y[2+128];
  72 };
  73
  74 /* used for public key and file signatures */
  75 struct signature_packet_t
  76 {
  77         uint8_t version; /* 3 or 4 */
  78
  79         uint8_t type;
  80         uint8_t public_key_algo;    /* DSA only */
  81         uint8_t digest_algo;        /* SHA-1 only */
  82
  83         uint8_t hash_verification[2];
  84         uint8_t issuer_longid[8];
  85
  86         union   /* version specific data */
  87         {
  88                 struct
  89                 {
  90                         uint8_t hashed_data_len[2];     /* scalar number */
  91                         uint8_t *hashed_data;           /* hashed_data_len bytes */
  92                         uint8_t unhashed_data_len[2];   /* scalar number */
  93                         uint8_t *unhashed_data;         /* unhashed_data_len bytes */
  94                 } v4;
  95                 struct
  96                 {
  97                         uint8_t hashed_data_len;    /* MUST be 5 */
  98                         uint8_t timestamp[4];       /* 4 bytes scalar number */
  99                 } v3;
 100         } specific;
 101
 102 /* The part below is made of consecutive MPIs, their number and size being
 103  * public-key-algorithm dependent.
 104  *
 105  * Since we use DSA signatures only, there is 2 integers, r & s, made of:
 106  *      2 bytes for the integer length (scalar number)
 107  *      160 bits (20 bytes) for the integer itself
 108  *
 109  * Note: the integers may be less than 160 significant bits
 110  */
 111         uint8_t r[2+20];
 112         uint8_t s[2+20];
 113 };
 114
 115 typedef struct public_key_packet_t public_key_packet_t;
 116 typedef struct signature_packet_t signature_packet_t;
 117
 118 struct public_key_t
 119 {
 120         uint8_t longid[8];       /* Long id */
 121         uint8_t *psz_username;    /* USER ID */
 122
 123         public_key_packet_t key;       /* Public key packet */
 124
 125         signature_packet_t sig;     /* Signature packet, by the embedded key */
 126 };
 127
 128 typedef struct public_key_t public_key_t;
 129
 130 typedef struct _DSAKEY
 131 {
 132   BLOBHEADER blobheader;
 133   DSSPUBKEY_VER3 dsspubkeyver3;
 134   BYTE p[128]; // prime modulus
 135   BYTE q[20]; // large factor of P-1
 136   BYTE g[128]; // the generator parameter
 137   BYTE y[128]; // (G^X) mod P
 138 } DSAKEY;
 139
 140 int VerifyIntegrity(const CString &filename, const CString &signatureFilename, CUpdateDownloader *updateDownloader);