search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
README: remove duplicate download link & mention related softw.
[pgsql.git] / contrib / pgcrypto / pgp.h
blob0bbfd0217bae5147bcafa7a140ddaa40e4cc2436
1 /*
2 * pgp.h
3 * OpenPGP implementation.
4 *
5 * Copyright (c) 2005 Marko Kreen
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 *
29 * contrib/pgcrypto/pgp.h
30 */
31
32 #include "lib/stringinfo.h"
33
34 #include "mbuf.h"
35 #include "px.h"
36
37 enum PGP_S2K_TYPE
38 {
39 PGP_S2K_SIMPLE = 0,
40 PGP_S2K_SALTED = 1,
41 PGP_S2K_ISALTED = 3,
42 };
43
44 enum PGP_PKT_TYPE
45 {
46 PGP_PKT_RESERVED = 0,
47 PGP_PKT_PUBENCRYPTED_SESSKEY = 1,
48 PGP_PKT_SIGNATURE = 2,
49 PGP_PKT_SYMENCRYPTED_SESSKEY = 3,
50 PGP_PKT_SECRET_KEY = 5,
51 PGP_PKT_PUBLIC_KEY = 6,
52 PGP_PKT_SECRET_SUBKEY = 7,
53 PGP_PKT_COMPRESSED_DATA = 8,
54 PGP_PKT_SYMENCRYPTED_DATA = 9,
55 PGP_PKT_MARKER = 10,
56 PGP_PKT_LITERAL_DATA = 11,
57 PGP_PKT_TRUST = 12,
58 PGP_PKT_USER_ID = 13,
59 PGP_PKT_PUBLIC_SUBKEY = 14,
60 PGP_PKT_USER_ATTR = 17,
61 PGP_PKT_SYMENCRYPTED_DATA_MDC = 18,
62 PGP_PKT_MDC = 19,
63 PGP_PKT_PRIV_61 = 61, /* occurs in gpg secring */
64 };
65
66 enum PGP_PUB_ALGO_TYPE
67 {
68 PGP_PUB_RSA_ENCRYPT_SIGN = 1,
69 PGP_PUB_RSA_ENCRYPT = 2,
70 PGP_PUB_RSA_SIGN = 3,
71 PGP_PUB_ELG_ENCRYPT = 16,
72 PGP_PUB_DSA_SIGN = 17,
73 };
74
75 enum PGP_SYMENC_TYPE
76 {
77 PGP_SYM_PLAIN = 0, /* ?? */
78 PGP_SYM_IDEA = 1, /* obsolete, PGP 2.6 compat */
79 PGP_SYM_DES3 = 2, /* must */
80 PGP_SYM_CAST5 = 3, /* should */
81 PGP_SYM_BLOWFISH = 4,
82 PGP_SYM_SAFER_SK128 = 5, /* obsolete */
83 PGP_SYM_DES_SK = 6, /* obsolete */
84 PGP_SYM_AES_128 = 7, /* should */
85 PGP_SYM_AES_192 = 8,
86 PGP_SYM_AES_256 = 9,
87 PGP_SYM_TWOFISH = 10,
88 };
89
90 enum PGP_COMPR_TYPE
91 {
92 PGP_COMPR_NONE = 0, /* must */
93 PGP_COMPR_ZIP = 1, /* should */
94 PGP_COMPR_ZLIB = 2,
95 PGP_COMPR_BZIP2 = 3,
96 };
97
98 enum PGP_DIGEST_TYPE
99 {
100 PGP_DIGEST_MD5 = 1, /* should, deprecated */
101 PGP_DIGEST_SHA1 = 2, /* must */
102 PGP_DIGEST_RIPEMD160 = 3,
103 PGP_DIGEST_XSHA = 4, /* obsolete */
104 PGP_DIGEST_MD2 = 5, /* obsolete */
105 PGP_DIGEST_TIGER192 = 6, /* obsolete */
106 PGP_DIGEST_HAVAL5_160 = 7, /* obsolete */
107 PGP_DIGEST_SHA256 = 8,
108 PGP_DIGEST_SHA384 = 9,
109 PGP_DIGEST_SHA512 = 10,
110 };
111
112 #define PGP_MAX_KEY (256/8)
113 #define PGP_MAX_BLOCK (256/8)
114 #define PGP_MAX_DIGEST (512/8)
115 #define PGP_S2K_SALT 8
116
117 typedef struct PGP_MPI PGP_MPI;
118 typedef struct PGP_PubKey PGP_PubKey;
119 typedef struct PGP_Context PGP_Context;
120 typedef struct PGP_S2K PGP_S2K;
121
122 struct PGP_S2K
123 {
124 uint8 mode;
125 uint8 digest_algo;
126 uint8 salt[8];
127 uint8 iter; /* encoded (one-octet) count */
128 /* calculated: */
129 uint8 key[PGP_MAX_KEY];
130 uint8 key_len;
131 };
132
133
134 struct PGP_Context
135 {
136 /*
137 * parameters
138 */
139 PGP_S2K s2k;
140 int s2k_mode;
141 int s2k_count; /* 4-byte decoded count */
142 int s2k_digest_algo;
143 int s2k_cipher_algo;
144 int cipher_algo;
145 int compress_algo;
146 int compress_level;
147 int disable_mdc;
148 int use_sess_key;
149 int text_mode;
150 int convert_crlf;
151 int unicode_mode;
152
153 /*
154 * internal variables
155 */
156 int mdc_checked;
157 int corrupt_prefix; /* prefix failed RFC 4880 "quick check" */
158 int unsupported_compr; /* has bzip2 compression */
159 int unexpected_binary; /* binary data seen in text_mode */
160 int in_mdc_pkt;
161 int use_mdcbuf_filter;
162 PX_MD *mdc_ctx;
163
164 PGP_PubKey *pub_key; /* ctx owns it */
165 const uint8 *sym_key; /* ctx does not own it */
166 int sym_key_len;
167
168 /*
169 * read or generated data
170 */
171 uint8 sess_key[PGP_MAX_KEY];
172 unsigned sess_key_len;
173 };
174
175 /* from RFC 4880 3.7.1.3 */
176 #define s2k_decode_count(cval) \
177 (((unsigned) 16 + (cval & 15)) << ((cval >> 4) + 6))
178
179 struct PGP_MPI
180 {
181 uint8 *data;
182 int bits;
183 int bytes;
184 };
185
186 struct PGP_PubKey
187 {
188 uint8 ver;
189 uint8 time[4];
190 uint8 algo;
191
192 /* public part */
193 union
194 {
195 struct
196 {
197 PGP_MPI *p;
198 PGP_MPI *g;
199 PGP_MPI *y;
200 } elg;
201 struct
202 {
203 PGP_MPI *n;
204 PGP_MPI *e;
205 } rsa;
206 struct
207 {
208 PGP_MPI *p;
209 PGP_MPI *q;
210 PGP_MPI *g;
211 PGP_MPI *y;
212 } dsa;
213 } pub;
214
215 /* secret part */
216 union
217 {
218 struct
219 {
220 PGP_MPI *x;
221 } elg;
222 struct
223 {
224 PGP_MPI *d;
225 PGP_MPI *p;
226 PGP_MPI *q;
227 PGP_MPI *u;
228 } rsa;
229 struct
230 {
231 PGP_MPI *x;
232 } dsa;
233 } sec;
234
235 uint8 key_id[8];
236 int can_encrypt;
237 };
238
239 int pgp_init(PGP_Context **ctx_p);
240 int pgp_encrypt(PGP_Context *ctx, MBuf *src, MBuf *dst);
241 int pgp_decrypt(PGP_Context *ctx, MBuf *msrc, MBuf *mdst);
242 int pgp_free(PGP_Context *ctx);
243
244 int pgp_get_digest_code(const char *name);
245 int pgp_get_cipher_code(const char *name);
246 const char *pgp_get_digest_name(int code);
247
248 int pgp_set_cipher_algo(PGP_Context *ctx, const char *name);
249 int pgp_set_s2k_mode(PGP_Context *ctx, int mode);
250 int pgp_set_s2k_count(PGP_Context *ctx, int count);
251 int pgp_set_s2k_cipher_algo(PGP_Context *ctx, const char *name);
252 int pgp_set_s2k_digest_algo(PGP_Context *ctx, const char *name);
253 int pgp_set_convert_crlf(PGP_Context *ctx, int doit);
254 int pgp_disable_mdc(PGP_Context *ctx, int disable);
255 int pgp_set_sess_key(PGP_Context *ctx, int use);
256 int pgp_set_compress_algo(PGP_Context *ctx, int algo);
257 int pgp_set_compress_level(PGP_Context *ctx, int level);
258 int pgp_set_text_mode(PGP_Context *ctx, int mode);
259 int pgp_set_unicode_mode(PGP_Context *ctx, int mode);
260 int pgp_get_unicode_mode(PGP_Context *ctx);
261
262 int pgp_set_symkey(PGP_Context *ctx, const uint8 *key, int len);
263 int pgp_set_pubkey(PGP_Context *ctx, MBuf *keypkt,
264 const uint8 *key, int key_len, int pubtype);
265
266 int pgp_get_keyid(MBuf *pgp_data, char *dst);
267
268 /* internal functions */
269
270 int pgp_load_digest(int code, PX_MD **res);
271 int pgp_load_cipher(int code, PX_Cipher **res);
272 int pgp_get_cipher_key_size(int code);
273 int pgp_get_cipher_block_size(int code);
274
275 int pgp_s2k_fill(PGP_S2K *s2k, int mode, int digest_algo, int count);
276 int pgp_s2k_read(PullFilter *src, PGP_S2K *s2k);
277 int pgp_s2k_process(PGP_S2K *s2k, int cipher, const uint8 *key, int key_len);
278
279 typedef struct PGP_CFB PGP_CFB;
280 int pgp_cfb_create(PGP_CFB **ctx_p, int algo,
281 const uint8 *key, int key_len, int resync, uint8 *iv);
282 void pgp_cfb_free(PGP_CFB *ctx);
283 int pgp_cfb_encrypt(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst);
284 int pgp_cfb_decrypt(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst);
285
286 void pgp_armor_encode(const uint8 *src, unsigned len, StringInfo dst,
287 int num_headers, char **keys, char **values);
288 int pgp_armor_decode(const uint8 *src, int len, StringInfo dst);
289 int pgp_extract_armor_headers(const uint8 *src, unsigned len,
290 int *nheaders, char ***keys, char ***values);
291
292 int pgp_compress_filter(PushFilter **res, PGP_Context *ctx, PushFilter *dst);
293 int pgp_decompress_filter(PullFilter **res, PGP_Context *ctx, PullFilter *src);
294
295 int pgp_key_alloc(PGP_PubKey **pk_p);
296 void pgp_key_free(PGP_PubKey *pk);
297 int _pgp_read_public_key(PullFilter *pkt, PGP_PubKey **pk_p);
298
299 int pgp_parse_pubenc_sesskey(PGP_Context *ctx, PullFilter *pkt);
300 int pgp_create_pkt_reader(PullFilter **pf_p, PullFilter *src, int len,
301 int pkttype, PGP_Context *ctx);
302 int pgp_parse_pkt_hdr(PullFilter *src, uint8 *tag, int *len_p,
303 int allow_ctx);
304
305 int pgp_skip_packet(PullFilter *pkt);
306 int pgp_expect_packet_end(PullFilter *pkt);
307
308 int pgp_write_pubenc_sesskey(PGP_Context *ctx, PushFilter *dst);
309 int pgp_create_pkt_writer(PushFilter *dst, int tag, PushFilter **res_p);
310
311 int pgp_mpi_alloc(int bits, PGP_MPI **mpi);
312 int pgp_mpi_create(uint8 *data, int bits, PGP_MPI **mpi);
313 int pgp_mpi_free(PGP_MPI *mpi);
314 int pgp_mpi_read(PullFilter *src, PGP_MPI **mpi);
315 int pgp_mpi_write(PushFilter *dst, PGP_MPI *n);
316 int pgp_mpi_hash(PX_MD *md, PGP_MPI *n);
317 unsigned pgp_mpi_cksum(unsigned cksum, PGP_MPI *n);
318
319 int pgp_elgamal_encrypt(PGP_PubKey *pk, PGP_MPI *_m,
320 PGP_MPI **c1_p, PGP_MPI **c2_p);
321 int pgp_elgamal_decrypt(PGP_PubKey *pk, PGP_MPI *_c1, PGP_MPI *_c2,
322 PGP_MPI **msg_p);
323 int pgp_rsa_encrypt(PGP_PubKey *pk, PGP_MPI *_m, PGP_MPI **c_p);
324 int pgp_rsa_decrypt(PGP_PubKey *pk, PGP_MPI *_c, PGP_MPI **m_p);
325
326 extern struct PullFilterOps pgp_decrypt_filter;
Postgresql Clone from git://git.postgresql.org/git/postgresql.git