Main Page   Modules   Data Structures   File List   Data Fields   Globals   Related Pages  

rpmio/rpmpgp.h File Reference

OpenPGP constants and structures from RFC-2440. More...

Go to the source code of this file.

Data Structures

struct  pgpPktCdata_s
struct  pgpPktEdata_s
union  pgpPktKey_u
 5.5.3. More...

struct  pgpPktKeyV3_s
 5.5.1. More...

struct  pgpPktKeyV4_s
 The version 4 format is similar to the version 3 format except for the absence of a validity period. More...

struct  pgpPktLdata_s
struct  pgpPktOnepass_s
 5.4. More...

union  pgpPktPre_u
struct  pgpPktPubkey_s
 5.1. More...

union  pgpPktSig_u
 5.2. More...

struct  pgpPktSigV3_s
 5.2.2. More...

struct  pgpPktSigV4_s
 5.2.3. More...

struct  pgpPktSymkey_s
 5.3. More...

struct  pgpPktTrust_s
struct  pgpPktUid_s
struct  pgpValTbl_s

Defines

#define CRC24_INIT   0xb704ce
#define CRC24_POLY   0x1864cfb

Typedefs

typedef unsigned char byte
typedef DIGEST_CTX_sDIGEST_CTX
typedef const struct pgpValTbl_spgpValTbl
typedef enum pgpTag_e pgpTag
 4.3.

typedef pgpPktPubkey_s pgpPktPubkey
 5.1.

typedef enum pgpSigType_e pgpSigType
 5.2.1.

typedef enum pgpPubkeyAlgo_e pgpPubkeyAlgo
 9.1.

typedef enum pgpSymkeyAlgo_e pgpSymkeyAlgo
 9.2.

typedef enum pgpCompressAlgo_e pgpCompressAlgo
 9.3.

typedef enum pgpHashAlgo_e pgpHashAlgo
 9.4.

typedef pgpPktSigV3_spgpPktSigV3
 5.2.2.

typedef pgpPktSigV4_spgpPktSigV4
 5.2.3.

typedef enum pgpSubType_e pgpSubType
 5.2.3.1.

typedef pgpPktSig_upgpPktSig
 5.2.

typedef pgpPktSymkey_s pgpPktSymkey
 5.3.

typedef pgpPktOnepass_spgpPktOnepass
 5.4.

typedef pgpPktKeyV3_spgpPktKeyV3
 5.5.1.

typedef pgpPktKeyV4_spgpPktKeyV4
 The version 4 format is similar to the version 3 format except for the absence of a validity period.

typedef pgpPktKey_u pgpPktKey
 5.5.3.

typedef pgpPktCdata_s pgpPktCdata
typedef pgpPktEdata_s pgpPktEdata
typedef pgpPktLdata_s pgpPktLdata
typedef pgpPktTrust_s pgpPktTrust
typedef pgpPktUid_s pgpPktUid
typedef enum pgpArmor_e pgpArmor
typedef enum pgpArmorKey_e pgpArmorKey
typedef enum rpmDigestFlags_e rpmDigestFlags

Enumerations

enum  pgpTag_e {
  PGPTAG_RESERVED = 0, PGPTAG_PUBLIC_SESSION_KEY = 1, PGPTAG_SIGNATURE = 2, PGPTAG_SYMMETRIC_SESSION_KEY = 3,
  PGPTAG_ONEPASS_SIGNATURE = 4, PGPTAG_SECRET_KEY = 5, PGPTAG_PUBLIC_KEY = 6, PGPTAG_SECRET_SUBKEY = 7,
  PGPTAG_COMPRESSED_DATA = 8, PGPTAG_SYMMETRIC_DATA = 9, PGPTAG_MARKER = 10, PGPTAG_LITERAL_DATA = 11,
  PGPTAG_TRUST = 12, PGPTAG_USER_ID = 13, PGPTAG_PUBLIC_SUBKEY = 14, PGPTAG_COMMENT_OLD = 16,
  PGPTAG_PHOTOID = 17, PGPTAG_ENCRYPTED_MDC = 18, PGPTAG_MDC = 19, PGPTAG_PRIVATE_60 = 60,
  PGPTAG_COMMENT = 61, PGPTAG_PRIVATE_62 = 62, PGPTAG_CONTROL = 63
}
 4.3. More...

enum  pgpSigType_e {
  PGPSIGTYPE_BINARY = 0x00, PGPSIGTYPE_TEXT = 0x01, PGPSIGTYPE_STANDALONE = 0x02, PGPSIGTYPE_GENERIC_CERT = 0x10,
  PGPSIGTYPE_PERSONA_CERT = 0x11, PGPSIGTYPE_CASUAL_CERT = 0x12, PGPSIGTYPE_POSITIVE_CERT = 0x13, PGPSIGTYPE_SUBKEY_BINDING = 0x18,
  PGPSIGTYPE_SIGNED_KEY = 0x1F, PGPSIGTYPE_KEY_REVOKE = 0x20, PGPSIGTYPE_SUBKEY_REVOKE = 0x28, PGPSIGTYPE_CERT_REVOKE = 0x30,
  PGPSIGTYPE_TIMESTAMP = 0x40
}
 5.2.1. More...

enum  pgpPubkeyAlgo_e {
  PGPPUBKEYALGO_RSA = 1, PGPPUBKEYALGO_RSA_ENCRYPT = 2, PGPPUBKEYALGO_RSA_SIGN = 3, PGPPUBKEYALGO_ELGAMAL_ENCRYPT = 16,
  PGPPUBKEYALGO_DSA = 17, PGPPUBKEYALGO_EC = 18, PGPPUBKEYALGO_ECDSA = 19, PGPPUBKEYALGO_ELGAMAL = 20,
  PGPPUBKEYALGO_DH = 21
}
 9.1. More...

enum  pgpSymkeyAlgo_e {
  PGPSYMKEYALGO_PLAINTEXT = 0, PGPSYMKEYALGO_IDEA = 1, PGPSYMKEYALGO_TRIPLE_DES = 2, PGPSYMKEYALGO_CAST5 = 3,
  PGPSYMKEYALGO_BLOWFISH = 4, PGPSYMKEYALGO_SAFER = 5, PGPSYMKEYALGO_DES_SK = 6, PGPSYMKEYALGO_AES_128 = 7,
  PGPSYMKEYALGO_AES_192 = 8, PGPSYMKEYALGO_AES_256 = 9, PGPSYMKEYALGO_TWOFISH = 10
}
 9.2. More...

enum  pgpCompressAlgo_e { PGPCOMPRESSALGO_NONE = 0, PGPCOMPRESSALGO_ZIP = 1, PGPCOMPRESSALGO_ZLIB = 2 }
 9.3. More...

enum  pgpHashAlgo_e {
  PGPHASHALGO_MD5 = 1, PGPHASHALGO_SHA1 = 2, PGPHASHALGO_RIPEMD160 = 3, PGPHASHALGO_MD2 = 5,
  PGPHASHALGO_TIGER192 = 6, PGPHASHALGO_HAVAL_5_160 = 7
}
 9.4. More...

enum  pgpSubType_e {
  PGPSUBTYPE_SIG_CREATE_TIME = 2, PGPSUBTYPE_SIG_EXPIRE_TIME = 3, PGPSUBTYPE_EXPORTABLE_CERT = 4, PGPSUBTYPE_TRUST_SIG = 5,
  PGPSUBTYPE_REGEX = 6, PGPSUBTYPE_REVOCABLE = 7, PGPSUBTYPE_KEY_EXPIRE_TIME = 9, PGPSUBTYPE_BACKWARD_COMPAT = 10,
  PGPSUBTYPE_PREFER_SYMKEY = 11, PGPSUBTYPE_REVOKE_KEY = 12, PGPSUBTYPE_ISSUER_KEYID = 16, PGPSUBTYPE_NOTATION = 20,
  PGPSUBTYPE_PREFER_HASH = 21, PGPSUBTYPE_PREFER_COMPRESS = 22, PGPSUBTYPE_KEYSERVER_PREFERS = 23, PGPSUBTYPE_PREFER_KEYSERVER = 24,
  PGPSUBTYPE_PRIMARY_USERID = 25, PGPSUBTYPE_POLICY_URL = 26, PGPSUBTYPE_KEY_FLAGS = 27, PGPSUBTYPE_SIGNER_USERID = 28,
  PGPSUBTYPE_REVOKE_REASON = 29, PGPSUBTYPE_INTERNAL_100 = 100, PGPSUBTYPE_INTERNAL_101 = 101, PGPSUBTYPE_INTERNAL_102 = 102,
  PGPSUBTYPE_INTERNAL_103 = 103, PGPSUBTYPE_INTERNAL_104 = 104, PGPSUBTYPE_INTERNAL_105 = 105, PGPSUBTYPE_INTERNAL_106 = 106,
  PGPSUBTYPE_INTERNAL_107 = 107, PGPSUBTYPE_INTERNAL_108 = 108, PGPSUBTYPE_INTERNAL_109 = 109, PGPSUBTYPE_INTERNAL_110 = 110
}
 5.2.3.1. More...

enum  pgpArmor_e {
  PGPARMOR_ERROR = -1, PGPARMOR_NONE = 0, PGPARMOR_MESSAGE = 1, PGPARMOR_PUBKEY = 2,
  PGPARMOR_SIGNATURE = 3, PGPARMOR_SIGNED_MESSAGE = 4, PGPARMOR_FILE = 5, PGPARMOR_PRIVKEY = 6,
  PGPARMOR_SECKEY = 7
}
enum  pgpArmorKey_e {
  PGPARMORKEY_VERSION = 1, PGPARMORKEY_COMMENT = 2, PGPARMORKEY_MESSAGEID = 3, PGPARMORKEY_HASH = 4,
  PGPARMORKEY_CHARSET = 5
}
enum  rpmDigestFlags_e { RPMDIGEST_NONE = 0 }

Functions

unsigned int pgpGrab (const byte *s, int nbytes)
 Return (native-endian) integer from big-endian representation.

int pgpLen (const byte *s, unsigned int *lenp)
 Return length of an OpenPGP packet.

unsigned int pgpMpiBits (const byte *p)
 Return no.

unsigned int pgpMpiLen (const byte *p)
 Return no.

char * pgpHexCvt (char *t, const byte *s, int nbytes)
 Convert to hex.

char * pgpHexStr (const byte *p, unsigned int plen)
 Return hex formatted representation of bytes.

const char * pgpMpiStr (const byte *p)
 Return hex formatted representation of a multiprecision integer.

const char * pgpValStr (pgpValTbl vs, byte val)
 Return string representation of am OpenPGP value.

int pgpValTok (pgpValTbl vs, const char *s, const char *se)
 Return value of an OpenPGP string.

void pgpPrtVal (const char *pre, pgpValTbl vs, byte val)
 Print an OpenPGP value.

int pgpPrtSubType (const byte *h, unsigned int hlen, pgpSigType sigtype)
 Print/parse an OpenPGP subtype packet.

int pgpPrtSig (pgpTag tag, const byte *h, unsigned int hlen)
 Print/parse an OpenPGP signature packet.

int pgpPrtKey (pgpTag tag, const byte *h, unsigned int hlen)
 Print/parse an OpenPGP key packet.

int pgpPrtUserID (pgpTag tag, const byte *h, unsigned int hlen)
 Print/parse an OpenPGP userid packet.

int pgpPrtComment (pgpTag tag, const byte *h, unsigned int hlen)
 Print/parse an OpenPGP comment packet.

int pgpPrtPkt (const byte *pkt, unsigned int pleft)
 Print/parse next OpenPGP packet.

int pgpPrtPkts (const byte *pkts, unsigned int pktlen, pgpDig dig, int printing)
 Print/parse a OpenPGP packet(s).

pgpArmor pgpReadPkts (const char *fn, const byte **pkt, size_t *pktlen)
 Parse armored OpenPGP packets from a file.

char * pgpArmorWrap (int atype, const unsigned char *s, size_t ns)
 Wrap a OpenPGP packets in ascii armor for transport.

void pgpCleanDig (pgpDig dig)
 Release (malloc'd) data from container.

pgpDig pgpFreeDig (pgpDig dig)
 Destroy a container for parsed OpenPGP packates.

int pgpIsPkt (const byte *p)
 Is buffer at beginning of an OpenPGP packet?

unsigned int pgpCRC (const byte *octets, size_t len)
 Return CRC of a buffer.

DIGEST_CTX rpmDigestDup (DIGEST_CTX octx)
DIGEST_CTX rpmDigestInit (pgpHashAlgo hashalgo, rpmDigestFlags flags)
int rpmDigestUpdate (DIGEST_CTX ctx, const void *data, size_t len)
int rpmDigestFinal (DIGEST_CTX ctx, void **datap, size_t *lenp, int asAscii)

Variables

pgpValTbl_s pgpTagTbl []
pgpValTbl_s pgpSigTypeTbl []
pgpValTbl_s pgpPubkeyTbl []
pgpValTbl_s pgpSymkeyTbl []
 Symmetric key (string, value) pairs.

pgpValTbl_s pgpCompressionTbl []
 Compression (string, value) pairs.

pgpValTbl_s pgpHashTbl []
 Hash (string, value) pairs.

pgpValTbl_s pgpSubTypeTbl []
 Subtype (string, value) pairs.

pgpValTbl_s pgpArmorTbl []
 Armor (string, value) pairs.

pgpValTbl_s pgpArmorKeyTbl []
 Armor key (string, value) pairs.

pgpDig pgpNewDig (void)
 Create a container for parsed OpenPGP packates.


Detailed Description

OpenPGP constants and structures from RFC-2440.

Text from RFC-2440 in comments is Copyright (C) The Internet Society (1998). All Rights Reserved.

Definition in file rpmpgp.h.


Define Documentation

#define CRC24_INIT   0xb704ce
 

Definition at line 1325 of file rpmpgp.h.

Referenced by pgpCRC().

#define CRC24_POLY   0x1864cfb
 

Definition at line 1326 of file rpmpgp.h.

Referenced by pgpCRC().


Typedef Documentation

typedef unsigned char byte
 

Definition at line 15 of file rpmpgp.h.

Referenced by makeGPGSignature(), makeHDRSignature(), makePGPSignature(), pgpCRC(), pgpGrab(), pgpHexCvt(), pgpHexSet(), pgpHexStr(), pgpIsPkt(), pgpLen(), pgpMpiBits(), pgpMpiHex(), pgpMpiLen(), pgpMpiStr(), pgpPrtComment(), pgpPrtHex(), pgpPrtKey(), pgpPrtPkt(), pgpPrtPkts(), pgpPrtPubkeyParams(), pgpPrtSeckeyParams(), pgpPrtSig(), pgpPrtSigParams(), pgpPrtSubType(), pgpPrtUserID(), pgpPrtVal(), pgpReadPkts(), pgpsigFormat(), pgpValStr(), rpmAddSignature(), rpmdbAdd(), rpmdbRemove(), rpmDigestFinal(), rpmioSlurp(), rpmReadPackageFile(), rpmWriteSignature(), verifyGPGSignature(), verifyMD5Signature(), and verifyPGPSignature().

typedef struct DIGEST_CTX_s* DIGEST_CTX
 

Definition at line 21 of file rpmpgp.h.

typedef enum pgpArmor_e pgpArmor
 

Referenced by pgpReadPkts().

typedef enum pgpArmorKey_e pgpArmorKey
 

typedef enum pgpCompressAlgo_e pgpCompressAlgo
 

9.3.

Compression Algorithms

       ID           Algorithm
       --           ---------
       0          - Uncompressed
       1          - ZIP (RFC 1951)
       2          - ZLIB (RFC 1950)
       100 to 110 - Private/Experimental algorithm.

Implementations MUST implement uncompressed data. Implementations SHOULD implement ZIP. Implementations MAY implement ZLIB.

typedef enum pgpHashAlgo_e pgpHashAlgo
 

9.4.

Hash Algorithms

       ID           Algorithm                              Text Name
       --           ---------                              ---- ----
       1          - MD5                                    "MD5"
       2          - SHA-1                                  "SHA1"
       3          - RIPE-MD/160                            "RIPEMD160"
       4          - Reserved for double-width SHA (experimental)
       5          - MD2                                    "MD2"
       6          - Reserved for TIGER/192                 "TIGER192"
       7          - Reserved for HAVAL (5 pass, 160-bit)
       "HAVAL-5-160"
       100 to 110 - Private/Experimental algorithm.

Implementations MUST implement SHA-1. Implementations SHOULD implement MD5.

Todo:
Add SHA256.

Referenced by fdFiniDigest(), fdInitDigest(), and rpmDigestInit().

typedef struct pgpPktCdata_s pgpPktCdata
 

typedef struct pgpPktEdata_s pgpPktEdata
 

typedef union pgpPktKey_u pgpPktKey
 

5.5.3.

Secret Key Packet Formats

The Secret Key and Secret Subkey packets contain all the data of the Public Key and Public Subkey packets, with additional algorithm- specific secret key data appended, in encrypted form.

The packet contains:

  • A Public Key or Public Subkey packet, as described above
  • One octet indicating string-to-key usage conventions. 0 indicates that the secret key data is not encrypted. 255 indicates that a string-to-key specifier is being given. Any other value is a symmetric-key encryption algorithm specifier.
  • [Optional] If string-to-key usage octet was 255, a one-octet symmetric encryption algorithm.
  • [Optional] If string-to-key usage octet was 255, a string-to-key specifier. The length of the string-to-key specifier is implied by its type, as described above.
  • [Optional] If secret data is encrypted, eight-octet Initial Vector (IV).
  • Encrypted multi-precision integers comprising the secret key data. These algorithm-specific fields are as described below.
  • Two-octet checksum of the plaintext of the algorithm-specific portion (sum of all octets, mod 65536).
Algorithm Specific Fields for RSA secret keys:
  • multiprecision integer (MPI) of RSA secret exponent d.
  • MPI of RSA secret prime value p.
  • MPI of RSA secret prime value q (p < q).
  • MPI of u, the multiplicative inverse of p, mod q.
Algorithm Specific Fields for DSA secret keys:
  • MPI of DSA secret exponent x.
Algorithm Specific Fields for Elgamal secret keys:
  • MPI of Elgamal secret exponent x.
Secret MPI values can be encrypted using a passphrase. If a string- to-key specifier is given, that describes the algorithm for converting the passphrase to a key, else a simple MD5 hash of the passphrase is used. Implementations SHOULD use a string-to-key specifier; the simple hash is for backward compatibility. The cipher for encrypting the MPIs is specified in the secret key packet.

Encryption/decryption of the secret data is done in CFB mode using the key created from the passphrase and the Initial Vector from the packet. A different mode is used with V3 keys (which are only RSA) than with other key formats. With V3 keys, the MPI bit count prefix (i.e., the first two octets) is not encrypted. Only the MPI non- prefix data is encrypted. Furthermore, the CFB state is resynchronized at the beginning of each new MPI value, so that the CFB block boundary is aligned with the start of the MPI data.

With V4 keys, a simpler method is used. All secret MPI values are encrypted in CFB mode, including the MPI bitcount prefix.

The 16-bit checksum that follows the algorithm-specific portion is the algebraic sum, mod 65536, of the plaintext of all the algorithm- specific octets (including MPI prefix and data). With V3 keys, the checksum is stored in the clear. With V4 keys, the checksum is encrypted like the algorithm-specific data. This value is used to check that the passphrase was correct.

typedef struct pgpPktKeyV3_s * pgpPktKeyV3
 

5.5.1.

Key Packet Variants

5.5.1.1. Public Key Packet (Tag 6)

A Public Key packet starts a series of packets that forms an OpenPGP key (sometimes called an OpenPGP certificate).

5.5.1.2. Public Subkey Packet (Tag 14)

A Public Subkey packet (tag 14) has exactly the same format as a Public Key packet, but denotes a subkey. One or more subkeys may be associated with a top-level key. By convention, the top-level key provides signature services, and the subkeys provide encryption services.

Note: in PGP 2.6.x, tag 14 was intended to indicate a comment packet. This tag was selected for reuse because no previous version of PGP ever emitted comment packets but they did properly ignore them. Public Subkey packets are ignored by PGP 2.6.x and do not cause it to fail, providing a limited degree of backward compatibility.

5.5.1.3. Secret Key Packet (Tag 5)

A Secret Key packet contains all the information that is found in a Public Key packet, including the public key material, but also includes the secret key material after all the public key fields.

5.5.1.4. Secret Subkey Packet (Tag 7)

A Secret Subkey packet (tag 7) is the subkey analog of the Secret Key packet, and has exactly the same format.

5.5.2. Public Key Packet Formats

There are two versions of key-material packets. Version 3 packets were first generated by PGP 2.6. Version 2 packets are identical in format to Version 3 packets, but are generated by PGP 2.5 or before. V2 packets are deprecated and they MUST NOT be generated. PGP 5.0 introduced version 4 packets, with new fields and semantics. PGP 2.6.x will not accept key-material packets with versions greater than 3.

OpenPGP implementations SHOULD create keys with version 4 format. An implementation MAY generate a V3 key to ensure interoperability with old software; note, however, that V4 keys correct some security deficiencies in V3 keys. These deficiencies are described below. An implementation MUST NOT create a V3 key with a public key algorithm other than RSA.

A version 3 public key or public subkey packet contains:

  • A one-octet version number (3).
  • A four-octet number denoting the time that the key was created.
  • A two-octet number denoting the time in days that this key is valid. If this number is zero, then it does not expire.
  • A one-octet number denoting the public key algorithm of this key
  • A series of multi-precision integers comprising the key material:
    • a multiprecision integer (MPI) of RSA public modulus n;
    • an MPI of RSA public encryption exponent e.
V3 keys SHOULD only be used for backward compatibility because of three weaknesses in them. First, it is relatively easy to construct a V3 key that has the same key ID as any other key because the key ID is simply the low 64 bits of the public modulus. Secondly, because the fingerprint of a V3 key hashes the key material, but not its length, which increases the opportunity for fingerprint collisions. Third, there are minor weaknesses in the MD5 hash algorithm that make developers prefer other algorithms. See below for a fuller discussion of key IDs and fingerprints.

typedef struct pgpPktKeyV4_s * pgpPktKeyV4
 

The version 4 format is similar to the version 3 format except for the absence of a validity period.

This has been moved to the signature packet. In addition, fingerprints of version 4 keys are calculated differently from version 3 keys, as described in section "Enhanced Key Formats."

A version 4 packet contains:

  • A one-octet version number (4).
  • A four-octet number denoting the time that the key was created.
  • A one-octet number denoting the public key algorithm of this key
  • A series of multi-precision integers comprising the key material. This algorithm-specific portion is:
Algorithm Specific Fields for RSA public keys:
  • multiprecision integer (MPI) of RSA public modulus n;
  • MPI of RSA public encryption exponent e.
Algorithm Specific Fields for DSA public keys:
  • MPI of DSA prime p;
  • MPI of DSA group order q (q is a prime divisor of p-1);
  • MPI of DSA group generator g;
  • MPI of DSA public key value y (= g**x where x is secret).
Algorithm Specific Fields for Elgamal public keys:
  • MPI of Elgamal prime p;
  • MPI of Elgamal group generator g;
  • MPI of Elgamal public key value y (= g**x where x is secret).

typedef struct pgpPktLdata_s pgpPktLdata
 

typedef struct pgpPktOnepass_s * pgpPktOnepass
 

5.4.

One-Pass Signature Packets (Tag 4)

The One-Pass Signature packet precedes the signed data and contains enough information to allow the receiver to begin calculating any hashes needed to verify the signature. It allows the Signature Packet to be placed at the end of the message, so that the signer can compute the entire signed message in one pass.

A One-Pass Signature does not interoperate with PGP 2.6.x or earlier.

The body of this packet consists of:

  • A one-octet version number. The current version is 3.
  • A one-octet signature type. Signature types are described in section 5.2.1.
  • A one-octet number describing the hash algorithm used.
  • A one-octet number describing the public key algorithm used.
  • An eight-octet number holding the key ID of the signing key.
  • A one-octet number holding a flag showing whether the signature is nested. A zero value indicates that the next packet is another One-Pass Signature packet that describes another signature to be applied to the same message data.
Note that if a message contains more than one one-pass signature, then the signature packets bracket the message; that is, the first signature packet after the message corresponds to the last one-pass packet and the final signature packet corresponds to the first one- pass packet.

typedef struct pgpPktPubkey_s pgpPktPubkey
 

5.1.

Public-Key Encrypted Session Key Packets (Tag 1)

A Public-Key Encrypted Session Key packet holds the session key used to encrypt a message. Zero or more Encrypted Session Key packets (either Public-Key or Symmetric-Key) may precede a Symmetrically Encrypted Data Packet, which holds an encrypted message. The message is encrypted with the session key, and the session key is itself encrypted and stored in the Encrypted Session Key packet(s). The Symmetrically Encrypted Data Packet is preceded by one Public-Key Encrypted Session Key packet for each OpenPGP key to which the message is encrypted. The recipient of the message finds a session key that is encrypted to their public key, decrypts the session key, and then uses the session key to decrypt the message.

The body of this packet consists of:

  • A one-octet number giving the version number of the packet type. The currently defined value for packet version is 3. An implementation should accept, but not generate a version of 2, which is equivalent to V3 in all other respects.
  • An eight-octet number that gives the key ID of the public key that the session key is encrypted to.
  • A one-octet number giving the public key algorithm used.
  • A string of octets that is the encrypted session key. This string takes up the remainder of the packet, and its contents are dependent on the public key algorithm used.
Algorithm Specific Fields for RSA encryption
  • multiprecision integer (MPI) of RSA encrypted value m**e mod n.
Algorithm Specific Fields for Elgamal encryption:
  • MPI of Elgamal (Diffie-Hellman) value g**k mod p.
  • MPI of Elgamal (Diffie-Hellman) value m * y**k mod p.

typedef union pgpPktSig_u * pgpPktSig
 

5.2.

Signature Packet (Tag 2)

A signature packet describes a binding between some public key and some data. The most common signatures are a signature of a file or a block of text, and a signature that is a certification of a user ID.

Two versions of signature packets are defined. Version 3 provides basic signature information, while version 4 provides an expandable format with subpackets that can specify more information about the signature. PGP 2.6.x only accepts version 3 signatures.

Implementations MUST accept V3 signatures. Implementations SHOULD generate V4 signatures. Implementations MAY generate a V3 signature that can be verified by PGP 2.6.x.

Note that if an implementation is creating an encrypted and signed message that is encrypted to a V3 key, it is reasonable to create a V3 signature.

typedef struct pgpPktSigV3_s * pgpPktSigV3
 

5.2.2.

Version 3 Signature Packet Format

The body of a version 3 Signature Packet contains:

  • One-octet version number (3).
  • One-octet length of following hashed material. MUST be 5.
    • One-octet signature type.
    • Four-octet creation time.
  • Eight-octet key ID of signer.
  • One-octet public key algorithm.
  • One-octet hash algorithm.
  • Two-octet field holding left 16 bits of signed hash value.
  • One or more multi-precision integers comprising the signature.
Algorithm Specific Fields for RSA signatures:
  • multiprecision integer (MPI) of RSA signature value m**d.
Algorithm Specific Fields for DSA signatures:
  • MPI of DSA value r.
  • MPI of DSA value s.

typedef struct pgpPktSigV4_s * pgpPktSigV4
 

5.2.3.

Version 4 Signature Packet Format

The body of a version 4 Signature Packet contains:

  • One-octet version number (4).
  • One-octet signature type.
  • One-octet public key algorithm.
  • One-octet hash algorithm.
  • Two-octet scalar octet count for following hashed subpacket data. Note that this is the length in octets of all of the hashed subpackets; a pointer incremented by this number will skip over the hashed subpackets.
  • Hashed subpacket data. (zero or more subpackets)
  • Two-octet scalar octet count for following unhashed subpacket data. Note that this is the length in octets of all of the unhashed subpackets; a pointer incremented by this number will skip over the unhashed subpackets.
  • Unhashed subpacket data. (zero or more subpackets)
  • Two-octet field holding left 16 bits of signed hash value.
  • One or more multi-precision integers comprising the signature.

typedef struct pgpPktSymkey_s pgpPktSymkey
 

5.3.

Symmetric-Key Encrypted Session-Key Packets (Tag 3)

The Symmetric-Key Encrypted Session Key packet holds the symmetric- key encryption of a session key used to encrypt a message. Zero or more Encrypted Session Key packets and/or Symmetric-Key Encrypted Session Key packets may precede a Symmetrically Encrypted Data Packet that holds an encrypted message. The message is encrypted with a session key, and the session key is itself encrypted and stored in the Encrypted Session Key packet or the Symmetric-Key Encrypted Session Key packet.

If the Symmetrically Encrypted Data Packet is preceded by one or more Symmetric-Key Encrypted Session Key packets, each specifies a passphrase that may be used to decrypt the message. This allows a message to be encrypted to a number of public keys, and also to one or more pass phrases. This packet type is new, and is not generated by PGP 2.x or PGP 5.0.

The body of this packet consists of:

  • A one-octet version number. The only currently defined version is 4.
  • A one-octet number describing the symmetric algorithm used.
  • A string-to-key (S2K) specifier, length as defined above.
  • Optionally, the encrypted session key itself, which is decrypted with the string-to-key object.

typedef struct pgpPktTrust_s pgpPktTrust
 

typedef struct pgpPktUid_s pgpPktUid
 

typedef enum pgpPubkeyAlgo_e pgpPubkeyAlgo
 

9.1.

Public Key Algorithms

       ID           Algorithm
       --           ---------
       1          - RSA (Encrypt or Sign)
       2          - RSA Encrypt-Only
       3          - RSA Sign-Only
       16         - Elgamal (Encrypt-Only), see [ELGAMAL]
       17         - DSA (Digital Signature Standard)
       18         - Reserved for Elliptic Curve
       19         - Reserved for ECDSA
       20         - Elgamal (Encrypt or Sign)
       21         - Reserved for Diffie-Hellman (X9.42,
                    as defined for IETF-S/MIME)
       100 to 110 - Private/Experimental algorithm.

Implementations MUST implement DSA for signatures, and Elgamal for encryption. Implementations SHOULD implement RSA keys. Implementations MAY implement any other algorithm.

typedef enum pgpSigType_e pgpSigType
 

5.2.1.

Signature Types

There are a number of possible meanings for a signature, which are specified in a signature type octet in any given signature.

Referenced by pgpPrtSubType().

typedef enum pgpSubType_e pgpSubType
 

5.2.3.1.

Signature Subpacket Specification

The subpacket fields consist of zero or more signature subpackets. Each set of subpackets is preceded by a two-octet scalar count of the length of the set of subpackets.

Each subpacket consists of a subpacket header and a body. The header consists of:

  • the subpacket length (1, 2, or 5 octets)
  • the subpacket type (1 octet) and is followed by the subpacket specific data.
The length includes the type octet but not this length. Its format is similar to the "new" format packet header lengths, but cannot have partial body lengths. That is:
       if the 1st octet <  192, then
           lengthOfLength = 1
           subpacketLen = 1st_octet

       if the 1st octet >= 192 and < 255, then
           lengthOfLength = 2
           subpacketLen = ((1st_octet - 192) << 8) + (2nd_octet) + 192

       if the 1st octet = 255, then
           lengthOfLength = 5
           subpacket length = [four-octet scalar starting at 2nd_octet]

The value of the subpacket type octet may be:

       2 = signature creation time
       3 = signature expiration time
       4 = exportable certification
       5 = trust signature
       6 = regular expression
       7 = revocable
       9 = key expiration time
       10 = placeholder for backward compatibility
       11 = preferred symmetric algorithms
       12 = revocation key
       16 = issuer key ID
       20 = notation data
       21 = preferred hash algorithms
       22 = preferred compression algorithms
       23 = key server preferences
       24 = preferred key server
       25 = primary user id
       26 = policy URL
       27 = key flags
       28 = signer's user id
       29 = reason for revocation
       100 to 110 = internal or user-defined

An implementation SHOULD ignore any subpacket of a type that it does not recognize.

Bit 7 of the subpacket type is the "critical" bit. If set, it denotes that the subpacket is one that is critical for the evaluator of the signature to recognize. If a subpacket is encountered that is marked critical but is unknown to the evaluating software, the evaluator SHOULD consider the signature to be in error.

typedef enum pgpSymkeyAlgo_e pgpSymkeyAlgo
 

9.2.

Symmetric Key Algorithms

       ID           Algorithm
       --           ---------
       0          - Plaintext or unencrypted data
       1          - IDEA [IDEA]
       2          - Triple-DES (DES-EDE, as per spec -
                    168 bit key derived from 192)
       3          - CAST5 (128 bit key, as per RFC 2144)
       4          - Blowfish (128 bit key, 16 rounds) [BLOWFISH]
       5          - SAFER-SK128 (13 rounds) [SAFER]
       6          - Reserved for DES/SK
       7          - Reserved for AES with 128-bit key
       8          - Reserved for AES with 192-bit key
       9          - Reserved for AES with 256-bit key
       100 to 110 - Private/Experimental algorithm.

Implementations MUST implement Triple-DES. Implementations SHOULD implement IDEA and CAST5. Implementations MAY implement any other algorithm.

typedef enum pgpTag_e pgpTag
 

4.3.

Packet Tags

The packet tag denotes what type of packet the body holds. Note that old format headers can only have tags less than 16, whereas new format headers can have tags as great as 63.

Referenced by pgpIsPkt(), pgpPrtComment(), pgpPrtKey(), pgpPrtPkt(), pgpPrtPkts(), pgpPrtSig(), pgpPrtSigParams(), pgpPrtUserID(), and pgpsigFormat().

typedef const struct pgpValTbl_s * pgpValTbl
 

Referenced by pgpPrtVal(), pgpValStr(), and pgpValTok().


Enumeration Type Documentation

enum pgpArmor_e
 

Enumeration values:
PGPARMOR_ERROR 
PGPARMOR_NONE 
PGPARMOR_MESSAGE  MESSAGE
PGPARMOR_PUBKEY  PUBLIC KEY BLOCK
PGPARMOR_SIGNATURE  SIGNATURE
PGPARMOR_SIGNED_MESSAGE  SIGNED MESSAGE
PGPARMOR_FILE  ARMORED FILE
PGPARMOR_PRIVKEY  PRIVATE KEY BLOCK
PGPARMOR_SECKEY  SECRET KEY BLOCK

Definition at line 917 of file rpmpgp.h.

enum pgpArmorKey_e
 

Enumeration values:
PGPARMORKEY_VERSION  Version:
PGPARMORKEY_COMMENT  Comment:
PGPARMORKEY_MESSAGEID  MessageID:
PGPARMORKEY_HASH  Hash:
PGPARMORKEY_CHARSET  Charset:

Definition at line 939 of file rpmpgp.h.

enum pgpCompressAlgo_e
 

9.3.

Compression Algorithms

       ID           Algorithm
       --           ---------
       0          - Uncompressed
       1          - ZIP (RFC 1951)
       2          - ZLIB (RFC 1950)
       100 to 110 - Private/Experimental algorithm.

Implementations MUST implement uncompressed data. Implementations SHOULD implement ZIP. Implementations MAY implement ZLIB.

Enumeration values:
PGPCOMPRESSALGO_NONE  Uncompressed
PGPCOMPRESSALGO_ZIP  ZIP
PGPCOMPRESSALGO_ZLIB  ZLIB

Definition at line 246 of file rpmpgp.h.

enum pgpHashAlgo_e
 

9.4.

Hash Algorithms

       ID           Algorithm                              Text Name
       --           ---------                              ---- ----
       1          - MD5                                    "MD5"
       2          - SHA-1                                  "SHA1"
       3          - RIPE-MD/160                            "RIPEMD160"
       4          - Reserved for double-width SHA (experimental)
       5          - MD2                                    "MD2"
       6          - Reserved for TIGER/192                 "TIGER192"
       7          - Reserved for HAVAL (5 pass, 160-bit)
       "HAVAL-5-160"
       100 to 110 - Private/Experimental algorithm.

Implementations MUST implement SHA-1. Implementations SHOULD implement MD5.

Todo:
Add SHA256.
Enumeration values:
PGPHASHALGO_MD5  MD5
PGPHASHALGO_SHA1  SHA1
PGPHASHALGO_RIPEMD160  RIPEMD160
PGPHASHALGO_MD2  MD2
PGPHASHALGO_TIGER192  TIGER192
PGPHASHALGO_HAVAL_5_160  HAVAL-5-160

Definition at line 280 of file rpmpgp.h.

enum pgpPubkeyAlgo_e
 

9.1.

Public Key Algorithms

       ID           Algorithm
       --           ---------
       1          - RSA (Encrypt or Sign)
       2          - RSA Encrypt-Only
       3          - RSA Sign-Only
       16         - Elgamal (Encrypt-Only), see [ELGAMAL]
       17         - DSA (Digital Signature Standard)
       18         - Reserved for Elliptic Curve
       19         - Reserved for ECDSA
       20         - Elgamal (Encrypt or Sign)
       21         - Reserved for Diffie-Hellman (X9.42,
                    as defined for IETF-S/MIME)
       100 to 110 - Private/Experimental algorithm.

Implementations MUST implement DSA for signatures, and Elgamal for encryption. Implementations SHOULD implement RSA keys. Implementations MAY implement any other algorithm.

Enumeration values:
PGPPUBKEYALGO_RSA  RSA
PGPPUBKEYALGO_RSA_ENCRYPT  RSA(Encrypt-Only)
PGPPUBKEYALGO_RSA_SIGN  RSA(Sign-Only)
PGPPUBKEYALGO_ELGAMAL_ENCRYPT  Elgamal(Encrypt-Only)
PGPPUBKEYALGO_DSA  DSA
PGPPUBKEYALGO_EC  Elliptic Curve
PGPPUBKEYALGO_ECDSA  ECDSA
PGPPUBKEYALGO_ELGAMAL  Elgamal
PGPPUBKEYALGO_DH  Diffie-Hellman (X9.42)

Definition at line 166 of file rpmpgp.h.

enum pgpSigType_e
 

5.2.1.

Signature Types

There are a number of possible meanings for a signature, which are specified in a signature type octet in any given signature.

Enumeration values:
PGPSIGTYPE_BINARY  Binary document
PGPSIGTYPE_TEXT  Canonical text document
PGPSIGTYPE_STANDALONE  Standalone
PGPSIGTYPE_GENERIC_CERT  Generic certification of a User ID & Public Key
PGPSIGTYPE_PERSONA_CERT  Persona certification of a User ID & Public Key
PGPSIGTYPE_CASUAL_CERT  Casual certification of a User ID & Public Key
PGPSIGTYPE_POSITIVE_CERT  Positive certification of a User ID & Public Key
PGPSIGTYPE_SUBKEY_BINDING  Subkey Binding
PGPSIGTYPE_SIGNED_KEY  Signature directly on a key
PGPSIGTYPE_KEY_REVOKE  Key revocation
PGPSIGTYPE_SUBKEY_REVOKE  Subkey revocation
PGPSIGTYPE_CERT_REVOKE  Certification revocation
PGPSIGTYPE_TIMESTAMP  Timestamp

Definition at line 116 of file rpmpgp.h.

enum pgpSubType_e
 

5.2.3.1.

Signature Subpacket Specification

The subpacket fields consist of zero or more signature subpackets. Each set of subpackets is preceded by a two-octet scalar count of the length of the set of subpackets.

Each subpacket consists of a subpacket header and a body. The header consists of:

  • the subpacket length (1, 2, or 5 octets)
  • the subpacket type (1 octet) and is followed by the subpacket specific data.
The length includes the type octet but not this length. Its format is similar to the "new" format packet header lengths, but cannot have partial body lengths. That is:
       if the 1st octet <  192, then
           lengthOfLength = 1
           subpacketLen = 1st_octet

       if the 1st octet >= 192 and < 255, then
           lengthOfLength = 2
           subpacketLen = ((1st_octet - 192) << 8) + (2nd_octet) + 192

       if the 1st octet = 255, then
           lengthOfLength = 5
           subpacket length = [four-octet scalar starting at 2nd_octet]

The value of the subpacket type octet may be:

       2 = signature creation time
       3 = signature expiration time
       4 = exportable certification
       5 = trust signature
       6 = regular expression
       7 = revocable
       9 = key expiration time
       10 = placeholder for backward compatibility
       11 = preferred symmetric algorithms
       12 = revocation key
       16 = issuer key ID
       20 = notation data
       21 = preferred hash algorithms
       22 = preferred compression algorithms
       23 = key server preferences
       24 = preferred key server
       25 = primary user id
       26 = policy URL
       27 = key flags
       28 = signer's user id
       29 = reason for revocation
       100 to 110 = internal or user-defined

An implementation SHOULD ignore any subpacket of a type that it does not recognize.

Bit 7 of the subpacket type is the "critical" bit. If set, it denotes that the subpacket is one that is critical for the evaluator of the signature to recognize. If a subpacket is encountered that is marked critical but is unknown to the evaluating software, the evaluator SHOULD consider the signature to be in error.

Enumeration values:
PGPSUBTYPE_SIG_CREATE_TIME  signature creation time
PGPSUBTYPE_SIG_EXPIRE_TIME  signature expiration time
PGPSUBTYPE_EXPORTABLE_CERT  exportable certification
PGPSUBTYPE_TRUST_SIG  trust signature
PGPSUBTYPE_REGEX  regular expression
PGPSUBTYPE_REVOCABLE  revocable
PGPSUBTYPE_KEY_EXPIRE_TIME  key expiration time
PGPSUBTYPE_BACKWARD_COMPAT  placeholder for backward compatibility
PGPSUBTYPE_PREFER_SYMKEY  preferred symmetric algorithms
PGPSUBTYPE_REVOKE_KEY  revocation key
PGPSUBTYPE_ISSUER_KEYID  issuer key ID
PGPSUBTYPE_NOTATION  notation data
PGPSUBTYPE_PREFER_HASH  preferred hash algorithms
PGPSUBTYPE_PREFER_COMPRESS  preferred compression algorithms
PGPSUBTYPE_KEYSERVER_PREFERS  key server preferences
PGPSUBTYPE_PREFER_KEYSERVER  preferred key server
PGPSUBTYPE_PRIMARY_USERID  primary user id
PGPSUBTYPE_POLICY_URL  policy URL
PGPSUBTYPE_KEY_FLAGS  key flags
PGPSUBTYPE_SIGNER_USERID  signer's user id
PGPSUBTYPE_REVOKE_REASON  reason for revocation
PGPSUBTYPE_INTERNAL_100  internal or user-defined
PGPSUBTYPE_INTERNAL_101  internal or user-defined
PGPSUBTYPE_INTERNAL_102  internal or user-defined
PGPSUBTYPE_INTERNAL_103  internal or user-defined
PGPSUBTYPE_INTERNAL_104  internal or user-defined
PGPSUBTYPE_INTERNAL_105  internal or user-defined
PGPSUBTYPE_INTERNAL_106  internal or user-defined
PGPSUBTYPE_INTERNAL_107  internal or user-defined
PGPSUBTYPE_INTERNAL_108  internal or user-defined
PGPSUBTYPE_INTERNAL_109  internal or user-defined
PGPSUBTYPE_INTERNAL_110  internal or user-defined

Definition at line 423 of file rpmpgp.h.

enum pgpSymkeyAlgo_e
 

9.2.

Symmetric Key Algorithms

       ID           Algorithm
       --           ---------
       0          - Plaintext or unencrypted data
       1          - IDEA [IDEA]
       2          - Triple-DES (DES-EDE, as per spec -
                    168 bit key derived from 192)
       3          - CAST5 (128 bit key, as per RFC 2144)
       4          - Blowfish (128 bit key, 16 rounds) [BLOWFISH]
       5          - SAFER-SK128 (13 rounds) [SAFER]
       6          - Reserved for DES/SK
       7          - Reserved for AES with 128-bit key
       8          - Reserved for AES with 192-bit key
       9          - Reserved for AES with 256-bit key
       100 to 110 - Private/Experimental algorithm.

Implementations MUST implement Triple-DES. Implementations SHOULD implement IDEA and CAST5. Implementations MAY implement any other algorithm.

Enumeration values:
PGPSYMKEYALGO_PLAINTEXT  Plaintext
PGPSYMKEYALGO_IDEA  IDEA
PGPSYMKEYALGO_TRIPLE_DES  3DES
PGPSYMKEYALGO_CAST5  CAST5
PGPSYMKEYALGO_BLOWFISH  BLOWFISH
PGPSYMKEYALGO_SAFER  SAFER
PGPSYMKEYALGO_DES_SK  DES/SK
PGPSYMKEYALGO_AES_128  AES(128-bit key)
PGPSYMKEYALGO_AES_192  AES(192-bit key)
PGPSYMKEYALGO_AES_256  AES(256-bit key)
PGPSYMKEYALGO_TWOFISH  TWOFISH

Definition at line 209 of file rpmpgp.h.

enum pgpTag_e
 

4.3.

Packet Tags

The packet tag denotes what type of packet the body holds. Note that old format headers can only have tags less than 16, whereas new format headers can have tags as great as 63.

Enumeration values:
PGPTAG_RESERVED  Reserved/Invalid
PGPTAG_PUBLIC_SESSION_KEY  Public-Key Encrypted Session Key
PGPTAG_SIGNATURE  Signature
PGPTAG_SYMMETRIC_SESSION_KEY  Symmetric-Key Encrypted Session Key
PGPTAG_ONEPASS_SIGNATURE  One-Pass Signature
PGPTAG_SECRET_KEY  Secret Key
PGPTAG_PUBLIC_KEY  Public Key
PGPTAG_SECRET_SUBKEY  Secret Subkey
PGPTAG_COMPRESSED_DATA  Compressed Data
PGPTAG_SYMMETRIC_DATA  Symmetrically Encrypted Data
PGPTAG_MARKER  Marker
PGPTAG_LITERAL_DATA  Literal Data
PGPTAG_TRUST  Trust
PGPTAG_USER_ID  User ID
PGPTAG_PUBLIC_SUBKEY  Public Subkey
PGPTAG_COMMENT_OLD  Comment (from OpenPGP draft)
PGPTAG_PHOTOID  PGP's photo ID
PGPTAG_ENCRYPTED_MDC  Integrity protected encrypted data
PGPTAG_MDC  Manipulaion detection code packet
PGPTAG_PRIVATE_60  Private or Experimental Values
PGPTAG_COMMENT  Comment
PGPTAG_PRIVATE_62  Private or Experimental Values
PGPTAG_CONTROL  Control (GPG)

Definition at line 37 of file rpmpgp.h.


Function Documentation

char* pgpArmorWrap int    atype,
const unsigned char *    s,
size_t    ns
 

Wrap a OpenPGP packets in ascii armor for transport.

Parameters:
atype  type of armor
s  binary pkt data
ns  binary pkt data length
Returns:
formatted string

Definition at line 1277 of file rpmpgp.c.

References _free(), pgpValStr(), stpcpy(), VERSION, and xmalloc().

Referenced by armorFormat(), and processPubkeyFile().

void pgpCleanDig pgpDig    dig
 

Release (malloc'd) data from container.

Parameters:
dig  container

Definition at line 1036 of file rpmpgp.c.

References _free(), pgpDig_s::c, pgpDigParams_s::hash, pgpDig_s::hm, pgpDig_s::m, pgpDig_s::md5, pgpDigParams_s::params, pgpDig_s::pubkey, pgpDig_s::r, pgpDig_s::rsa_pk, pgpDig_s::rsahm, pgpDig_s::s, pgpDig_s::sha1, pgpDig_s::signature, and pgpDigParams_s::userid.

Referenced by pgpFreeDig(), and rpmVerifySignatures().

unsigned int pgpCRC const byte   octets,
size_t    len
[inline, static]
 

Return CRC of a buffer.

Parameters:
octets  bytes
len  no. of bytes
Returns:
crc of buffer

Definition at line 1335 of file rpmpgp.h.

References byte, CRC24_INIT, and CRC24_POLY.

Referenced by pgpReadPkts().

pgpDig pgpFreeDig pgpDig    dig
 

Destroy a container for parsed OpenPGP packates.

Parameters:
dig  container
Returns:
NULL always

Definition at line 1071 of file rpmpgp.c.

References _free(), pgpDig_s::c, pgpDig_s::g, pgpDig_s::hdrsha1ctx, pgpDig_s::hm, pgpDig_s::m, pgpDig_s::md5ctx, pgpDig_s::p, pgpCleanDig(), pgpDig_s::q, pgpDig_s::r, rpmDigestFinal(), pgpDig_s::rsa_pk, pgpDig_s::s, pgpDig_s::sha1ctx, and pgpDig_s::y.

Referenced by getSignid(), pgpsigFormat(), rpmcliImportPubkey(), and rpmtsCleanDig().

unsigned int pgpGrab const byte   s,
int    nbytes
[inline, static]
 

Return (native-endian) integer from big-endian representation.

Parameters:
s  pointer to big-endian integer
nbytes  no. of bytes
Returns:
native-endian integer

Definition at line 974 of file rpmpgp.h.

References byte.

Referenced by pgpLen(), pgpMpiStr(), pgpPrtKey(), pgpPrtPkt(), pgpPrtSig(), pgpPrtSubType(), pgpReadPkts(), pgpsigFormat(), and rpmtsStashKeyid().

char* pgpHexCvt char *    t,
const byte   s,
int    nbytes
[inline, static]
 

Convert to hex.

Parameters:
t  target buffer (returned)
s  source bytes
nbytes  no. of bytes
Returns:
target buffer

Definition at line 1044 of file rpmpgp.h.

References byte.

Referenced by pgpHexStr(), pgpMpiHex(), pgpMpiStr(), verifyGPGSignature(), verifyMD5Signature(), and verifyPGPSignature().

char* pgpHexStr const byte   p,
unsigned int    plen
[inline, static]
 

Return hex formatted representation of bytes.

Todo:
Remove static buffer.
Parameters:
p  bytes
plen  no. of bytes
Returns:
hex formatted string

Definition at line 1068 of file rpmpgp.h.

References byte, and pgpHexCvt().

Referenced by pgpPrtHex(), pgpPrtSig(), pgpsigFormat(), rpmcliImportPubkey(), and rpmReSign().

int pgpIsPkt const byte   p [inline, static]
 

Is buffer at beginning of an OpenPGP packet?

Parameters:
p  buffer
Returns:
1 if an OpenPGP packet, 0 otherwise

Definition at line 1273 of file rpmpgp.h.

References byte, pgpTag, PGPTAG_COMMENT, PGPTAG_COMMENT_OLD, PGPTAG_COMPRESSED_DATA, PGPTAG_CONTROL, PGPTAG_ENCRYPTED_MDC, PGPTAG_LITERAL_DATA, PGPTAG_MARKER, PGPTAG_MDC, PGPTAG_ONEPASS_SIGNATURE, PGPTAG_PHOTOID, PGPTAG_PRIVATE_60, PGPTAG_PRIVATE_62, PGPTAG_PUBLIC_KEY, PGPTAG_PUBLIC_SESSION_KEY, PGPTAG_PUBLIC_SUBKEY, PGPTAG_RESERVED, PGPTAG_SECRET_KEY, PGPTAG_SECRET_SUBKEY, PGPTAG_SIGNATURE, PGPTAG_SYMMETRIC_DATA, PGPTAG_SYMMETRIC_SESSION_KEY, PGPTAG_TRUST, and PGPTAG_USER_ID.

Referenced by pgpReadPkts().

int pgpLen const byte   s,
unsigned int *    lenp
[inline, static]
 

Return length of an OpenPGP packet.

Parameters:
s  pointer to packet
Return values:
lenp  no. of bytes in packet
Returns:
no. of bytes in length prefix

Definition at line 993 of file rpmpgp.h.

References byte, and pgpGrab().

Referenced by pgpPrtPkt(), pgpPrtSubType(), and pgpsigFormat().

unsigned int pgpMpiBits const byte   p [inline, static]
 

Return no.

of bits in a multiprecision integer.

Parameters:
p  pointer to multiprecision integer
Returns:
no. of bits

Definition at line 1016 of file rpmpgp.h.

References byte.

Referenced by pgpHexSet(), and pgpMpiLen().

unsigned int pgpMpiLen const byte   p [inline, static]
 

Return no.

of bytes in a multiprecision integer.

Parameters:
p  pointer to multiprecision integer
Returns:
no. of bytes

Definition at line 1029 of file rpmpgp.h.

References byte, and pgpMpiBits().

Referenced by pgpMpiHex(), pgpMpiStr(), pgpPrtPubkeyParams(), pgpPrtSeckeyParams(), and pgpPrtSigParams().

const char* pgpMpiStr const byte   p [inline, static]
 

Return hex formatted representation of a multiprecision integer.

Todo:
Remove static buffer.
Parameters:
p  bytes
Returns:
hex formatted string

Definition at line 1084 of file rpmpgp.h.

References byte, pgpGrab(), pgpHexCvt(), and pgpMpiLen().

Referenced by pgpPrtPubkeyParams(), pgpPrtSeckeyParams(), and pgpPrtSigParams().

int pgpPrtComment pgpTag    tag,
const byte   h,
unsigned int    hlen
 

Print/parse an OpenPGP comment packet.

Parameters:
tag  packet tag
h  packet contents
hlen  packet length (no. of bytes)
Returns:
0 on success

Definition at line 931 of file rpmpgp.c.

References byte, pgpPrtHex(), pgpPrtNL(), pgpPrtVal(), and pgpTag.

Referenced by pgpPrtPkt().

int pgpPrtKey pgpTag    tag,
const byte   h,
unsigned int    hlen
 

Print/parse an OpenPGP key packet.

Parameters:
tag  packet tag
h  packet contents
hlen  packet length (no. of bytes)
Returns:
0 on success

Definition at line 850 of file rpmpgp.c.

References byte, pgpGrab(), pgpPrtNL(), pgpPrtPubkeyParams(), pgpPrtSeckeyParams(), pgpPrtVal(), pgpTag, PGPTAG_PUBLIC_KEY, PGPTAG_PUBLIC_SUBKEY, pgpPktKeyV4_s::pubkey_algo, pgpDigParams_s::pubkey_algo, pgpPktKeyV3_s::pubkey_algo, pgpDigParams_s::tag, pgpPktKeyV4_s::time, pgpDigParams_s::time, pgpPktKeyV3_s::time, pgpPktKeyV3_s::valid, pgpPktKeyV4_s::version, pgpPktKeyV3_s::version, and pgpDigParams_s::version.

Referenced by pgpPrtPkt().

int pgpPrtPkt const byte   pkt,
unsigned int    pleft
 

Print/parse next OpenPGP packet.

Parameters:
pkt  OpenPGP packet
pleft  no. bytes remaining
Returns:
-1 on error, otherwise this packet length

Definition at line 957 of file rpmpgp.c.

References byte, pgpGrab(), pgpLen(), pgpPrtComment(), pgpPrtHex(), pgpPrtKey(), pgpPrtNL(), pgpPrtSig(), pgpPrtUserID(), pgpPrtVal(), pgpTag, PGPTAG_COMMENT, PGPTAG_COMMENT_OLD, PGPTAG_COMPRESSED_DATA, PGPTAG_CONTROL, PGPTAG_ENCRYPTED_MDC, PGPTAG_LITERAL_DATA, PGPTAG_MARKER, PGPTAG_MDC, PGPTAG_PHOTOID, PGPTAG_PRIVATE_60, PGPTAG_PRIVATE_62, PGPTAG_PUBLIC_KEY, PGPTAG_PUBLIC_SESSION_KEY, PGPTAG_PUBLIC_SUBKEY, PGPTAG_RESERVED, PGPTAG_SECRET_KEY, PGPTAG_SECRET_SUBKEY, PGPTAG_SIGNATURE, PGPTAG_SYMMETRIC_DATA, PGPTAG_SYMMETRIC_SESSION_KEY, PGPTAG_TRUST, and PGPTAG_USER_ID.

Referenced by pgpPrtPkts().

int pgpPrtPkts const byte   pkts,
unsigned int    pktlen,
pgpDig    dig,
int    printing
 

Print/parse a OpenPGP packet(s).

Parameters:
pkts  OpenPGP packet(s)
pktlen  OpenPGP packet(s) length (no. of bytes)
Return values:
dig  parsed output of signature/pubkey packet parameters
Parameters:
printing  should packets be printed?
Returns:
-1 on error, 0 on success

Definition at line 1124 of file rpmpgp.c.

References _print, byte, pgpPrtPkt(), pgpTag, PGPTAG_SIGNATURE, pgpDig_s::pubkey, pgpDig_s::signature, and pgpDigParams_s::tag.

Referenced by getSignid(), headerCheck(), pgpsigFormat(), rpmcliImportPubkey(), rpmdbAdd(), rpmdbRemove(), rpmReadPackageFile(), rpmts_PgpPrtPkts(), rpmtsFindPubkey(), and rpmVerifySignatures().

int pgpPrtSig pgpTag    tag,
const byte   h,
unsigned int    hlen
 

Print/parse an OpenPGP signature packet.

Parameters:
tag  packet tag
h  packet contents
hlen  packet length (no. of bytes)
Returns:
0 on success

Definition at line 529 of file rpmpgp.c.

References _debug, _print, byte, pgpDigParams_s::hash, pgpPktSigV4_s::hash_algo, pgpDigParams_s::hash_algo, pgpPktSigV3_s::hash_algo, pgpPktSigV4_s::hashlen, pgpDigParams_s::hashlen, pgpPktSigV3_s::hashlen, pgpGrab(), pgpHexStr(), pgpPrtHex(), pgpPrtNL(), pgpPrtSigParams(), pgpPrtSubType(), pgpPrtVal(), pgpTag, pgpPktSigV4_s::pubkey_algo, pgpDigParams_s::pubkey_algo, pgpPktSigV3_s::pubkey_algo, pgpDigParams_s::signhash16, pgpPktSigV3_s::signhash16, pgpDigParams_s::signid, pgpPktSigV3_s::signid, pgpPktSigV4_s::sigtype, pgpDigParams_s::sigtype, pgpPktSigV3_s::sigtype, pgpDigParams_s::time, pgpPktSigV3_s::time, pgpPktSigV4_s::version, pgpPktSigV3_s::version, pgpDigParams_s::version, and xmalloc().

Referenced by pgpPrtPkt().

int pgpPrtSubType const byte   h,
unsigned int    hlen,
pgpSigType    sigtype
 

Print/parse an OpenPGP subtype packet.

Parameters:
h  packet
hlen  packet length (no. of bytes)
sigtype  signature type
Returns:
0 on success

Definition at line 359 of file rpmpgp.c.

References byte, PGPDIG_SAVED_ID, PGPDIG_SAVED_TIME, pgpGrab(), pgpLen(), pgpPrtHex(), pgpPrtNL(), pgpPrtVal(), pgpSigType, PGPSIGTYPE_POSITIVE_CERT, PGPSUBTYPE_BACKWARD_COMPAT, PGPSUBTYPE_EXPORTABLE_CERT, PGPSUBTYPE_INTERNAL_100, PGPSUBTYPE_INTERNAL_101, PGPSUBTYPE_INTERNAL_102, PGPSUBTYPE_INTERNAL_103, PGPSUBTYPE_INTERNAL_104, PGPSUBTYPE_INTERNAL_105, PGPSUBTYPE_INTERNAL_106, PGPSUBTYPE_INTERNAL_107, PGPSUBTYPE_INTERNAL_108, PGPSUBTYPE_INTERNAL_109, PGPSUBTYPE_INTERNAL_110, PGPSUBTYPE_ISSUER_KEYID, PGPSUBTYPE_KEY_EXPIRE_TIME, PGPSUBTYPE_KEY_FLAGS, PGPSUBTYPE_KEYSERVER_PREFERS, PGPSUBTYPE_NOTATION, PGPSUBTYPE_POLICY_URL, PGPSUBTYPE_PREFER_COMPRESS, PGPSUBTYPE_PREFER_HASH, PGPSUBTYPE_PREFER_KEYSERVER, PGPSUBTYPE_PREFER_SYMKEY, PGPSUBTYPE_PRIMARY_USERID, PGPSUBTYPE_REGEX, PGPSUBTYPE_REVOCABLE, PGPSUBTYPE_REVOKE_KEY, PGPSUBTYPE_REVOKE_REASON, PGPSUBTYPE_SIG_CREATE_TIME, PGPSUBTYPE_SIG_EXPIRE_TIME, PGPSUBTYPE_SIGNER_USERID, PGPSUBTYPE_TRUST_SIG, pgpDigParams_s::saved, pgpDigParams_s::signid, and pgpDigParams_s::time.

Referenced by pgpPrtSig().

int pgpPrtUserID pgpTag    tag,
const byte   h,
unsigned int    hlen
 

Print/parse an OpenPGP userid packet.

Parameters:
tag  packet tag
h  packet contents
hlen  packet length (no. of bytes)
Returns:
0 on success

Definition at line 914 of file rpmpgp.c.

References byte, pgpPrtNL(), pgpPrtVal(), pgpTag, pgpDigParams_s::userid, and xmalloc().

Referenced by pgpPrtPkt().

void pgpPrtVal const char *    pre,
pgpValTbl    vs,
byte    val
 

Print an OpenPGP value.

Parameters:
pre  output prefix
vs  table of (string,value) pairs
val  byte value to print

Definition at line 300 of file rpmpgp.c.

References _print, byte, pgpValStr(), and pgpValTbl.

Referenced by pgpPrtComment(), pgpPrtKey(), pgpPrtPkt(), pgpPrtSeckeyParams(), pgpPrtSig(), pgpPrtSubType(), and pgpPrtUserID().

pgpArmor pgpReadPkts const char *    fn,
const byte **    pkt,
size_t *    pktlen
 

Parse armored OpenPGP packets from a file.

Parameters:
fn  file name
Return values:
pkt  dearmored OpenPGP packet(s)
pktlen  dearmored OpenPGP packet(s) length in bytes
Returns:
type of armor found

Definition at line 1153 of file rpmpgp.c.

References _free(), byte, pgpArmor, PGPARMOR_ERROR, PGPARMOR_NONE, PGPARMOR_PUBKEY, pgpCRC(), pgpGrab(), pgpIsPkt(), pgpValTok(), and rpmioSlurp().

Referenced by processPubkeyFile(), rpmcliImportPubkeys(), and rpmtsFindPubkey().

const char* pgpValStr pgpValTbl    vs,
byte    val
[inline, static]
 

Return string representation of am OpenPGP value.

Parameters:
vs  table of (string,value) pairs
val  byte value to lookup
Returns:
string value of byte

Definition at line 1103 of file rpmpgp.h.

References byte, and pgpValTbl.

Referenced by pgpArmorWrap(), and pgpPrtVal().

int pgpValTok pgpValTbl    vs,
const char *    s,
const char *    se
[inline, static]
 

Return value of an OpenPGP string.

Parameters:
vs  table of (string,value) pairs
s  string token to lookup
se  end-of-string address
Returns:
byte value

Definition at line 1121 of file rpmpgp.h.

References pgpValTbl.

Referenced by pgpReadPkts().

DIGEST_CTX rpmDigestDup DIGEST_CTX    octx
 

Duplicate a digest context.

Parameters:
octx  existing digest context
Returns:
duplicated digest context

Definition at line 36 of file digest.c.

References DIGEST_CTX_s::param, DIGEST_CTX_s::paramlen, and xcalloc().

Referenced by verifyGPGSignature(), verifyMD5Signature(), verifyPGPSignature(), and verifySHA1Signature().

int rpmDigestFinal DIGEST_CTX    ctx,
void **    datap,
size_t *    lenp,
int    asAscii
 

Return digest and destroy context. Final wrapup - pad to 64-byte boundary with the bit pattern 1 0* (64-bit count of bits processed, MSB-first)

Parameters:
ctx  digest context
Return values:
datap  address of returned digest
lenp  address of digest length
Parameters:
asAscii  return digest as ascii string?
Returns:
0 on success

Definition at line 114 of file digest.c.

References byte, DIGEST_CTX_s::Digest, DIGEST_CTX_s::digestlen, DPRINTF, DIGEST_CTX_s::param, DIGEST_CTX_s::paramlen, and xmalloc().

Referenced by domd5(), fdFiniDigest(), makeHDRSignature(), pgpFreeDig(), rhnUnload(), verifyGPGSignature(), verifyMD5Signature(), verifyPGPSignature(), verifySHA1Signature(), and XfdFree().

DIGEST_CTX rpmDigestInit pgpHashAlgo    hashalgo,
rpmDigestFlags    flags
 

Initialize digest. Set bit count to 0 and buffer to mysterious initialization constants.

Parameters:
hashalgo  type of digest
flags  bit(s) to control digest operation
Returns:
digest context

Definition at line 46 of file digest.c.

References DIGEST_CTX_s::datalen, DIGEST_CTX_s::Digest, DIGEST_CTX_s::digestlen, DPRINTF, DIGEST_CTX_s::flags, DIGEST_CTX_s::param, DIGEST_CTX_s::paramlen, pgpHashAlgo, PGPHASHALGO_HAVAL_5_160, PGPHASHALGO_MD2, PGPHASHALGO_MD5, PGPHASHALGO_RIPEMD160, PGPHASHALGO_SHA1, PGPHASHALGO_TIGER192, DIGEST_CTX_s::Reset, rpmDigestFlags, DIGEST_CTX_s::Update, and xcalloc().

Referenced by domd5(), fdInitDigest(), headerCheck(), makeHDRSignature(), readFile(), rhnUnload(), and rpmReadPackageFile().

int rpmDigestUpdate DIGEST_CTX    ctx,
const void *    data,
size_t    len
 

Update context with next plain text buffer.

Parameters:
ctx  digest context
data  next data buffer
len  no. bytes of data
Returns:
0 on success

Definition at line 100 of file digest.c.

References DPRINTF, DIGEST_CTX_s::param, and DIGEST_CTX_s::Update.

Referenced by domd5(), fdUpdateDigests(), headerCheck(), makeHDRSignature(), readFile(), rhnUnload(), rpmReadPackageFile(), verifyGPGSignature(), and verifyPGPSignature().


Variable Documentation

struct pgpValTbl_s pgpArmorKeyTbl[]
 

Armor key (string, value) pairs.

Definition at line 952 of file rpmpgp.h.

struct pgpValTbl_s pgpArmorTbl[]
 

Armor (string, value) pairs.

Definition at line 934 of file rpmpgp.h.

struct pgpValTbl_s pgpCompressionTbl[]
 

Compression (string, value) pairs.

Definition at line 257 of file rpmpgp.h.

struct pgpValTbl_s pgpHashTbl[]
 

Hash (string, value) pairs.

Definition at line 293 of file rpmpgp.h.

pgpDig pgpNewDig(void)
 

Create a container for parsed OpenPGP packates.

Returns:
container

Referenced by getSignid(), pgpsigFormat(), rpmcliImportPubkey(), rpmdbAdd(), rpmdbRemove(), and rpmtsDig().

struct pgpValTbl_s pgpPubkeyTbl[]
 

Definition at line 182 of file rpmpgp.h.

struct pgpValTbl_s pgpSigTypeTbl[]
 

Definition at line 140 of file rpmpgp.h.

struct pgpValTbl_s pgpSubTypeTbl[]
 

Subtype (string, value) pairs.

Definition at line 463 of file rpmpgp.h.

struct pgpValTbl_s pgpSymkeyTbl[]
 

Symmetric key (string, value) pairs.

Definition at line 228 of file rpmpgp.h.

struct pgpValTbl_s pgpTagTbl[]
 

Definition at line 66 of file rpmpgp.h.


Generated on Sun Oct 26 13:02:08 2003 for rpm by doxygen1.2.18