Compare commits

...

92 Commits

Author SHA1 Message Date
  David Lanzendörfer 0697c23955 Fixing DSA keys 2 weeks ago
  David Lanzendörfer 3d545e766d Fixing key generation (now working on write out) 2 weeks ago
  David Lanzendörfer 05b192a99d EBCDIC handling 1 month ago
  David Lanzendörfer ac19b86cce Config: Fixing flags 1 month ago
  David Lanzendörfer 1f5905394f Main: Reintroduce signing 1 month ago
  David Lanzendörfer a1a803d630 OpenSSL: Multiple algorithms 1 month ago
  David Lanzendörfer 8c17d01206 z/OS support: Fix compilation issues 5 months ago
  David Lanzendörfer de7ae0b221 Fixing signature generation 10 months ago
  David Lanzendörfer b4d3c8494c z/OS support: AES128 & AES256 10 months ago
  David Lanzendörfer bb9b0634d9 z/OS support: Hashing bug 10 months ago
  David Lanzendörfer 8a98d005dd Release v1, z/OS: Basic encryption decryption 10 months ago
  David Lanzendörfer 4c813b4c5d Backup in case laptop explodes 10 months ago
  David Lanzendörfer 951e476b33 z/OS: Introducing missing cipher 10 months ago
  David Lanzendörfer 482a812aa1 No more hard coding 10 months ago
  David Lanzendörfer 6a4243cb2f z/OS support: Support symmetric algorithms 10 months ago
  David Lanzendörfer cbdad44d87 Splitting things up 10 months ago
  David Lanzendörfer 52823d04a2 z/OS suport: Initialize stuff 10 months ago
  David Lanzendörfer e9d3811771 z/OS support: Fix errors 10 months ago
  David Lanzendörfer 653e42ce9d Fixing includes 10 months ago
  David Lanzendörfer e934320d37 Be less noisy 10 months ago
  David Lanzendörfer dd25e94073 Big changes: 10 months ago
  David Lanzendörfer 085f434afc Encrypted private keys 10 months ago
  David Lanzendörfer 0e4ab27f09 fix regressions 10 months ago
  David Lanzendörfer 5316ea1e16 Cleanup 10 months ago
  David Lanzendörfer 412ce4d7bf Elliptic curve support 10 months ago
  David Lanzendörfer 25002a4cca Staging: Nearly done 10 months ago
  David Lanzendörfer 9f7b8f352c Working on some missing algorithms now 10 months ago
  David Lanzendörfer c5d108cf2f Fix algorithm version detection 10 months ago
  David Lanzendörfer b06ad20094 ctypes fix 10 months ago
  David Lanzendörfer 32f30dc6f4 z/OS support: Lengths 10 months ago
  David Lanzendörfer 7369b91c8e z/OS support: Lengths 10 months ago
  David Lanzendörfer 6f899ab197 Simplify 10 months ago
  David Lanzendörfer cf64b80cd2 Remove noise 10 months ago
  David Lanzendörfer b00e7b8105 Remove noise 10 months ago
  David Lanzendörfer 48ff1cad8c Minor changes 10 months ago
  David Lanzendörfer c597187b19 Minor changes 10 months ago
  David Lanzendörfer 8f6cb425f2 Someone forgot to change a label :-) 10 months ago
  David Lanzendörfer 013ad40c16 Be less noisy 10 months ago
  David Lanzendörfer 0c67aaf115 z/OS support: Proper bit amount calculation 10 months ago
  David Lanzendörfer 796d7be26e z/OS support: fix read function 10 months ago
  David Lanzendörfer 48cfc0fc28 z/OS support: bit calculation 10 months ago
  David Lanzendörfer 9ca45010fb z/OS support: bit calculation 10 months ago
  David Lanzendörfer 511504aa22 z/OS support: bit calculation 10 months ago
  David Lanzendörfer 1268dde4c1 Indention 10 months ago
  David Lanzendörfer e6fd0b45d8 z/OS support: It works! 11 months ago
  David Lanzendörfer ccf7ec4346 z/OS support: char -> uint8_t 11 months ago
  David Lanzendörfer ecbba3c427 z/OS support: Some cleanup 11 months ago
  David Lanzendörfer e03e061b53 z/OS support: gsk_buffers are pointers now 11 months ago
  David Lanzendörfer 84678403f5 Adding import function 11 months ago
  David Lanzendörfer 860a703fdd z/OS support: char -> uint8_t 11 months ago
  David Lanzendörfer f284b99e4b z/OS support: to pointer 11 months ago
  David Lanzendörfer 9cdea63dc7 z/OS support: indention 11 months ago
  David Lanzendörfer 648edeace3 z/OS support: handle 11 months ago
  David Lanzendörfer df4fa05785 z/OS support: types 11 months ago
  David Lanzendörfer 25a3c5765c z/OS support: BASE64 is universal 11 months ago
  David Lanzendörfer 9936edf650 z/OS support: Hashing algorithms 11 months ago
  David Lanzendörfer 4bee18716f z/OS support: Finally! 11 months ago
  David Lanzendörfer 2755a7cf5a z/OS support: Charsets for I/O 12 months ago
  David Lanzendörfer f3f07c2bcc z/OS support: Charsets... 12 months ago
  David Lanzendörfer 6eaa9475da z/OS support: Be not verbose 12 months ago
  David Lanzendörfer 3468421fc5 z/OS: zlib dependency 12 months ago
  David Lanzendörfer 00233866bc z/OS support: Fixing some ASCII math gym 12 months ago
  David Lanzendörfer e4ac016f5d z/OS support: Issues with parsing 1 year ago
  David Lanzendörfer 5fd672d28a z/OS support: Signing 1 year ago
  David Lanzendörfer 90bd14fda8 z/OS support: Encryption 1 year ago
  David Lanzendörfer 083ace387e First success 1 year ago
  David Lanzendörfer e087beac6f Ignoring a file 1 year ago
  David Lanzendörfer e31b1b5556 The netpgp binary now compiles and runs 1 year ago
  David Lanzendörfer 4d988fb41f z/OS support 1 year ago
  David Lanzendörfer 67fa906486 Removing X-Code stuff 1 year ago
  David Lanzendörfer c4c847b531 Fixing some segfaults 1 year ago
  David Lanzendörfer 365834e4c8 Oops... 1 year ago
  David Lanzendörfer 0da42a0ad8 Now I can encrypt files 1 year ago
  David Lanzendörfer a8b684a082 Cleaning some more stuff 1 year ago
  David Lanzendörfer f9f37c22f8 Now I finally can print the UIDs 1 year ago
  David Lanzendörfer aa0ccaaec3 Key generation works now 1 year ago
  David Lanzendörfer def203c3e8 Getting closer 1 year ago
  David Lanzendörfer 96d97b9935 Seriously Werror?? 1 year ago
  David Lanzendörfer c81f749b4b Introducing some additional checks 1 year ago
  David Lanzendörfer 819ebc2928 remove unused file 1 year ago
  David Lanzendörfer 6e006681b6 Adapt to the changes 1 year ago
  David Lanzendörfer a20e72da13 Now we can have everything one folder 1 year ago
  David Lanzendörfer 872c74979a Don't use tabs 1 year ago
  David Lanzendörfer c42ec0a86b Nailing soure file 1 year ago
  David Lanzendörfer dc90fad80a Ignore files 1 year ago
  David Lanzendörfer 58f30021d5 Cleaning up 1 year ago
  David Lanzendörfer 68cb1bbe2e Cleaning up a bit 1 year ago
  David Lanzendörfer f100b0863d Introducing back in the binary 1 year ago
  David Lanzendörfer 7de87d3332 Getting platform detection working 1 year ago
  David Lanzendörfer 19081fe64e Removing config.h.in 1 year ago
  David Lanzendörfer a8f01c15f9 Fixing autoconf/autoheader usage 1 year ago
  David Lanzendörfer 2bfcaf67c7 Initial compilation on Linux 1 year ago
54 changed files with 17274 additions and 13006 deletions
Split View
  1. +9
    -0
      .gitignore
  2. +1
    -1
      Makefile.am
  3. +75
    -0
      ax_check_gskssl.m4
  4. +1
    -1
      ax_check_openssl.m4
  5. +90
    -0
      ax_check_pkcs.m4
  6. +81
    -16
      configure.ac
  7. +53
    -22
      include/netpgp.h
  8. +2
    -1
      include/netpgp/Makefile.am
  9. +0
    -160
      include/netpgp/config.h
  10. +30
    -28
      include/netpgp/create.h
  11. +174
    -153
      include/netpgp/crypto.h
  12. +2
    -0
      include/netpgp/defs.h
  13. +130
    -0
      include/netpgp/getopt.h
  14. +57
    -0
      include/netpgp/gettext.h
  15. +37
    -0
      include/netpgp/gskssl_glue.h
  16. +14
    -8
      include/netpgp/keyring.h
  17. +18
    -0
      include/netpgp/netpgpdefs.h
  18. +3
    -0
      include/netpgp/netpgpdigest.h
  19. +1
    -3
      include/netpgp/netpgpsdk.h
  20. +1
    -1
      include/netpgp/packet-parse.h
  21. +654
    -531
      include/netpgp/packet.h
  22. +1
    -1
      include/netpgp/readerwriter.h
  23. +5
    -2
      include/netpgp/signature.h
  24. +11
    -0
      include/netpgp/symmetric.h
  25. +67
    -56
      include/netpgp/validate.h
  26. +9
    -0
      include/netpgp/writer.h
  27. +0
    -5
      netpgp-xcode/README.txt
  28. +0
    -160
      netpgp-xcode/config.h
  29. +0
    -432
      netpgp-xcode/netpgp.xcodeproj/project.pbxproj
  30. +0
    -7
      netpgp-xcode/netpgp.xcodeproj/project.xcworkspace/contents.xcworkspacedata
  31. +37
    -10
      src/Makefile.am
  32. +17
    -13
      src/compress.c
  33. +758
    -703
      src/create.c
  34. +399
    -581
      src/crypto.c
  35. +1025
    -0
      src/getopt.c
  36. +174
    -0
      src/getopt1.c
  37. +1073
    -0
      src/gskssl_crypto.c
  38. +94
    -0
      src/gskssl_glue.c
  39. +608
    -614
      src/keyring.c
  40. +0
    -343
      src/libnetpgp.3
  41. +941
    -0
      src/main.c
  42. +747
    -673
      src/misc.c
  43. +461
    -312
      src/netpgp.c
  44. +970
    -582
      src/openssl_crypto.c
  45. +2692
    -2491
      src/packet-parse.c
  46. +10
    -10
      src/packet-show.c
  47. +1535
    -1602
      src/reader.c
  48. +895
    -817
      src/signature.c
  49. +63
    -0
      src/ssl_crypto.c
  50. +92
    -721
      src/symmetric.c
  51. +530
    -0
      src/symmetric_gskssl.c
  52. +627
    -0
      src/symmetric_openssl.c
  53. +838
    -783
      src/validate.c
  54. +1162
    -1163
      src/writer.c

+ 9
- 0
.gitignore View File

@ -0,0 +1,9 @@
configure
aclocal.m4
autom4te.cache
build
*/Makefile.in
Makefile.in
include/netpgp/config.h.in
include/netpgp/config.h.in~
buildaux

+ 1
- 1
Makefile.am View File

@ -1,3 +1,3 @@
## $NetBSD$
SUBDIRS = include src
SUBDIRS = . include src

+ 75
- 0
ax_check_gskssl.m4 View File

@ -0,0 +1,75 @@
AU_ALIAS([CHECK_SSL], [AX_CHECK_GSKSSL])
AC_DEFUN([AX_CHECK_GSKSSL], [
found=false
AC_ARG_WITH(gskssl,
AS_HELP_STRING([--with-gskssl=DIR],
[root of the GSK SSL directory]),
[
case "$withval" in
"" | y | ye | yes | n | no)
AC_MSG_ERROR([Invalid --with-gskssl value])
;;
*) ssldirs="$withval"
;;
esac
], [
# no such luck; use some default ssldirs
if ! $found; then
ssldirs="/usr/lpp/gskssl /usr"
fi
]
)
# note that we #include <gskssl/foo.h>, so the GSK SSL headers have to be in
# an 'gskssl' subdirectory
if ! $found; then
GSKSSL_INCLUDES=
for ssldir in $ssldirs; do
AC_MSG_CHECKING([for include/gskssl.h in $ssldir])
if test -f "$ssldir/include/gskssl.h"; then
if test -f "$ssldir/lib/GSKSSL.x"; then
GSKSSL_INCLUDES="-I$ssldir/include"
GSKSSL_LIBS="$ssldir/lib/GSKSSL.x $ssldir/lib/GSKCMS64.x"
found=true
AC_MSG_RESULT([yes])
fi
break
else
AC_MSG_RESULT([no])
fi
done
# if the file wasn't found, well, go ahead and try the link anyway -- maybe
# it will just work!
fi
# try the preprocessor and linker with our new flags,
# being careful not to pollute the global LIBS, LDFLAGS, and CPPFLAGS
AC_MSG_CHECKING([whether compiling and linking against GSK SSL works])
echo "Trying link with " \
"GSKSSL_LIBS=$GSKSSL_LIBS; GSKSSL_INCLUDES=$GSKSSL_INCLUDES" >&AS_MESSAGE_LOG_FD
save_LIBS="$LIBS"
save_LDFLAGS="$LDFLAGS"
save_CPPFLAGS="$CPPFLAGS"
LIBS="$GSKSSL_LIBS $LIBS"
CPPFLAGS="$GSKSSL_INCLUDES $CPPFLAGS"
AC_LINK_IFELSE(
AC_LANG_PROGRAM([#include <gskssl.h>], [gsk_handle env_handle;]),
[
AC_MSG_RESULT([yes])
$1
], [
AC_MSG_RESULT([no])
$2
])
CPPFLAGS="$save_CPPFLAGS"
LDFLAGS="$save_LDFLAGS"
LIBS="$save_LIBS"
AC_SUBST([GSKSSL_INCLUDES])
AC_SUBST([GSKSSL_LIBS])
])

+ 1
- 1
ax_check_openssl.m4 View File

@ -63,7 +63,7 @@ AC_DEFUN([AX_CHECK_OPENSSL], [
# no such luck; use some default ssldirs
if ! $found; then
ssldirs="/usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /usr"
ssldirs="$prefix $withval /usr/local/ssl /usr/lib/ssl /usr/ssl /usr/pkg /usr/local /usr"
fi
]
)


+ 90
- 0
ax_check_pkcs.m4 View File

@ -0,0 +1,90 @@
AU_ALIAS([CHECK_PKCS], [AX_CHECK_PKCS])
AC_DEFUN([AX_CHECK_PKCS], [
found=false
AC_ARG_WITH(gskssl,
AS_HELP_STRING([--with-gskssl=DIR],
[root of the GSK PKCS directory]),
[
case "$withval" in
"" | y | ye | yes | n | no)
AC_MSG_ERROR([Invalid --with-gskssl value])
;;
*) pkcsdirs="$withval"
;;
esac
], [
# if pkg-config is installed and gskssl has installed a .pc file,
# then use that information and don't search pkcsdirs
AC_PATH_PROG(PKG_CONFIG, pkg-config)
if test x"$PKG_CONFIG" != x""; then
PKCS_LDFLAGS=`$PKG_CONFIG gskssl --libs-only-L 2>/dev/null`
if test $? = 0; then
PKCS_LIBS=`$PKG_CONFIG gskssl --libs-only-l 2>/dev/null`
PKCS_INCLUDES=`$PKG_CONFIG gskssl --cflags-only-I 2>/dev/null`
found=true
fi
fi
# no such luck; use some default pkcsdirs
if ! $found; then
pkcsdirs="$withval /usr/lpp/pkcs11 /usr"
fi
]
)
# note that we #include <gskssl/foo.h>, so the GSK PKCS headers have to be in
# an 'gskssl' subdirectory
if ! $found; then
PKCS_INCLUDES=
for pkcsdir in $pkcsdirs; do
AC_MSG_CHECKING([for include/gskssl.h in $pkcsdir])
if test -f "$pkcsdir/include/csnpdefs.h"; then
if test -f "$pkcsdir/lib/CSNPCA64.x"; then
PKCS_INCLUDES="-I$pkcsdir/include"
PKCS_LDFLAGS="-L$pkcsdir/lib"
PKCS_LIBS="$pkcsdir/lib/CSNPCA64.x"
found=true
AC_MSG_RESULT([yes])
fi
break
else
AC_MSG_RESULT([no])
fi
done
# if the file wasn't found, well, go ahead and try the link anyway -- maybe
# it will just work!
fi
# try the preprocessor and linker with our new flags,
# being careful not to pollute the global LIBS, LDFLAGS, and CPPFLAGS
AC_MSG_CHECKING([whether compiling and linking against GSK PKCS works])
echo "Trying link with PKCS_LDFLAGS=$PKCS_LDFLAGS;" \
"PKCS_LIBS=$PKCS_LIBS; PKCS_INCLUDES=$PKCS_INCLUDES" >&AS_MESSAGE_LOG_FD
save_LIBS="$LIBS"
save_LDFLAGS="$LDFLAGS"
save_CPPFLAGS="$CPPFLAGS"
LDFLAGS="$LDFLAGS $PKCS_LDFLAGS"
LIBS="$PKCS_LIBS $LIBS"
CPPFLAGS="$PKCS_INCLUDES $CPPFLAGS"
AC_LINK_IFELSE(
AC_LANG_PROGRAM([#include <gskssl.h>], [gsk_handle env_handle;]),
[
AC_MSG_RESULT([yes])
$1
], [
AC_MSG_RESULT([no])
$2
])
CPPFLAGS="$save_CPPFLAGS"
LDFLAGS="$save_LDFLAGS"
LIBS="$save_LIBS"
AC_SUBST([PKCS_INCLUDES])
AC_SUBST([PKCS_LIBS])
AC_SUBST([PKCS_LDFLAGS])
])

+ 81
- 16
configure.ac View File

@ -8,9 +8,9 @@ AC_REVISION([$Revision$])
AS_SHELL_SANITIZE
AC_CONFIG_SRCDIR([src/netpgp.c])
AC_CONFIG_SRCDIR([src/main.c])
AC_CONFIG_AUX_DIR([buildaux])
AC_CONFIG_HEADER([src/config.h])
AC_CONFIG_HEADER([include/netpgp/config.h])
AM_INIT_AUTOMAKE([-Wall foreign])
AM_MAINTAINER_MODE
@ -25,6 +25,7 @@ AC_PROG_MAKE_SET
AC_PROG_AWK
AC_PROG_CC
AC_PROG_INSTALL
AM_PROG_AR
AC_PROG_LIBTOOL
AC_PROG_LN_S
@ -42,7 +43,7 @@ AC_PROG_AR
#
AC_MSG_CHECKING([if using gcc])
AS_IF([test "$GCC" = "yes"],
[WARNCFLAGS="-Werror -Wall -Wpointer-arith"
[WARNCFLAGS="-Wno-error -Wall -Wpointer-arith"
AC_MSG_RESULT([yes; adding to CFLAGS: "$WARNCFLAGS"])],
[WARNCFLAGS=""
AC_MSG_RESULT([no])])
@ -55,14 +56,24 @@ AC_SEARCH_LIBS(dlopen, dl)
#
AC_HEADER_STDC
AC_CHECK_HEADERS([CommonCrypto/CommonDigest.h])
AC_CHECK_HEADERS([dmalloc.h direct.h errno.h fcntl.h \
inttypes.h limits.h malloc.h zlib.h])
AC_CHECK_HEADERS([sys/cdefs.h sys/file.h sys/mman.h sys/param.h \
sys/resource.h sys/uio.h])
AC_CHECK_HEADERS([bzlib.h],
[],
[AC_MSG_FAILURE([missing <bzlib.h>; is bzip2 installed?])])
AC_CHECK_HEADERS([dmalloc.h direct.h errno.h fcntl.h inttypes.h limits.h malloc.h zlib.h])
AC_CHECK_HEADERS([sys/cdefs.h sys/file.h sys/mman.h sys/resource.h sys/uio.h])
platform_name=$(uname)
AS_IF([test "$platform_name" == "OS/390"],[
AC_MSG_NOTICE([z/OS detected... Skipping some headers])
ZLIB_FLAG="-lzz"
NETPGP_CFLAGS="$WARNCLAGS $CFLAGS -qlanglvl=extc99 -D_XOPEN_SOURCE=600 -D_POSIX_C_SOURCE=200112L"
],[
AC_CHECK_HEADERS([sys/param.h])
AC_CHECK_HEADERS([bzlib.h], [], [
AC_MSG_FAILURE([missing <bzlib.h>; is bzip2 installed?])
])
ZLIB_FLAG="-lz"
NETPGP_CFLAGS="$WARNCLAGS $CFLAGS"
])
AC_SUBST([ZLIB_FLAG])
# Checks for typedefs, structures, and compiler characteristics.
#
@ -73,18 +84,64 @@ AC_TYPE_UINT32_T
AC_TYPE_UINT64_T
AC_TYPE_UINT8_T
found_gskssl="no"
found_pkcs="no"
found_openssl="no"
# check for openssl
m4_include([ax_check_openssl.m4])
AX_CHECK_OPENSSL([LIBS="$LIBS $OPENSSL_LDFLAGS $OPENSSL_LIBS" INCLUDES="$INCLUDES $OPENSSL_INCLUDES"],
[AC_MSG_ERROR([Missing OpenSSL])])
m4_include([ax_check_gskssl.m4])
m4_include([ax_check_pkcs.m4])
AX_CHECK_OPENSSL([found_openssl="yes"],[found_openssl="no"])
AS_IF(
[test "$found_openssl" == "yes"],
[
LIBS="$LIBS $OPENSSL_LIBS"
INCLUDES="$INCLUDES $OPENSSL_INCLUDES"
NETPGP_CFLAGS="$OPENSSL_LDFLAGS $NETPGP_CFLAGS"
],
[
AX_CHECK_GSKSSL([found_gskssl="yes"],[found_gskssl="no"])
AS_IF(
[test "$found_gskssl" == "yes"],
[
LIBS="$LIBS $GSKSSL_LIBS"
INCLUDES="$INCLUDES $GSKSSL_INCLUDES"
NETPGP_CFLAGS="$GSKSSL_LDFLAGS $NETPGP_CFLAGS"
],
[
AC_MSG_FAILURE([No suitable SSL library found])
]
)
AX_CHECK_PKCS([found_pkcs="yes"],[found_pkcs="no"])
AS_IF(
[test "$found_pkcs" == "yes"],
[
LIBS="$LIBS $PKCS_LIBS"
INCLUDES="$INCLUDES $PKCS_INCLUDES"
NETPGP_CFLAGS="$PKSC_LDFLAGS $NETPGP_CFLAGS"
],
[
AC_MSG_FAILURE([PKCS library not found])
]
)
]
)
AC_SUBST([NETPGP_CFLAGS])
LIBS="$LIBS $ZLIB_FLAG"
CPPFLAGS="$CPPFLAGS $INCLUDES"
AS_IF([test "$found_openssl" == "yes" ],[
AC_MSG_NOTICE([OpenSSL found])
AC_DEFINE([HAVE_OPENSSL], [1], [Use OpenSSL])
AC_CHECK_HEADERS([openssl/aes.h openssl/bn.h openssl/camellia.h openssl/cast.h \
openssl/des.h openssl/dsa.h openssl/err.h openssl/idea.h \
openssl/md5.h openssl/rand.h openssl/rsa.h openssl/sha.h \
openssl/err.h openssl/sha.h])
openssl/err.h openssl/sha.h openssl/ossl_typ.h])
AC_CHECK_TYPES([SHA256_CTX],
[],
@ -102,6 +159,14 @@ AC_CHECK_TYPES([SHA256_CTX],
#endif
]])
])
AS_IF([test "$found_gskssl" == "yes" ],[
AC_MSG_NOTICE([GSK SSL found])
AC_DEFINE([HAVE_GSKSSL], [1], [Use the SSL implementation from IBM])
AC_DEFINE([OPENSSL_NO_IDEA], [1], [Explicitely disable OPENSSL IDEA])
])
# Checks for library functions.
#
AC_SEARCH_LIBS([gzopen], [z])


+ 53
- 22
include/netpgp.h View File

@ -39,27 +39,48 @@
# endif
#endif
/*
** Check to see if this machine uses EBCDIC. (Yes, believe it or
** not, there are still machines out there that use EBCDIC.)
*/
#if 'A' == '\301'
# define NETPGP_EBCDIC 1
#else
# define NETPGP_ASCII 1
#endif
#ifndef MIN
#define MIN(a,b) (((a)<(b))?(a):(b))
#endif
#ifndef MAX
#define MAX(a,b) (((a)>(b))?(a):(b))
#endif
#include <netpgp/config.h>
#include <netpgp/keyring.h>
#if defined(NETPGP_EBCDIC)
#include <unistd.h>
#endif
__BEGIN_DECLS
/* structure used to hold (key,value) pair information */
typedef struct netpgp_t {
unsigned c; /* # of elements used */
unsigned size; /* size of array */
char **name; /* key names */
char **value; /* value information */
void *pubring; /* public key ring */
void *secring; /* s3kr1t key ring */
void *io; /* the io struct for results/errs */
void *passfp; /* file pointer for password input */
unsigned c; /* # of elements used */
unsigned size; /* size of array */
char **name; /* key names */
char **value; /* value information */
pgp_keyring_t *pubring; /* public key ring */
pgp_keyring_t *secring; /* s3kr1t key ring */
void *io; /* the io struct for results/errs */
} netpgp_t;
/* begin and end */
int netpgp_init(netpgp_t *);
int netpgp_end(netpgp_t *);
const char *netpgp_get_info(const char *);
int netpgp_list_packets(netpgp_t *, char *, int, char *);
/* variables */
int netpgp_setvar(netpgp_t *, const char *, const char *);
char *netpgp_getvar(netpgp_t *, const char *);
@ -77,15 +98,18 @@ char *netpgp_get_key(netpgp_t *, const char *, const char *);
char *netpgp_export_key(netpgp_t *, char *);
int netpgp_save_secring(netpgp_t *);
int netpgp_save_pubring(netpgp_t *);
int netpgp_import_key(netpgp_t *, char *);
int netpgp_generate_key(netpgp_t *, char *, int);
/* file management */
int netpgp_encrypt_file(netpgp_t *, const char *, const char *, char *, int);
int netpgp_decrypt_file(netpgp_t *, const char *, char *, int);
int netpgp_sign_file(netpgp_t *, const char *, const char *, char *, int, int, int);
int netpgp_verify_file(netpgp_t *, const char *, const char *, int);
/* higher level functions */
pgp_memory_t * netpgp_encrypt_and_sign(
netpgp_t *netpgp,
pgp_keyring_t *rcpts,
pgp_seckey_t *seckey,
const char *ptext, size_t psize,
int do_sign,
int armour
); // encrypt and sign to multiple recipients
// TODO: Implement those
/* memory signing and encryption */
int netpgp_sign_memory(netpgp_t *, const char *, char *, size_t, char *, size_t, const unsigned, const unsigned);
int netpgp_verify_memory(netpgp_t *, const void *, const size_t, void *, size_t, const int);
@ -100,9 +124,16 @@ int netpgp_format_json(void *, const char *, const int);
int netpgp_validate_sigs(netpgp_t *);
/* save pgp key in ssh format */
int netpgp_write_sshkey(netpgp_t *, char *, const char *, char *, size_t);
// helpers
unsigned uint_to_string(const int8_t *src, char **str, unsigned len);
unsigned string_to_uint(const char *str, uint8_t **fpr, size_t *length);
inline char A(char c) // EBCDIC or ASCII character to ASCII character
{
#if defined(NETPGP_EBCDIC)
__e2a_l(&c,1);
#endif
return c;
}
__END_DECLS


+ 2
- 1
include/netpgp/Makefile.am View File

@ -14,5 +14,6 @@ pkginclude_HEADERS = \
types.h \
readerwriter.h \
writer.h \
validate.h
validate.h \
netpgpdefs.h

+ 0
- 160
include/netpgp/config.h View File

@ -1,160 +0,0 @@
//
// config.h
// netpgp
#ifndef netpgp_config_h
#define netpgp_config_h
/* Define to 1 if you have the <bzlib.h> header file. */
#define HAVE_BZLIB_H 1
/* Define to 1 if you have the <CommonCrypto/CommonDigest.h> header file. */
#define HAVE_COMMONCRYPTO_COMMONDIGEST_H 1
/* Define to 1 if you have the <direct.h> header file. */
/* #undef HAVE_DIRECT_H */
/* Define to 1 if you have the <dlfcn.h> header file. */
#define HAVE_DLFCN_H 1
/* Define to 1 if you have the <dmalloc.h> header file. */
/* #undef HAVE_DMALLOC_H */
/* Define to 1 if you have the <errno.h> header file. */
#define HAVE_ERRNO_H 1
/* Define to 1 if you have the <fcntl.h> header file. */
#define HAVE_FCNTL_H 1
/* Define to 1 if you have the <inttypes.h> header file. */
#define HAVE_INTTYPES_H 1
/* Define to 1 if you have the <limits.h> header file. */
#define HAVE_LIMITS_H 1
/* Define to 1 if the system has the type 'long long int'. */
#define HAVE_LONG_LONG_INT 1
/* Define to 1 if you have the <malloc.h> header file. */
/* #undef HAVE_MALLOC_H */
/* Define to 1 if you have the <memory.h> header file. */
#define HAVE_MEMORY_H 1
/* Define to 1 if you have the <openssl/aes.h> header file. */
#define HAVE_OPENSSL_AES_H 1
/* Define to 1 if you have the <openssl/bn.h> header file. */
#define HAVE_OPENSSL_BN_H 1
/* Define to 1 if you have the <openssl/camellia.h> header file. */
/* #undef HAVE_OPENSSL_CAMELLIA_H */
/* Define to 1 if you have the <openssl/cast.h> header file. */
#define HAVE_OPENSSL_CAST_H 1
/* Define to 1 if you have the <openssl/des.h> header file. */
#define HAVE_OPENSSL_DES_H 1
/* Define to 1 if you have the <openssl/dsa.h> header file. */
#define HAVE_OPENSSL_DSA_H 1
/* Define to 1 if you have the <openssl/err.h> header file. */
#define HAVE_OPENSSL_ERR_H 1
/* Define to 1 if you have the <openssl/idea.h> header file. */
/* #undef HAVE_OPENSSL_IDEA_H */
/* Define to 1 if you have the <openssl/md5.h> header file. */
#define HAVE_OPENSSL_MD5_H 1
/* Define to 1 if you have the <openssl/rand.h> header file. */
#define HAVE_OPENSSL_RAND_H 1
/* Define to 1 if you have the <openssl/rsa.h> header file. */
#define HAVE_OPENSSL_RSA_H 1
/* Define to 1 if you have the <openssl/sha.h> header file. */
#define HAVE_OPENSSL_SHA_H 1
/* Define to 1 if the system has the type `SHA256_CTX'. */
#define HAVE_SHA256_CTX 1
/* Define to 1 if you have the <stdint.h> header file. */
#define HAVE_STDINT_H 1
/* Define to 1 if you have the <stdlib.h> header file. */
#define HAVE_STDLIB_H 1
/* Define to 1 if you have the <strings.h> header file. */
#define HAVE_STRINGS_H 1
/* Define to 1 if you have the <string.h> header file. */
#define HAVE_STRING_H 1
/* Define to 1 if you have the <sys/cdefs.h> header file. */
#define HAVE_SYS_CDEFS_H 1
/* Define to 1 if you have the <sys/file.h> header file. */
#define HAVE_SYS_FILE_H 1
/* Define to 1 if you have the <sys/mman.h> header file. */
#define HAVE_SYS_MMAN_H 1
/* Define to 1 if you have the <sys/param.h> header file. */
#define HAVE_SYS_PARAM_H 1
/* Define to 1 if you have the <sys/resource.h> header file. */
#define HAVE_SYS_RESOURCE_H 1
/* Define to 1 if you have the <sys/stat.h> header file. */
#define HAVE_SYS_STAT_H 1
/* Define to 1 if you have the <sys/types.h> header file. */
#define HAVE_SYS_TYPES_H 1
/* Define to 1 if you have the <sys/uio.h> header file. */
#define HAVE_SYS_UIO_H 1
/* Define to 1 if you have the <unistd.h> header file. */
#define HAVE_UNISTD_H 1
/* Define to 1 if the system has the type 'unsigned long long int'. */
#define HAVE_UNSIGNED_LONG_LONG_INT 1
/* Define to 1 if you have the <zlib.h> header file. */
#define HAVE_ZLIB_H 1
/* Define to the sub-directory where libtool stores uninstalled libraries. */
#define LT_OBJDIR ".libs/"
/* Name of package */
#define PACKAGE "netpgp"
/* Define to the address where bug reports for this package should be sent. */
#define PACKAGE_BUGREPORT " pEp NetPGP Team <netpgp@pep-project.org> "
/* Define to the full name of this package. */
#define PACKAGE_NAME "netpgp"
/* Define to the full name and version of this package. */
#define PACKAGE_STRING "netpgp beta0"
/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "netpgp"
/* Define to the home page for this package. */
#define PACKAGE_URL ""
/* Define to the version of this package. */
#define PACKAGE_VERSION "beta0"
/* Define to 1 if you have the ANSI C header files. */
#define STDC_HEADERS 1
/* Version number of package */
#define VERSION "beta0"
#define OPENSSL_NO_IDEA 1
#endif

+ 30
- 28
include/netpgp/create.h View File

@ -65,8 +65,8 @@
* This struct contains the required information about how to write this stream
*/
struct pgp_output_t {
pgp_writer_t writer;
pgp_error_t *errors; /* error stack */
pgp_writer_t writer;
pgp_error_t *errors; /* error stack */
};
pgp_output_t *pgp_output_new(void);
@ -77,45 +77,47 @@ int pgp_filewrite(const char *, const char *, const size_t, const unsigned);
void pgp_build_pubkey(pgp_memory_t *, const pgp_pubkey_t *, unsigned);
unsigned pgp_calc_sesskey_checksum(pgp_pk_sesskey_t *, uint8_t *);
unsigned pgp_write_struct_userid(pgp_output_t *, const uint8_t *);
unsigned pgp_write_struct_userid(pgp_output_t *, const uint8_t*);
unsigned pgp_write_ss_header(pgp_output_t *, size_t, pgp_content_enum);
unsigned pgp_write_struct_seckey_ptag(const pgp_seckey_t *key,
const uint8_t *passphrase,
const size_t pplen,
pgp_output_t *output,
pgp_content_enum ptag);
unsigned pgp_write_struct_seckey(const pgp_seckey_t *,
const uint8_t *,
const size_t,
pgp_output_t *);
unsigned pgp_write_struct_seckey_ptag(const pgp_seckey_t *key, pgp_output_t *output, pgp_content_enum ptag);
unsigned pgp_write_struct_seckey(const pgp_seckey_t *, pgp_output_t *);
unsigned pgp_write_struct_pubkey(pgp_output_t *, const pgp_pubkey_t *);
unsigned pgp_write_one_pass_sig(pgp_output_t *,
const pgp_seckey_t *,
const pgp_hash_alg_t,
const pgp_sig_type_t);
const pgp_seckey_t *,
const pgp_hash_alg_t,
const pgp_sig_type_t);
unsigned pgp_write_litdata(pgp_output_t *,
const uint8_t *,
const int,
const pgp_litdata_enum);
const uint8_t *,
const int,
const pgp_litdata_enum);
pgp_pk_sesskey_t *pgp_create_pk_sesskey(pgp_key_t *, const char *, pgp_pk_sesskey_t *);
unsigned pgp_write_pk_sesskey(pgp_output_t *, pgp_pk_sesskey_t *);
unsigned pgp_write_xfer_key(pgp_output_t *output,
unsigned pgp_write_xfer_key(
pgp_output_t *output,
const pgp_key_t *key,
const unsigned armoured);
const unsigned armoured
);
void pgp_fast_create_userid(uint8_t **, uint8_t *);
unsigned pgp_write_userid(const uint8_t *, pgp_output_t *);
unsigned pgp_write_userid(const uint8_t*, pgp_output_t *);
#ifdef HAVE_OPENSSL
void pgp_fast_create_rsa_pubkey(pgp_pubkey_t *, time_t, BIGNUM *, BIGNUM *);
unsigned pgp_write_rsa_pubkey(time_t, const BIGNUM *, const BIGNUM *,
pgp_output_t *);
pgp_output_t *);
void pgp_fast_create_rsa_seckey(pgp_seckey_t *, time_t, BIGNUM *,
BIGNUM *, BIGNUM *, BIGNUM *,
BIGNUM *, BIGNUM *);
BIGNUM *, BIGNUM *, BIGNUM *,
BIGNUM *, BIGNUM *);
#endif
unsigned encode_m_buf(const uint8_t *, size_t, const pgp_pubkey_t *,
uint8_t *);
uint8_t *);
unsigned pgp_fileread_litdata(const char *, const pgp_litdata_enum,
pgp_output_t *);
unsigned pgp_write_symm_enc_data(const uint8_t *, const int,
pgp_output_t *);
pgp_output_t *);
#endif /* CREATE_H_ */

+ 174
- 153
include/netpgp/crypto.h View File

@ -53,62 +53,88 @@
#ifndef CRYPTO_H_
#define CRYPTO_H_
#include <netpgp/config.h>
#include "keyring.h"
#include "packet.h"
#include "memory.h"
#include "packet-parse.h"
#ifdef HAVE_OPENSSL_DSA_H
#include <openssl/dsa.h>
#endif
#if defined(HAVE_GSKSSL) && !defined(HAVE_OPENSSL)
#include <gskcms.h>
#include <csfbext.h>
#include <csnpdefs.h>
#endif
#define PGP_MIN_HASH_SIZE 16
#define PGP_MIN_HASH_SIZE 16
#if defined(HAVE_GSKSSL) && !defined(HAVE_OPENSSL)
unsigned gsk_num_bits ( const gsk_buffer *bn );
#endif
/** pgp_hash_t */
struct pgp_hash_t {
pgp_hash_alg_t alg; /* algorithm */
size_t size; /* size */
const char *name; /* what it's known as */
int (*init)(pgp_hash_t *);
void (*add)(pgp_hash_t *, const uint8_t *, unsigned);
unsigned (*finish)(pgp_hash_t *, uint8_t *);
void *data; /* blob for data */
pgp_hash_alg_t alg; /* algorithm */
size_t size; /* size */
const char *name; /* what it's known as */
int (*init)(pgp_hash_t *);
void (*add)(pgp_hash_t *, const uint8_t *, unsigned);
unsigned (*finish)(pgp_hash_t *, uint8_t *);
#if defined(HAVE_OPENSSL)
void *data; /* blob for data */
#elif defined(HAVE_GSKSSL)
CK_SESSION_HANDLE *session;
#endif
};
/** pgp_crypt_t */
struct pgp_crypt_t {
pgp_symm_alg_t alg;
size_t blocksize;
size_t keysize;
void (*set_iv)(pgp_crypt_t *, const uint8_t *);
void (*set_crypt_key)(pgp_crypt_t *, const uint8_t *);
int (*base_init)(pgp_crypt_t *);
void (*decrypt_resync)(pgp_crypt_t *);
/* encrypt/decrypt one block */
void (*block_encrypt)(pgp_crypt_t *, void *, const void *);
void (*block_decrypt)(pgp_crypt_t *, void *, const void *);
/* Standard CFB encrypt/decrypt (as used by Sym Enc Int Prot packets) */
void (*cfb_encrypt)(pgp_crypt_t *, void *, const void *, size_t);
void (*cfb_decrypt)(pgp_crypt_t *, void *, const void *, size_t);
void (*decrypt_finish)(pgp_crypt_t *);
uint8_t iv[PGP_MAX_BLOCK_SIZE];
uint8_t civ[PGP_MAX_BLOCK_SIZE];
uint8_t siv[PGP_MAX_BLOCK_SIZE];
/* siv is needed for weird v3 resync */
uint8_t key[PGP_MAX_KEY_SIZE];
int num;
/* num is offset - see openssl _encrypt doco */
void *encrypt_key;
void *decrypt_key;
pgp_symm_alg_t alg;
size_t blocksize;
size_t keysize;
void (*set_iv)(pgp_crypt_t *, const uint8_t *);
void (*set_crypt_key)(pgp_crypt_t *, const uint8_t *);
int (*base_init)(pgp_crypt_t *);
void (*decrypt_resync)(pgp_crypt_t *);
/* encrypt/decrypt one block */
void (*block_encrypt)(pgp_crypt_t *, void *, const void *);
void (*block_decrypt)(pgp_crypt_t *, void *, const void *);
/* Standard CFB encrypt/decrypt (as used by Sym Enc Int Prot packets) */
void (*cfb_encrypt)(pgp_crypt_t *, void *, const void *, size_t);
void (*cfb_decrypt)(pgp_crypt_t *, void *, const void *, size_t);
void (*decrypt_finish)(pgp_crypt_t *);
uint8_t iv[PGP_MAX_BLOCK_SIZE];
uint8_t civ[PGP_MAX_BLOCK_SIZE];
uint8_t siv[PGP_MAX_BLOCK_SIZE];
/* siv is needed for weird v3 resync */
uint8_t key[PGP_MAX_KEY_SIZE];
int num;
#if defined(HAVE_OPENSSL)
/* num is offset - see openssl _encrypt doco */
void *encrypt_key;
void *decrypt_key;
#elif defined(HAVE_GSKSSL)
CK_SESSION_HANDLE session;
CK_MECHANISM mechanism;
CK_KEY_TYPE keyType;
CK_OBJECT_HANDLE encrypt_key;
CK_OBJECT_HANDLE decrypt_key;
#endif
};
typedef struct pgp_validation_t {
unsigned validc;
pgp_sig_info_t *valid_sigs;
unsigned invalidc;
pgp_sig_info_t *invalid_sigs;
unsigned unknownc;
pgp_sig_info_t *unknown_sigs;
time_t birthtime;
time_t duration;
unsigned validc;
pgp_sig_info_t *valid_sigs;
unsigned invalidc;
pgp_sig_info_t *invalid_sigs;
unsigned unknownc;
pgp_sig_info_t *unknown_sigs;
time_t birthtime;
time_t duration;
} pgp_validation_t;
void pgp_crypto_finish(void);
@ -127,35 +153,34 @@ unsigned pgp_hash(uint8_t *, pgp_hash_alg_t, const void *, size_t);
void pgp_hash_add_int(pgp_hash_t *, unsigned, unsigned);
unsigned pgp_dsa_verify(const uint8_t *, size_t,
const pgp_dsa_sig_t *,
const pgp_dsa_pubkey_t *);
const pgp_dsa_sig_t *,
const pgp_dsa_pubkey_t *);
int pgp_rsa_public_decrypt(uint8_t *, const uint8_t *, size_t,
const pgp_rsa_pubkey_t *);
const pgp_rsa_pubkey_t *);
int pgp_rsa_public_encrypt(uint8_t *, const uint8_t *, size_t,
const pgp_rsa_pubkey_t *);
const pgp_rsa_pubkey_t *);
int pgp_rsa_private_encrypt(uint8_t *, const uint8_t *, size_t,
const pgp_rsa_seckey_t *, const pgp_rsa_pubkey_t *);
const pgp_rsa_seckey_t *, const pgp_rsa_pubkey_t *);
int pgp_rsa_private_decrypt(uint8_t *, const uint8_t *, size_t,
const pgp_rsa_seckey_t *, const pgp_rsa_pubkey_t *);
const pgp_rsa_seckey_t *, const pgp_rsa_pubkey_t *);
int pgp_rsa_private_check(const pgp_seckey_t *seckey);
int pgp_dsa_private_check(const pgp_dsa_seckey_t *seckey);
int pgp_elgamal_private_check(const pgp_elgamal_seckey_t *seckey);
int pgp_dsa_private_check(const pgp_seckey_t *seckey);
int pgp_elgamal_private_check(const pgp_seckey_t *seckey);
int pgp_elgamal_public_encrypt(uint8_t *, uint8_t *, const uint8_t *, size_t,
const pgp_elgamal_pubkey_t *);
const pgp_elgamal_pubkey_t *);
int pgp_elgamal_private_decrypt(uint8_t *, const uint8_t *, const uint8_t *, size_t,
const pgp_elgamal_seckey_t *, const pgp_elgamal_pubkey_t *);
const pgp_elgamal_seckey_t *, const pgp_elgamal_pubkey_t *);
pgp_symm_alg_t pgp_str_to_cipher(const char *);
unsigned pgp_block_size(pgp_symm_alg_t);
unsigned pgp_key_size(pgp_symm_alg_t);
int pgp_decrypt_data(pgp_content_enum, pgp_region_t *,
pgp_stream_t *);
pgp_stream_t *);
int pgp_crypt_any(pgp_crypt_t *, pgp_symm_alg_t);
void pgp_decrypt_init(pgp_crypt_t *);
@ -167,107 +192,107 @@ size_t pgp_encrypt_se_ip(pgp_crypt_t *, void *, const void *, size_t);
unsigned pgp_is_sa_supported(pgp_symm_alg_t);
void pgp_reader_push_decrypt(pgp_stream_t *, pgp_crypt_t *,
pgp_region_t *);
pgp_region_t *);
void pgp_reader_pop_decrypt(pgp_stream_t *);
/* Hash everything that's read */
void pgp_reader_push_hash(pgp_stream_t *, pgp_hash_t *);
void pgp_reader_pop_hash(pgp_stream_t *);
#if defined(HAVE_OPENSSL)
int pgp_decrypt_decode_mpi(uint8_t *, unsigned, const BIGNUM *,
const BIGNUM *, const pgp_seckey_t *);
const BIGNUM *, const pgp_seckey_t *);
#elif defined(HAVE_GSKSSL)
int pgp_decrypt_decode_mpi(uint8_t *, unsigned, const gsk_buffer*,
const gsk_buffer*, const pgp_seckey_t *);
#endif
unsigned pgp_rsa_encrypt_mpi(const uint8_t *, const size_t,
const pgp_pubkey_t *,
pgp_pk_sesskey_params_t *);
const pgp_pubkey_t *,
pgp_pk_sesskey_params_t *);
unsigned pgp_elgamal_encrypt_mpi(const uint8_t *, const size_t,
const pgp_pubkey_t *,
pgp_pk_sesskey_params_t *);
const pgp_pubkey_t *,
pgp_pk_sesskey_params_t *);
/* Encrypt everything that's written */
struct pgp_key_data;
void pgp_writer_push_encrypt(pgp_output_t *,
const struct pgp_key_data *);
unsigned pgp_encrypt_file(pgp_io_t *, const char *, const char *,
const pgp_key_t *,
const unsigned, const unsigned, const char *);
unsigned pgp_decrypt_file(pgp_io_t *,
const char *,
const char *,
pgp_keyring_t *,
pgp_keyring_t *,
const unsigned,
const unsigned,
const unsigned,
void *,
int,
pgp_cbfunc_t *);
const struct pgp_key_data *);
pgp_memory_t *
pgp_encrypt_buf(pgp_io_t *, const void *, const size_t,
const pgp_keyring_t *,
const unsigned, const char *, unsigned);
pgp_encrypt_buf(
pgp_io_t *,
const void *,
const size_t,
const pgp_keyring_t *,
const unsigned,
const char *,
unsigned);
pgp_memory_t *
pgp_decrypt_buf(pgp_io_t *,
const void *,
const size_t,
pgp_keyring_t *,
pgp_keyring_t *,
const unsigned,
const unsigned,
void *,
int,
pgp_cbfunc_t *);
pgp_decrypt_and_validate_buf(
netpgp_t *netpgp,
pgp_validation_t *result,
const void *input,
const size_t insize,
pgp_keyring_t *secring,
pgp_keyring_t *pubring,
const unsigned use_armour,
key_id_t **recipients_key_ids,
unsigned *recipients_count
);
pgp_memory_t *
pgp_decrypt_and_validate_buf(pgp_io_t *io,
pgp_validation_t *result,
const void *input,
const size_t insize,
pgp_keyring_t *secring,
pgp_keyring_t *pubring,
const unsigned use_armour,
pgp_validate_buf(
netpgp_t *netpgp,
pgp_validation_t *result,
const void *input,
const size_t insize,
//pgp_keyring_t *secring,
//pgp_keyring_t *pubring,
const unsigned use_armour,
key_id_t **recipients_key_ids,
unsigned *recipients_count);
unsigned *recipients_count
);
/* Keys */
pgp_key_t *pgp_rsa_new_selfsign_key(const int,
const unsigned long, uint8_t *, const char *,
const char *);
const unsigned long, uint8_t *, const char *,
const char *);
unsigned pgp_rsa_generate_keypair(pgp_key_t *,
const int,
const unsigned long,
const char *,
const char *,
const int,
const unsigned long,
const char *,
const char *,
const uint8_t *,
const size_t);
int pgp_dsa_size(const pgp_dsa_pubkey_t *);
pgp_dsa_sig_t *pgp_dsa_sign(uint8_t *, unsigned,
const pgp_dsa_seckey_t *,
const pgp_dsa_pubkey_t *);
const pgp_dsa_seckey_t *,
const pgp_dsa_pubkey_t *);
/** pgp_reader_t */
struct pgp_reader_t {
pgp_reader_func_t *reader; /* reader func to get parse data */
pgp_reader_destroyer_t *destroyer;
void *arg; /* args to pass to reader function */
unsigned accumulate:1; /* set to gather packet data */
uint8_t *accumulated; /* the accumulated data */
unsigned asize; /* size of the buffer */
unsigned alength;/* used buffer */
unsigned position; /* reader-specific offset */
pgp_reader_t *next;
pgp_stream_t *parent;/* parent parse_info structure */
pgp_reader_func_t *reader; /* reader func to get parse data */
pgp_reader_destroyer_t *destroyer;
void *arg; /* args to pass to reader function */
unsigned accumulate:1; /* set to gather packet data */
uint8_t *accumulated; /* the accumulated data */
unsigned asize; /* size of the buffer */
unsigned alength;/* used buffer */
unsigned position; /* reader-specific offset */
pgp_reader_t *next;
pgp_stream_t *parent;/* parent parse_info structure */
unsigned partial_read:1;
unsigned coalescing:1;
unsigned partial_read:1;
unsigned coalescing:1;
/* used for partial length coalescing */
unsigned virtualc;
unsigned virtualoff;
uint8_t *virtualpkt;
unsigned virtualc;
unsigned virtualoff;
uint8_t *virtualpkt;
};
@ -275,37 +300,33 @@ struct pgp_reader_t {
Encrypt/decrypt settings
*/
struct pgp_cryptinfo_t {
char *passphrase;
pgp_keyring_t *secring;
pgp_key_t *keydata;
pgp_cbfunc_t *getpassphrase;
pgp_keyring_t *pubring;
DYNARRAY(key_id_t, recipients_key_ids);
char *passphrase;
pgp_keyring_t *secring;
pgp_key_t *keydata;
pgp_keyring_t *pubring;
DYNARRAY(key_id_t, recipients_key_ids);
};
/** pgp_cbdata_t */
struct pgp_cbdata_t {
pgp_cbfunc_t *cbfunc; /* callback function */
void *arg; /* args to pass to callback func */
pgp_error_t **errors; /* address of error stack */
pgp_cbdata_t *next;
pgp_output_t *output; /* when writing out parsed info */
pgp_io_t *io; /* error/output messages */
void *passfp; /* fp for passphrase input */
pgp_cryptinfo_t cryptinfo; /* used when decrypting */
pgp_printstate_t printstate; /* used to keep printing state */
pgp_seckey_t *sshseckey; /* secret key for ssh */
int numtries; /* # of passphrase attempts */
int gotpass; /* when passphrase entered */
pgp_cbfunc_t *cbfunc; /* callback function */
void *arg; /* args to pass to callback func */
pgp_error_t **errors; /* address of error stack */
pgp_cbdata_t *next;
pgp_output_t *output; /* when writing out parsed info */
pgp_io_t *io; /* error/output messages */
pgp_cryptinfo_t cryptinfo; /* used when decrypting */
pgp_printstate_t printstate; /* used to keep printing state */
char *passphrase;
};
/** pgp_hashtype_t */
typedef struct {
pgp_hash_t hash; /* hashes we should hash data with */
uint8_t keyid[PGP_KEY_ID_SIZE];
pgp_hash_t hash; /* hashes we should hash data with */
uint8_t keyid[PGP_KEY_ID_SIZE];
} pgp_hashtype_t;
#define NTAGS 0x100 /* == 256 */
#define NTAGS 0x100 /* == 256 */
/** \brief Structure to hold information about a packet parse.
*
@ -330,21 +351,21 @@ typedef struct {
*/
struct pgp_stream_t {
uint8_t ss_raw[NTAGS / 8];
/* 1 bit / sig-subpkt type; set to get raw data */
uint8_t ss_parsed[NTAGS / 8];
/* 1 bit / sig-subpkt type; set to get parsed data */
pgp_reader_t readinfo;
pgp_cbdata_t cbinfo;
pgp_error_t *errors;
void *io; /* io streams */
pgp_crypt_t decrypt;
pgp_cryptinfo_t cryptinfo;
size_t hashc;
pgp_hashtype_t *hashes;
//unsigned reading_v3_secret:1;
//unsigned reading_mpi_len:1;
//unsigned exact_read:1;
uint8_t ss_raw[NTAGS / 8];
/* 1 bit / sig-subpkt type; set to get raw data */
uint8_t ss_parsed[NTAGS / 8];
/* 1 bit / sig-subpkt type; set to get parsed data */
pgp_reader_t readinfo;
pgp_cbdata_t cbinfo;
pgp_error_t *errors;
void *io; /* io streams */
pgp_crypt_t decrypt;
pgp_cryptinfo_t cryptinfo;
size_t hashc;
pgp_hashtype_t *hashes;
//unsigned reading_v3_secret:1;
//unsigned reading_mpi_len:1;
//unsigned exact_read:1;
};


+ 2
- 0
include/netpgp/defs.h View File

@ -32,7 +32,9 @@
#define DEFS_H_
#include <sys/types.h>
#ifdef HAVE_SYS_PARAM_H
#include <sys/param.h>
#endif
#ifdef HAVE_INTTYPES_H
#include <inttypes.h>


+ 130
- 0
include/netpgp/getopt.h View File

@ -0,0 +1,130 @@
/* Declarations for getopt.
Copyright (C) 1989-2016 Free Software Foundation, Inc.
NOTE: The canonical source of this file is maintained with the GNU C Library.
Bugs can be reported to bug-glibc@gnu.org.
GNU Make is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
Foundation; either version 3 of the License, or (at your option) any later
version.
GNU Make is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
this program. If not, see <http://www.gnu.org/licenses/>. */
#ifndef _GETOPT_H
#define _GETOPT_H 1
#ifdef __cplusplus
extern "C" {
#endif
/* For communication from `getopt' to the caller.
When `getopt' finds an option that takes an argument,
the argument value is returned here.
Also, when `ordering' is RETURN_IN_ORDER,
each non-option ARGV-element is returned here. */
extern char *optarg;
/* Index in ARGV of the next element to be scanned.
This is used for communication to and from the caller
and for communication between successive calls to `getopt'.
On entry to `getopt', zero means this is the first call; initialize.
When `getopt' returns -1, this is the index of the first of the
non-option elements that the caller should itself scan.
Otherwise, `optind' communicates from one call to the next
how much of ARGV has been scanned so far. */
extern int optind;
/* Callers store zero here to inhibit the error message `getopt' prints
for unrecognized options. */
extern int opterr;
/* Set to an option character which was unrecognized. */
extern int optopt;
/* Describe the long-named options requested by the application.
The LONG_OPTIONS argument to getopt_long or getopt_long_only is a vector
of `struct option' terminated by an element containing a name which is
zero.
The field `has_arg' is:
no_argument (or 0) if the option does not take an argument,
required_argument (or 1) if the option requires an argument,
optional_argument (or 2) if the option takes an optional argument.
If the field `flag' is not NULL, it points to a variable that is set
to the value given in the field `val' when the option is found, but
left unchanged if the option is not found.
To have a long-named option do something other than set an `int' to
a compiled-in constant, such as set a value from `optarg', set the
option's `flag' field to zero and its `val' field to a nonzero
value (the equivalent single-letter option character, if there is
one). For long options that have a zero `flag' field, `getopt'
returns the contents of the `val' field. */
struct option
{
#if defined (__STDC__) && __STDC__
const char *name;
#else
char *name;
#endif
/* has_arg can't be an enum because some compilers complain about
type mismatches in all the code that assumes it is an int. */
int has_arg;
int *flag;
int val;
};
/* Names for the values of the `has_arg' field of `struct option'. */
#define no_argument 0
#define required_argument 1
#define optional_argument 2
#if defined (__STDC__) && __STDC__
#ifdef __GNU_LIBRARY__
/* Many other libraries have conflicting prototypes for getopt, with
differences in the consts, in stdlib.h. To avoid compilation
errors, only prototype getopt for the GNU C library. */
extern int getopt (int argc, char *const *argv, const char *shortopts);
#else /* not __GNU_LIBRARY__ */
extern int getopt ();
#endif /* __GNU_LIBRARY__ */
extern int getopt_long (int argc, char *const *argv, const char *shortopts,
const struct option *longopts, int *longind);
extern int getopt_long_only (int argc, char *const *argv,
const char *shortopts,
const struct option *longopts, int *longind);
/* Internal only. Users should not call this directly. */
extern int _getopt_internal (int argc, char *const *argv,
const char *shortopts,
const struct option *longopts, int *longind,
int long_only);
#else /* not __STDC__ */
extern int getopt ();
extern int getopt_long ();
extern int getopt_long_only ();
extern int _getopt_internal ();
#endif /* __STDC__ */
#ifdef __cplusplus
}
#endif
#endif /* getopt.h */

+ 57
- 0
include/netpgp/gettext.h View File

@ -0,0 +1,57 @@
/* Convenience header for conditional use of GNU <libintl.h>.
Copyright (C) 1995-2016 Free Software Foundation, Inc.
This file is part of GNU Make.
GNU Make is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
Foundation; either version 3 of the License, or (at your option) any later
version.
GNU Make is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
this program. If not, see <http://www.gnu.org/licenses/>. */
#ifndef _LIBGETTEXT_H
#define _LIBGETTEXT_H 1
/* NLS can be disabled through the configure --disable-nls option. */
#if ENABLE_NLS
/* Get declarations of GNU message catalog functions. */
# include <libintl.h>
#else
/* Disabled NLS.
The casts to 'const char *' serve the purpose of producing warnings
for invalid uses of the value returned from these functions.
On pre-ANSI systems without 'const', the config.h file is supposed to
contain "#define const". */
# define gettext(Msgid) ((const char *) (Msgid))
# define dgettext(Domainname, Msgid) ((const char *) (Msgid))
# define dcgettext(Domainname, Msgid, Category) ((const char *) (Msgid))
# define ngettext(Msgid1, Msgid2, N) \
((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
# define dngettext(Domainname, Msgid1, Msgid2, N) \
((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
# define dcngettext(Domainname, Msgid1, Msgid2, N, Category) \
((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
# define textdomain(Domainname) ((const char *) (Domainname))
# define bindtextdomain(Domainname, Dirname) ((const char *) (Dirname))
# define bind_textdomain_codeset(Domainname, Codeset) ((const char *) (Codeset))
#endif
/* A pseudo function call that serves as a marker for the automated
extraction of messages, but does not call gettext(). The run-time
translation is done at a different place in the code.
The argument, String, should be a literal string. Concatenated strings
and other string expressions won't work.
The macro's expansion is not parenthesized, so that it is suitable as
initializer for static 'char[]' or 'const char[]' variables. */
#define gettext_noop(String) String
#endif /* _LIBGETTEXT_H */

+ 37
- 0
include/netpgp/gskssl_glue.h View File

@ -0,0 +1,37 @@
#ifndef _GSKSSL_GLUE_H
#define _GSKSSL_GLUE_H
#include <stdio.h>
#include <stdlib.h>
#include <csnpdefs.h>
#include <gskcms.h>
#include <csfbext.h>
#include <dlfcn.h>
#define CAST_KEY_LENGTH 16
#define SHA_DIGEST_LENGTH 20
#define SHA224_DIGEST_LENGTH 28
#define SHA384_DIGEST_LENGTH 48
#define MD5_DIGEST_LENGTH 16
#define AES_BLOCK_SIZE 16
#define CAMELLIA_BLOCK_SIZE 16
#define CAST_BLOCK 8
#define IDEA_BLOCK 8
#define IDEA_KEY_LENGTH 16
#define KEYBITS_AES128 128
#define KEYBITS_AES256 256
#define KEYBITS_CAMELLIA128 128
#define KEYBITS_CAMELLIA256 256
#ifndef MAXPATHLEN
#define MAXPATHLEN _POSIX_PATH_MAX
#endif
CK_FUNCTION_LIST *funcs;
CK_RV getSession(CK_SESSION_HANDLE *session);
CK_RV getFunctionList(void);
#endif

+ 14
- 8
include/netpgp/keyring.h View File

@ -53,9 +53,9 @@
#ifndef KEYRING_H_
#define KEYRING_H_
#include "packet.h"
#include "packet-parse.h"
#include "memory.h"
#include <netpgp/packet.h>
#include <netpgp/packet-parse.h>
#include <netpgp/memory.h>
enum {
MAX_ID_LENGTH = 128,
@ -111,21 +111,27 @@ pgp_pubkey_t *pgp_key_get_pubkey(pgp_key_t *);
unsigned pgp_is_key_secret(pgp_key_t *);
pgp_seckey_t *pgp_get_seckey(pgp_key_t *);
pgp_seckey_t *pgp_get_writable_seckey(pgp_key_t *);
// pgp_seckey_t *pgp_decrypt_seckey(const pgp_key_t *, void *);
pgp_seckey_t *pgp_decrypt_seckey(const pgp_key_t *, char *);
typedef struct netpgp_t netpgp_t;
unsigned
pgp_keyring_fileread(pgp_io_t *io,
pgp_keyring_fileread(
netpgp_t *netpgp,
pgp_keyring_t *pubring,
pgp_keyring_t *secring,
const unsigned armour,
const char *filename);
unsigned
pgp_keyring_read_from_mem(pgp_io_t *io,
pgp_keyring_read_from_mem(
netpgp_t *netpgp,
pgp_keyring_t *pubring,
pgp_keyring_t *secring,
const unsigned armour,
pgp_memory_t *mem);
pgp_memory_t *mem,
const int import
);
int pgp_keyring_list(pgp_io_t *, const pgp_keyring_t *, const int);
@ -144,6 +150,7 @@ unsigned pgp_update_userid(
// const pgp_subpacket_t *,
// unsigned );
unsigned pgp_add_selfsigned_userid(pgp_key_t *skey, pgp_key_t *pkey, const uint8_t *userid, time_t duration);
pgp_key_t *pgp_keydata_new(void);
@ -171,7 +178,6 @@ unsigned pgp_update_subkey(
pgp_keydata_key_t *subkey,
const pgp_subpacket_t *sigpkt,
pgp_sig_info_t *siginfo);
// int pgp_add_to_secring(pgp_keyring_t *, const pgp_seckey_t *);
int pgp_append_keyring(pgp_keyring_t *, pgp_keyring_t *);


+ 18
- 0
include/netpgp/netpgpdefs.h View File