Compare commits

...

85 Commits

Author SHA1 Message Date
  David Lanzendörfer de7ae0b221 Fixing signature generation 3 months ago
  David Lanzendörfer b4d3c8494c z/OS support: AES128 & AES256 3 months ago
  David Lanzendörfer bb9b0634d9 z/OS support: Hashing bug 3 months ago
  David Lanzendörfer 8a98d005dd Release v1, z/OS: Basic encryption decryption 3 months ago
  David Lanzendörfer 4c813b4c5d Backup in case laptop explodes 3 months ago
  David Lanzendörfer 951e476b33 z/OS: Introducing missing cipher 3 months ago
  David Lanzendörfer 482a812aa1 No more hard coding 3 months ago
  David Lanzendörfer 6a4243cb2f z/OS support: Support symmetric algorithms 3 months ago
  David Lanzendörfer cbdad44d87 Splitting things up 3 months ago
  David Lanzendörfer 52823d04a2 z/OS suport: Initialize stuff 3 months ago
  David Lanzendörfer e9d3811771 z/OS support: Fix errors 3 months ago
  David Lanzendörfer 653e42ce9d Fixing includes 3 months ago
  David Lanzendörfer e934320d37 Be less noisy 3 months ago
  David Lanzendörfer dd25e94073 Big changes: 3 months ago
  David Lanzendörfer 085f434afc Encrypted private keys 4 months ago
  David Lanzendörfer 0e4ab27f09 fix regressions 4 months ago
  David Lanzendörfer 5316ea1e16 Cleanup 4 months ago
  David Lanzendörfer 412ce4d7bf Elliptic curve support 4 months ago
  David Lanzendörfer 25002a4cca Staging: Nearly done 4 months ago
  David Lanzendörfer 9f7b8f352c Working on some missing algorithms now 4 months ago
  David Lanzendörfer c5d108cf2f Fix algorithm version detection 4 months ago
  David Lanzendörfer b06ad20094 ctypes fix 4 months ago
  David Lanzendörfer 32f30dc6f4 z/OS support: Lengths 4 months ago
  David Lanzendörfer 7369b91c8e z/OS support: Lengths 4 months ago
  David Lanzendörfer 6f899ab197 Simplify 4 months ago
  David Lanzendörfer cf64b80cd2 Remove noise 4 months ago
  David Lanzendörfer b00e7b8105 Remove noise 4 months ago
  David Lanzendörfer 48ff1cad8c Minor changes 4 months ago
  David Lanzendörfer c597187b19 Minor changes 4 months ago
  David Lanzendörfer 8f6cb425f2 Someone forgot to change a label :-) 4 months ago
  David Lanzendörfer 013ad40c16 Be less noisy 4 months ago
  David Lanzendörfer 0c67aaf115 z/OS support: Proper bit amount calculation 4 months ago
  David Lanzendörfer 796d7be26e z/OS support: fix read function 4 months ago
  David Lanzendörfer 48cfc0fc28 z/OS support: bit calculation 4 months ago
  David Lanzendörfer 9ca45010fb z/OS support: bit calculation 4 months ago
  David Lanzendörfer 511504aa22 z/OS support: bit calculation 4 months ago
  David Lanzendörfer 1268dde4c1 Indention 4 months ago
  David Lanzendörfer e6fd0b45d8 z/OS support: It works! 4 months ago
  David Lanzendörfer ccf7ec4346 z/OS support: char -> uint8_t 4 months ago
  David Lanzendörfer ecbba3c427 z/OS support: Some cleanup 4 months ago
  David Lanzendörfer e03e061b53 z/OS support: gsk_buffers are pointers now 4 months ago
  David Lanzendörfer 84678403f5 Adding import function 4 months ago
  David Lanzendörfer 860a703fdd z/OS support: char -> uint8_t 4 months ago
  David Lanzendörfer f284b99e4b z/OS support: to pointer 4 months ago
  David Lanzendörfer 9cdea63dc7 z/OS support: indention 4 months ago
  David Lanzendörfer 648edeace3 z/OS support: handle 4 months ago
  David Lanzendörfer df4fa05785 z/OS support: types 4 months ago
  David Lanzendörfer 25a3c5765c z/OS support: BASE64 is universal 4 months ago
  David Lanzendörfer 9936edf650 z/OS support: Hashing algorithms 4 months ago
  David Lanzendörfer 4bee18716f z/OS support: Finally! 4 months ago
  David Lanzendörfer 2755a7cf5a z/OS support: Charsets for I/O 5 months ago
  David Lanzendörfer f3f07c2bcc z/OS support: Charsets... 5 months ago
  David Lanzendörfer 6eaa9475da z/OS support: Be not verbose 5 months ago
  David Lanzendörfer 3468421fc5 z/OS: zlib dependency 5 months ago
  David Lanzendörfer 00233866bc z/OS support: Fixing some ASCII math gym 5 months ago
  David Lanzendörfer e4ac016f5d z/OS support: Issues with parsing 6 months ago
  David Lanzendörfer 5fd672d28a z/OS support: Signing 6 months ago
  David Lanzendörfer 90bd14fda8 z/OS support: Encryption 6 months ago
  David Lanzendörfer 083ace387e First success 6 months ago
  David Lanzendörfer e087beac6f Ignoring a file 6 months ago
  David Lanzendörfer e31b1b5556 The netpgp binary now compiles and runs 6 months ago
  David Lanzendörfer 4d988fb41f z/OS support 6 months ago
  David Lanzendörfer 67fa906486 Removing X-Code stuff 7 months ago
  David Lanzendörfer c4c847b531 Fixing some segfaults 7 months ago
  David Lanzendörfer 365834e4c8 Oops... 7 months ago
  David Lanzendörfer 0da42a0ad8 Now I can encrypt files 7 months ago
  David Lanzendörfer a8b684a082 Cleaning some more stuff 7 months ago
  David Lanzendörfer f9f37c22f8 Now I finally can print the UIDs 7 months ago
  David Lanzendörfer aa0ccaaec3 Key generation works now 7 months ago
  David Lanzendörfer def203c3e8 Getting closer 7 months ago
  David Lanzendörfer 96d97b9935 Seriously Werror?? 7 months ago
  David Lanzendörfer c81f749b4b Introducing some additional checks 7 months ago
  David Lanzendörfer 819ebc2928 remove unused file 7 months ago
  David Lanzendörfer 6e006681b6 Adapt to the changes 7 months ago
  David Lanzendörfer a20e72da13 Now we can have everything one folder 7 months ago
  David Lanzendörfer 872c74979a Don't use tabs 7 months ago
  David Lanzendörfer c42ec0a86b Nailing soure file 7 months ago
  David Lanzendörfer dc90fad80a Ignore files 7 months ago
  David Lanzendörfer 58f30021d5 Cleaning up 7 months ago
  David Lanzendörfer 68cb1bbe2e Cleaning up a bit 7 months ago
  David Lanzendörfer f100b0863d Introducing back in the binary 7 months ago
  David Lanzendörfer 7de87d3332 Getting platform detection working 7 months ago
  David Lanzendörfer 19081fe64e Removing config.h.in 7 months ago
  David Lanzendörfer a8f01c15f9 Fixing autoconf/autoheader usage 7 months ago
  David Lanzendörfer 2bfcaf67c7 Initial compilation on Linux 7 months ago
52 changed files with 16900 additions and 12996 deletions
Split View
  1. +9
    -0
      .gitignore
  2. +1
    -1
      Makefile.am
  3. +90
    -0
      ax_check_gskssl.m4
  4. +90
    -0
      ax_check_pkcs.m4
  5. +39
    -12
      configure.ac
  6. +25
    -22
      include/netpgp.h
  7. +0
    -160
      include/netpgp/config.h
  8. +30
    -28
      include/netpgp/create.h
  9. +172
    -150
      include/netpgp/crypto.h
  10. +2
    -0
      include/netpgp/defs.h
  11. +130
    -0
      include/netpgp/getopt.h
  12. +57
    -0
      include/netpgp/gettext.h
  13. +33
    -0
      include/netpgp/gskssl_glue.h
  14. +14
    -8
      include/netpgp/keyring.h
  15. +14
    -0
      include/netpgp/netpgpdefs.h
  16. +3
    -0
      include/netpgp/netpgpdigest.h
  17. +1
    -3
      include/netpgp/netpgpsdk.h
  18. +1
    -1
      include/netpgp/packet-parse.h
  19. +655
    -531
      include/netpgp/packet.h
  20. +1
    -1
      include/netpgp/readerwriter.h
  21. +5
    -2
      include/netpgp/signature.h
  22. +11
    -0
      include/netpgp/symmetric.h
  23. +67
    -56
      include/netpgp/validate.h
  24. +10
    -0
      include/netpgp/writer.h
  25. +0
    -5
      netpgp-xcode/README.txt
  26. +0
    -160
      netpgp-xcode/config.h
  27. +0
    -432
      netpgp-xcode/netpgp.xcodeproj/project.pbxproj
  28. +0
    -7
      netpgp-xcode/netpgp.xcodeproj/project.xcworkspace/contents.xcworkspacedata
  29. +37
    -6
      src/Makefile.am
  30. +17
    -13
      src/compress.c
  31. +758
    -703
      src/create.c
  32. +400
    -581
      src/crypto.c
  33. +1025
    -0
      src/getopt.c
  34. +174
    -0
      src/getopt1.c
  35. +1085
    -0
      src/gskssl_crypto.c
  36. +94
    -0
      src/gskssl_glue.c
  37. +608
    -614
      src/keyring.c
  38. +0
    -343
      src/libnetpgp.3
  39. +945
    -0
      src/main.c
  40. +748
    -673
      src/misc.c
  41. +480
    -312
      src/netpgp.c
  42. +600
    -586
      src/openssl_crypto.c
  43. +2692
    -2491
      src/packet-parse.c
  44. +10
    -10
      src/packet-show.c
  45. +1559
    -1601
      src/reader.c
  46. +896
    -817
      src/signature.c
  47. +63
    -0
      src/ssl_crypto.c
  48. +92
    -721
      src/symmetric.c
  49. +530
    -0
      src/symmetric_gskssl.c
  50. +627
    -0
      src/symmetric_openssl.c
  51. +838
    -783
      src/validate.c
  52. +1162
    -1163
      src/writer.c

+ 9
- 0
.gitignore View File

@ -0,0 +1,9 @@
configure
aclocal.m4
autom4te.cache
build
*/Makefile.in
Makefile.in
include/netpgp/config.h.in
include/netpgp/config.h.in~
buildaux

+ 1
- 1
Makefile.am View File

@ -1,3 +1,3 @@
## $NetBSD$
SUBDIRS = include src
SUBDIRS = . include src

+ 90
- 0
ax_check_gskssl.m4 View File

@ -0,0 +1,90 @@
AU_ALIAS([CHECK_SSL], [AX_CHECK_GSKSSL])
AC_DEFUN([AX_CHECK_GSKSSL], [
found=false
AC_ARG_WITH(gskssl,
AS_HELP_STRING([--with-gskssl=DIR],
[root of the GSK SSL directory]),
[
case "$withval" in
"" | y | ye | yes | n | no)
AC_MSG_ERROR([Invalid --with-gskssl value])
;;
*) ssldirs="$withval"
;;
esac
], [
# if pkg-config is installed and gskssl has installed a .pc file,
# then use that information and don't search ssldirs
AC_PATH_PROG(PKG_CONFIG, pkg-config)
if test x"$PKG_CONFIG" != x""; then
GSKSSL_LDFLAGS=`$PKG_CONFIG gskssl --libs-only-L 2>/dev/null`
if test $? = 0; then
GSKSSL_LIBS=`$PKG_CONFIG gskssl --libs-only-l 2>/dev/null`
GSKSSL_INCLUDES=`$PKG_CONFIG gskssl --cflags-only-I 2>/dev/null`
found=true
fi
fi
# no such luck; use some default ssldirs
if ! $found; then
ssldirs="/usr/lpp/gskssl /usr"
fi
]
)
# note that we #include <gskssl/foo.h>, so the GSK SSL headers have to be in
# an 'gskssl' subdirectory
if ! $found; then
GSKSSL_INCLUDES=
for ssldir in $ssldirs; do
AC_MSG_CHECKING([for include/gskssl.h in $ssldir])
if test -f "$ssldir/include/gskssl.h"; then
if test -f "$ssldir/lib/GSKSSL.x"; then
GSKSSL_INCLUDES="-I$ssldir/include"
GSKSSL_LDFLAGS="-L$ssldir/lib"
GSKSSL_LIBS="$ssldir/lib/GSKSSL.x $ssldir/lib/GSKCMS64.x"
found=true
AC_MSG_RESULT([yes])
fi
break
else
AC_MSG_RESULT([no])
fi
done
# if the file wasn't found, well, go ahead and try the link anyway -- maybe
# it will just work!
fi
# try the preprocessor and linker with our new flags,
# being careful not to pollute the global LIBS, LDFLAGS, and CPPFLAGS
AC_MSG_CHECKING([whether compiling and linking against GSK SSL works])
echo "Trying link with GSKSSL_LDFLAGS=$GSKSSL_LDFLAGS;" \
"GSKSSL_LIBS=$GSKSSL_LIBS; GSKSSL_INCLUDES=$GSKSSL_INCLUDES" >&AS_MESSAGE_LOG_FD
save_LIBS="$LIBS"
save_LDFLAGS="$LDFLAGS"
save_CPPFLAGS="$CPPFLAGS"
LDFLAGS="$LDFLAGS $GSKSSL_LDFLAGS"
LIBS="$GSKSSL_LIBS $LIBS"
CPPFLAGS="$GSKSSL_INCLUDES $CPPFLAGS"
AC_LINK_IFELSE(
AC_LANG_PROGRAM([#include <gskssl.h>], [gsk_handle env_handle;]),
[
AC_MSG_RESULT([yes])
$1
], [
AC_MSG_RESULT([no])
$2
])
CPPFLAGS="$save_CPPFLAGS"
LDFLAGS="$save_LDFLAGS"
LIBS="$save_LIBS"
AC_SUBST([GSKSSL_INCLUDES])
AC_SUBST([GSKSSL_LIBS])
AC_SUBST([GSKSSL_LDFLAGS])
])

+ 90
- 0
ax_check_pkcs.m4 View File

@ -0,0 +1,90 @@
AU_ALIAS([CHECK_PKCS], [AX_CHECK_PKCS])
AC_DEFUN([AX_CHECK_PKCS], [
found=false
AC_ARG_WITH(gskssl,
AS_HELP_STRING([--with-gskssl=DIR],
[root of the GSK PKCS directory]),
[
case "$withval" in
"" | y | ye | yes | n | no)
AC_MSG_ERROR([Invalid --with-gskssl value])
;;
*) pkcsdirs="$withval"
;;
esac
], [
# if pkg-config is installed and gskssl has installed a .pc file,
# then use that information and don't search pkcsdirs
AC_PATH_PROG(PKG_CONFIG, pkg-config)
if test x"$PKG_CONFIG" != x""; then
PKCS_LDFLAGS=`$PKG_CONFIG gskssl --libs-only-L 2>/dev/null`
if test $? = 0; then
PKCS_LIBS=`$PKG_CONFIG gskssl --libs-only-l 2>/dev/null`
PKCS_INCLUDES=`$PKG_CONFIG gskssl --cflags-only-I 2>/dev/null`
found=true
fi
fi
# no such luck; use some default pkcsdirs
if ! $found; then
pkcsdirs="/usr/lpp/pkcs11 /usr"
fi
]
)
# note that we #include <gskssl/foo.h>, so the GSK PKCS headers have to be in
# an 'gskssl' subdirectory
if ! $found; then
PKCS_INCLUDES=
for pkcsdir in $pkcsdirs; do
AC_MSG_CHECKING([for include/gskssl.h in $pkcsdir])
if test -f "$pkcsdir/include/csnpdefs.h"; then
if test -f "$pkcsdir/lib/CSNPCA64.x"; then
PKCS_INCLUDES="-I$pkcsdir/include"
PKCS_LDFLAGS="-L$pkcsdir/lib"
PKCS_LIBS="$pkcsdir/lib/CSNPCA64.x"
found=true
AC_MSG_RESULT([yes])
fi
break
else
AC_MSG_RESULT([no])
fi
done
# if the file wasn't found, well, go ahead and try the link anyway -- maybe
# it will just work!
fi
# try the preprocessor and linker with our new flags,
# being careful not to pollute the global LIBS, LDFLAGS, and CPPFLAGS
AC_MSG_CHECKING([whether compiling and linking against GSK PKCS works])
echo "Trying link with PKCS_LDFLAGS=$PKCS_LDFLAGS;" \
"PKCS_LIBS=$PKCS_LIBS; PKCS_INCLUDES=$PKCS_INCLUDES" >&AS_MESSAGE_LOG_FD
save_LIBS="$LIBS"
save_LDFLAGS="$LDFLAGS"
save_CPPFLAGS="$CPPFLAGS"
LDFLAGS="$LDFLAGS $PKCS_LDFLAGS"
LIBS="$PKCS_LIBS $LIBS"
CPPFLAGS="$PKCS_INCLUDES $CPPFLAGS"
AC_LINK_IFELSE(
AC_LANG_PROGRAM([#include <gskssl.h>], [gsk_handle env_handle;]),
[
AC_MSG_RESULT([yes])
$1
], [
AC_MSG_RESULT([no])
$2
])
CPPFLAGS="$save_CPPFLAGS"
LDFLAGS="$save_LDFLAGS"
LIBS="$save_LIBS"
AC_SUBST([PKCS_INCLUDES])
AC_SUBST([PKCS_LIBS])
AC_SUBST([PKCS_LDFLAGS])
])

+ 39
- 12
configure.ac View File

@ -8,9 +8,9 @@ AC_REVISION([$Revision$])
AS_SHELL_SANITIZE
AC_CONFIG_SRCDIR([src/netpgp.c])
AC_CONFIG_SRCDIR([src/main.c])
AC_CONFIG_AUX_DIR([buildaux])
AC_CONFIG_HEADER([src/config.h])
AC_CONFIG_HEADER([include/netpgp/config.h])
AM_INIT_AUTOMAKE([-Wall foreign])
AM_MAINTAINER_MODE
@ -25,6 +25,7 @@ AC_PROG_MAKE_SET
AC_PROG_AWK
AC_PROG_CC
AC_PROG_INSTALL
AM_PROG_AR
AC_PROG_LIBTOOL
AC_PROG_LN_S
@ -42,7 +43,7 @@ AC_PROG_AR
#
AC_MSG_CHECKING([if using gcc])
AS_IF([test "$GCC" = "yes"],
[WARNCFLAGS="-Werror -Wall -Wpointer-arith"
[WARNCFLAGS="-Wno-error -Wall -Wpointer-arith"
AC_MSG_RESULT([yes; adding to CFLAGS: "$WARNCFLAGS"])],
[WARNCFLAGS=""
AC_MSG_RESULT([no])])
@ -57,12 +58,21 @@ AC_HEADER_STDC
AC_CHECK_HEADERS([CommonCrypto/CommonDigest.h])
AC_CHECK_HEADERS([dmalloc.h direct.h errno.h fcntl.h \
inttypes.h limits.h malloc.h zlib.h])
AC_CHECK_HEADERS([sys/cdefs.h sys/file.h sys/mman.h sys/param.h \
sys/resource.h sys/uio.h])
AC_CHECK_HEADERS([bzlib.h],
[],
[AC_MSG_FAILURE([missing <bzlib.h>; is bzip2 installed?])])
AC_CHECK_HEADERS([sys/cdefs.h sys/file.h sys/mman.h\
sys/resource.h sys/uio.h])
platform_name=$(uname)
AS_IF([test "$platform_name" == "OS/390"],[
AC_MSG_NOTICE([z/OS detected... Skipping some headers])
ZLIB_FLAG="-lzz"
],[
AC_CHECK_HEADERS([sys/param.h])
AC_CHECK_HEADERS([bzlib.h], [], [
AC_MSG_FAILURE([missing <bzlib.h>; is bzip2 installed?])
])
ZLIB_FLAG="-lz"
])
AC_SUBST([ZLIB_FLAG])
# Checks for typedefs, structures, and compiler characteristics.
#
@ -75,16 +85,25 @@ AC_TYPE_UINT8_T
# check for openssl
m4_include([ax_check_openssl.m4])
m4_include([ax_check_gskssl.m4])
m4_include([ax_check_pkcs.m4])
AX_CHECK_OPENSSL([LIBS="$LIBS $OPENSSL_LDFLAGS $OPENSSL_LIBS" INCLUDES="$INCLUDES $OPENSSL_INCLUDES"],
[AC_MSG_ERROR([Missing OpenSSL])])
AX_CHECK_OPENSSL([LIBS="$LIBS $OPENSSL_LDFLAGS $OPENSSL_LIBS" INCLUDES="$INCLUDES $OPENSSL_INCLUDES" found_openssl="yes"],[found_openssl="no"])
AX_CHECK_GSKSSL([LIBS="$LIBS $GSKSSL_LDFLAGS $GSKSSL_LIBS" INCLUDES="$INCLUDES $GSKSSL_INCLUDES" found_gskssl="yes"],[found_gskssl="no"])
AX_CHECK_PKCS([LIBS="$LIBS $PKSC_LDFLAGS $PKCS_LIBS" INCLUDES="$INCLUDES $PKCS_INCLUDES" found_pkcs="yes"],[found_pkcs="no"])
AS_IF([test "$found_openssl" == "no"],[AS_IF([test "$found_gskssl" == "no"],[AC_MSG_FAILURE([No suitable SSL library found])])])
CPPFLAGS="$CPPFLAGS $INCLUDES"
AS_IF([test "$found_openssl" == "yes" ],[
AC_MSG_NOTICE([OpenSSL found])
AC_DEFINE([HAVE_OPENSSL], [1], [Use OpenSSL])
AC_CHECK_HEADERS([openssl/aes.h openssl/bn.h openssl/camellia.h openssl/cast.h \
openssl/des.h openssl/dsa.h openssl/err.h openssl/idea.h \
openssl/md5.h openssl/rand.h openssl/rsa.h openssl/sha.h \
openssl/err.h openssl/sha.h])
openssl/err.h openssl/sha.h openssl/ossl_typ.h])
AC_CHECK_TYPES([SHA256_CTX],
[],
@ -102,6 +121,14 @@ AC_CHECK_TYPES([SHA256_CTX],
#endif
]])
])
AS_IF([test "$found_gskssl" == "yes" ],[
AC_MSG_NOTICE([GSK SSL found])
AC_DEFINE([HAVE_GSKSSL], [1], [Use the SSL implementation from IBM])
AC_DEFINE([OPENSSL_NO_IDEA], [1], [Explicitely disable OPENSSL IDEA])
])
# Checks for library functions.
#
AC_SEARCH_LIBS([gzopen], [z])


+ 25
- 22
include/netpgp.h View File

@ -39,27 +39,27 @@
# endif
#endif
#include <netpgp/config.h>
#include <netpgp/keyring.h>
__BEGIN_DECLS
/* structure used to hold (key,value) pair information */
typedef struct netpgp_t {
unsigned c; /* # of elements used */
unsigned size; /* size of array */
char **name; /* key names */
char **value; /* value information */
void *pubring; /* public key ring */
void *secring; /* s3kr1t key ring */
void *io; /* the io struct for results/errs */
void *passfp; /* file pointer for password input */
unsigned c; /* # of elements used */
unsigned size; /* size of array */
char **name; /* key names */
char **value; /* value information */
pgp_keyring_t *pubring; /* public key ring */
pgp_keyring_t *secring; /* s3kr1t key ring */
void *io; /* the io struct for results/errs */
} netpgp_t;
/* begin and end */
int netpgp_init(netpgp_t *);
int netpgp_end(netpgp_t *);
const char *netpgp_get_info(const char *);
int netpgp_list_packets(netpgp_t *, char *, int, char *);
/* variables */
int netpgp_setvar(netpgp_t *, const char *, const char *);
char *netpgp_getvar(netpgp_t *, const char *);
@ -77,15 +77,18 @@ char *netpgp_get_key(netpgp_t *, const char *, const char *);
char *netpgp_export_key(netpgp_t *, char *);
int netpgp_save_secring(netpgp_t *);
int netpgp_save_pubring(netpgp_t *);
int netpgp_import_key(netpgp_t *, char *);
int netpgp_generate_key(netpgp_t *, char *, int);
/* file management */
int netpgp_encrypt_file(netpgp_t *, const char *, const char *, char *, int);
int netpgp_decrypt_file(netpgp_t *, const char *, char *, int);
int netpgp_sign_file(netpgp_t *, const char *, const char *, char *, int, int, int);
int netpgp_verify_file(netpgp_t *, const char *, const char *, int);
/* higher level functions */
pgp_memory_t * netpgp_encrypt_and_sign(
netpgp_t *netpgp,
pgp_keyring_t *rcpts,
pgp_seckey_t *seckey,
const char *ptext, size_t psize,
int do_sign,
int armour
); // encrypt and sign to multiple recipients
// TODO: Implement those
/* memory signing and encryption */
int netpgp_sign_memory(netpgp_t *, const char *, char *, size_t, char *, size_t, const unsigned, const unsigned);
int netpgp_verify_memory(netpgp_t *, const void *, const size_t, void *, size_t, const int);
@ -100,9 +103,9 @@ int netpgp_format_json(void *, const char *, const int);
int netpgp_validate_sigs(netpgp_t *);
/* save pgp key in ssh format */
int netpgp_write_sshkey(netpgp_t *, char *, const char *, char *, size_t);
// helpers
unsigned uint_to_string(const int8_t *src, char **str, unsigned len);
unsigned string_to_uint(const char *str, uint8_t **fpr, size_t *length);
__END_DECLS


+ 0
- 160
include/netpgp/config.h View File

@ -1,160 +0,0 @@
//
// config.h
// netpgp
#ifndef netpgp_config_h
#define netpgp_config_h
/* Define to 1 if you have the <bzlib.h> header file. */
#define HAVE_BZLIB_H 1
/* Define to 1 if you have the <CommonCrypto/CommonDigest.h> header file. */
#define HAVE_COMMONCRYPTO_COMMONDIGEST_H 1
/* Define to 1 if you have the <direct.h> header file. */
/* #undef HAVE_DIRECT_H */
/* Define to 1 if you have the <dlfcn.h> header file. */
#define HAVE_DLFCN_H 1
/* Define to 1 if you have the <dmalloc.h> header file. */
/* #undef HAVE_DMALLOC_H */
/* Define to 1 if you have the <errno.h> header file. */
#define HAVE_ERRNO_H 1
/* Define to 1 if you have the <fcntl.h> header file. */
#define HAVE_FCNTL_H 1
/* Define to 1 if you have the <inttypes.h> header file. */
#define HAVE_INTTYPES_H 1
/* Define to 1 if you have the <limits.h> header file. */
#define HAVE_LIMITS_H 1
/* Define to 1 if the system has the type 'long long int'. */
#define HAVE_LONG_LONG_INT 1
/* Define to 1 if you have the <malloc.h> header file. */
/* #undef HAVE_MALLOC_H */
/* Define to 1 if you have the <memory.h> header file. */
#define HAVE_MEMORY_H 1
/* Define to 1 if you have the <openssl/aes.h> header file. */
#define HAVE_OPENSSL_AES_H 1
/* Define to 1 if you have the <openssl/bn.h> header file. */
#define HAVE_OPENSSL_BN_H 1
/* Define to 1 if you have the <openssl/camellia.h> header file. */
/* #undef HAVE_OPENSSL_CAMELLIA_H */
/* Define to 1 if you have the <openssl/cast.h> header file. */
#define HAVE_OPENSSL_CAST_H 1
/* Define to 1 if you have the <openssl/des.h> header file. */
#define HAVE_OPENSSL_DES_H 1
/* Define to 1 if you have the <openssl/dsa.h> header file. */
#define HAVE_OPENSSL_DSA_H 1
/* Define to 1 if you have the <openssl/err.h> header file. */
#define HAVE_OPENSSL_ERR_H 1
/* Define to 1 if you have the <openssl/idea.h> header file. */
/* #undef HAVE_OPENSSL_IDEA_H */
/* Define to 1 if you have the <openssl/md5.h> header file. */
#define HAVE_OPENSSL_MD5_H 1
/* Define to 1 if you have the <openssl/rand.h> header file. */
#define HAVE_OPENSSL_RAND_H 1
/* Define to 1 if you have the <openssl/rsa.h> header file. */
#define HAVE_OPENSSL_RSA_H 1
/* Define to 1 if you have the <openssl/sha.h> header file. */
#define HAVE_OPENSSL_SHA_H 1
/* Define to 1 if the system has the type `SHA256_CTX'. */
#define HAVE_SHA256_CTX 1
/* Define to 1 if you have the <stdint.h> header file. */
#define HAVE_STDINT_H 1
/* Define to 1 if you have the <stdlib.h> header file. */
#define HAVE_STDLIB_H 1
/* Define to 1 if you have the <strings.h> header file. */
#define HAVE_STRINGS_H 1
/* Define to 1 if you have the <string.h> header file. */
#define HAVE_STRING_H 1
/* Define to 1 if you have the <sys/cdefs.h> header file. */
#define HAVE_SYS_CDEFS_H 1
/* Define to 1 if you have the <sys/file.h> header file. */
#define HAVE_SYS_FILE_H 1
/* Define to 1 if you have the <sys/mman.h> header file. */
#define HAVE_SYS_MMAN_H 1
/* Define to 1 if you have the <sys/param.h> header file. */
#define HAVE_SYS_PARAM_H 1
/* Define to 1 if you have the <sys/resource.h> header file. */
#define HAVE_SYS_RESOURCE_H 1
/* Define to 1 if you have the <sys/stat.h> header file. */
#define HAVE_SYS_STAT_H 1
/* Define to 1 if you have the <sys/types.h> header file. */
#define HAVE_SYS_TYPES_H 1
/* Define to 1 if you have the <sys/uio.h> header file. */
#define HAVE_SYS_UIO_H 1
/* Define to 1 if you have the <unistd.h> header file. */
#define HAVE_UNISTD_H 1
/* Define to 1 if the system has the type 'unsigned long long int'. */
#define HAVE_UNSIGNED_LONG_LONG_INT 1
/* Define to 1 if you have the <zlib.h> header file. */
#define HAVE_ZLIB_H 1
/* Define to the sub-directory where libtool stores uninstalled libraries. */
#define LT_OBJDIR ".libs/"
/* Name of package */
#define PACKAGE "netpgp"
/* Define to the address where bug reports for this package should be sent. */
#define PACKAGE_BUGREPORT " pEp NetPGP Team <netpgp@pep-project.org> "
/* Define to the full name of this package. */
#define PACKAGE_NAME "netpgp"
/* Define to the full name and version of this package. */
#define PACKAGE_STRING "netpgp beta0"
/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME "netpgp"
/* Define to the home page for this package. */
#define PACKAGE_URL ""
/* Define to the version of this package. */
#define PACKAGE_VERSION "beta0"
/* Define to 1 if you have the ANSI C header files. */
#define STDC_HEADERS 1
/* Version number of package */
#define VERSION "beta0"
#define OPENSSL_NO_IDEA 1
#endif

+ 30
- 28
include/netpgp/create.h View File

@ -65,8 +65,8 @@
* This struct contains the required information about how to write this stream
*/
struct pgp_output_t {
pgp_writer_t writer;
pgp_error_t *errors; /* error stack */
pgp_writer_t writer;
pgp_error_t *errors; /* error stack */
};
pgp_output_t *pgp_output_new(void);
@ -77,45 +77,47 @@ int pgp_filewrite(const char *, const char *, const size_t, const unsigned);
void pgp_build_pubkey(pgp_memory_t *, const pgp_pubkey_t *, unsigned);
unsigned pgp_calc_sesskey_checksum(pgp_pk_sesskey_t *, uint8_t *);
unsigned pgp_write_struct_userid(pgp_output_t *, const uint8_t *);
unsigned pgp_write_struct_userid(pgp_output_t *, const uint8_t*);
unsigned pgp_write_ss_header(pgp_output_t *, size_t, pgp_content_enum);
unsigned pgp_write_struct_seckey_ptag(const pgp_seckey_t *key,
const uint8_t *passphrase,
const size_t pplen,
pgp_output_t *output,
pgp_content_enum ptag);
unsigned pgp_write_struct_seckey(const pgp_seckey_t *,
const uint8_t *,
const size_t,
pgp_output_t *);
unsigned pgp_write_struct_seckey_ptag(const pgp_seckey_t *key, pgp_output_t *output, pgp_content_enum ptag);
unsigned pgp_write_struct_seckey(const pgp_seckey_t *, pgp_output_t *);
unsigned pgp_write_struct_pubkey(pgp_output_t *, const pgp_pubkey_t *);
unsigned pgp_write_one_pass_sig(pgp_output_t *,
const pgp_seckey_t *,
const pgp_hash_alg_t,
const pgp_sig_type_t);
const pgp_seckey_t *,
const pgp_hash_alg_t,
const pgp_sig_type_t);
unsigned pgp_write_litdata(pgp_output_t *,
const uint8_t *,
const int,
const pgp_litdata_enum);
const uint8_t *,
const int,
const pgp_litdata_enum);
pgp_pk_sesskey_t *pgp_create_pk_sesskey(pgp_key_t *, const char *, pgp_pk_sesskey_t *);
unsigned pgp_write_pk_sesskey(pgp_output_t *, pgp_pk_sesskey_t *);
unsigned pgp_write_xfer_key(pgp_output_t *output,
unsigned pgp_write_xfer_key(
pgp_output_t *output,
const pgp_key_t *key,
const unsigned armoured);
const unsigned armoured
);
void pgp_fast_create_userid(uint8_t **, uint8_t *);
unsigned pgp_write_userid(const uint8_t *, pgp_output_t *);
unsigned pgp_write_userid(const uint8_t*, pgp_output_t *);
#ifdef HAVE_OPENSSL
void pgp_fast_create_rsa_pubkey(pgp_pubkey_t *, time_t, BIGNUM *, BIGNUM *);
unsigned pgp_write_rsa_pubkey(time_t, const BIGNUM *, const BIGNUM *,
pgp_output_t *);
pgp_output_t *);
void pgp_fast_create_rsa_seckey(pgp_seckey_t *, time_t, BIGNUM *,
BIGNUM *, BIGNUM *, BIGNUM *,
BIGNUM *, BIGNUM *);
BIGNUM *, BIGNUM *, BIGNUM *,
BIGNUM *, BIGNUM *);
#endif
unsigned encode_m_buf(const uint8_t *, size_t, const pgp_pubkey_t *,
uint8_t *);
uint8_t *);
unsigned pgp_fileread_litdata(const char *, const pgp_litdata_enum,
pgp_output_t *);
unsigned pgp_write_symm_enc_data(const uint8_t *, const int,
pgp_output_t *);
pgp_output_t *);
#endif /* CREATE_H_ */

+ 172
- 150
include/netpgp/crypto.h View File

@ -53,62 +53,88 @@
#ifndef CRYPTO_H_
#define CRYPTO_H_
#include <netpgp/config.h>
#include "keyring.h"
#include "packet.h"
#include "memory.h"
#include "packet-parse.h"
#ifdef HAVE_OPENSSL_DSA_H
#include <openssl/dsa.h>
#endif
#ifdef HAVE_GSKSSL
#include <gskcms.h>
#include <csfbext.h>
#include <csnpdefs.h>
#endif
#define PGP_MIN_HASH_SIZE 16
#define PGP_MIN_HASH_SIZE 16
#if defined(HAVE_GSKSSL)
unsigned gsk_num_bits ( const gsk_buffer *bn );
#endif
/** pgp_hash_t */
struct pgp_hash_t {
pgp_hash_alg_t alg; /* algorithm */
size_t size; /* size */
const char *name; /* what it's known as */
int (*init)(pgp_hash_t *);
void (*add)(pgp_hash_t *, const uint8_t *, unsigned);
unsigned (*finish)(pgp_hash_t *, uint8_t *);
void *data; /* blob for data */
pgp_hash_alg_t alg; /* algorithm */
size_t size; /* size */
const char *name; /* what it's known as */
int (*init)(pgp_hash_t *);
void (*add)(pgp_hash_t *, const uint8_t *, unsigned);
unsigned (*finish)(pgp_hash_t *, uint8_t *);
#if defined(HAVE_OPENSSL)
void *data; /* blob for data */
#elif defined(HAVE_GSKSSL)
CK_SESSION_HANDLE *session;
#endif
};
/** pgp_crypt_t */
struct pgp_crypt_t {
pgp_symm_alg_t alg;
size_t blocksize;
size_t keysize;
void (*set_iv)(pgp_crypt_t *, const uint8_t *);
void (*set_crypt_key)(pgp_crypt_t *, const uint8_t *);
int (*base_init)(pgp_crypt_t *);
void (*decrypt_resync)(pgp_crypt_t *);
/* encrypt/decrypt one block */
void (*block_encrypt)(pgp_crypt_t *, void *, const void *);
void (*block_decrypt)(pgp_crypt_t *, void *, const void *);
/* Standard CFB encrypt/decrypt (as used by Sym Enc Int Prot packets) */
void (*cfb_encrypt)(pgp_crypt_t *, void *, const void *, size_t);
void (*cfb_decrypt)(pgp_crypt_t *, void *, const void *, size_t);
void (*decrypt_finish)(pgp_crypt_t *);
uint8_t iv[PGP_MAX_BLOCK_SIZE];
uint8_t civ[PGP_MAX_BLOCK_SIZE];
uint8_t siv[PGP_MAX_BLOCK_SIZE];
/* siv is needed for weird v3 resync */
uint8_t key[PGP_MAX_KEY_SIZE];
int num;
/* num is offset - see openssl _encrypt doco */
void *encrypt_key;
void *decrypt_key;
pgp_symm_alg_t alg;
size_t blocksize;
size_t keysize;
void (*set_iv)(pgp_crypt_t *, const uint8_t *);
void (*set_crypt_key)(pgp_crypt_t *, const uint8_t *);
int (*base_init)(pgp_crypt_t *);
void (*decrypt_resync)(pgp_crypt_t *);
/* encrypt/decrypt one block */
void (*block_encrypt)(pgp_crypt_t *, void *, const void *);
void (*block_decrypt)(pgp_crypt_t *, void *, const void *);
/* Standard CFB encrypt/decrypt (as used by Sym Enc Int Prot packets) */
void (*cfb_encrypt)(pgp_crypt_t *, void *, const void *, size_t);
void (*cfb_decrypt)(pgp_crypt_t *, void *, const void *, size_t);
void (*decrypt_finish)(pgp_crypt_t *);
uint8_t iv[PGP_MAX_BLOCK_SIZE];
uint8_t civ[PGP_MAX_BLOCK_SIZE];
uint8_t siv[PGP_MAX_BLOCK_SIZE];
/* siv is needed for weird v3 resync */
uint8_t key[PGP_MAX_KEY_SIZE];
int num;
#if defined(HAVE_OPENSSL)
/* num is offset - see openssl _encrypt doco */
void *encrypt_key;
void *decrypt_key;
#elif defined(HAVE_GSKSSL)
CK_SESSION_HANDLE session;
CK_MECHANISM mechanism;
CK_KEY_TYPE keyType;
CK_OBJECT_HANDLE encrypt_key;
CK_OBJECT_HANDLE decrypt_key;
#endif
};
typedef struct pgp_validation_t {
unsigned validc;
pgp_sig_info_t *valid_sigs;
unsigned invalidc;
pgp_sig_info_t *invalid_sigs;
unsigned unknownc;
pgp_sig_info_t *unknown_sigs;
time_t birthtime;
time_t duration;
unsigned validc;
pgp_sig_info_t *valid_sigs;
unsigned invalidc;
pgp_sig_info_t *invalid_sigs;
unsigned unknownc;
pgp_sig_info_t *unknown_sigs;
time_t birthtime;
time_t duration;
} pgp_validation_t;
void pgp_crypto_finish(void);
@ -127,18 +153,18 @@ unsigned pgp_hash(uint8_t *, pgp_hash_alg_t, const void *, size_t);
void pgp_hash_add_int(pgp_hash_t *, unsigned, unsigned);
unsigned pgp_dsa_verify(const uint8_t *, size_t,
const pgp_dsa_sig_t *,
const pgp_dsa_pubkey_t *);
const pgp_dsa_sig_t *,
const pgp_dsa_pubkey_t *);
int pgp_rsa_public_decrypt(uint8_t *, const uint8_t *, size_t,
const pgp_rsa_pubkey_t *);
const pgp_rsa_pubkey_t *);
int pgp_rsa_public_encrypt(uint8_t *, const uint8_t *, size_t,
const pgp_rsa_pubkey_t *);
const pgp_rsa_pubkey_t *);
int pgp_rsa_private_encrypt(uint8_t *, const uint8_t *, size_t,
const pgp_rsa_seckey_t *, const pgp_rsa_pubkey_t *);
const pgp_rsa_seckey_t *, const pgp_rsa_pubkey_t *);
int pgp_rsa_private_decrypt(uint8_t *, const uint8_t *, size_t,
const pgp_rsa_seckey_t *, const pgp_rsa_pubkey_t *);
const pgp_rsa_seckey_t *, const pgp_rsa_pubkey_t *);
int pgp_rsa_private_check(const pgp_seckey_t *seckey);
int pgp_dsa_private_check(const pgp_dsa_seckey_t *seckey);
int pgp_elgamal_private_check(const pgp_elgamal_seckey_t *seckey);
@ -146,16 +172,16 @@ int pgp_elgamal_private_check(const pgp_elgamal_seckey_t *seckey);
int pgp_elgamal_public_encrypt(uint8_t *, uint8_t *, const uint8_t *, size_t,
const pgp_elgamal_pubkey_t *);
const pgp_elgamal_pubkey_t *);
int pgp_elgamal_private_decrypt(uint8_t *, const uint8_t *, const uint8_t *, size_t,
const pgp_elgamal_seckey_t *, const pgp_elgamal_pubkey_t *);
const pgp_elgamal_seckey_t *, const pgp_elgamal_pubkey_t *);
pgp_symm_alg_t pgp_str_to_cipher(const char *);
unsigned pgp_block_size(pgp_symm_alg_t);
unsigned pgp_key_size(pgp_symm_alg_t);
int pgp_decrypt_data(pgp_content_enum, pgp_region_t *,
pgp_stream_t *);
pgp_stream_t *);
int pgp_crypt_any(pgp_crypt_t *, pgp_symm_alg_t);
void pgp_decrypt_init(pgp_crypt_t *);
@ -167,107 +193,107 @@ size_t pgp_encrypt_se_ip(pgp_crypt_t *, void *, const void *, size_t);
unsigned pgp_is_sa_supported(pgp_symm_alg_t);
void pgp_reader_push_decrypt(pgp_stream_t *, pgp_crypt_t *,
pgp_region_t *);
pgp_region_t *);
void pgp_reader_pop_decrypt(pgp_stream_t *);
/* Hash everything that's read */
void pgp_reader_push_hash(pgp_stream_t *, pgp_hash_t *);
void pgp_reader_pop_hash(pgp_stream_t *);
#if defined(HAVE_OPENSSL)
int pgp_decrypt_decode_mpi(uint8_t *, unsigned, const BIGNUM *,
const BIGNUM *, const pgp_seckey_t *);
const BIGNUM *, const pgp_seckey_t *);
#elif defined(HAVE_GSKSSL)
int pgp_decrypt_decode_mpi(uint8_t *, unsigned, const gsk_buffer*,
const gsk_buffer*, const pgp_seckey_t *);
#endif
unsigned pgp_rsa_encrypt_mpi(const uint8_t *, const size_t,
const pgp_pubkey_t *,
pgp_pk_sesskey_params_t *);
const pgp_pubkey_t *,
pgp_pk_sesskey_params_t *);
unsigned pgp_elgamal_encrypt_mpi(const uint8_t *, const size_t,
const pgp_pubkey_t *,
pgp_pk_sesskey_params_t *);
const pgp_pubkey_t *,
pgp_pk_sesskey_params_t *);
/* Encrypt everything that's written */
struct pgp_key_data;
void pgp_writer_push_encrypt(pgp_output_t *,
const struct pgp_key_data *);
unsigned pgp_encrypt_file(pgp_io_t *, const char *, const char *,
const pgp_key_t *,
const unsigned, const unsigned, const char *);
unsigned pgp_decrypt_file(pgp_io_t *,
const char *,
const char *,
pgp_keyring_t *,
pgp_keyring_t *,
const unsigned,
const unsigned,
const unsigned,
void *,
int,
pgp_cbfunc_t *);
const struct pgp_key_data *);
pgp_memory_t *
pgp_encrypt_buf(pgp_io_t *, const void *, const size_t,
const pgp_keyring_t *,
const unsigned, const char *, unsigned);
pgp_encrypt_buf(
pgp_io_t *,
const void *,
const size_t,
const pgp_keyring_t *,
const unsigned,
const char *,
unsigned);
pgp_memory_t *
pgp_decrypt_buf(pgp_io_t *,
const void *,
const size_t,
pgp_keyring_t *,
pgp_keyring_t *,
const unsigned,
const unsigned,
void *,
int,
pgp_cbfunc_t *);
pgp_decrypt_and_validate_buf(
netpgp_t *netpgp,
pgp_validation_t *result,
const void *input,
const size_t insize,
pgp_keyring_t *secring,
pgp_keyring_t *pubring,
const unsigned use_armour,
key_id_t **recipients_key_ids,
unsigned *recipients_count
);
pgp_memory_t *
pgp_decrypt_and_validate_buf(pgp_io_t *io,
pgp_validation_t *result,
const void *input,
const size_t insize,
pgp_keyring_t *secring,
pgp_keyring_t *pubring,
const unsigned use_armour,
pgp_validate_buf(
netpgp_t *netpgp,
pgp_validation_t *result,
const void *input,
const size_t insize,
//pgp_keyring_t *secring,
//pgp_keyring_t *pubring,
const unsigned use_armour,
key_id_t **recipients_key_ids,
unsigned *recipients_count);
unsigned *recipients_count
);
/* Keys */
pgp_key_t *pgp_rsa_new_selfsign_key(const int,
const unsigned long, uint8_t *, const char *,
const char *);
const unsigned long, uint8_t *, const char *,
const char *);
unsigned pgp_rsa_generate_keypair(pgp_key_t *,
const int,
const unsigned long,
const char *,
const char *,
const int,
const unsigned long,
const char *,
const char *,
const uint8_t *,
const size_t);
int pgp_dsa_size(const pgp_dsa_pubkey_t *);
pgp_dsa_sig_t *pgp_dsa_sign(uint8_t *, unsigned,
const pgp_dsa_seckey_t *,
const pgp_dsa_pubkey_t *);
const pgp_dsa_seckey_t *,
const pgp_dsa_pubkey_t *);
/** pgp_reader_t */
struct pgp_reader_t {
pgp_reader_func_t *reader; /* reader func to get parse data */
pgp_reader_destroyer_t *destroyer;
void *arg; /* args to pass to reader function */
unsigned accumulate:1; /* set to gather packet data */
uint8_t *accumulated; /* the accumulated data */
unsigned asize; /* size of the buffer */
unsigned alength;/* used buffer */
unsigned position; /* reader-specific offset */
pgp_reader_t *next;
pgp_stream_t *parent;/* parent parse_info structure */
pgp_reader_func_t *reader; /* reader func to get parse data */
pgp_reader_destroyer_t *destroyer;
void *arg; /* args to pass to reader function */
unsigned accumulate:1; /* set to gather packet data */
uint8_t *accumulated; /* the accumulated data */
unsigned asize; /* size of the buffer */
unsigned alength;/* used buffer */
unsigned position; /* reader-specific offset */
pgp_reader_t *next;
pgp_stream_t *parent;/* parent parse_info structure */
unsigned partial_read:1;
unsigned coalescing:1;
unsigned partial_read:1;
unsigned coalescing:1;
/* used for partial length coalescing */
unsigned virtualc;
unsigned virtualoff;
uint8_t *virtualpkt;
unsigned virtualc;
unsigned virtualoff;
uint8_t *virtualpkt;
};
@ -275,37 +301,33 @@ struct pgp_reader_t {
Encrypt/decrypt settings
*/
struct pgp_cryptinfo_t {
char *passphrase;
pgp_keyring_t *secring;
pgp_key_t *keydata;
pgp_cbfunc_t *getpassphrase;
pgp_keyring_t *pubring;
DYNARRAY(key_id_t, recipients_key_ids);
char *passphrase;
pgp_keyring_t *secring;
pgp_key_t *keydata;
pgp_keyring_t *pubring;
DYNARRAY(key_id_t, recipients_key_ids);
};
/** pgp_cbdata_t */
struct pgp_cbdata_t {
pgp_cbfunc_t *cbfunc; /* callback function */
void *arg; /* args to pass to callback func */
pgp_error_t **errors; /* address of error stack */
pgp_cbdata_t *next;
pgp_output_t *output; /* when writing out parsed info */
pgp_io_t *io; /* error/output messages */
void *passfp; /* fp for passphrase input */
pgp_cryptinfo_t cryptinfo; /* used when decrypting */
pgp_printstate_t printstate; /* used to keep printing state */
pgp_seckey_t *sshseckey; /* secret key for ssh */
int numtries; /* # of passphrase attempts */
int gotpass; /* when passphrase entered */
pgp_cbfunc_t *cbfunc; /* callback function */
void *arg; /* args to pass to callback func */
pgp_error_t **errors; /* address of error stack */
pgp_cbdata_t *next;
pgp_output_t *output; /* when writing out parsed info */
pgp_io_t *io; /* error/output messages */
pgp_cryptinfo_t cryptinfo; /* used when decrypting */
pgp_printstate_t printstate; /* used to keep printing state */
char *passphrase;
};
/** pgp_hashtype_t */
typedef struct {
pgp_hash_t hash; /* hashes we should hash data with */
uint8_t keyid[PGP_KEY_ID_SIZE];
pgp_hash_t hash; /* hashes we should hash data with */
uint8_t keyid[PGP_KEY_ID_SIZE];
} pgp_hashtype_t;
#define NTAGS 0x100 /* == 256 */
#define NTAGS 0x100 /* == 256 */
/** \brief Structure to hold information about a packet parse.
*
@ -330,21 +352,21 @@ typedef struct {
*/
struct pgp_stream_t {
uint8_t ss_raw[NTAGS / 8];
/* 1 bit / sig-subpkt type; set to get raw data */
uint8_t ss_parsed[NTAGS / 8];
/* 1 bit / sig-subpkt type; set to get parsed data */
pgp_reader_t readinfo;
pgp_cbdata_t cbinfo;
pgp_error_t *errors;
void *io; /* io streams */
pgp_crypt_t decrypt;
pgp_cryptinfo_t cryptinfo;
size_t hashc;
pgp_hashtype_t *hashes;
//unsigned reading_v3_secret:1;
//unsigned reading_mpi_len:1;
//unsigned exact_read:1;
uint8_t ss_raw[NTAGS / 8];
/* 1 bit / sig-subpkt type; set to get raw data */
uint8_t ss_parsed[NTAGS / 8];
/* 1 bit / sig-subpkt type; set to get parsed data */
pgp_reader_t readinfo;
pgp_cbdata_t cbinfo;
pgp_error_t *errors;
void *io; /* io streams */
pgp_crypt_t decrypt;
pgp_cryptinfo_t cryptinfo;
size_t hashc;
pgp_hashtype_t *hashes;
//unsigned reading_v3_secret:1;
//unsigned reading_mpi_len:1;
//unsigned exact_read:1;
};


+ 2
- 0
include/netpgp/defs.h View File

@ -32,7 +32,9 @@
#define DEFS_H_
#include <sys/types.h>
#ifdef HAVE_SYS_PARAM_H
#include <sys/param.h>
#endif
#ifdef HAVE_INTTYPES_H
#include <inttypes.h>


+ 130
- 0
include/netpgp/getopt.h View File

@ -0,0 +1,130 @@
/* Declarations for getopt.
Copyright (C) 1989-2016 Free Software Foundation, Inc.
NOTE: The canonical source of this file is maintained with the GNU C Library.
Bugs can be reported to bug-glibc@gnu.org.
GNU Make is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
Foundation; either version 3 of the License, or (at your option) any later
version.
GNU Make is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
this program. If not, see <http://www.gnu.org/licenses/>. */
#ifndef _GETOPT_H
#define _GETOPT_H 1
#ifdef __cplusplus
extern "C" {
#endif
/* For communication from `getopt' to the caller.
When `getopt' finds an option that takes an argument,
the argument value is returned here.
Also, when `ordering' is RETURN_IN_ORDER,
each non-option ARGV-element is returned here. */
extern char *optarg;
/* Index in ARGV of the next element to be scanned.
This is used for communication to and from the caller
and for communication between successive calls to `getopt'.
On entry to `getopt', zero means this is the first call; initialize.
When `getopt' returns -1, this is the index of the first of the
non-option elements that the caller should itself scan.
Otherwise, `optind' communicates from one call to the next
how much of ARGV has been scanned so far. */
extern int optind;
/* Callers store zero here to inhibit the error message `getopt' prints
for unrecognized options. */
extern int opterr;
/* Set to an option character which was unrecognized. */
extern int optopt;
/* Describe the long-named options requested by the application.
The LONG_OPTIONS argument to getopt_long or getopt_long_only is a vector
of `struct option' terminated by an element containing a name which is
zero.
The field `has_arg' is:
no_argument (or 0) if the option does not take an argument,
required_argument (or 1) if the option requires an argument,
optional_argument (or 2) if the option takes an optional argument.
If the field `flag' is not NULL, it points to a variable that is set
to the value given in the field `val' when the option is found, but
left unchanged if the option is not found.
To have a long-named option do something other than set an `int' to
a compiled-in constant, such as set a value from `optarg', set the
option's `flag' field to zero and its `val' field to a nonzero
value (the equivalent single-letter option character, if there is
one). For long options that have a zero `flag' field, `getopt'
returns the contents of the `val' field. */
struct option
{
#if defined (__STDC__) && __STDC__
const char *name;
#else
char *name;
#endif
/* has_arg can't be an enum because some compilers complain about
type mismatches in all the code that assumes it is an int. */
int has_arg;
int *flag;
int val;
};
/* Names for the values of the `has_arg' field of `struct option'. */
#define no_argument 0
#define required_argument 1
#define optional_argument 2
#if defined (__STDC__) && __STDC__
#ifdef __GNU_LIBRARY__
/* Many other libraries have conflicting prototypes for getopt, with
differences in the consts, in stdlib.h. To avoid compilation
errors, only prototype getopt for the GNU C library. */
extern int getopt (int argc, char *const *argv, const char *shortopts);
#else /* not __GNU_LIBRARY__ */
extern int getopt ();
#endif /* __GNU_LIBRARY__ */
extern int getopt_long (int argc, char *const *argv, const char *shortopts,
const struct option *longopts, int *longind);
extern int getopt_long_only (int argc, char *const *argv,
const char *shortopts,
const struct option *longopts, int *longind);
/* Internal only. Users should not call this directly. */
extern int _getopt_internal (int argc, char *const *argv,
const char *shortopts,
const struct option *longopts, int *longind,
int long_only);
#else /* not __STDC__ */
extern int getopt ();
extern int getopt_long ();
extern int getopt_long_only ();
extern int _getopt_internal ();
#endif /* __STDC__ */
#ifdef __cplusplus
}
#endif
#endif /* getopt.h */

+ 57
- 0
include/netpgp/gettext.h View File

@ -0,0 +1,57 @@
/* Convenience header for conditional use of GNU <libintl.h>.
Copyright (C) 1995-2016 Free Software Foundation, Inc.
This file is part of GNU Make.
GNU Make is free software; you can redistribute it and/or modify it under the
terms of the GNU General Public License as published by the Free Software
Foundation; either version 3 of the License, or (at your option) any later
version.
GNU Make is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
this program. If not, see <http://www.gnu.org/licenses/>. */
#ifndef _LIBGETTEXT_H
#define _LIBGETTEXT_H 1
/* NLS can be disabled through the configure --disable-nls option. */
#if ENABLE_NLS
/* Get declarations of GNU message catalog functions. */
# include <libintl.h>
#else
/* Disabled NLS.
The casts to 'const char *' serve the purpose of producing warnings
for invalid uses of the value returned from these functions.
On pre-ANSI systems without 'const', the config.h file is supposed to
contain "#define const". */
# define gettext(Msgid) ((const char *) (Msgid))
# define dgettext(Domainname, Msgid) ((const char *) (Msgid))
# define dcgettext(Domainname, Msgid, Category) ((const char *) (Msgid))
# define ngettext(Msgid1, Msgid2, N) \
((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
# define dngettext(Domainname, Msgid1, Msgid2, N) \
((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
# define dcngettext(Domainname, Msgid1, Msgid2, N, Category) \
((N) == 1 ? (const char *) (Msgid1) : (const char *) (Msgid2))
# define textdomain(Domainname) ((const char *) (Domainname))
# define bindtextdomain(Domainname, Dirname) ((const char *) (Dirname))
# define bind_textdomain_codeset(Domainname, Codeset) ((const char *) (Codeset))
#endif
/* A pseudo function call that serves as a marker for the automated
extraction of messages, but does not call gettext(). The run-time
translation is done at a different place in the code.
The argument, String, should be a literal string. Concatenated strings
and other string expressions won't work.
The macro's expansion is not parenthesized, so that it is suitable as
initializer for static 'char[]' or 'const char[]' variables. */
#define gettext_noop(String) String
#endif /* _LIBGETTEXT_H */

+ 33
- 0
include/netpgp/gskssl_glue.h View File

@ -0,0 +1,33 @@
#ifndef _GSKSSL_GLUE_H
#define _GSKSSL_GLUE_H
#include <stdio.h>
#include <stdlib.h>
#include <csnpdefs.h>
#include <gskcms.h>
#include <csfbext.h>
#include <dlfcn.h>
#define CAST_KEY_LENGTH 16
#define SHA_DIGEST_LENGTH 20
#define SHA224_DIGEST_LENGTH 28
#define MAXPATHLEN _POSIX_PATH_MAX
#define SHA384_DIGEST_LENGTH 48
#define MD5_DIGEST_LENGTH 16
#define AES_BLOCK_SIZE 16
#define CAMELLIA_BLOCK_SIZE 16
#define CAST_BLOCK 8
#define IDEA_BLOCK 8
#define IDEA_KEY_LENGTH 16
#define KEYBITS_AES128 128
#define KEYBITS_AES256 256
#define KEYBITS_CAMELLIA128 128
#define KEYBITS_CAMELLIA256 256
CK_FUNCTION_LIST *funcs;
CK_RV getSession(CK_SESSION_HANDLE *session);
CK_RV getFunctionList(void);
#endif

+ 14
- 8
include/netpgp/keyring.h View File

@ -53,9 +53,9 @@
#ifndef KEYRING_H_
#define KEYRING_H_
#include "packet.h"
#include "packet-parse.h"
#include "memory.h"
#include <netpgp/packet.h>
#include <netpgp/packet-parse.h>
#include <netpgp/memory.h>
enum {
MAX_ID_LENGTH = 128,
@ -111,21 +111,27 @@ pgp_pubkey_t *pgp_key_get_pubkey(pgp_key_t *);
unsigned pgp_is_key_secret(pgp_key_t *);
pgp_seckey_t *pgp_get_seckey(pgp_key_t *);
pgp_seckey_t *pgp_get_writable_seckey(pgp_key_t *);
// pgp_seckey_t *pgp_decrypt_seckey(const pgp_key_t *, void *);
pgp_seckey_t *pgp_decrypt_seckey(const pgp_key_t *, char *);
typedef struct netpgp_t netpgp_t;
unsigned
pgp_keyring_fileread(pgp_io_t *io,
pgp_keyring_fileread(
netpgp_t *netpgp,
pgp_keyring_t *pubring,
pgp_keyring_t *secring,
const unsigned armour,
const char *filename);
unsigned
pgp_keyring_read_from_mem(pgp_io_t *io,
pgp_keyring_read_from_mem(
netpgp_t *netpgp,
pgp_keyring_t *pubring,
pgp_keyring_t *secring,
const unsigned armour,
pgp_memory_t *mem);
pgp_memory_t *mem,
const int import
);
int pgp_keyring_list(pgp_io_t *, const pgp_keyring_t *, const int);
@ -144,6 +150,7 @@ unsigned pgp_update_userid(
// const pgp_subpacket_t *,
// unsigned );
unsigned pgp_add_selfsigned_userid(pgp_key_t *skey, pgp_key_t *pkey, const uint8_t *userid, time_t duration);
pgp_key_t *pgp_keydata_new(void);
@ -171,7 +178,6 @@ unsigned pgp_update_subkey(
pgp_keydata_key_t *subkey,
const pgp_subpacket_t *sigpkt,
pgp_sig_info_t *siginfo);
// int pgp_add_to_secring(pgp_keyring_t *, const pgp_seckey_t *);
int pgp_append_keyring(pgp_keyring_t *, pgp_keyring_t *);


+ 14
- 0
include/netpgp/netpgpdefs.h View File

@ -29,6 +29,11 @@
#ifndef NETPGPDEFS_H_
#define NETPGPDEFS_H_ 1
#include <netpgp/config.h>
#include <stdio.h>
#include <limits.h>
#define PRItime "ll"
#ifdef WIN32
@ -65,4 +70,13 @@ void *pgp_new(size_t);
} \
} while(/* CONSTCOND */0)
#ifdef HAVE_GSKSSL
#define CAST_KEY_LENGTH 16
#define SHA_DIGEST_LENGTH 20
#define SHA224_DIGEST_LENGTH 28
#define MAXPATHLEN _POSIX_PATH_MAX
#define SHA384_DIGEST_LENGTH 48
#define MD5_DIGEST_LENGTH 16
#endif
#endif /* !NETPGPDEFS_H_ */

+ 3
- 0
include/netpgp/netpgpdigest.h View File

@ -37,6 +37,9 @@
#ifdef HAVE_OPENSSL_SHA_H
#include <openssl/sha.h>
#else
#define SHA256_DIGEST_LENGTH 32
#define SHA512_DIGEST_LENGTH 64
#endif
/* Apple */


+ 1
- 3
include/netpgp/netpgpsdk.h View File

@ -41,9 +41,7 @@
void pgp_validate_result_free(pgp_validation_t *);
unsigned
pgp_validate_all_sigs(pgp_validation_t *,
const pgp_keyring_t *,
pgp_cb_ret_t cb(const pgp_packet_t *, pgp_cbdata_t *));
pgp_validate_all_sigs(pgp_validation_t *, const pgp_keyring_t *, pgp_cb_ret_t cb(const pgp_packet_t *, pgp_cbdata_t *));
unsigned pgp_check_sig(const uint8_t *,
unsigned, const pgp_sig_t *, const pgp_pubkey_t *);


+ 1
- 1
include/netpgp/packet-parse.h View File

@ -134,7 +134,7 @@ pgp_cb_ret_t pgp_stacked_callback(const pgp_packet_t *,
pgp_cbdata_t *);
pgp_reader_t *pgp_readinfo(pgp_stream_t *);
int pgp_parse(pgp_stream_t *, const int);
int pgp_parse(pgp_stream_t *, const int, const int);
/** Used to specify whether subpackets should be returned raw, parsed
* or ignored. */


+ 655
- 531
include/netpgp/packet.h
File diff suppressed because it is too large
View File


+ 1
- 1
include/netpgp/readerwriter.h View File

@ -55,7 +55,7 @@
#include "memory.h"
/* if this is defined, we'll use mmap in preference to file ops */
#define USE_MMAP_FOR_FILES 1
#define USE_MMAP_FOR_FILES 1
void pgp_reader_set_fd(pgp_stream_t *, int);
void pgp_reader_set_mmap(pgp_stream_t *, int);


+ 5
- 2
include/netpgp/signature.h View File

</