1
0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-17 14:07:03 +01:00
gnupg/g13/keyblob.h

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

163 lines
6.2 KiB
C
Raw Normal View History

2009-09-30 15:28:38 +00:00
/* keyblob.h - Defs to describe a keyblob
* Copyright (C) 2009 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
* GnuPG is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* GnuPG is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <https://www.gnu.org/licenses/>.
2009-09-30 15:28:38 +00:00
*/
#ifndef G13_KEYBLOB_H
#define G13_KEYBLOB_H
/* The setup area (header block) is the actual core of G13. Here is
the format:
2009-09-30 15:28:38 +00:00
u8 Packet type. Value is 61 (0x3d).
u8 Constant value 255 (0xff).
u32 Length of the following structure
b10 Value: "GnuPG/G13\x00".
u8 Version. Value is 1.
u8 reserved
u8 reserved
u8 OS Flag: 0 = unspecified, 1 = Linux
2009-09-30 15:28:38 +00:00
u32 Length of the entire header. This includes all bytes
starting at the packet type and ending with the last
padding byte of the header.
u8 Number of copies of this header (1..255).
u8 Number of copies of this header at the end of the
2009-09-30 15:28:38 +00:00
container (usually 0).
b6 reserved
n bytes: OpenPGP encrypted and optionally signed keyblob.
n bytes: CMS encrypted and optionally signed keyblob. Such a CMS
packet will be enclosed in a private flagged OpenPGP
2009-09-30 15:28:38 +00:00
packet. Either the OpenPGP encrypted packet as described
above, the CMS encrypted or both packets must exist. The
encapsulation packet has this structure:
u8 Packet type. Value is 61 (0x3d).
u8 Constant value 255 (0xff).
u32 Length of the following structure
b10 Value: "GnuPG/CMS\x00".
b(n) Regular CMS structure.
n bytes: Padding. The structure resembles an OpenPGP packet.
u8 Packet type. Value is 61 (0x3d).
u8 Constant value 255 (0xff).
u32 Length of the following structure
b10 Value: "GnuPG/PAD\x00".
b(n) Padding stuff.
(repeat the above value
or if the remaining N < 10, all 0x00).
2009-09-30 15:28:38 +00:00
Given this structure the minimum padding is 16 bytes.
2009-09-30 15:28:38 +00:00
n bytes: File system container.
(optionally followed by copies on the header).
*/
#define KEYBLOB_TAG_BLOBVERSION 0
/* This tag is used to describe the version of the keyblob. It must
be the first tag in a keyblob and may only occur once. Its value
is a single byte giving the blob version. The only defined version
is 1. */
2009-09-30 15:28:38 +00:00
#define KEYBLOB_TAG_CONTTYPE 1
/* This tag gives the type of the container. The value is a two byte
big endian integer giving the type of the container as described by
the CONTTYPE_ constants. */
#define KEYBLOB_TAG_DETACHED 2
/* Indicates that the actual storage is not in the same file as the
keyblob. If a value is given it is expected to be the GUID of the
partition. */
#define KEYBLOB_TAG_CREATED 3
/* This is an ISO 8601 time string with the date the container was
created. */
#define KEYBLOB_TAG_CONT_NSEC 7
/* Number of 512-byte sectors of the entire container including all
copies of the setup area. */
#define KEYBLOB_TAG_ENC_NSEC 8
#define KEYBLOB_TAG_ENC_OFF 9
/* Number of 512-byte sectors used for the encrypted data and its
start offset in 512-byte sectors from the begin of the container.
Note that these information can also be deduced from the
unencrypted part of the setup area. */
#define KEYBLOB_TAG_ALGOSTR 10
/* For a dm-crypt container this is the used algorithm string. For
example: "aes-cbc-essiv:sha256". */
2009-09-30 15:28:38 +00:00
#define KEYBLOB_TAG_KEYNO 16
/* This tag indicates a new key. The value is a 4 byte big endian
integer giving the key number. If the container type does only
need one key this key number should be 0. */
#define KEYBLOB_TAG_ENCALGO 17
/* Describes the algorithm of the key. It must follow a KEYNO tag.
The value is a 2 byte big endian algorithm number. The algorithm
numbers used are those from Libgcrypt (e.g. AES 128 is described by
the value 7). This tag is optional. */
#define KEYBLOB_TAG_ENCKEY 18
/* This tag gives the actual encryption key. It must follow a KEYNO
tag. The value is the plain key. */
#define KEYBLOB_TAG_MACALGO 19
/* Describes the MAC algorithm. It must follow a KEYNO tag. The
value is a 2 byte big endian algorithm number describing the MAC
algorithm with a value of 1 indicating HMAC. It is followed by
data specific to the MAC algorithm. In case of HMAC this data is a
2 byte big endian integer with the Libgcrypt algorithm id of the
hash algorithm. */
#define KEYBLOB_TAG_MACKEY 20
/* This tag gives the actual MACing key. It must follow a KEYNO tag.
The value is the key used for MACing. */
#define KEYBLOB_TAG_HDRCOPY 21
/* The value of this tag is a copy of the setup area prefix header
block (packet 61 with marker "GnuPG/G13\x00". We use it to allow
signing of that cleartext data. */
2009-09-30 15:28:38 +00:00
#define KEYBLOB_TAG_FILLER 0xffff
/* This tag may be used for alignment and padding purposes. The value
2009-09-30 15:28:38 +00:00
has no meaning. */
#define CONTTYPE_ENCFS 1
/* A EncFS based backend. This requires a whole directory which
includes the encrypted files. Metadata is not encrypted. */
2015-09-09 15:14:20 +02:00
#define CONTTYPE_DM_CRYPT 2
/* A DM-Crypt based backend. */
2009-09-30 15:28:38 +00:00
#define CONTTYPE_TRUECRYPT 21571
/* A Truecrypt (www.truecrypt.org) based container. Due to the design
of truecrypt this requires a second datafile because it is not
2015-09-09 15:14:20 +02:00
possible to prepend a truecrypt container with our keyblob. */
2009-09-30 15:28:38 +00:00
g13: Add commands --suspend and --remove. * g13/g13.c (aSuspend, aResume): New. (opts): Add commands --suspend and --resume. (main): Implement dummy command aUmount. Implement commands aResume and aSuspend. * g13/sh-cmd.c (cmd_suspend): New. (cmd_resume): New. (register_commands): Add commands RESUME and SUSPEND. * g13/server.c (cmd_suspend): New. (cmd_resume): New. (register_commands): Add commands RESUME and SUSPEND. * g13/be-dmcrypt.c (be_dmcrypt_suspend_container): New. (be_dmcrypt_resume_container): New. * g13/backend.c (be_suspend_container): New. (be_resume_container): New. * g13/suspend.c, g13/suspend.h: New. * g13/mount.c (parse_header, read_keyblob_prefix, read_keyblob) (decrypt_keyblob, g13_is_container): Move to ... * g13/keyblob.c: new file. (keyblob_read): Rename to g13_keyblob_read and make global. (keyblob_decrypt): Rename to g13_keyblob_decrypt and make global. * g13/sh-dmcrypt.c (check_blockdev): Add arg expect_busy. (sh_dmcrypt_suspend_container): New. (sh_dmcrypt_resume_container): New. * g13/call-syshelp.c (call_syshelp_run_suspend): New. (call_syshelp_run_resume): New. -- The --suspend command can be used before a hibernate operation to make the encrypted partition inaccessible and wipe the key from the memory. Before --suspend is called a sync(1) should be run to make sure that their are no dirty buffers (dmsetup, as called by g13, actually does this for you but it does not harm to do it anyway. After the partition has been suspended a echo 3 >proc/sys/vm/drop_caches required to flush all caches which may still have content from the encrypted partition. The --resume command reverses the effect of the suspend but to do this it needs to decrypt again. Now, if the .gnupg directory lives on the encrypted partition this will be problematic because due to the suspend all processes accessing data on the encrypted partition will be put into an uninterruptible sleep (ps(1) shows a state of 'D'). This needs to be avoided. A workaround is to have a separate GnuPG home directory (say, "~/.gnupg-fallback") with only the public keys required to decrypt the partition along with a properly setup conf files. A GNUPGHOME=$(pwd)/.gnupg-fallback g13 --resume should then be able to resume the encrypted partition using the private key stored on a smartcard. The implementation is pretty basic right now but useful to me. Signed-off-by: Werner Koch <wk@gnupg.org>
2016-02-23 14:32:46 +01:00
/*-- keyblob.c --*/
gpg_error_t g13_is_container (ctrl_t ctrl, const char *filename);
gpg_error_t g13_keyblob_read (const char *filename,
void **r_enckeyblob, size_t *r_enckeybloblen);
2009-09-30 15:28:38 +00:00
#endif /*G13_KEYBLOB_H*/