1
0
mirror of git://git.gnupg.org/gnupg.git synced 2024-11-09 21:28:51 +01:00
gnupg/common/openpgpdefs.h

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

252 lines
9.5 KiB
C
Raw Normal View History

/* openpgpdefs.h - Constants from the OpenPGP standard (rfc2440)
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005,
* 2006 Free Software Foundation, Inc.
* Copyright (C) 2014 Werner Koch
*
* This file is free software; you can redistribute it and/or modify
* it under the terms of either
*
* - the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 3 of the License, or (at
* your option) any later version.
*
* or
*
* - the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* or both in parallel, as here.
*
* This file is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <https://www.gnu.org/licenses/>.
*/
#ifndef GNUPG_COMMON_OPENPGPDEFS_H
#define GNUPG_COMMON_OPENPGPDEFS_H
typedef enum
{
PKT_NONE = 0,
PKT_PUBKEY_ENC = 1, /* Public key encrypted packet. */
PKT_SIGNATURE = 2, /* Secret key encrypted packet. */
PKT_SYMKEY_ENC = 3, /* Session key packet. */
PKT_ONEPASS_SIG = 4, /* One pass sig packet. */
PKT_SECRET_KEY = 5, /* Secret key. */
PKT_PUBLIC_KEY = 6, /* Public key. */
PKT_SECRET_SUBKEY = 7, /* Secret subkey. */
PKT_COMPRESSED = 8, /* Compressed data packet. */
PKT_ENCRYPTED = 9, /* Conventional encrypted data. */
PKT_MARKER = 10, /* Marker packet. */
PKT_PLAINTEXT = 11, /* Literal data packet. */
PKT_RING_TRUST = 12, /* Keyring trust packet. */
PKT_USER_ID = 13, /* User id packet. */
PKT_PUBLIC_SUBKEY = 14, /* Public subkey. */
PKT_OLD_COMMENT = 16, /* Comment packet from an OpenPGP draft. */
PKT_ATTRIBUTE = 17, /* PGP's attribute packet. */
PKT_ENCRYPTED_MDC = 18, /* Integrity protected encrypted data. */
PKT_MDC = 19, /* Manipulation detection code packet. */
gpg: First take on PKT_ENCRYPTED_AEAD. * common/openpgpdefs.h (PKT_ENCRYPTED_AEAD): New const. * g10/dek.h (DEK): Increase size of use_aead to 4 bits. * g10/filter.h (cipher_filter_context_t): Add new fields for AEAD. * g10/packet.h (PKT_encrypted): Add fields aead_algo, cipher_algo, and chunkbyte. * g10/build-packet.c (do_encrypted_aead): New. (build_packet): Call it. * g10/parse-packet.c (dump_sig_subpkt): Handle SIGSUBPKT_PREF_AEAD. (parse_one_sig_subpkt, can_handle_critical): Ditto. (parse_encrypted): Clear new PKT_ENCRYPTED fields. (parse_encrypted_aead): New. (parse): Call it. * g10/gpg.c (main): Take care of --rfc4880bis option when checking compliance. * g10/cipher-aead.c: Replace the stub by real code. * g10/decrypt-data.c (decode_filter_ctx_t): Add fields for use with AEAD. (aead_set_nonce): New. (aead_set_ad): New. (decrypt_data): Support AEAD. (aead_underflow): New. (aead_decode_filter): New. * g10/encrypt.c (use_aead): Make that new fucntion work. (encrypt_simple): Use default_aead_algo() instead of EAX. * g10/mainproc.c (proc_encrypted): Support AEAD. (do_proc_packets): Support PKT_ENCRYPTED_AEAD. -- This code has seen only a very few manual tests. Encrypting always uses a 64k chunks and decryption has not been tested with larger chunks. Those small chunks make debugging much faster. Tests can be done using: gpg --rfc4880bis --pinentry-mode=loopback --passphrase abc \ --force-aead --aead-algo ocb --s2k-mode 0 --cipher AES \ -v -z 0 --status-fd 2 -c <INFILE >OUTFILE and gpg --rfc4880bis --pinentry-mode=loopback --passphrase=abc \ --status-fd 2 -v -d <INFILE >OUTFILE Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-21 16:24:43 +01:00
PKT_ENCRYPTED_AEAD= 20, /* AEAD encrypted data packet. */
PKT_COMMENT = 61, /* new comment packet (GnuPG specific). */
PKT_GPG_CONTROL = 63 /* internal control packet (GnuPG specific). */
}
pkttype_t;
static inline const char *
pkttype_str (pkttype_t type)
{
switch (type)
{
case PKT_PUBKEY_ENC: return "PUBKEY_ENC";
case PKT_SIGNATURE: return "SIGNATURE";
case PKT_SYMKEY_ENC: return "SYMKEY_ENC";
case PKT_ONEPASS_SIG: return "ONEPASS_SIG";
case PKT_SECRET_KEY: return "SECRET_KEY";
case PKT_PUBLIC_KEY: return "PUBLIC_KEY";
case PKT_SECRET_SUBKEY: return "SECRET_SUBKEY";
case PKT_COMPRESSED: return "COMPRESSED";
case PKT_ENCRYPTED: return "ENCRYPTED";
case PKT_MARKER: return "MARKER";
case PKT_PLAINTEXT: return "PLAINTEXT";
case PKT_RING_TRUST: return "RING_TRUST";
case PKT_USER_ID: return "USER_ID";
case PKT_PUBLIC_SUBKEY: return "PUBLIC_SUBKEY";
case PKT_OLD_COMMENT: return "OLD_COMMENT";
case PKT_ATTRIBUTE: return "ATTRIBUTE";
case PKT_ENCRYPTED_MDC: return "ENCRYPTED_MDC";
case PKT_MDC: return "MDC";
case PKT_COMMENT: return "COMMENT";
case PKT_GPG_CONTROL: return "GPG_CONTROL";
default: return "unknown packet type";
}
}
typedef enum
{
SIGSUBPKT_TEST_CRITICAL = -3,
SIGSUBPKT_LIST_UNHASHED = -2,
SIGSUBPKT_LIST_HASHED = -1,
SIGSUBPKT_NONE = 0,
SIGSUBPKT_SIG_CREATED = 2, /* Signature creation time. */
SIGSUBPKT_SIG_EXPIRE = 3, /* Signature expiration time. */
SIGSUBPKT_EXPORTABLE = 4, /* Exportable. */
SIGSUBPKT_TRUST = 5, /* Trust signature. */
SIGSUBPKT_REGEXP = 6, /* Regular expression. */
SIGSUBPKT_REVOCABLE = 7, /* Revocable. */
SIGSUBPKT_KEY_EXPIRE = 9, /* Key expiration time. */
SIGSUBPKT_ARR = 10, /* Additional recipient request. */
SIGSUBPKT_PREF_SYM = 11, /* Preferred symmetric algorithms. */
SIGSUBPKT_REV_KEY = 12, /* Revocation key. */
SIGSUBPKT_ISSUER = 16, /* Issuer key ID. */
SIGSUBPKT_NOTATION = 20, /* Notation data. */
SIGSUBPKT_PREF_HASH = 21, /* Preferred hash algorithms. */
SIGSUBPKT_PREF_COMPR = 22, /* Preferred compression algorithms. */
SIGSUBPKT_KS_FLAGS = 23, /* Key server preferences. */
SIGSUBPKT_PREF_KS = 24, /* Preferred keyserver. */
SIGSUBPKT_PRIMARY_UID = 25, /* Primary user id. */
SIGSUBPKT_POLICY = 26, /* Policy URL. */
SIGSUBPKT_KEY_FLAGS = 27, /* Key flags. */
SIGSUBPKT_SIGNERS_UID = 28, /* Signer's user id. */
SIGSUBPKT_REVOC_REASON = 29, /* Reason for revocation. */
SIGSUBPKT_FEATURES = 30, /* Feature flags. */
SIGSUBPKT_SIGNATURE = 32, /* Embedded signature. */
SIGSUBPKT_ISSUER_FPR = 33, /* Issuer fingerprint. */
SIGSUBPKT_PREF_AEAD = 34, /* Preferred AEAD algorithms. */
SIGSUBPKT_ATTST_SIGS = 37, /* Attested Certifications. */
gpg: New option --include-key-block. * common/openpgpdefs.h (SIGSUBPKT_KEY_BLOCK): New. * g10/gpg.c (oIncludeKeyBlock): New. (opts): New option --include-key-block. (main): Implement. * g10/options.h (opt): New flag include_key_block. * g10/parse-packet.c (dump_sig_subpkt): Support SIGSUBPKT_KEY_BLOCK. (parse_one_sig_subpkt): Ditto. (can_handle_critical): Ditto. * g10/sign.c (mk_sig_subpkt_key_block): New. (write_signature_packets): Call it for data signatures. -- This patch adds support for a to be proposed OpenPGP ferature: Introduce the Key Block subpacket to align OpenPGP with CMS. This new subpacket may be used similar to the CertificateSet of CMS (RFC-5652) and thus allows to start encrypted communication after having received a signed message. In practice a stripped down version of the key should be including having only the key material and the self-signatures which are really useful and shall be used by the recipient to reply encrypted. #### Key Block (1 octet with value 0, N octets of key data) This subpacket MAY be used to convey key data along with a signature of class 0x00, 0x01, or 0x02. It MUST contain the key used to create the signature; either as the primary key or as a subkey. The key SHOULD contain a primary or subkey capable of encryption and the entire key must be a valid OpenPGP key including at least one User ID packet and the corresponding self-signatures. Implementations MUST ignore this subpacket if the first octet does not have a value of zero or if the key data does not represent a valid transferable public key. GnuPG-bug-id: 4856 Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-13 13:28:35 +01:00
SIGSUBPKT_KEY_BLOCK = 38, /* Entire key used. */
SIGSUBPKT_META_HASH = 40, /* Literal Data Meta Hash. */
SIGSUBPKT_TRUST_ALIAS = 41, /* Trust Alias. */
SIGSUBPKT_FLAG_CRITICAL = 128
}
sigsubpkttype_t;
typedef enum
{
CIPHER_ALGO_NONE = 0,
CIPHER_ALGO_IDEA = 1,
CIPHER_ALGO_3DES = 2,
CIPHER_ALGO_CAST5 = 3,
CIPHER_ALGO_BLOWFISH = 4, /* 128 bit */
/* 5 & 6 are reserved */
CIPHER_ALGO_AES = 7,
CIPHER_ALGO_AES192 = 8,
CIPHER_ALGO_AES256 = 9,
CIPHER_ALGO_TWOFISH = 10, /* 256 bit */
CIPHER_ALGO_CAMELLIA128 = 11,
CIPHER_ALGO_CAMELLIA192 = 12,
CIPHER_ALGO_CAMELLIA256 = 13,
CIPHER_ALGO_PRIVATE10 = 110
}
cipher_algo_t;
gpg: First take on PKT_ENCRYPTED_AEAD. * common/openpgpdefs.h (PKT_ENCRYPTED_AEAD): New const. * g10/dek.h (DEK): Increase size of use_aead to 4 bits. * g10/filter.h (cipher_filter_context_t): Add new fields for AEAD. * g10/packet.h (PKT_encrypted): Add fields aead_algo, cipher_algo, and chunkbyte. * g10/build-packet.c (do_encrypted_aead): New. (build_packet): Call it. * g10/parse-packet.c (dump_sig_subpkt): Handle SIGSUBPKT_PREF_AEAD. (parse_one_sig_subpkt, can_handle_critical): Ditto. (parse_encrypted): Clear new PKT_ENCRYPTED fields. (parse_encrypted_aead): New. (parse): Call it. * g10/gpg.c (main): Take care of --rfc4880bis option when checking compliance. * g10/cipher-aead.c: Replace the stub by real code. * g10/decrypt-data.c (decode_filter_ctx_t): Add fields for use with AEAD. (aead_set_nonce): New. (aead_set_ad): New. (decrypt_data): Support AEAD. (aead_underflow): New. (aead_decode_filter): New. * g10/encrypt.c (use_aead): Make that new fucntion work. (encrypt_simple): Use default_aead_algo() instead of EAX. * g10/mainproc.c (proc_encrypted): Support AEAD. (do_proc_packets): Support PKT_ENCRYPTED_AEAD. -- This code has seen only a very few manual tests. Encrypting always uses a 64k chunks and decryption has not been tested with larger chunks. Those small chunks make debugging much faster. Tests can be done using: gpg --rfc4880bis --pinentry-mode=loopback --passphrase abc \ --force-aead --aead-algo ocb --s2k-mode 0 --cipher AES \ -v -z 0 --status-fd 2 -c <INFILE >OUTFILE and gpg --rfc4880bis --pinentry-mode=loopback --passphrase=abc \ --status-fd 2 -v -d <INFILE >OUTFILE Signed-off-by: Werner Koch <wk@gnupg.org>
2018-01-21 16:24:43 +01:00
/* Note that we encode the AEAD algo in a 3 bit field at some places. */
typedef enum
{
AEAD_ALGO_NONE = 0,
AEAD_ALGO_EAX = 1,
AEAD_ALGO_OCB = 2
}
aead_algo_t;
typedef enum
{
PUBKEY_ALGO_RSA = 1,
PUBKEY_ALGO_RSA_E = 2, /* RSA encrypt only (legacy). */
PUBKEY_ALGO_RSA_S = 3, /* RSA sign only (legacy). */
/*PUBKEY_ALGO_KYBER = 8, Kyber (FIPS-203 final) */
PUBKEY_ALGO_ELGAMAL_E = 16, /* Elgamal encrypt only. */
PUBKEY_ALGO_DSA = 17,
PUBKEY_ALGO_ECDH = 18, /* RFC-6637 */
PUBKEY_ALGO_ECDSA = 19, /* RFC-6637 */
PUBKEY_ALGO_ELGAMAL = 20, /* Elgamal encrypt+sign (legacy). */
/* 21 reserved by OpenPGP. */
PUBKEY_ALGO_EDDSA = 22, /* EdDSA. */
gpg: Initial support for generating Kyber subkeys. * common/openpgpdefs.h (PUBKEY_ALGO_KY768_25519): Remove. (PUBKEY_ALGO_KY1024_448): Remove. (PUBKEY_ALGO_KYBER): New. Use them everywhere instead of the removed. * g10/build-packet.c (gpg_mpi_write_nohdr): Rename to (gpg_mpi_write_opaque_nohdr): this. Change callers. (gpg_mpi_write_opaque_32): New. (do_key): Support Kyber keys using the revised format. * g10/gpg.h (MAX_EXTERN_KEYPARM_BITS): New. * g10/parse-packet.c (read_octet_string): Add arg nbytes so support reading with a length prefix. Adjust callers. (parse_key): Parse Kyber public keys. * g10/misc.c (pubkey_get_npkey): Support Kyber. (pubkey_get_nskey): Ditto. * g10/keyid.c (pubkey_string): Support dual algorithms. (do_hash_public_key): Support Kyber. (nbits_from_pk): Ditto. (keygrip_from_pk): Return the Kyber part for the ECC+Kyber dual algo. * g10/keygen.c (struct common_gen_cb_parm_s): Add genkey_result2. Note that this callback is not yet used. (ecckey_from_sexp): Add optional arg sexp2 and use it for Kyber. Change callers. (ecckey_from_sexp): Do not leak LIST in case of an error. (common_gen): Add arg keyparms2, change callers, and support Kyber. (gen_kyber): New. (get_keysize_range): Support Kyber. (fixup_keysize): Simplify and support Kyber. (do_create): Handle Kyber. (parse_key_parameter_part): Remove algo strings "ky768" and "ky1024" and add a generic "kyber" with default parameters. -- This uses a revised format which is more aligned with the usual OpenPGP structure. A lot of things are still missing. For example support for handling two keygrips and checking both of them in a -K listing. There is also only ky768_bp384 as fixed algorithm for now. No passphrase for the Kyber part of the dual algorithm is on purpose. A test was done using gpg --quick-gen-key pqc1 nistp256 and then running gpg -v --quick-add-key <fingerprint> kyber which creates a v5 subkey on a v4 primary key. A second test using gpg --quick-gen-key pqc2 Ed448 followed by a --quick-add-key created a v5 key with a v5 subkey. GnuPG-bug-id: 6815
2024-04-03 18:00:44 +02:00
PUBKEY_ALGO_KYBER = 29, /* Kyber */
PUBKEY_ALGO_DIL3_25519 = 35, /* Dilithium3 + Ed25519 (aka ML-DSA-65) */
PUBKEY_ALGO_DIL5_448 = 36, /* Dilithium5 + Ed448 (aka ML-DSA-87) */
PUBKEY_ALGO_SPHINX_SHA2 = 41, /* SPHINX+-simple-SHA2 (aka SLH-DSA-SHA2) */
PUBKEY_ALGO_PRIVATE10 = 110
}
pubkey_algo_t;
typedef enum
{
DIGEST_ALGO_MD5 = 1,
DIGEST_ALGO_SHA1 = 2,
DIGEST_ALGO_RMD160 = 3,
/* 4, 5, 6, and 7 are reserved. */
DIGEST_ALGO_SHA256 = 8,
DIGEST_ALGO_SHA384 = 9,
DIGEST_ALGO_SHA512 = 10,
DIGEST_ALGO_SHA224 = 11,
DIGEST_ALGO_PRIVATE10 = 110
}
digest_algo_t;
typedef enum
{
COMPRESS_ALGO_NONE = 0,
COMPRESS_ALGO_ZIP = 1,
COMPRESS_ALGO_ZLIB = 2,
COMPRESS_ALGO_BZIP2 = 3,
COMPRESS_ALGO_PRIVATE10 = 110
}
compress_algo_t;
/* Limits to be used for static arrays. */
#define OPENPGP_MAX_NPKEY 5 /* Maximum number of public key parameters. */
#define OPENPGP_MAX_NSKEY 7 /* Maximum number of secret key parameters. */
#define OPENPGP_MAX_NSIG 2 /* Maximum number of signature parameters. */
#define OPENPGP_MAX_NENC 4 /* Maximum number of encryption parameters. */
/* Decode an rfc4880 encoded S2K count. */
#define S2K_DECODE_COUNT(_val) ((16ul + ((_val) & 15)) << (((_val) >> 4) + 6))
/*-- openpgp-s2k.c --*/
unsigned char encode_s2k_iterations (int iterations);
/*-- openpgp-fpr.c --*/
gpg_error_t compute_openpgp_fpr (int keyversion, int pgpalgo,
unsigned long timestamp,
gcry_buffer_t *iov, int iovcnt,
unsigned char *result,
unsigned int *r_resultlen);
gpg_error_t compute_openpgp_fpr_rsa (int keyversion,
unsigned long timestamp,
const unsigned char *m, unsigned int mlen,
const unsigned char *e, unsigned int elen,
unsigned char *result,
unsigned int *r_resultlen);
gpg_error_t compute_openpgp_fpr_ecc (int keyversion,
unsigned long timestamp,
const char *curvename, int for_encryption,
const unsigned char *q, unsigned int qlen,
const unsigned char *kdf,
unsigned int kdflen,
unsigned char *result,
unsigned int *r_resultlen);
/*-- openpgp-oid.c --*/
pubkey_algo_t map_gcry_pk_to_openpgp (enum gcry_pk_algos algo);
enum gcry_pk_algos map_openpgp_pk_to_gcry (pubkey_algo_t algo);
#endif /*GNUPG_COMMON_OPENPGPDEFS_H*/