summaryrefslogtreecommitdiffstats
path: root/contrib/pgcrypto/pgp.h
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-04 12:15:05 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-04 12:15:05 +0000
commit46651ce6fe013220ed397add242004d764fc0153 (patch)
tree6e5299f990f88e60174a1d3ae6e48eedd2688b2b /contrib/pgcrypto/pgp.h
parentInitial commit. (diff)
downloadpostgresql-14-46651ce6fe013220ed397add242004d764fc0153.tar.xz
postgresql-14-46651ce6fe013220ed397add242004d764fc0153.zip
Adding upstream version 14.5.upstream/14.5upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'contrib/pgcrypto/pgp.h')
-rw-r--r--contrib/pgcrypto/pgp.h327
1 files changed, 327 insertions, 0 deletions
diff --git a/contrib/pgcrypto/pgp.h b/contrib/pgcrypto/pgp.h
new file mode 100644
index 0000000..f338523
--- /dev/null
+++ b/contrib/pgcrypto/pgp.h
@@ -0,0 +1,327 @@
+/*
+ * pgp.h
+ * OpenPGP implementation.
+ *
+ * Copyright (c) 2005 Marko Kreen
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * contrib/pgcrypto/pgp.h
+ */
+
+#include "lib/stringinfo.h"
+
+#include "mbuf.h"
+#include "px.h"
+
+enum PGP_S2K_TYPE
+{
+ PGP_S2K_SIMPLE = 0,
+ PGP_S2K_SALTED = 1,
+ PGP_S2K_ISALTED = 3
+};
+
+enum PGP_PKT_TYPE
+{
+ PGP_PKT_RESERVED = 0,
+ PGP_PKT_PUBENCRYPTED_SESSKEY = 1,
+ PGP_PKT_SIGNATURE = 2,
+ PGP_PKT_SYMENCRYPTED_SESSKEY = 3,
+ PGP_PKT_SECRET_KEY = 5,
+ PGP_PKT_PUBLIC_KEY = 6,
+ PGP_PKT_SECRET_SUBKEY = 7,
+ PGP_PKT_COMPRESSED_DATA = 8,
+ PGP_PKT_SYMENCRYPTED_DATA = 9,
+ PGP_PKT_MARKER = 10,
+ PGP_PKT_LITERAL_DATA = 11,
+ PGP_PKT_TRUST = 12,
+ PGP_PKT_USER_ID = 13,
+ PGP_PKT_PUBLIC_SUBKEY = 14,
+ PGP_PKT_USER_ATTR = 17,
+ PGP_PKT_SYMENCRYPTED_DATA_MDC = 18,
+ PGP_PKT_MDC = 19,
+ PGP_PKT_PRIV_61 = 61 /* occurs in gpg secring */
+};
+
+enum PGP_PUB_ALGO_TYPE
+{
+ PGP_PUB_RSA_ENCRYPT_SIGN = 1,
+ PGP_PUB_RSA_ENCRYPT = 2,
+ PGP_PUB_RSA_SIGN = 3,
+ PGP_PUB_ELG_ENCRYPT = 16,
+ PGP_PUB_DSA_SIGN = 17
+};
+
+enum PGP_SYMENC_TYPE
+{
+ PGP_SYM_PLAIN = 0, /* ?? */
+ PGP_SYM_IDEA = 1, /* obsolete, PGP 2.6 compat */
+ PGP_SYM_DES3 = 2, /* must */
+ PGP_SYM_CAST5 = 3, /* should */
+ PGP_SYM_BLOWFISH = 4,
+ PGP_SYM_SAFER_SK128 = 5, /* obsolete */
+ PGP_SYM_DES_SK = 6, /* obsolete */
+ PGP_SYM_AES_128 = 7, /* should */
+ PGP_SYM_AES_192 = 8,
+ PGP_SYM_AES_256 = 9,
+ PGP_SYM_TWOFISH = 10
+};
+
+enum PGP_COMPR_TYPE
+{
+ PGP_COMPR_NONE = 0, /* must */
+ PGP_COMPR_ZIP = 1, /* should */
+ PGP_COMPR_ZLIB = 2,
+ PGP_COMPR_BZIP2 = 3
+};
+
+enum PGP_DIGEST_TYPE
+{
+ PGP_DIGEST_MD5 = 1, /* should, deprecated */
+ PGP_DIGEST_SHA1 = 2, /* must */
+ PGP_DIGEST_RIPEMD160 = 3,
+ PGP_DIGEST_XSHA = 4, /* obsolete */
+ PGP_DIGEST_MD2 = 5, /* obsolete */
+ PGP_DIGEST_TIGER192 = 6, /* obsolete */
+ PGP_DIGEST_HAVAL5_160 = 7, /* obsolete */
+ PGP_DIGEST_SHA256 = 8,
+ PGP_DIGEST_SHA384 = 9,
+ PGP_DIGEST_SHA512 = 10
+};
+
+#define PGP_MAX_KEY (256/8)
+#define PGP_MAX_BLOCK (256/8)
+#define PGP_MAX_DIGEST (512/8)
+#define PGP_S2K_SALT 8
+
+typedef struct PGP_MPI PGP_MPI;
+typedef struct PGP_PubKey PGP_PubKey;
+typedef struct PGP_Context PGP_Context;
+typedef struct PGP_S2K PGP_S2K;
+
+struct PGP_S2K
+{
+ uint8 mode;
+ uint8 digest_algo;
+ uint8 salt[8];
+ uint8 iter; /* encoded (one-octet) count */
+ /* calculated: */
+ uint8 key[PGP_MAX_KEY];
+ uint8 key_len;
+};
+
+
+struct PGP_Context
+{
+ /*
+ * parameters
+ */
+ PGP_S2K s2k;
+ int s2k_mode;
+ int s2k_count; /* 4-byte decoded count */
+ int s2k_digest_algo;
+ int s2k_cipher_algo;
+ int cipher_algo;
+ int compress_algo;
+ int compress_level;
+ int disable_mdc;
+ int use_sess_key;
+ int text_mode;
+ int convert_crlf;
+ int unicode_mode;
+
+ /*
+ * internal variables
+ */
+ int mdc_checked;
+ int corrupt_prefix; /* prefix failed RFC 4880 "quick check" */
+ int unsupported_compr; /* has bzip2 compression */
+ int unexpected_binary; /* binary data seen in text_mode */
+ int in_mdc_pkt;
+ int use_mdcbuf_filter;
+ PX_MD *mdc_ctx;
+
+ PGP_PubKey *pub_key; /* ctx owns it */
+ const uint8 *sym_key; /* ctx does not own it */
+ int sym_key_len;
+
+ /*
+ * read or generated data
+ */
+ uint8 sess_key[PGP_MAX_KEY];
+ unsigned sess_key_len;
+};
+
+/* from RFC 4880 3.7.1.3 */
+#define s2k_decode_count(cval) \
+ (((unsigned) 16 + (cval & 15)) << ((cval >> 4) + 6))
+
+struct PGP_MPI
+{
+ uint8 *data;
+ int bits;
+ int bytes;
+};
+
+struct PGP_PubKey
+{
+ uint8 ver;
+ uint8 time[4];
+ uint8 algo;
+
+ /* public part */
+ union
+ {
+ struct
+ {
+ PGP_MPI *p;
+ PGP_MPI *g;
+ PGP_MPI *y;
+ } elg;
+ struct
+ {
+ PGP_MPI *n;
+ PGP_MPI *e;
+ } rsa;
+ struct
+ {
+ PGP_MPI *p;
+ PGP_MPI *q;
+ PGP_MPI *g;
+ PGP_MPI *y;
+ } dsa;
+ } pub;
+
+ /* secret part */
+ union
+ {
+ struct
+ {
+ PGP_MPI *x;
+ } elg;
+ struct
+ {
+ PGP_MPI *d;
+ PGP_MPI *p;
+ PGP_MPI *q;
+ PGP_MPI *u;
+ } rsa;
+ struct
+ {
+ PGP_MPI *x;
+ } dsa;
+ } sec;
+
+ uint8 key_id[8];
+ int can_encrypt;
+};
+
+int pgp_init(PGP_Context **ctx);
+int pgp_encrypt(PGP_Context *ctx, MBuf *src, MBuf *dst);
+int pgp_decrypt(PGP_Context *ctx, MBuf *src, MBuf *dst);
+int pgp_free(PGP_Context *ctx);
+
+int pgp_get_digest_code(const char *name);
+int pgp_get_cipher_code(const char *name);
+const char *pgp_get_digest_name(int code);
+const char *pgp_get_cipher_name(int code);
+
+int pgp_set_cipher_algo(PGP_Context *ctx, const char *name);
+int pgp_set_s2k_mode(PGP_Context *ctx, int type);
+int pgp_set_s2k_count(PGP_Context *ctx, int count);
+int pgp_set_s2k_cipher_algo(PGP_Context *ctx, const char *name);
+int pgp_set_s2k_digest_algo(PGP_Context *ctx, const char *name);
+int pgp_set_convert_crlf(PGP_Context *ctx, int doit);
+int pgp_disable_mdc(PGP_Context *ctx, int disable);
+int pgp_set_sess_key(PGP_Context *ctx, int use);
+int pgp_set_compress_algo(PGP_Context *ctx, int algo);
+int pgp_set_compress_level(PGP_Context *ctx, int level);
+int pgp_set_text_mode(PGP_Context *ctx, int mode);
+int pgp_set_unicode_mode(PGP_Context *ctx, int mode);
+int pgp_get_unicode_mode(PGP_Context *ctx);
+
+int pgp_set_symkey(PGP_Context *ctx, const uint8 *key, int klen);
+int pgp_set_pubkey(PGP_Context *ctx, MBuf *keypkt,
+ const uint8 *key, int klen, int pubtype);
+
+int pgp_get_keyid(MBuf *pgp_data, char *dst);
+
+/* internal functions */
+
+int pgp_load_digest(int c, PX_MD **res);
+int pgp_load_cipher(int c, PX_Cipher **res);
+int pgp_get_cipher_key_size(int c);
+int pgp_get_cipher_block_size(int c);
+
+int pgp_s2k_fill(PGP_S2K *s2k, int mode, int digest_algo, int count);
+int pgp_s2k_read(PullFilter *src, PGP_S2K *s2k);
+int pgp_s2k_process(PGP_S2K *s2k, int cipher, const uint8 *key, int klen);
+
+typedef struct PGP_CFB PGP_CFB;
+int pgp_cfb_create(PGP_CFB **ctx_p, int algo,
+ const uint8 *key, int key_len, int resync, uint8 *iv);
+void pgp_cfb_free(PGP_CFB *ctx);
+int pgp_cfb_encrypt(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst);
+int pgp_cfb_decrypt(PGP_CFB *ctx, const uint8 *data, int len, uint8 *dst);
+
+void pgp_armor_encode(const uint8 *src, unsigned len, StringInfo dst,
+ int num_headers, char **keys, char **values);
+int pgp_armor_decode(const uint8 *src, int len, StringInfo dst);
+int pgp_extract_armor_headers(const uint8 *src, unsigned len,
+ int *nheaders, char ***keys, char ***values);
+
+int pgp_compress_filter(PushFilter **res, PGP_Context *ctx, PushFilter *dst);
+int pgp_decompress_filter(PullFilter **res, PGP_Context *ctx, PullFilter *src);
+
+int pgp_key_alloc(PGP_PubKey **pk_p);
+void pgp_key_free(PGP_PubKey *pk);
+int _pgp_read_public_key(PullFilter *pkt, PGP_PubKey **pk_p);
+
+int pgp_parse_pubenc_sesskey(PGP_Context *ctx, PullFilter *pkt);
+int pgp_create_pkt_reader(PullFilter **pf_p, PullFilter *src, int len,
+ int pkttype, PGP_Context *ctx);
+int pgp_parse_pkt_hdr(PullFilter *src, uint8 *tag, int *len_p,
+ int allow_ctx);
+
+int pgp_skip_packet(PullFilter *pkt);
+int pgp_expect_packet_end(PullFilter *pkt);
+
+int pgp_write_pubenc_sesskey(PGP_Context *ctx, PushFilter *dst);
+int pgp_create_pkt_writer(PushFilter *dst, int tag, PushFilter **res_p);
+
+int pgp_mpi_alloc(int bits, PGP_MPI **mpi);
+int pgp_mpi_create(uint8 *data, int bits, PGP_MPI **mpi);
+int pgp_mpi_free(PGP_MPI *mpi);
+int pgp_mpi_read(PullFilter *src, PGP_MPI **mpi);
+int pgp_mpi_write(PushFilter *dst, PGP_MPI *n);
+int pgp_mpi_hash(PX_MD *md, PGP_MPI *n);
+unsigned pgp_mpi_cksum(unsigned cksum, PGP_MPI *n);
+
+int pgp_elgamal_encrypt(PGP_PubKey *pk, PGP_MPI *m,
+ PGP_MPI **c1, PGP_MPI **c2);
+int pgp_elgamal_decrypt(PGP_PubKey *pk, PGP_MPI *c1, PGP_MPI *c2,
+ PGP_MPI **m);
+int pgp_rsa_encrypt(PGP_PubKey *pk, PGP_MPI *m, PGP_MPI **c);
+int pgp_rsa_decrypt(PGP_PubKey *pk, PGP_MPI *c, PGP_MPI **m);
+
+extern struct PullFilterOps pgp_decrypt_filter;