packet.h

Go to the documentation of this file.

/*
 * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
 * All rights reserved.
 * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
 * their moral rights under the UK Copyright Design and Patents Act 1988 to
 * be recorded as the authors of this copyright work.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not
 * use this file except in compliance with the License. 
 * 
 * You may obtain a copy of the License at 
 *     http://www.apache.org/licenses/LICENSE-2.0 
 * 
 * Unless required by applicable law or agreed to in writing, software 
 * distributed under the License is distributed on an "AS IS" BASIS, 
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
 * 
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#ifndef OPS_PACKET_H
#define OPS_PACKET_H

#include "configure.h"

#include <time.h>
#include <openssl/bn.h>
#include <openssl/sha.h>
#include "types.h"
#include "errors.h"

typedef struct
    {
    size_t len;
    unsigned char *contents;
    } ops_data_t;

/************************************/
/* Packet Tags - RFC4880, 4.2 */
/************************************/

#define OPS_PTAG_ALWAYS_SET             0x80

#define OPS_PTAG_NEW_FORMAT             0x40


#define OPS_PTAG_OF_CONTENT_TAG_MASK    0x3c

#define OPS_PTAG_OF_CONTENT_TAG_SHIFT   2

#define OPS_PTAG_OF_LENGTH_TYPE_MASK    0x03


typedef enum
    {
    OPS_PTAG_OF_LT_ONE_BYTE             =0x00, 
    OPS_PTAG_OF_LT_TWO_BYTE             =0x01, 
    OPS_PTAG_OF_LT_FOUR_BYTE            =0x02, 
    OPS_PTAG_OF_LT_INDETERMINATE        =0x03  
    } ops_ptag_of_lt_t;


#define OPS_PTAG_NF_CONTENT_TAG_MASK    0x3f

#define OPS_PTAG_NF_CONTENT_TAG_SHIFT   0


typedef struct
    {
    const char *error; 
    } ops_parser_error_t;

typedef struct
    {
    ops_errcode_t errcode;
    } ops_parser_errcode_t;

typedef struct
    {
    unsigned            new_format;     
    unsigned            content_tag;    
    ops_ptag_of_lt_t    length_type;    
    unsigned            length;           /* XXX: Ben, is this correct? */
    unsigned            position;       
    } ops_ptag_t;

typedef enum
    {
    OPS_PKA_RSA                 =1,     
    OPS_PKA_RSA_ENCRYPT_ONLY    =2,     
    OPS_PKA_RSA_SIGN_ONLY       =3,     
    OPS_PKA_ELGAMAL             =16,    
    OPS_PKA_DSA                 =17,    
    OPS_PKA_RESERVED_ELLIPTIC_CURVE     =18,    
    OPS_PKA_RESERVED_ECDSA              =19,    
    OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN     =20,    
    OPS_PKA_RESERVED_DH                 =21,    
    OPS_PKA_PRIVATE00           =100,   
    OPS_PKA_PRIVATE01           =101,   
    OPS_PKA_PRIVATE02           =102,   
    OPS_PKA_PRIVATE03           =103,   
    OPS_PKA_PRIVATE04           =104,   
    OPS_PKA_PRIVATE05           =105,   
    OPS_PKA_PRIVATE06           =106,   
    OPS_PKA_PRIVATE07           =107,   
    OPS_PKA_PRIVATE08           =108,   
    OPS_PKA_PRIVATE09           =109,   
    OPS_PKA_PRIVATE10           =110,   
    } ops_public_key_algorithm_t;

typedef struct
    {
    BIGNUM *p;  
    BIGNUM *q;  
    BIGNUM *g;  
    BIGNUM *y;  
    } ops_dsa_public_key_t;

typedef struct
    {
    BIGNUM *n;  
    BIGNUM *e;  
    } ops_rsa_public_key_t;

typedef struct
    {
    BIGNUM *p;  
    BIGNUM *g;  
    BIGNUM *y;  
    } ops_elgamal_public_key_t;

typedef union
    {
    ops_dsa_public_key_t        dsa;            
    ops_rsa_public_key_t        rsa;            
    ops_elgamal_public_key_t    elgamal;        
    } ops_public_key_union_t;

typedef enum
    {
    OPS_V2=2,   /*<! Version 2 (essentially the same as v3) */
    OPS_V3=3,   /*<! Version 3 */
    OPS_V4=4,   /*<! Version 4 */
    } ops_version_t;

typedef struct
    {
    ops_version_t               version;        
    time_t                      creation_time;  
    unsigned                    days_valid;     
    ops_public_key_algorithm_t  algorithm;      
    ops_public_key_union_t      key;            
    } ops_public_key_t;

typedef struct
    {
    BIGNUM *d;
    BIGNUM *p;
    BIGNUM *q;
    BIGNUM *u;
    } ops_rsa_secret_key_t;

typedef struct
    {
    BIGNUM *x;
    } ops_dsa_secret_key_t;

typedef struct
    {
    ops_rsa_secret_key_t rsa;
    ops_dsa_secret_key_t dsa;
    } ops_secret_key_union_t;

typedef enum
    {
    OPS_S2KU_NONE=0,
    OPS_S2KU_ENCRYPTED_AND_HASHED=254,
    OPS_S2KU_ENCRYPTED=255,
    } ops_s2k_usage_t;

typedef enum
    {
    OPS_S2KS_SIMPLE=0,
    OPS_S2KS_SALTED=1,
    OPS_S2KS_ITERATED_AND_SALTED=3
    } ops_s2k_specifier_t;

typedef enum
    {
    OPS_SA_PLAINTEXT    =0, 
    OPS_SA_IDEA         =1, 
    OPS_SA_TRIPLEDES    =2, 
    OPS_SA_CAST5        =3, 
    OPS_SA_BLOWFISH     =4, 
    OPS_SA_AES_128      =7, 
    OPS_SA_AES_192      =8, 
    OPS_SA_AES_256      =9, 
    OPS_SA_TWOFISH      =10, 
    OPS_SA_CAMELLIA_128 =11, 
    OPS_SA_CAMELLIA_192 =12, 
    OPS_SA_CAMELLIA_256 =13, 
    } ops_symmetric_algorithm_t;

typedef enum
    {
    OPS_HASH_UNKNOWN    =-1,    
    OPS_HASH_MD5        = 1,    
    OPS_HASH_SHA1       = 2,    
    OPS_HASH_RIPEMD     = 3,    
    OPS_HASH_SHA256     = 8,    
    OPS_HASH_SHA384     = 9,    
    OPS_HASH_SHA512     =10,    
    OPS_HASH_SHA224 = 11,   
    } ops_hash_algorithm_t;

// Maximum block size for symmetric crypto
#define OPS_MAX_BLOCK_SIZE      16

// Maximum key size for symmetric crypto
#define OPS_MAX_KEY_SIZE        32

// Salt size for hashing
#define OPS_SALT_SIZE           8

// Hash size for secret key check
#define OPS_CHECKHASH_SIZE      20

// SHA1 Hash Size \todo is this the same as OPS_CHECKHASH_SIZE??
#define OPS_SHA1_HASH_SIZE              SHA_DIGEST_LENGTH
#define OPS_SHA256_HASH_SIZE    SHA256_DIGEST_LENGTH

// Max hash size
#define OPS_MAX_HASH_SIZE       64

typedef struct
    {
    ops_public_key_t            public_key;
    ops_s2k_usage_t             s2k_usage;
    ops_s2k_specifier_t         s2k_specifier;
    ops_symmetric_algorithm_t   algorithm;  // the algorithm used to encrypt
                                            // the key
    ops_hash_algorithm_t        hash_algorithm;
    unsigned char               salt[OPS_SALT_SIZE];
    unsigned                    octet_count;
    unsigned char               iv[OPS_MAX_BLOCK_SIZE];
    ops_secret_key_union_t      key;
    unsigned                    checksum;
    unsigned char               checkhash[OPS_CHECKHASH_SIZE];
    } ops_secret_key_t;

typedef struct
    {
    ops_data_t data; /*<! Trust Packet */
    } ops_trust_t;
        
typedef struct
    {
    unsigned char *user_id;     
    } ops_user_id_t;

typedef struct
    {
    ops_data_t data; 
    } ops_user_attribute_t;

typedef enum
    {
    OPS_SIG_BINARY      =0x00,  /*<! Signature of a binary document */
    OPS_SIG_TEXT        =0x01,  /*<! Signature of a canonical text document */
    OPS_SIG_STANDALONE  =0x02,  /*<! Standalone signature */

    OPS_CERT_GENERIC    =0x10,  /*<! Generic certification of a User ID and Public Key packet */
    OPS_CERT_PERSONA    =0x11,  /*<! Persona certification of a User ID and Public Key packet */
    OPS_CERT_CASUAL     =0x12,  /*<! Casual certification of a User ID and Public Key packet */
    OPS_CERT_POSITIVE   =0x13,  /*<! Positive certification of a User ID and Public Key packet */

    OPS_SIG_SUBKEY      =0x18,  /*<! Subkey Binding Signature */
    OPS_SIG_PRIMARY     =0x19,  /*<! Primary Key Binding Signature */
    OPS_SIG_DIRECT      =0x1f,  /*<! Signature directly on a key */

    OPS_SIG_REV_KEY     =0x20,  /*<! Key revocation signature */
    OPS_SIG_REV_SUBKEY  =0x28,  /*<! Subkey revocation signature */
    OPS_SIG_REV_CERT    =0x30,  /*<! Certification revocation signature */

    OPS_SIG_TIMESTAMP   =0x40,  /*<! Timestamp signature */

    OPS_SIG_3RD_PARTY   =0x50,  /*<! Third-Party Confirmation signature */
    } ops_sig_type_t;

typedef struct
    {
    BIGNUM                      *sig;   
    } ops_rsa_signature_t;

typedef struct
    {
    BIGNUM                      *r;     
    BIGNUM                      *s;     
    } ops_dsa_signature_t;

typedef struct
    {
    BIGNUM                      *r;
    BIGNUM                      *s;
    } ops_elgamal_signature_t;

typedef struct
    {
    ops_data_t  data;
    } ops_unknown_signature_t;

typedef union
    {
    ops_rsa_signature_t         rsa;    
    ops_dsa_signature_t         dsa;    
    ops_elgamal_signature_t     elgamal; /* deprecated */
    ops_unknown_signature_t     unknown; /* private or experimental */
    } ops_signature_union_t;

#define OPS_KEY_ID_SIZE         8

typedef struct
    {
    ops_version_t               version;        
    ops_sig_type_t              type;           
    time_t                      creation_time;  
    unsigned char               signer_id[OPS_KEY_ID_SIZE];     
    ops_public_key_algorithm_t  key_algorithm;  
    ops_hash_algorithm_t        hash_algorithm; 
    ops_signature_union_t       signature;      
    size_t                      v4_hashed_data_length;
    unsigned char*              v4_hashed_data;
    ops_boolean_t               creation_time_set:1;
    ops_boolean_t               signer_id_set:1;
    } ops_signature_info_t;

typedef struct
    {
    ops_signature_info_t        info; 
    /* The following fields are only used while parsing the signature */
    unsigned char               hash2[2];       
    size_t                      v4_hashed_data_start; /* only valid if accumulate is set */
    ops_hash_t                  *hash;          
    } ops_signature_t;

typedef struct
    {
    ops_content_tag_t           tag;
    size_t                      length;
    unsigned char               *raw;
    } ops_ss_raw_t;

typedef struct
    {
    unsigned char               level;  /*<! Trust Level */
    unsigned char               amount; /*<! Amount */
    } ops_ss_trust_t;

typedef struct
        {
        ops_boolean_t   revocable;
        } ops_ss_revocable_t;
        
typedef struct
    {
    time_t                      time;
    } ops_ss_time_t;

typedef struct
    {
    unsigned char               key_id[OPS_KEY_ID_SIZE];
    } ops_ss_key_id_t;

typedef struct
    {
    ops_data_t flags;
    ops_data_t name;
    ops_data_t value;
    } ops_ss_notation_data_t;

typedef struct
    {
    ops_data_t data;
    } ops_ss_userdefined_t;

typedef struct
    {
    ops_data_t data;
    } ops_ss_unknown_t;

typedef struct
    {
    ops_data_t data;
    /* Note that value 0 may represent the plaintext algorithm
       so we cannot expect data->contents to be a null-terminated list */
    } ops_ss_preferred_ska_t;

typedef struct
    {
    ops_data_t data;
    } ops_ss_preferred_hash_t;

typedef struct
    {
    ops_data_t data;
    } ops_ss_preferred_compression_t;

typedef struct
    {
    ops_data_t data;
    } ops_ss_key_flags_t;

typedef struct
    {
    ops_data_t data;
    } ops_ss_key_server_prefs_t;

typedef struct
    {
    ops_data_t data;
    } ops_ss_features_t;

typedef struct
    {
    ops_public_key_algorithm_t pka_alg;
    ops_hash_algorithm_t hash_alg;
    ops_data_t hash;
    } ops_ss_signature_target_t;
    
typedef struct
    {
    ops_data_t sig;
    } ops_ss_embedded_signature_t;

typedef struct
    {
    size_t                      length;
    unsigned char               *raw;
    } ops_packet_t;

typedef enum
    {
    OPS_C_NONE=0,
    OPS_C_ZIP=1,
    OPS_C_ZLIB=2,
    OPS_C_BZIP2=3,
    } ops_compression_type_t;

/* unlike most structures, this will feed its data as a stream
 * to the application instead of directly including it */
typedef struct
    {
    ops_compression_type_t      type;
    } ops_compressed_t;

typedef struct
    {
    unsigned char               version;
    ops_sig_type_t              sig_type;
    ops_hash_algorithm_t        hash_algorithm;
    ops_public_key_algorithm_t  key_algorithm;
    unsigned char               keyid[OPS_KEY_ID_SIZE];
    ops_boolean_t               nested;
    } ops_one_pass_signature_t;

typedef struct
    {
    ops_boolean_t       primary_user_id;
    } ops_ss_primary_user_id_t;

typedef struct
    {
    char *text;
    } ops_ss_regexp_t;

typedef struct
    {
    char *text;
    } ops_ss_policy_url_t;

typedef struct
    {
    char *text;
    } ops_ss_preferred_key_server_t;

typedef struct
    {
    unsigned char clss;  /* class - name changed for C++ */
    unsigned char algid;
    unsigned char fingerprint[20];
    } ops_ss_revocation_key_t;

typedef struct
    {
    unsigned char code;
    char *text;
    } ops_ss_revocation_reason_t;

typedef enum
    {
    OPS_LDT_BINARY='b',
    OPS_LDT_TEXT='t',
    OPS_LDT_UTF8='u',
    OPS_LDT_LOCAL='l',
    OPS_LDT_LOCAL2='1'
    } ops_literal_data_type_t;

typedef struct
    {
    ops_literal_data_type_t             format;
    char                        filename[256];
    time_t                      modification_time;
    } ops_literal_data_header_t;

typedef struct
    {
    unsigned                    length;
    unsigned char               *data;
    } ops_literal_data_body_t;

typedef struct
    {
    unsigned char               data[20]; // size of SHA1 hash
    } ops_mdc_t;

typedef struct
    {
    char *key;
    char *value;
    } ops_armoured_header_value_t;

typedef struct
    {
    ops_armoured_header_value_t *headers;
    unsigned nheaders;
    } ops_headers_t;

typedef struct
    {
    const char *type;
    ops_headers_t headers;
    } ops_armour_header_t;

typedef struct
    {
    const char *type;
    } ops_armour_trailer_t;

typedef struct
    {
    ops_headers_t headers;
    } ops_signed_cleartext_header_t;

typedef struct
    {
    unsigned                    length;
    unsigned char               *data;
    } ops_signed_cleartext_body_t;

typedef struct
    {
    struct _ops_hash_t          *hash;  
    } ops_signed_cleartext_trailer_t;

typedef struct
    {
    unsigned                    length;
    unsigned char               *data;
    } ops_unarmoured_text_t;

typedef enum
    {
    SE_IP_DATA_VERSION=1
    } ops_se_ip_data_version_t;

typedef enum
    {
    OPS_PKSK_V3=3
    } ops_pk_session_key_version_t;

typedef struct
    {
    BIGNUM                      *encrypted_m;
    BIGNUM                      *m;
    } ops_pk_session_key_parameters_rsa_t;

typedef struct
    {
    BIGNUM                      *g_to_k;
    BIGNUM                      *encrypted_m;
    } ops_pk_session_key_parameters_elgamal_t;

typedef union
    {
    ops_pk_session_key_parameters_rsa_t         rsa;
    ops_pk_session_key_parameters_elgamal_t     elgamal;
    } ops_pk_session_key_parameters_t;

typedef struct
    {
    ops_pk_session_key_version_t version;
    unsigned char               key_id[OPS_KEY_ID_SIZE];
    ops_public_key_algorithm_t  algorithm;
    ops_pk_session_key_parameters_t parameters;
    ops_symmetric_algorithm_t   symmetric_algorithm;
    unsigned char               key[OPS_MAX_KEY_SIZE];
    unsigned short              checksum;
    } ops_pk_session_key_t;

typedef struct
    {
    const ops_secret_key_t     *secret_key;
    char                       **passphrase; /* point somewhere that gets filled in to work around constness of content */
    } ops_secret_key_passphrase_t;

typedef enum
    {
    OPS_SE_IP_V1=1
    } ops_se_ip_version_t;

typedef struct
    {
    ops_se_ip_version_t         version;
    } ops_se_ip_data_header_t;

typedef struct
    {
    unsigned                    length;
    unsigned char*              data; // \todo remember to free this
    } ops_se_ip_data_body_t;

typedef struct
    {
    unsigned                    length;
    unsigned char               data[8192]; // \todo parameterise this!
    } ops_se_data_body_t;

typedef struct
    {
    const ops_secret_key_t      **secret_key;
    const ops_pk_session_key_t *pk_session_key;
    } ops_get_secret_key_t;

typedef union
    {
    ops_parser_error_t          error;
    ops_parser_errcode_t        errcode;
    ops_ptag_t                  ptag;
    ops_public_key_t            public_key;
    ops_trust_t                 trust;
    ops_user_id_t               user_id;
    ops_user_attribute_t        user_attribute;
    ops_signature_t             signature;
    ops_ss_raw_t                ss_raw;
    ops_ss_trust_t              ss_trust;
    ops_ss_revocable_t          ss_revocable;
    ops_ss_time_t               ss_time;
    ops_ss_key_id_t             ss_issuer_key_id;
    ops_ss_notation_data_t      ss_notation_data;
    ops_packet_t                packet;
    ops_compressed_t            compressed;
    ops_one_pass_signature_t    one_pass_signature;
    ops_ss_preferred_ska_t      ss_preferred_ska;
    ops_ss_preferred_hash_t     ss_preferred_hash;
    ops_ss_preferred_compression_t     ss_preferred_compression;
    ops_ss_key_flags_t          ss_key_flags;
    ops_ss_key_server_prefs_t   ss_key_server_prefs;
    ops_ss_primary_user_id_t    ss_primary_user_id;
    ops_ss_regexp_t             ss_regexp;
    ops_ss_policy_url_t         ss_policy_url;
    ops_ss_preferred_key_server_t       ss_preferred_key_server;
    ops_ss_revocation_key_t     ss_revocation_key;
    ops_ss_userdefined_t        ss_userdefined;
    ops_ss_unknown_t            ss_unknown;
    ops_literal_data_header_t   literal_data_header;
    ops_literal_data_body_t     literal_data_body;
        ops_mdc_t                               mdc;
    ops_ss_features_t           ss_features;
    ops_ss_signature_target_t ss_signature_target;
    ops_ss_embedded_signature_t ss_embedded_signature;
    ops_ss_revocation_reason_t  ss_revocation_reason;
    ops_secret_key_t            secret_key;
    ops_user_id_t               ss_signers_user_id;
    ops_armour_header_t         armour_header;
    ops_armour_trailer_t        armour_trailer;
    ops_signed_cleartext_header_t signed_cleartext_header;
    ops_signed_cleartext_body_t signed_cleartext_body;
    ops_signed_cleartext_trailer_t signed_cleartext_trailer;
    ops_unarmoured_text_t       unarmoured_text;
    ops_pk_session_key_t        pk_session_key;
    ops_secret_key_passphrase_t secret_key_passphrase;
    ops_se_ip_data_header_t     se_ip_data_header;
    ops_se_ip_data_body_t       se_ip_data_body;
    ops_se_data_body_t          se_data_body;
    ops_get_secret_key_t        get_secret_key;
    } ops_parser_content_union_t;

struct ops_parser_content_t
    {
    ops_content_tag_t           tag;
    unsigned char               critical; /* for signature subpackets */
    ops_parser_content_union_t  content;
    };

typedef struct
    {
    unsigned char               fingerprint[20];
    unsigned                    length;
    } ops_fingerprint_t;

void ops_init(void);
void ops_finish(void);
void ops_keyid(unsigned char keyid[OPS_KEY_ID_SIZE],
               const ops_public_key_t *key);
void ops_fingerprint(ops_fingerprint_t *fp, const ops_public_key_t *key);
void ops_public_key_free(ops_public_key_t *key);
void ops_public_key_copy(ops_public_key_t *dst, const ops_public_key_t *src);
void ops_user_id_free(ops_user_id_t *id);
void ops_user_attribute_free(ops_user_attribute_t *att);
void ops_signature_free(ops_signature_t *sig);
void ops_trust_free(ops_trust_t *trust);
void ops_ss_preferred_ska_free(ops_ss_preferred_ska_t *ss_preferred_ska);
void ops_ss_preferred_hash_free(ops_ss_preferred_hash_t *ss_preferred_hash);
void ops_ss_preferred_compression_free(ops_ss_preferred_compression_t *ss_preferred_compression);
void ops_ss_key_flags_free(ops_ss_key_flags_t *ss_key_flags);
void ops_ss_key_server_prefs_free(ops_ss_key_server_prefs_t *ss_key_server_prefs);
void ops_ss_features_free(ops_ss_features_t *ss_features);
void ops_ss_notation_data_free(ops_ss_notation_data_t *ss_notation_data);
void ops_ss_policy_url_free(ops_ss_policy_url_t *ss_policy_url);
void ops_ss_preferred_key_server_free(ops_ss_preferred_key_server_t *ss_preferred_key_server);
void ops_ss_regexp_free(ops_ss_regexp_t *ss_regexp);
void ops_ss_userdefined_free(ops_ss_userdefined_t *ss_userdefined);
void ops_ss_reserved_free(ops_ss_unknown_t *ss_unknown);
void ops_ss_revocation_reason_free(ops_ss_revocation_reason_t *ss_revocation_reason);
void ops_ss_signature_target_free(ops_ss_signature_target_t *ss_signature_target);
void ops_ss_embedded_signature_free(ops_ss_embedded_signature_t *ss_embedded_signature);

void ops_packet_free(ops_packet_t *packet);
void ops_parser_content_free(ops_parser_content_t *c);
void ops_secret_key_free(ops_secret_key_t *key);
void ops_secret_key_copy(ops_secret_key_t *dst, const ops_secret_key_t *src);
void ops_pk_session_key_free(ops_pk_session_key_t *sk);

/* vim:set textwidth=120: */
/* vim:set ts=8: */

#endif

---