pgp 11 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469
  1. #------------------------------------------------------------------------------
  2. # $File: pgp,v 1.10 2014/10/14 16:50:37 christos Exp $
  3. # pgp: file(1) magic for Pretty Good Privacy
  4. # see http://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html
  5. #
  6. 0 beshort 0x9900 PGP key public ring
  7. !:mime application/x-pgp-keyring
  8. 0 beshort 0x9501 PGP key security ring
  9. !:mime application/x-pgp-keyring
  10. 0 beshort 0x9500 PGP key security ring
  11. !:mime application/x-pgp-keyring
  12. 0 beshort 0xa600 PGP encrypted data
  13. #!:mime application/pgp-encrypted
  14. #0 string -----BEGIN\040PGP text/PGP armored data
  15. !:mime text/PGP # encoding: armored data
  16. #>15 string PUBLIC\040KEY\040BLOCK- public key block
  17. #>15 string MESSAGE- message
  18. #>15 string SIGNED\040MESSAGE- signed message
  19. #>15 string PGP\040SIGNATURE- signature
  20. 2 string ---BEGIN\ PGP\ PUBLIC\ KEY\ BLOCK- PGP public key block
  21. !:mime application/pgp-keys
  22. >10 search/100 \n\n
  23. >>&0 use pgp
  24. 0 string -----BEGIN\040PGP\40MESSAGE- PGP message
  25. !:mime application/pgp
  26. >10 search/100 \n\n
  27. >>&0 use pgp
  28. 0 string -----BEGIN\040PGP\40SIGNATURE- PGP signature
  29. !:mime application/pgp-signature
  30. >10 search/100 \n\n
  31. >>&0 use pgp
  32. # Decode the type of the packet based on it's base64 encoding.
  33. # Idea from Mark Martinec
  34. # The specification is in RFC 4880, section 4.2 and 4.3:
  35. # http://tools.ietf.org/html/rfc4880#section-4.2
  36. 0 name pgp
  37. >0 byte 0x67 Reserved (old)
  38. >0 byte 0x68 Public-Key Encrypted Session Key (old)
  39. >0 byte 0x69 Signature (old)
  40. >0 byte 0x6a Symmetric-Key Encrypted Session Key (old)
  41. >0 byte 0x6b One-Pass Signature (old)
  42. >0 byte 0x6c Secret-Key (old)
  43. >0 byte 0x6d Public-Key (old)
  44. >0 byte 0x6e Secret-Subkey (old)
  45. >0 byte 0x6f Compressed Data (old)
  46. >0 byte 0x70 Symmetrically Encrypted Data (old)
  47. >0 byte 0x71 Marker (old)
  48. >0 byte 0x72 Literal Data (old)
  49. >0 byte 0x73 Trust (old)
  50. >0 byte 0x74 User ID (old)
  51. >0 byte 0x75 Public-Subkey (old)
  52. >0 byte 0x76 Unused (old)
  53. >0 byte 0x77
  54. >>1 byte&0xc0 0x00 Reserved
  55. >>1 byte&0xc0 0x40 Public-Key Encrypted Session Key
  56. >>1 byte&0xc0 0x80 Signature
  57. >>1 byte&0xc0 0xc0 Symmetric-Key Encrypted Session Key
  58. >0 byte 0x78
  59. >>1 byte&0xc0 0x00 One-Pass Signature
  60. >>1 byte&0xc0 0x40 Secret-Key
  61. >>1 byte&0xc0 0x80 Public-Key
  62. >>1 byte&0xc0 0xc0 Secret-Subkey
  63. >0 byte 0x79
  64. >>1 byte&0xc0 0x00 Compressed Data
  65. >>1 byte&0xc0 0x40 Symmetrically Encrypted Data
  66. >>1 byte&0xc0 0x80 Marker
  67. >>1 byte&0xc0 0xc0 Literal Data
  68. >0 byte 0x7a
  69. >>1 byte&0xc0 0x00 Trust
  70. >>1 byte&0xc0 0x40 User ID
  71. >>1 byte&0xc0 0x80 Public-Subkey
  72. >>1 byte&0xc0 0xc0 Unused [z%x]
  73. >0 byte 0x30
  74. >>1 byte&0xc0 0x00 Unused [0%x]
  75. >>1 byte&0xc0 0x40 User Attribute
  76. >>1 byte&0xc0 0x80 Sym. Encrypted and Integrity Protected Data
  77. >>1 byte&0xc0 0xc0 Modification Detection Code
  78. # magic signatures to detect PGP crypto material (from stef)
  79. # detects and extracts metadata from:
  80. # - symmetric encrypted packet header
  81. # - RSA (e=65537) secret (sub-)keys
  82. # 1024b RSA encrypted data
  83. 0 string \x84\x8c\x03 PGP RSA encrypted session key -
  84. >3 lelong x keyid: %X
  85. >7 lelong x %X
  86. >11 byte 0x01 RSA (Encrypt or Sign) 1024b
  87. >11 byte 0x02 RSA Encrypt-Only 1024b
  88. >12 string \x04\x00
  89. >12 string \x03\xff
  90. >12 string \x03\xfe
  91. >12 string \x03\xfd
  92. >12 string \x03\xfc
  93. >12 string \x03\xfb
  94. >12 string \x03\xfa
  95. >12 string \x03\xf9
  96. >142 byte 0xd2 .
  97. # 2048b RSA encrypted data
  98. 0 string \x85\x01\x0c\x03 PGP RSA encrypted session key -
  99. >4 lelong x keyid: %X
  100. >8 lelong x %X
  101. >12 byte 0x01 RSA (Encrypt or Sign) 2048b
  102. >12 byte 0x02 RSA Encrypt-Only 2048b
  103. >13 string \x08\x00
  104. >13 string \x07\xff
  105. >13 string \x07\xfe
  106. >13 string \x07\xfd
  107. >13 string \x07\xfc
  108. >13 string \x07\xfb
  109. >13 string \x07\xfa
  110. >13 string \x07\xf9
  111. >271 byte 0xd2 .
  112. # 3072b RSA encrypted data
  113. 0 string \x85\x01\x8c\x03 PGP RSA encrypted session key -
  114. >4 lelong x keyid: %X
  115. >8 lelong x %X
  116. >12 byte 0x01 RSA (Encrypt or Sign) 3072b
  117. >12 byte 0x02 RSA Encrypt-Only 3072b
  118. >13 string \x0c\x00
  119. >13 string \x0b\xff
  120. >13 string \x0b\xfe
  121. >13 string \x0b\xfd
  122. >13 string \x0b\xfc
  123. >13 string \x0b\xfb
  124. >13 string \x0b\xfa
  125. >13 string \x0b\xf9
  126. >399 byte 0xd2 .
  127. # 3072b RSA encrypted data
  128. 0 string \x85\x02\x0c\x03 PGP RSA encrypted session key -
  129. >4 lelong x keyid: %X
  130. >8 lelong x %X
  131. >12 byte 0x01 RSA (Encrypt or Sign) 4096b
  132. >12 byte 0x02 RSA Encrypt-Only 4096b
  133. >13 string \x10\x00
  134. >13 string \x0f\xff
  135. >13 string \x0f\xfe
  136. >13 string \x0f\xfd
  137. >13 string \x0f\xfc
  138. >13 string \x0f\xfb
  139. >13 string \x0f\xfa
  140. >13 string \x0f\xf9
  141. >527 byte 0xd2 .
  142. # 4096b RSA encrypted data
  143. 0 string \x85\x04\x0c\x03 PGP RSA encrypted session key -
  144. >4 lelong x keyid: %X
  145. >8 lelong x %X
  146. >12 byte 0x01 RSA (Encrypt or Sign) 8129b
  147. >12 byte 0x02 RSA Encrypt-Only 8129b
  148. >13 string \x20\x00
  149. >13 string \x1f\xff
  150. >13 string \x1f\xfe
  151. >13 string \x1f\xfd
  152. >13 string \x1f\xfc
  153. >13 string \x1f\xfb
  154. >13 string \x1f\xfa
  155. >13 string \x1f\xf9
  156. >1039 byte 0xd2 .
  157. # crypto algo mapper
  158. 0 name crypto
  159. >0 byte 0x00 Plaintext or unencrypted data
  160. >0 byte 0x01 IDEA
  161. >0 byte 0x02 TripleDES
  162. >0 byte 0x03 CAST5 (128 bit key)
  163. >0 byte 0x04 Blowfish (128 bit key, 16 rounds)
  164. >0 byte 0x07 AES with 128-bit key
  165. >0 byte 0x08 AES with 192-bit key
  166. >0 byte 0x09 AES with 256-bit key
  167. >0 byte 0x0a Twofish with 256-bit key
  168. # hash algo mapper
  169. 0 name hash
  170. >0 byte 0x01 MD5
  171. >0 byte 0x02 SHA-1
  172. >0 byte 0x03 RIPE-MD/160
  173. >0 byte 0x08 SHA256
  174. >0 byte 0x09 SHA384
  175. >0 byte 0x0a SHA512
  176. >0 byte 0x0b SHA224
  177. # pgp symmetric encrypted data
  178. 0 byte 0x8c PGP symmetric key encrypted data -
  179. >1 byte 0x0d
  180. >1 byte 0x0c
  181. >2 byte 0x04
  182. >3 use crypto
  183. >4 byte 0x01 salted -
  184. >>5 use hash
  185. >>14 byte 0xd2 .
  186. >>14 byte 0xc9 .
  187. >4 byte 0x03 salted & iterated -
  188. >>5 use hash
  189. >>15 byte 0xd2 .
  190. >>15 byte 0xc9 .
  191. # encrypted keymaterial needs s2k & can be checksummed/hashed
  192. 0 name chkcrypto
  193. >0 use crypto
  194. >1 byte 0x00 Simple S2K
  195. >1 byte 0x01 Salted S2K
  196. >1 byte 0x03 Salted&Iterated S2K
  197. >2 use hash
  198. # all PGP keys start with this prolog
  199. # containing version, creation date, and purpose
  200. 0 name keyprolog
  201. >0 byte 0x04
  202. >1 beldate x created on %s -
  203. >5 byte 0x01 RSA (Encrypt or Sign)
  204. >5 byte 0x02 RSA Encrypt-Only
  205. # end of secret keys known signature
  206. # contains e=65537 and the prolog to
  207. # the encrypted parameters
  208. 0 name keyend
  209. >0 string \x00\x11\x01\x00\x01 e=65537
  210. >5 use crypto
  211. >5 byte 0xff checksummed
  212. >>6 use chkcrypto
  213. >5 byte 0xfe hashed
  214. >>6 use chkcrypto
  215. # PGP secret keys contain also the public parts
  216. # these vary by bitsize of the key
  217. 0 name x1024
  218. >0 use keyprolog
  219. >6 string \x03\xfe
  220. >6 string \x03\xff
  221. >6 string \x04\x00
  222. >136 use keyend
  223. 0 name x2048
  224. >0 use keyprolog
  225. >6 string \x80\x00
  226. >6 string \x07\xfe
  227. >6 string \x07\xff
  228. >264 use keyend
  229. 0 name x3072
  230. >0 use keyprolog
  231. >6 string \x0b\xfe
  232. >6 string \x0b\xff
  233. >6 string \x0c\x00
  234. >392 use keyend
  235. 0 name x4096
  236. >0 use keyprolog
  237. >6 string \x10\x00
  238. >6 string \x0f\xfe
  239. >6 string \x0f\xff
  240. >520 use keyend
  241. # \x00|\x1f[\xfe\xff]).{1024})'
  242. 0 name x8192
  243. >0 use keyprolog
  244. >6 string \x20\x00
  245. >6 string \x1f\xfe
  246. >6 string \x1f\xff
  247. >1032 use keyend
  248. # depending on the size of the pkt
  249. # we branch into the proper key size
  250. # signatures defined as x{keysize}
  251. >0 name pgpkey
  252. >0 string \x01\xd8 1024b
  253. >>2 use x1024
  254. >0 string \x01\xeb 1024b
  255. >>2 use x1024
  256. >0 string \x01\xfb 1024b
  257. >>2 use x1024
  258. >0 string \x01\xfd 1024b
  259. >>2 use x1024
  260. >0 string \x01\xf3 1024b
  261. >>2 use x1024
  262. >0 string \x01\xee 1024b
  263. >>2 use x1024
  264. >0 string \x01\xfe 1024b
  265. >>2 use x1024
  266. >0 string \x01\xf4 1024b
  267. >>2 use x1024
  268. >0 string \x02\x0d 1024b
  269. >>2 use x1024
  270. >0 string \x02\x03 1024b
  271. >>2 use x1024
  272. >0 string \x02\x05 1024b
  273. >>2 use x1024
  274. >0 string \x02\x15 1024b
  275. >>2 use x1024
  276. >0 string \x02\x00 1024b
  277. >>2 use x1024
  278. >0 string \x02\x10 1024b
  279. >>2 use x1024
  280. >0 string \x02\x04 1024b
  281. >>2 use x1024
  282. >0 string \x02\x06 1024b
  283. >>2 use x1024
  284. >0 string \x02\x16 1024b
  285. >>2 use x1024
  286. >0 string \x03\x98 2048b
  287. >>2 use x2048
  288. >0 string \x03\xab 2048b
  289. >>2 use x2048
  290. >0 string \x03\xbb 2048b
  291. >>2 use x2048
  292. >0 string \x03\xbd 2048b
  293. >>2 use x2048
  294. >0 string \x03\xcd 2048b
  295. >>2 use x2048
  296. >0 string \x03\xb3 2048b
  297. >>2 use x2048
  298. >0 string \x03\xc3 2048b
  299. >>2 use x2048
  300. >0 string \x03\xc5 2048b
  301. >>2 use x2048
  302. >0 string \x03\xd5 2048b
  303. >>2 use x2048
  304. >0 string \x03\xae 2048b
  305. >>2 use x2048
  306. >0 string \x03\xbe 2048b
  307. >>2 use x2048
  308. >0 string \x03\xc0 2048b
  309. >>2 use x2048
  310. >0 string \x03\xd0 2048b
  311. >>2 use x2048
  312. >0 string \x03\xb4 2048b
  313. >>2 use x2048
  314. >0 string \x03\xc4 2048b
  315. >>2 use x2048
  316. >0 string \x03\xc6 2048b
  317. >>2 use x2048
  318. >0 string \x03\xd6 2048b
  319. >>2 use x2048
  320. >0 string \x05X 3072b
  321. >>2 use x3072
  322. >0 string \x05k 3072b
  323. >>2 use x3072
  324. >0 string \x05{ 3072b
  325. >>2 use x3072
  326. >0 string \x05} 3072b
  327. >>2 use x3072
  328. >0 string \x05\x8d 3072b
  329. >>2 use x3072
  330. >0 string \x05s 3072b
  331. >>2 use x3072
  332. >0 string \x05\x83 3072b
  333. >>2 use x3072
  334. >0 string \x05\x85 3072b
  335. >>2 use x3072
  336. >0 string \x05\x95 3072b
  337. >>2 use x3072
  338. >0 string \x05n 3072b
  339. >>2 use x3072
  340. >0 string \x05\x7e 3072b
  341. >>2 use x3072
  342. >0 string \x05\x80 3072b
  343. >>2 use x3072
  344. >0 string \x05\x90 3072b
  345. >>2 use x3072
  346. >0 string \x05t 3072b
  347. >>2 use x3072
  348. >0 string \x05\x84 3072b
  349. >>2 use x3072
  350. >0 string \x05\x86 3072b
  351. >>2 use x3072
  352. >0 string \x05\x96 3072b
  353. >>2 use x3072
  354. >0 string \x07[ 4096b
  355. >>2 use x4096
  356. >0 string \x07\x18 4096b
  357. >>2 use x4096
  358. >0 string \x07+ 4096b
  359. >>2 use x4096
  360. >0 string \x07; 4096b
  361. >>2 use x4096
  362. >0 string \x07= 4096b
  363. >>2 use x4096
  364. >0 string \x07M 4096b
  365. >>2 use x4096
  366. >0 string \x073 4096b
  367. >>2 use x4096
  368. >0 string \x07C 4096b
  369. >>2 use x4096
  370. >0 string \x07E 4096b
  371. >>2 use x4096
  372. >0 string \x07U 4096b
  373. >>2 use x4096
  374. >0 string \x07. 4096b
  375. >>2 use x4096
  376. >0 string \x07> 4096b
  377. >>2 use x4096
  378. >0 string \x07@ 4096b
  379. >>2 use x4096
  380. >0 string \x07P 4096b
  381. >>2 use x4096
  382. >0 string \x074 4096b
  383. >>2 use x4096
  384. >0 string \x07D 4096b
  385. >>2 use x4096
  386. >0 string \x07F 4096b
  387. >>2 use x4096
  388. >0 string \x07V 4096b
  389. >>2 use x4096
  390. >0 string \x0e[ 8192b
  391. >>2 use x8192
  392. >0 string \x0e\x18 8192b
  393. >>2 use x8192
  394. >0 string \x0e+ 8192b
  395. >>2 use x8192
  396. >0 string \x0e; 8192b
  397. >>2 use x8192
  398. >0 string \x0e= 8192b
  399. >>2 use x8192
  400. >0 string \x0eM 8192b
  401. >>2 use x8192
  402. >0 string \x0e3 8192b
  403. >>2 use x8192
  404. >0 string \x0eC 8192b
  405. >>2 use x8192
  406. >0 string \x0eE 8192b
  407. >>2 use x8192
  408. >0 string \x0eU 8192b
  409. >>2 use x8192
  410. >0 string \x0e. 8192b
  411. >>2 use x8192
  412. >0 string \x0e> 8192b
  413. >>2 use x8192
  414. >0 string \x0e@ 8192b
  415. >>2 use x8192
  416. >0 string \x0eP 8192b
  417. >>2 use x8192
  418. >0 string \x0e4 8192b
  419. >>2 use x8192
  420. >0 string \x0eD 8192b
  421. >>2 use x8192
  422. >0 string \x0eF 8192b
  423. >>2 use x8192
  424. >0 string \x0eV 8192b
  425. >>2 use x8192
  426. # PGP RSA (e=65537) secret (sub-)key header
  427. 0 byte 0x95 PGP Secret Key -
  428. >1 use pgpkey
  429. 0 byte 0x97 PGP Secret Sub-key -
  430. >1 use pgpkey
  431. 0 byte 0x9d PGP Secret Sub-key -
  432. >1 use pgpkey