From dc1856c741e7edc51b723b4aef377c6da21458f6 Mon Sep 17 00:00:00 2001
From: Oliver Wiese <oliver.wiese@fu-berlin.de>
Date: Wed, 27 Sep 2017 10:53:26 +0200
Subject: [PATCH] remove unnetpgp
---
enzevalos_iphone.xcodeproj/project.pbxproj | 168 -
enzevalos_iphone/netpgp/UNNetPGP.h | 104 -
enzevalos_iphone/netpgp/UNNetPGP.m | 614 ---
enzevalos_iphone/netpgp/fmemopen/README.md | 49 -
enzevalos_iphone/netpgp/fmemopen/fmemopen.c | 93 -
enzevalos_iphone/netpgp/fmemopen/fmemopen.h | 52 -
enzevalos_iphone/netpgp/lib/Licence | 36 -
enzevalos_iphone/netpgp/lib/bufgap.c | 520 ---
enzevalos_iphone/netpgp/lib/bufgap.h | 88 -
enzevalos_iphone/netpgp/lib/compress.c | 501 ---
enzevalos_iphone/netpgp/lib/config.h | 181 -
enzevalos_iphone/netpgp/lib/create.c | 1305 -------
enzevalos_iphone/netpgp/lib/create.h | 119 -
enzevalos_iphone/netpgp/lib/crypto.c | 602 ---
enzevalos_iphone/netpgp/lib/crypto.h | 307 --
enzevalos_iphone/netpgp/lib/defs.h | 92 -
enzevalos_iphone/netpgp/lib/errors.h | 169 -
enzevalos_iphone/netpgp/lib/fastctype.c | 370 --
enzevalos_iphone/netpgp/lib/fastctype.h | 62 -
enzevalos_iphone/netpgp/lib/keyring.c | 1153 ------
enzevalos_iphone/netpgp/lib/keyring.h | 152 -
enzevalos_iphone/netpgp/lib/memory.h | 87 -
enzevalos_iphone/netpgp/lib/misc.c | 1353 -------
enzevalos_iphone/netpgp/lib/mj.c | 575 ---
enzevalos_iphone/netpgp/lib/mj.h | 69 -
enzevalos_iphone/netpgp/lib/netpgp.c | 1972 ----------
enzevalos_iphone/netpgp/lib/netpgp.h | 113 -
enzevalos_iphone/netpgp/lib/netpgpdefs.h | 68 -
enzevalos_iphone/netpgp/lib/netpgpdigest.h | 55 -
enzevalos_iphone/netpgp/lib/netpgpsdk.h | 74 -
enzevalos_iphone/netpgp/lib/openssl_crypto.c | 1050 ------
enzevalos_iphone/netpgp/lib/ops-ssh.h | 41 -
enzevalos_iphone/netpgp/lib/packet-parse.c | 3494 ------------------
enzevalos_iphone/netpgp/lib/packet-parse.h | 169 -
enzevalos_iphone/netpgp/lib/packet-print.c | 1455 --------
enzevalos_iphone/netpgp/lib/packet-show.c | 918 -----
enzevalos_iphone/netpgp/lib/packet-show.h | 111 -
enzevalos_iphone/netpgp/lib/packet.h | 982 -----
enzevalos_iphone/netpgp/lib/reader.c | 2366 ------------
enzevalos_iphone/netpgp/lib/readerwriter.h | 126 -
enzevalos_iphone/netpgp/lib/signature.c | 1272 -------
enzevalos_iphone/netpgp/lib/signature.h | 172 -
enzevalos_iphone/netpgp/lib/ssh2pgp.c | 472 ---
enzevalos_iphone/netpgp/lib/symmetric.c | 802 ----
enzevalos_iphone/netpgp/lib/types.h | 94 -
enzevalos_iphone/netpgp/lib/validate.c | 969 -----
enzevalos_iphone/netpgp/lib/validate.h | 120 -
enzevalos_iphone/netpgp/lib/version.h | 67 -
enzevalos_iphone/netpgp/lib/writer.c | 1794 ---------
enzevalos_iphone/netpgp/lib/writer.h | 119 -
50 files changed, 27696 deletions(-)
delete mode 100644 enzevalos_iphone/netpgp/UNNetPGP.h
delete mode 100644 enzevalos_iphone/netpgp/UNNetPGP.m
delete mode 100755 enzevalos_iphone/netpgp/fmemopen/README.md
delete mode 100755 enzevalos_iphone/netpgp/fmemopen/fmemopen.c
delete mode 100755 enzevalos_iphone/netpgp/fmemopen/fmemopen.h
delete mode 100644 enzevalos_iphone/netpgp/lib/Licence
delete mode 100644 enzevalos_iphone/netpgp/lib/bufgap.c
delete mode 100644 enzevalos_iphone/netpgp/lib/bufgap.h
delete mode 100644 enzevalos_iphone/netpgp/lib/compress.c
delete mode 100644 enzevalos_iphone/netpgp/lib/config.h
delete mode 100644 enzevalos_iphone/netpgp/lib/create.c
delete mode 100644 enzevalos_iphone/netpgp/lib/create.h
delete mode 100644 enzevalos_iphone/netpgp/lib/crypto.c
delete mode 100644 enzevalos_iphone/netpgp/lib/crypto.h
delete mode 100644 enzevalos_iphone/netpgp/lib/defs.h
delete mode 100644 enzevalos_iphone/netpgp/lib/errors.h
delete mode 100644 enzevalos_iphone/netpgp/lib/fastctype.c
delete mode 100644 enzevalos_iphone/netpgp/lib/fastctype.h
delete mode 100644 enzevalos_iphone/netpgp/lib/keyring.c
delete mode 100644 enzevalos_iphone/netpgp/lib/keyring.h
delete mode 100644 enzevalos_iphone/netpgp/lib/memory.h
delete mode 100644 enzevalos_iphone/netpgp/lib/misc.c
delete mode 100644 enzevalos_iphone/netpgp/lib/mj.c
delete mode 100644 enzevalos_iphone/netpgp/lib/mj.h
delete mode 100644 enzevalos_iphone/netpgp/lib/netpgp.c
delete mode 100644 enzevalos_iphone/netpgp/lib/netpgp.h
delete mode 100644 enzevalos_iphone/netpgp/lib/netpgpdefs.h
delete mode 100644 enzevalos_iphone/netpgp/lib/netpgpdigest.h
delete mode 100644 enzevalos_iphone/netpgp/lib/netpgpsdk.h
delete mode 100644 enzevalos_iphone/netpgp/lib/openssl_crypto.c
delete mode 100644 enzevalos_iphone/netpgp/lib/ops-ssh.h
delete mode 100644 enzevalos_iphone/netpgp/lib/packet-parse.c
delete mode 100644 enzevalos_iphone/netpgp/lib/packet-parse.h
delete mode 100644 enzevalos_iphone/netpgp/lib/packet-print.c
delete mode 100644 enzevalos_iphone/netpgp/lib/packet-show.c
delete mode 100644 enzevalos_iphone/netpgp/lib/packet-show.h
delete mode 100644 enzevalos_iphone/netpgp/lib/packet.h
delete mode 100644 enzevalos_iphone/netpgp/lib/reader.c
delete mode 100644 enzevalos_iphone/netpgp/lib/readerwriter.h
delete mode 100644 enzevalos_iphone/netpgp/lib/signature.c
delete mode 100644 enzevalos_iphone/netpgp/lib/signature.h
delete mode 100644 enzevalos_iphone/netpgp/lib/ssh2pgp.c
delete mode 100644 enzevalos_iphone/netpgp/lib/symmetric.c
delete mode 100644 enzevalos_iphone/netpgp/lib/types.h
delete mode 100644 enzevalos_iphone/netpgp/lib/validate.c
delete mode 100644 enzevalos_iphone/netpgp/lib/validate.h
delete mode 100644 enzevalos_iphone/netpgp/lib/version.h
delete mode 100644 enzevalos_iphone/netpgp/lib/writer.c
delete mode 100644 enzevalos_iphone/netpgp/lib/writer.h
diff --git a/enzevalos_iphone.xcodeproj/project.pbxproj b/enzevalos_iphone.xcodeproj/project.pbxproj
index cb4fb060..23fd14af 100644
--- a/enzevalos_iphone.xcodeproj/project.pbxproj
+++ b/enzevalos_iphone.xcodeproj/project.pbxproj
@@ -82,29 +82,6 @@
476373C21E09BA88004D5EFE /* UserData.swift in Sources */ = {isa = PBXBuildFile; fileRef = 476373C11E09BA88004D5EFE /* UserData.swift */; };
47691A8A1ECB56D1004BCFC5 /* Mail.swift in Sources */ = {isa = PBXBuildFile; fileRef = 47691A891ECB56D1004BCFC5 /* Mail.swift */; };
47691A8C1ECC3EC7004BCFC5 /* EphemeralMail.swift in Sources */ = {isa = PBXBuildFile; fileRef = 47691A8B1ECC3EC7004BCFC5 /* EphemeralMail.swift */; };
- 4781753A1F06E57E00300D20 /* fmemopen.c in Sources */ = {isa = PBXBuildFile; fileRef = 478175081F06E57E00300D20 /* fmemopen.c */; };
- 4781753B1F06E57E00300D20 /* README.md in Sources */ = {isa = PBXBuildFile; fileRef = 4781750A1F06E57E00300D20 /* README.md */; };
- 4781753C1F06E57E00300D20 /* bufgap.c in Sources */ = {isa = PBXBuildFile; fileRef = 4781750C1F06E57E00300D20 /* bufgap.c */; };
- 4781753D1F06E57E00300D20 /* compress.c in Sources */ = {isa = PBXBuildFile; fileRef = 4781750E1F06E57E00300D20 /* compress.c */; };
- 4781753E1F06E57E00300D20 /* create.c in Sources */ = {isa = PBXBuildFile; fileRef = 478175101F06E57E00300D20 /* create.c */; };
- 4781753F1F06E57E00300D20 /* crypto.c in Sources */ = {isa = PBXBuildFile; fileRef = 478175121F06E57E00300D20 /* crypto.c */; };
- 478175401F06E57E00300D20 /* fastctype.c in Sources */ = {isa = PBXBuildFile; fileRef = 478175161F06E57E00300D20 /* fastctype.c */; };
- 478175411F06E57E00300D20 /* keyring.c in Sources */ = {isa = PBXBuildFile; fileRef = 478175181F06E57E00300D20 /* keyring.c */; };
- 478175421F06E57E00300D20 /* Licence in Resources */ = {isa = PBXBuildFile; fileRef = 4781751A1F06E57E00300D20 /* Licence */; };
- 478175431F06E57E00300D20 /* misc.c in Sources */ = {isa = PBXBuildFile; fileRef = 4781751C1F06E57E00300D20 /* misc.c */; };
- 478175441F06E57E00300D20 /* mj.c in Sources */ = {isa = PBXBuildFile; fileRef = 4781751D1F06E57E00300D20 /* mj.c */; };
- 478175451F06E57E00300D20 /* netpgp.c in Sources */ = {isa = PBXBuildFile; fileRef = 4781751F1F06E57E00300D20 /* netpgp.c */; };
- 478175461F06E57E00300D20 /* openssl_crypto.c in Sources */ = {isa = PBXBuildFile; fileRef = 478175241F06E57E00300D20 /* openssl_crypto.c */; };
- 478175471F06E57E00300D20 /* packet-parse.c in Sources */ = {isa = PBXBuildFile; fileRef = 478175261F06E57E00300D20 /* packet-parse.c */; };
- 478175481F06E57E00300D20 /* packet-print.c in Sources */ = {isa = PBXBuildFile; fileRef = 478175281F06E57E00300D20 /* packet-print.c */; };
- 478175491F06E57E00300D20 /* packet-show.c in Sources */ = {isa = PBXBuildFile; fileRef = 478175291F06E57E00300D20 /* packet-show.c */; };
- 4781754A1F06E57E00300D20 /* reader.c in Sources */ = {isa = PBXBuildFile; fileRef = 4781752C1F06E57E00300D20 /* reader.c */; };
- 4781754B1F06E57E00300D20 /* signature.c in Sources */ = {isa = PBXBuildFile; fileRef = 4781752E1F06E57E00300D20 /* signature.c */; };
- 4781754C1F06E57E00300D20 /* ssh2pgp.c in Sources */ = {isa = PBXBuildFile; fileRef = 478175301F06E57E00300D20 /* ssh2pgp.c */; };
- 4781754D1F06E57E00300D20 /* symmetric.c in Sources */ = {isa = PBXBuildFile; fileRef = 478175311F06E57E00300D20 /* symmetric.c */; };
- 4781754E1F06E57E00300D20 /* validate.c in Sources */ = {isa = PBXBuildFile; fileRef = 478175331F06E57E00300D20 /* validate.c */; };
- 4781754F1F06E57E00300D20 /* writer.c in Sources */ = {isa = PBXBuildFile; fileRef = 478175361F06E57E00300D20 /* writer.c */; };
- 478175501F06E57E00300D20 /* UNNetPGP.m in Sources */ = {isa = PBXBuildFile; fileRef = 478175391F06E57E00300D20 /* UNNetPGP.m */; };
479BBDDA1EFEA17900A2107C /* bob_enzevalos_public.asc in Resources */ = {isa = PBXBuildFile; fileRef = 479BBDD81EFEA17900A2107C /* bob_enzevalos_public.asc */; };
479BBDDB1EFEA17900A2107C /* alice_enzevalos_public.asc in Resources */ = {isa = PBXBuildFile; fileRef = 479BBDD91EFEA17900A2107C /* alice_enzevalos_public.asc */; };
479BBDDD1EFEA3CB00A2107C /* dave_enezvalos_public.asc in Resources */ = {isa = PBXBuildFile; fileRef = 479BBDDC1EFEA3CB00A2107C /* dave_enezvalos_public.asc */; };
@@ -337,55 +314,6 @@
476373C11E09BA88004D5EFE /* UserData.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = UserData.swift; sourceTree = "<group>"; };
47691A891ECB56D1004BCFC5 /* Mail.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = Mail.swift; sourceTree = "<group>"; };
47691A8B1ECC3EC7004BCFC5 /* EphemeralMail.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = EphemeralMail.swift; sourceTree = "<group>"; };
- 478175081F06E57E00300D20 /* fmemopen.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = fmemopen.c; sourceTree = "<group>"; };
- 478175091F06E57E00300D20 /* fmemopen.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = fmemopen.h; sourceTree = "<group>"; };
- 4781750A1F06E57E00300D20 /* README.md */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = net.daringfireball.markdown; path = README.md; sourceTree = "<group>"; };
- 4781750C1F06E57E00300D20 /* bufgap.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = bufgap.c; sourceTree = "<group>"; };
- 4781750D1F06E57E00300D20 /* bufgap.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = bufgap.h; sourceTree = "<group>"; };
- 4781750E1F06E57E00300D20 /* compress.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = compress.c; sourceTree = "<group>"; };
- 4781750F1F06E57E00300D20 /* config.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = config.h; sourceTree = "<group>"; };
- 478175101F06E57E00300D20 /* create.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = create.c; sourceTree = "<group>"; };
- 478175111F06E57E00300D20 /* create.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = create.h; sourceTree = "<group>"; };
- 478175121F06E57E00300D20 /* crypto.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = crypto.c; sourceTree = "<group>"; };
- 478175131F06E57E00300D20 /* crypto.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = crypto.h; sourceTree = "<group>"; };
- 478175141F06E57E00300D20 /* defs.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = defs.h; sourceTree = "<group>"; };
- 478175151F06E57E00300D20 /* errors.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = errors.h; sourceTree = "<group>"; };
- 478175161F06E57E00300D20 /* fastctype.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = fastctype.c; sourceTree = "<group>"; };
- 478175171F06E57E00300D20 /* fastctype.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = fastctype.h; sourceTree = "<group>"; };
- 478175181F06E57E00300D20 /* keyring.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = keyring.c; sourceTree = "<group>"; };
- 478175191F06E57E00300D20 /* keyring.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = keyring.h; sourceTree = "<group>"; };
- 4781751A1F06E57E00300D20 /* Licence */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = Licence; sourceTree = "<group>"; };
- 4781751B1F06E57E00300D20 /* memory.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = memory.h; sourceTree = "<group>"; };
- 4781751C1F06E57E00300D20 /* misc.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = misc.c; sourceTree = "<group>"; };
- 4781751D1F06E57E00300D20 /* mj.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = mj.c; sourceTree = "<group>"; };
- 4781751E1F06E57E00300D20 /* mj.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = mj.h; sourceTree = "<group>"; };
- 4781751F1F06E57E00300D20 /* netpgp.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = netpgp.c; sourceTree = "<group>"; };
- 478175201F06E57E00300D20 /* netpgp.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = netpgp.h; sourceTree = "<group>"; };
- 478175211F06E57E00300D20 /* netpgpdefs.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = netpgpdefs.h; sourceTree = "<group>"; };
- 478175221F06E57E00300D20 /* netpgpdigest.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = netpgpdigest.h; sourceTree = "<group>"; };
- 478175231F06E57E00300D20 /* netpgpsdk.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = netpgpsdk.h; sourceTree = "<group>"; };
- 478175241F06E57E00300D20 /* openssl_crypto.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = openssl_crypto.c; sourceTree = "<group>"; };
- 478175251F06E57E00300D20 /* ops-ssh.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "ops-ssh.h"; sourceTree = "<group>"; };
- 478175261F06E57E00300D20 /* packet-parse.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = "packet-parse.c"; sourceTree = "<group>"; };
- 478175271F06E57E00300D20 /* packet-parse.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "packet-parse.h"; sourceTree = "<group>"; };
- 478175281F06E57E00300D20 /* packet-print.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = "packet-print.c"; sourceTree = "<group>"; };
- 478175291F06E57E00300D20 /* packet-show.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = "packet-show.c"; sourceTree = "<group>"; };
- 4781752A1F06E57E00300D20 /* packet-show.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = "packet-show.h"; sourceTree = "<group>"; };
- 4781752B1F06E57E00300D20 /* packet.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = packet.h; sourceTree = "<group>"; };
- 4781752C1F06E57E00300D20 /* reader.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = reader.c; sourceTree = "<group>"; };
- 4781752D1F06E57E00300D20 /* readerwriter.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = readerwriter.h; sourceTree = "<group>"; };
- 4781752E1F06E57E00300D20 /* signature.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = signature.c; sourceTree = "<group>"; };
- 4781752F1F06E57E00300D20 /* signature.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = signature.h; sourceTree = "<group>"; };
- 478175301F06E57E00300D20 /* ssh2pgp.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = ssh2pgp.c; sourceTree = "<group>"; };
- 478175311F06E57E00300D20 /* symmetric.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = symmetric.c; sourceTree = "<group>"; };
- 478175321F06E57E00300D20 /* types.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = types.h; sourceTree = "<group>"; };
- 478175331F06E57E00300D20 /* validate.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = validate.c; sourceTree = "<group>"; };
- 478175341F06E57E00300D20 /* validate.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = validate.h; sourceTree = "<group>"; };
- 478175351F06E57E00300D20 /* version.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = version.h; sourceTree = "<group>"; };
- 478175361F06E57E00300D20 /* writer.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; path = writer.c; sourceTree = "<group>"; };
- 478175371F06E57E00300D20 /* writer.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = writer.h; sourceTree = "<group>"; };
- 478175381F06E57E00300D20 /* UNNetPGP.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = UNNetPGP.h; sourceTree = "<group>"; };
- 478175391F06E57E00300D20 /* UNNetPGP.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = UNNetPGP.m; sourceTree = "<group>"; };
479BBDD81EFEA17900A2107C /* bob_enzevalos_public.asc */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; name = bob_enzevalos_public.asc; path = keys/bob_enzevalos_public.asc; sourceTree = "<group>"; };
479BBDD91EFEA17900A2107C /* alice_enzevalos_public.asc */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; name = alice_enzevalos_public.asc; path = keys/alice_enzevalos_public.asc; sourceTree = "<group>"; };
479BBDDC1EFEA3CB00A2107C /* dave_enezvalos_public.asc */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; name = dave_enezvalos_public.asc; path = keys/dave_enezvalos_public.asc; sourceTree = "<group>"; };
@@ -676,78 +604,6 @@
path = Utils;
sourceTree = "<group>";
};
- 478175061F06E57E00300D20 /* netpgp */ = {
- isa = PBXGroup;
- children = (
- 478175071F06E57E00300D20 /* fmemopen */,
- 4781750B1F06E57E00300D20 /* lib */,
- 478175381F06E57E00300D20 /* UNNetPGP.h */,
- 478175391F06E57E00300D20 /* UNNetPGP.m */,
- );
- path = netpgp;
- sourceTree = "<group>";
- };
- 478175071F06E57E00300D20 /* fmemopen */ = {
- isa = PBXGroup;
- children = (
- 478175081F06E57E00300D20 /* fmemopen.c */,
- 478175091F06E57E00300D20 /* fmemopen.h */,
- 4781750A1F06E57E00300D20 /* README.md */,
- );
- path = fmemopen;
- sourceTree = "<group>";
- };
- 4781750B1F06E57E00300D20 /* lib */ = {
- isa = PBXGroup;
- children = (
- 4781750C1F06E57E00300D20 /* bufgap.c */,
- 4781750D1F06E57E00300D20 /* bufgap.h */,
- 4781750E1F06E57E00300D20 /* compress.c */,
- 4781750F1F06E57E00300D20 /* config.h */,
- 478175101F06E57E00300D20 /* create.c */,
- 478175111F06E57E00300D20 /* create.h */,
- 478175121F06E57E00300D20 /* crypto.c */,
- 478175131F06E57E00300D20 /* crypto.h */,
- 478175141F06E57E00300D20 /* defs.h */,
- 478175151F06E57E00300D20 /* errors.h */,
- 478175161F06E57E00300D20 /* fastctype.c */,
- 478175171F06E57E00300D20 /* fastctype.h */,
- 478175181F06E57E00300D20 /* keyring.c */,
- 478175191F06E57E00300D20 /* keyring.h */,
- 4781751A1F06E57E00300D20 /* Licence */,
- 4781751B1F06E57E00300D20 /* memory.h */,
- 4781751C1F06E57E00300D20 /* misc.c */,
- 4781751D1F06E57E00300D20 /* mj.c */,
- 4781751E1F06E57E00300D20 /* mj.h */,
- 4781751F1F06E57E00300D20 /* netpgp.c */,
- 478175201F06E57E00300D20 /* netpgp.h */,
- 478175211F06E57E00300D20 /* netpgpdefs.h */,
- 478175221F06E57E00300D20 /* netpgpdigest.h */,
- 478175231F06E57E00300D20 /* netpgpsdk.h */,
- 478175241F06E57E00300D20 /* openssl_crypto.c */,
- 478175251F06E57E00300D20 /* ops-ssh.h */,
- 478175261F06E57E00300D20 /* packet-parse.c */,
- 478175271F06E57E00300D20 /* packet-parse.h */,
- 478175281F06E57E00300D20 /* packet-print.c */,
- 478175291F06E57E00300D20 /* packet-show.c */,
- 4781752A1F06E57E00300D20 /* packet-show.h */,
- 4781752B1F06E57E00300D20 /* packet.h */,
- 4781752C1F06E57E00300D20 /* reader.c */,
- 4781752D1F06E57E00300D20 /* readerwriter.h */,
- 4781752E1F06E57E00300D20 /* signature.c */,
- 4781752F1F06E57E00300D20 /* signature.h */,
- 478175301F06E57E00300D20 /* ssh2pgp.c */,
- 478175311F06E57E00300D20 /* symmetric.c */,
- 478175321F06E57E00300D20 /* types.h */,
- 478175331F06E57E00300D20 /* validate.c */,
- 478175341F06E57E00300D20 /* validate.h */,
- 478175351F06E57E00300D20 /* version.h */,
- 478175361F06E57E00300D20 /* writer.c */,
- 478175371F06E57E00300D20 /* writer.h */,
- );
- path = lib;
- sourceTree = "<group>";
- };
47B91AC01EC0C1CF000AE3EE /* coredata */ = {
isa = PBXGroup;
children = (
@@ -846,7 +702,6 @@
isa = PBXGroup;
children = (
475BFF911F7B953B006CDD41 /* ObjectivePGP */,
- 478175061F06E57E00300D20 /* netpgp */,
47B91AC11EC0C1FB000AE3EE /* data */,
F19B29011E02DCAC00B29DD1 /* enzevalos_iphone.entitlements */,
A1C7FF8B1E895316000D1E92 /* keys */,
@@ -1156,7 +1011,6 @@
A1C09FC61DF04D650006B783 /* alice2005-private.gpg in Resources */,
479BBDE01EFEA4D800A2107C /* bob_enzvalos_private.asc in Resources */,
A13526861D955BDF00D3BFE1 /* LaunchScreen.storyboard in Resources */,
- 478175421F06E57E00300D20 /* Licence in Resources */,
A1EB05A41D956E32008659C1 /* Assets.xcassets in Resources */,
A1FA3F6C1E78565B0093C0B6 /* alice2005-public.gpg in Resources */,
A1EB058C1D9568AB008659C1 /* FrequentCell.xib in Resources */,
@@ -1327,7 +1181,6 @@
475B000B1F7B953B006CDD41 /* PGPOnePassSignaturePacket.m in Sources */,
47691A8A1ECB56D1004BCFC5 /* Mail.swift in Sources */,
472F398A1E251787009260FB /* Contact.swift in Sources */,
- 4781754B1F06E57E00300D20 /* signature.c in Sources */,
472F39861E1FA34E009260FB /* Record.swift in Sources */,
475B00221F7B953B006CDD41 /* PGPKeyGenerator.m in Sources */,
475B001C1F7B953B006CDD41 /* PGPArmor.m in Sources */,
@@ -1339,14 +1192,11 @@
475B000E1F7B953B006CDD41 /* PGPPublicKeyPacket.m in Sources */,
A1E2324E1F0FA41A00DC9D40 /* FolderListCell.swift in Sources */,
A1EB059C1D956957008659C1 /* NSDateCompare.swift in Sources */,
- 478175471F06E57E00300D20 /* packet-parse.c in Sources */,
475B00041F7B953B006CDD41 /* PGPKeyMaterial.m in Sources */,
A1EB05941D956931008659C1 /* InboxCellDelegator.swift in Sources */,
472F39811E1E5347009260FB /* Mail_Address+CoreDataClass.swift in Sources */,
475B002F1F7B953B006CDD41 /* NSMutableData+PGPUtils.m in Sources */,
475B00021F7B953B006CDD41 /* PGPCryptoUtils.m in Sources */,
- 4781753C1F06E57E00300D20 /* bufgap.c in Sources */,
- 478175431F06E57E00300D20 /* misc.c in Sources */,
A1EB05821D95685B008659C1 /* CollectionDataDelegate.swift in Sources */,
A17C04841DC6504E00F66EDB /* LogHandler.swift in Sources */,
A1EB05801D956851008659C1 /* SendViewController.swift in Sources */,
@@ -1359,18 +1209,12 @@
F18B44601E704C550080C041 /* ReplaceSegue.swift in Sources */,
475B000C1F7B953B006CDD41 /* PGPPacket.m in Sources */,
472F39881E1FA377009260FB /* KeyRecord.swift in Sources */,
- 4781754E1F06E57E00300D20 /* validate.c in Sources */,
- 4781754C1F06E57E00300D20 /* ssh2pgp.c in Sources */,
475B00241F7B953B006CDD41 /* PGPMPI.m in Sources */,
F1ACF21C1E0C1C6800C1B843 /* ContactViewController.swift in Sources */,
475B00351F7B9565006CDD41 /* CryptoObject.swift in Sources */,
- 4781754F1F06E57E00300D20 /* writer.c in Sources */,
- 478175441F06E57E00300D20 /* mj.c in Sources */,
475B00161F7B953B006CDD41 /* PGPSymmetricallyEncryptedDataPacket.m in Sources */,
- 478175491F06E57E00300D20 /* packet-show.c in Sources */,
475B002B1F7B953B006CDD41 /* PGPUser.m in Sources */,
A1EB057E1D956848008659C1 /* VENDataDelegate.swift in Sources */,
- 4781753D1F06E57E00300D20 /* compress.c in Sources */,
A1E81B671DCA296200535F98 /* UIViewResolver.swift in Sources */,
475B001A1F7B953B006CDD41 /* PGPUserAttributeSubpacket.m in Sources */,
475B000A1F7B953B006CDD41 /* PGPModificationDetectionCodePacket.m in Sources */,
@@ -1382,13 +1226,9 @@
F1AF938F1E2D04BA00755128 /* CustomCells.swift in Sources */,
475B00211F7B953B006CDD41 /* PGPKey.m in Sources */,
A10DE4201EFAA2CE005E8189 /* FolderViewController.swift in Sources */,
- 4781753B1F06E57E00300D20 /* README.md in Sources */,
475B00071F7B953B006CDD41 /* ObjectivePGPObject.m in Sources */,
475B00131F7B953B006CDD41 /* PGPSignatureSubpacket.m in Sources */,
475B00011F7B953B006CDD41 /* PGPCryptoHash.m in Sources */,
- 4781754D1F06E57E00300D20 /* symmetric.c in Sources */,
- 478175461F06E57E00300D20 /* openssl_crypto.c in Sources */,
- 478175501F06E57E00300D20 /* UNNetPGP.m in Sources */,
475B002E1F7B953B006CDD41 /* NSMutableArray+PGPUtils.m in Sources */,
476142081E07E52B00FD5E4F /* Theme.swift in Sources */,
A1EB057A1D956829008659C1 /* ContactCell.swift in Sources */,
@@ -1396,7 +1236,6 @@
475B00101F7B953B006CDD41 /* PGPSecretKeyPacket.m in Sources */,
472F392C1E1277D2009260FB /* PersistentMail +CoreDataClass.swift in Sources */,
F119D2901E364B59001D732A /* AnimatedSendIcon.swift in Sources */,
- 478175481F06E57E00300D20 /* packet-print.c in Sources */,
475B00231F7B953B006CDD41 /* PGPKeyID.m in Sources */,
475B00181F7B953B006CDD41 /* PGPTrustPacket.m in Sources */,
F12060801DA540FE00F6EF37 /* RefreshControlExtension.swift in Sources */,
@@ -1404,7 +1243,6 @@
475B001E1F7B953B006CDD41 /* PGPCryptoCFB.m in Sources */,
A13526811D955BDF00D3BFE1 /* enzevalos_iphone.xcdatamodeld in Sources */,
475B00111F7B953B006CDD41 /* PGPSecretSubKeyPacket.m in Sources */,
- 478175411F06E57E00300D20 /* keyring.c in Sources */,
475B00141F7B953B006CDD41 /* PGPSignatureSubpacketCreationTime.m in Sources */,
472F39821E1E5347009260FB /* Mail_Address+CoreDataProperties.swift in Sources */,
476373C21E09BA88004D5EFE /* UserData.swift in Sources */,
@@ -1420,16 +1258,13 @@
475B00261F7B953B006CDD41 /* PGPPartialKey.m in Sources */,
475B00251F7B953B006CDD41 /* PGPPacketFactory.m in Sources */,
475B002A1F7B953B006CDD41 /* PGPS2K.m in Sources */,
- 478175451F06E57E00300D20 /* netpgp.c in Sources */,
A1E2324C1F0FA13F00DC9D40 /* FolderListViewController.swift in Sources */,
475B00121F7B953B006CDD41 /* PGPSignaturePacket.m in Sources */,
475B00091F7B953B006CDD41 /* PGPLiteralPacket.m in Sources */,
F113C38B1F3344C200E7F1D6 /* ViewControllerPannable.swift in Sources */,
A1EB05841D956867008659C1 /* TableViewDataDelegate.swift in Sources */,
- 4781753E1F06E57E00300D20 /* create.c in Sources */,
472F397C1E1D0B0B009260FB /* PersistentMail +CoreDataProperties.swift in Sources */,
A1EB05961D956939008659C1 /* InboxTableViewCell.swift in Sources */,
- 478175401F06E57E00300D20 /* fastctype.c in Sources */,
475B00201F7B953B006CDD41 /* PGPFoundation.m in Sources */,
475B002D1F7B953B006CDD41 /* NSData+PGPUtils.m in Sources */,
475B000D1F7B953B006CDD41 /* PGPPublicKeyEncryptedSessionKeyPacket.m in Sources */,
@@ -1442,18 +1277,15 @@
475B00341F7B9565006CDD41 /* Cryptography.swift in Sources */,
A1EB057C1D956838008659C1 /* MailHandler.swift in Sources */,
A1EB05881D956879008659C1 /* AddressHandler.swift in Sources */,
- 4781753F1F06E57E00300D20 /* crypto.c in Sources */,
472F39701E14F75C009260FB /* DataHandler.swift in Sources */,
A1EB05901D956923008659C1 /* ReadViewController.swift in Sources */,
A1C3DEEC1E0AB15300EB7D02 /* InitViewController.swift in Sources */,
472F398E1E251B8D009260FB /* MailAddress.swift in Sources */,
F12060821DA552FC00F6EF37 /* MailHandlerDelegator.swift in Sources */,
475B001D1F7B953B006CDD41 /* PGPBigNum.m in Sources */,
- 4781754A1F06E57E00300D20 /* reader.c in Sources */,
475B00031F7B953B006CDD41 /* PGPDSA.m in Sources */,
F1984D741E1E92B300804E1E /* LabelStyleKit.swift in Sources */,
A1EB05861D956872008659C1 /* FrequentCell.swift in Sources */,
- 4781753A1F06E57E00300D20 /* fmemopen.c in Sources */,
F12041FB1DA3FBF7002E4940 /* ListViewController.swift in Sources */,
F18B445E1E7044B70080C041 /* FlipTransition.swift in Sources */,
475B00291F7B953B006CDD41 /* PGPPKCSEmsa.m in Sources */,
diff --git a/enzevalos_iphone/netpgp/UNNetPGP.h b/enzevalos_iphone/netpgp/UNNetPGP.h
deleted file mode 100644
index 4129fe15..00000000
--- a/enzevalos_iphone/netpgp/UNNetPGP.h
+++ /dev/null
@@ -1,104 +0,0 @@
-//
-// UNNetPGP.h
-// netpgp
-//
-// Created by Marcin Krzyzanowski on 01.10.2013.
-// Copyright (c) 2013 Marcin Krzyżanowski
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-//
-
-
-#import <Foundation/Foundation.h>
-
-typedef NS_OPTIONS(NSUInteger, UNEncryptOption)
-{
- UNEncryptOptionNone = 0,
- UNEncryptDontUseSubkey = 1 << 0 // Not recomended, by default subkey is used to encrypt data. Use only if required.
-};
-
-@interface UNNetPGP : NSObject
-
-/** user identifier. Required for most actions. */
-@property (strong, atomic) NSString *userId;
-
-/** home dir for keyrings */
-@property (strong, atomic) NSString *homeDirectory;
-
-/** path to public key ring file */
-@property (strong, atomic) NSString *publicKeyRingPath;
-
-/** path to secure key ring file */
-@property (strong, atomic) NSString *secretKeyRingPath;
-
-/** keys in a keyring */
-@property (strong, atomic) NSArray *availableKeys;
-
-/** password for key **/
-@property (copy, atomic) NSString *password;
-
-/** armored */
-@property (assign) BOOL armored;
-
-/** Maximum memory allocation. Default 4 MiB. Incrase for large files.*/
-@property (assign) NSUInteger maximumMemoryAllocationSize;
-
-/** Initialize with user identifier */
-- (instancetype) initWithUserId:(NSString *)userId;
-
-/** Encrypt file at path and save result to out file */
-- (BOOL) encryptFileAtPath:(NSString *)inFilePath toFileAtPath:(NSString *)outFilePath options:(UNEncryptOption)options;
-/** Decrypt file at path and save result to out file */
-- (BOOL) decryptFileAtPath:(NSString *)inFilePath toFileAtPath:(NSString *)outFilePath;
-
-/** Sign file and write signature to separate file */
-- (BOOL) signFileAtPath:(NSString *)inFilePath writeSignatureToPath:(NSString *)signatureFilePath;
-
-/** Sign file and write signed to output file */
-- (BOOL) signFileAtPath:(NSString *)inFilePath writeSignedFileToPath:(NSString *)signedFilePath;
-
-/**
- Sign file and write signature to separate file or attach signature to signed file.
- signatureFilePath have extension ".asc" or ".sig"
- */
-- (BOOL) signFileAtPath:(NSString *)inFilePath writeToFile:(NSString *)signatureFilePath detached:(BOOL)detached;
-
-/**
- Verifies the signatures in a signed file.
- @param inFilePath have to be one of ".sig" or ".asc" file. Method expect companion signed filed.
- */
-- (BOOL) verifyFileAtPath:(NSString *)inFilePath;
-
-- (NSData *) encryptData:(NSData *)inData options:(UNEncryptOption)options;
-- (NSData *) decryptData:(NSData *)inData;
-
-- (NSData *) signData:(NSData *)data;
-- (BOOL) verifyData:(NSData *)inData;
-
-/**
- * Import public key from given keyring file
- *
- * @param inFilePath pubring.gpg file to import
- *
- * @return YES for success.
- */
-- (BOOL) importPublicKeyFromFileAtPath:(NSString *)inFilePath;
-//- (BOOL) importSecureKeyFromFileAtPath:(NSString *)inFilePath;
-- (NSString *)exportKeyNamed:(NSString *)keyName;
-
-/** Generate pair of keys and store in keyring */
-- (BOOL) generateKey:(int)numberOfBits;
-/** Generate pair of keys and store in specified by path */
-- (BOOL) generateKey:(int)numberOfBits named:(NSString *)keyName toDirectory:(NSString *)path;
-
-@end
diff --git a/enzevalos_iphone/netpgp/UNNetPGP.m b/enzevalos_iphone/netpgp/UNNetPGP.m
deleted file mode 100644
index 7b9da591..00000000
--- a/enzevalos_iphone/netpgp/UNNetPGP.m
+++ /dev/null
@@ -1,614 +0,0 @@
-//
-// UNNetPGP.m
-// netpgp
-//
-// Created by Marcin Krzyzanowski on 01.10.2013.
-// Copyright (c) 2013 Marcin Krzyżanowski
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-//
-
-#import "UNNetPGP.h"
-#import "netpgp.h"
-#import "fmemopen.h"
-
-static dispatch_queue_t lock_queue;
-
-@implementation UNNetPGP
-
-@synthesize availableKeys = _availableKeys;
-@synthesize publicKeyRingPath = _publicKeyRingPath;
-@synthesize secretKeyRingPath = _secretKeyRingPath;
-
-+ (void)initialize
-{
- lock_queue = dispatch_queue_create("UUNetPGP lock queue", DISPATCH_QUEUE_SERIAL);
-}
-
-- (instancetype) init
-{
- if (self = [super init]) {
- // by default search keys in Documents
-
- // NOTE: saving the keyring in this location means that it could get backed up to iCloud,
- // leaving private keys vulernable to whoever can get access to Apple's servers.
-
- NSArray *paths = NSSearchPathForDirectoriesInDomains(NSDocumentDirectory, NSUserDomainMask, YES);
- NSString *documentDirectoryPath = ([paths count] > 0) ? [paths objectAtIndex:0] : nil;
-
-#if TARGET_IPHONE_SIMULATOR
- // Sometimes the simulator doesn't have the normal directories.
- if (![[NSFileManager defaultManager] fileExistsAtPath:documentDirectoryPath]) {
- [[NSFileManager defaultManager] createDirectoryAtPath:documentDirectoryPath withIntermediateDirectories:YES attributes:nil error:nil];
- }
-#endif
- _homeDirectory = documentDirectoryPath;
- }
- return self;
-}
-
-- (instancetype) initWithUserId:(NSString *)userId
-{
- if (self = [self init]) {
- self.userId = userId;
- }
- return self;
-}
-
-- (void)setPublicKeyRingPath:(NSString *)publicKeyRingPath
-{
- dispatch_sync(lock_queue, ^{
- self->_publicKeyRingPath = publicKeyRingPath;
- });
-}
-
-- (NSString *)publicKeyRingPath
-{
- @synchronized(self) {
- NSString *ret = nil;
- if (_publicKeyRingPath) {
- ret = _publicKeyRingPath;
- } else if (self.homeDirectory) {
- ret = [self.homeDirectory stringByAppendingPathComponent:@"pubring.gpg"];
- }
- return ret;
- }
-}
-
-- (void)setSecretKeyRingPath:(NSString *)secretKeyRingPath
-{
- dispatch_sync(lock_queue, ^{
- self->_secretKeyRingPath = secretKeyRingPath;
- });
-
-}
-
-- (NSString *)secretKeyRingPath
-{
- @synchronized(self) {
- NSString *ret = nil;
- if (_secretKeyRingPath) {
- ret = _secretKeyRingPath;
- } else if (self.homeDirectory) {
- ret = [self.homeDirectory stringByAppendingPathComponent:@"secring.gpg"];
- }
- return ret;
- }
-}
-
-#pragma mark - Data
-
-- (NSData *) encryptData:(NSData *)inData options:(UNEncryptOption)options
-{
- __block NSData *result = nil;
-
- dispatch_sync(lock_queue, ^{
- netpgp_t *netpgp = [self buildnetpgp];
- if (netpgp) {
-
- if (options & UNEncryptDontUseSubkey) {
- netpgp_setvar(netpgp, "dont use subkey to encrypt", "1");
- }
-
- void *inbuf = calloc(inData.length, sizeof(Byte));
- memcpy(inbuf, inData.bytes, inData.length);
-
- NSInteger maxsize = (unsigned)atoi(netpgp_getvar(netpgp, "max mem alloc"));
- void *outbuf = calloc(sizeof(Byte), maxsize);
- int outsize = netpgp_encrypt_memory(netpgp, self.userId.UTF8String, inbuf, inData.length, outbuf, maxsize, self.armored ? 1 : 0);
-
- if (outsize > 0) {
- result = [NSData dataWithBytesNoCopy:outbuf length:outsize freeWhenDone:YES];
- }
-
- [self finishnetpgp:netpgp];
-
- if (inbuf)
- free(inbuf);
- }
- });
-
- return result;
-}
-
-- (NSData *) decryptData:(NSData *)inData
-{
- __block NSData *result = nil;
-
- dispatch_sync(lock_queue, ^{
- netpgp_t *netpgp = [self buildnetpgp];
- if (netpgp) {
- NSInteger maxsize = (unsigned)atoi(netpgp_getvar(netpgp, "max mem alloc"));
- void *outbuf = calloc(sizeof(Byte), maxsize);
- int outsize = netpgp_decrypt_memory(netpgp, inData.bytes, inData.length, outbuf, maxsize, self.armored ? 1 : 0);
-
- if (outsize > 0) {
- result = [NSData dataWithBytesNoCopy:outbuf length:outsize freeWhenDone:YES];
- }
-
- [self finishnetpgp:netpgp];
- }
- });
-
- return result;
-}
-
-- (NSData *) signData:(NSData *)inData
-{
- __block NSData *result = nil;
-
- dispatch_sync(lock_queue, ^{
- netpgp_t *netpgp = [self buildnetpgp];
- if (netpgp) {
- void *inbuf = calloc(inData.length, sizeof(Byte));
- memcpy(inbuf, inData.bytes, inData.length);
-
- NSInteger maxsize = (unsigned)atoi(netpgp_getvar(netpgp, "max mem alloc"));
- void *outbuf = calloc(sizeof(Byte), maxsize);
- int outsize = netpgp_sign_memory(netpgp, self.userId.UTF8String, inbuf, inData.length, outbuf, maxsize, self.armored ? 1 : 0, 0 /* !cleartext */);
-
- if (outsize > 0) {
- result = [NSData dataWithBytesNoCopy:outbuf length:outsize freeWhenDone:YES];
- }
-
- [self finishnetpgp:netpgp];
-
- if (inbuf)
- free(inbuf);
- }
- });
-
- return result;
-}
-
-- (BOOL) verifyData:(NSData *)inData
-{
- __block BOOL result = NO;
-
- dispatch_sync(lock_queue, ^{
- netpgp_t *netpgp = [self buildnetpgp];
- if (netpgp) {
- result = netpgp_verify_memory(netpgp, inData.bytes, inData.length, NULL, 0, self.armored ? 1 : 0);
- [self finishnetpgp:netpgp];
- }
- });
-
- return result;
-}
-
-
-#pragma mark - Files
-
-/**
- Encrypt file.
-
- @param inFilePath File to encrypt
- @param outFilePath Optional. If `nil` then encrypted name is created at the same path as original file with addedd suffix `.gpg`.
- @param options UNEncryptOption
- @return `YES` if operation success.
-
- Encrypted file is created at outFilePath, file is overwritten if already exists.
- */
-- (BOOL) encryptFileAtPath:(NSString *)inFilePath toFileAtPath:(NSString *)outFilePath options:(UNEncryptOption)options
-{
- __block BOOL result = NO;
-
- if (![[NSFileManager defaultManager] fileExistsAtPath:inFilePath])
- return NO;
-
- dispatch_sync(lock_queue, ^{
- netpgp_t *netpgp = [self buildnetpgp];
-
- if (netpgp) {
-
- if (options & UNEncryptDontUseSubkey) {
- netpgp_setvar(netpgp, "dont use subkey to encrypt", "1");
- }
-
- if (self.maximumMemoryAllocationSize <= 4096) {
- NSDictionary *attrs = [[NSFileManager defaultManager] attributesOfItemAtPath:inFilePath error: NULL];
- unsigned long long fileSize = [attrs fileSize];
- float newMax = ceilf(fileSize / (float)self.maximumMemoryAllocationSize) * (float)self.maximumMemoryAllocationSize;
- netpgp_setvar(netpgp, "max mem alloc", [[NSString stringWithFormat:@"%d",(int32_t)newMax] UTF8String]);
- }
-
- char infilepath[inFilePath.length+1]; //+1 for terminating NULL character
- strcpy(infilepath, inFilePath.UTF8String);
-
- char *outfilepath = NULL;
- if (outFilePath) {
- outfilepath = calloc(outFilePath.length+1, sizeof(char));
- strcpy(outfilepath, outFilePath.UTF8String);
- }
-
- result = netpgp_encrypt_file(netpgp, self.userId.UTF8String, infilepath, outfilepath, self.armored ? 1 : 0);
-
- [self finishnetpgp:netpgp];
-
- if (outfilepath)
- free(outfilepath);
- }
- });
-
- return result;
-}
-
-/**
- Decrypt file.
-
- @param inFilePath File to encrypt
- @param outFilePath Optional. If `nil` then encrypted name is created at the same path as original file with addedd suffix `.gpg`.
- @return `YES` if operation success.
-
- Descrypted file is created at outFilePath, file is overwritten if already exists.
- */
-- (BOOL) decryptFileAtPath:(NSString *)inFilePath toFileAtPath:(NSString *)outFilePath
-{
- __block BOOL result = NO;
-
- if (![[NSFileManager defaultManager] fileExistsAtPath:inFilePath])
- return NO;
-
- dispatch_sync(lock_queue, ^{
- netpgp_t *netpgp = [self buildnetpgp];
- if (netpgp) {
- char infilepath[inFilePath.length+1]; //+1 for terminating NULL character
- strcpy(infilepath, inFilePath.UTF8String);
-
- char *outfilepath = NULL;
- if (outFilePath) {
- outfilepath = calloc(outFilePath.length+1, sizeof(char));
- strcpy(outfilepath, outFilePath.UTF8String);
- }
-
- result = netpgp_decrypt_file(netpgp, infilepath, outfilepath, self.armored ? 1 : 0);
-
- [self finishnetpgp:netpgp];
-
- if (outfilepath)
- free(outfilepath);
- }
- });
-
- return result;
-}
-
-- (BOOL) signFileAtPath:(NSString *)inFilePath writeSignatureToPath:(NSString *)signatureFilePath
-{
- return [self signFileAtPath:inFilePath writeToFile:signatureFilePath detached:YES];
-}
-
-- (BOOL) signFileAtPath:(NSString *)inFilePath writeSignedFileToPath:(NSString *)signedFilePath
-{
- return [self signFileAtPath:inFilePath writeToFile:signedFilePath detached:NO];
-}
-
-- (BOOL) signFileAtPath:(NSString *)inFilePath writeToFile:(NSString *)signatureFilePath detached:(BOOL)detached
-{
- __block BOOL result = NO;
-
- // HACK: Don't crash
- if (inFilePath == nil || signatureFilePath == nil) return NO;
-
- dispatch_sync(lock_queue, ^{
- netpgp_t *netpgp = [self buildnetpgp];
- if (netpgp) {
- char infilepath[inFilePath.length+1]; //+1 for terminating NULL character
- memset(infilepath, 0x0, sizeof(infilepath));
- strcpy(infilepath, inFilePath.UTF8String);
-
- char *outfilepath = NULL;
- if (signatureFilePath) {
- outfilepath = calloc(signatureFilePath.length+1, sizeof(char));
- strcpy(outfilepath, signatureFilePath.UTF8String);
- }
-
- //TODO: cleartext is not working right, need to investigate and fix
- result = netpgp_sign_file(netpgp, self.userId.UTF8String, infilepath, outfilepath /* sigfile name */, self.armored ? 1 : 0, 0 /* !cleartext */, detached ? 1 : 0 /* detached */);
-
- [self finishnetpgp:netpgp];
-
- if (outfilepath) {
- free(outfilepath);
- }
- }
- });
-
- return result;
-}
-
-- (BOOL) verifyFileAtPath:(NSString *)inFilePath
-{
- __block BOOL result = NO;
-
- dispatch_sync(lock_queue, ^{
- netpgp_t *netpgp = [self buildnetpgp];
- if (netpgp) {
- char infilepath[inFilePath.length+1]; //+1 for terminating NULL character
- strcpy(infilepath, inFilePath.UTF8String);
-
- result = netpgp_verify_file(netpgp, infilepath, NULL, self.armored ? 1 : 0);
-
- [self finishnetpgp:netpgp];
- }
- });
-
- return result;
-}
-
-#pragma mark - Keys
-
-- (NSArray *)availableKeys
-{
- __block NSArray *keysDict = nil;
-
- dispatch_sync(lock_queue, ^{
- netpgp_t *netpgp = [self buildnetpgp];
- if (netpgp) {
-
- char *jsonCString = NULL;
- if (netpgp_list_keys_json(netpgp, &jsonCString, 0) && (jsonCString != NULL)) {
- NSError *error = nil;
- keysDict = [NSJSONSerialization JSONObjectWithData:[NSData dataWithBytes:jsonCString length:strlen(jsonCString)] options:0 error:&error];
- }
- free(jsonCString);
-
- [self finishnetpgp:netpgp];
- }
- });
- return keysDict;
-}
-
-- (void)setAvailableKeys:(NSArray *)keys
-{
- dispatch_sync(lock_queue, ^{
- _availableKeys = keys;
- });
-}
-
-- (NSString *)exportKeyNamed:(NSString *)keyName
-{
- __block NSString *keyData;
-
- dispatch_sync(lock_queue, ^{
- netpgp_t *netpgp = [self buildnetpgp];
- if (netpgp) {
- char keyname[keyName.length+1]; //+1 for terminating NULL character
- strcpy(keyname, keyName.UTF8String);
-
- char *keydata = netpgp_export_key(netpgp, keyname);
- if (keydata) {
- keyData = [NSString stringWithCString:keydata encoding:NSASCIIStringEncoding];
- free(keydata);
- }
-
- [self finishnetpgp:netpgp];
- }
- });
- return keyData;
-}
-
-/** import a key into keyring */
-- (BOOL) importPublicKeyFromFileAtPath:(NSString *)inFilePath
-{
- if (!inFilePath)
- return NO;
-
- __block BOOL result = NO;
- dispatch_sync(lock_queue, ^{
- netpgp_t *netpgp = [self buildnetpgp];
- if (netpgp) {
-
- char infilepath[inFilePath.length+1]; //+1 for terminating NULL character
- strcpy(infilepath, inFilePath.UTF8String);
-
- result = netpgp_import_public_key(netpgp, infilepath);
-
- [self finishnetpgp:netpgp];
- }
- });
-
- return result;
-}
-//
-///** import a key into keyring */
-//- (BOOL) importSecureKeyFromFileAtPath:(NSString *)inFilePath
-//{
-// if (!inFilePath)
-// return NO;
-//
-// __block BOOL result = NO;
-// dispatch_sync(lock_queue, ^{
-// netpgp_t *netpgp = [self buildnetpgp];
-// if (netpgp) {
-//
-// char infilepath[inFilePath.length];
-// strcpy(infilepath, inFilePath.UTF8String);
-// //TODO: save in keyring
-// result = netpgp_import_secure_key(netpgp, infilepath);
-//
-// [self finishnetpgp:netpgp];
-// }
-// });
-//
-// return result;
-//}
-
-/**
- Generate key and save to keyring.
-
- @param numberOfBits
- @param keyName
- @param path
- @param defaultKeyring
- @see userId
- */
-- (BOOL) generateKey:(int)numberOfBits named:(NSString *)keyName toDirectory:(NSString *)path saveToDefaultKeyring:(BOOL)defaultKeyring
-{
- __block BOOL result = NO;
- dispatch_sync(lock_queue, ^{
- netpgp_t *netpgp = [self buildnetpgp];
- if (netpgp) {
- NSString *keyIdString = keyName ?: self.userId;
- if (keyIdString == nil) {
- keyIdString = @"";
- }
- netpgp_setvar(netpgp, "userid checks", "skip");
-
- char key_id[keyIdString.length+1]; //+1 for terminating NULL character
- strcpy(key_id, keyIdString.UTF8String);
-
- char *directory_path = NULL;
- if (path) {
- directory_path = calloc(path.length+1, sizeof(char));
- strcpy(directory_path, path.UTF8String);
-
- if (![[NSFileManager defaultManager] fileExistsAtPath:path]) {
- [[NSFileManager defaultManager] createDirectoryAtPath:path withIntermediateDirectories:YES attributes:@{NSFilePosixPermissions: [NSNumber numberWithShort:0700]} error:nil];
- }
- }
-
- result = netpgp_generate_key_rich(netpgp, key_id, numberOfBits, directory_path, defaultKeyring ? 1 : 0);
- [self finishnetpgp:netpgp];
-
- if (directory_path) {
- free(directory_path);
- }
- }
- });
-
- return result;
-}
-
-/**
- Generate key and save to keyring.
-
- @param numberOfBits
- @see userId
- */
-- (BOOL) generateKey:(int)numberOfBits
-{
- return [self generateKey:numberOfBits named:nil toDirectory:nil saveToDefaultKeyring:YES];
-}
-
-/**
- Generate key and save to defined path
-
- @param numberOfBits
- @param keyName
- @param path
- @see userId
- */
-
-- (BOOL) generateKey:(int)numberOfBits named:(NSString *)keyName toDirectory:(NSString *)path
-{
- return [self generateKey:numberOfBits named:keyName toDirectory:path saveToDefaultKeyring:NO];
-}
-
-#pragma mark - private
-
-- (netpgp_t *) buildnetpgp;
-{
- // Love http://jverkoey.github.io/fmemopen/
-
- netpgp_t *netpgp = calloc(0x1, sizeof(netpgp_t));
-
- if (self.userId)
- netpgp_setvar(netpgp, "userid", self.userId.UTF8String);
-
- if (self.homeDirectory) {
- char *directory_path = calloc(self.homeDirectory.length+1, sizeof(char));
- strcpy(directory_path, self.homeDirectory.UTF8String);
-
- netpgp_set_homedir(netpgp, directory_path, NULL, 0);
-
- free(directory_path);
- }
-
- if (self.secretKeyRingPath) {
- if (![[NSFileManager defaultManager] fileExistsAtPath:self.secretKeyRingPath]) {
- [[NSFileManager defaultManager] createFileAtPath:self.secretKeyRingPath contents:nil attributes:@{NSFilePosixPermissions: [NSNumber numberWithShort:0600]}];
- }
- netpgp_setvar(netpgp, "secring", self.secretKeyRingPath.UTF8String);
- }
-
- if (self.publicKeyRingPath) {
- if (![[NSFileManager defaultManager] fileExistsAtPath:self.publicKeyRingPath]) {
- [[NSFileManager defaultManager] createFileAtPath:self.publicKeyRingPath contents:nil attributes:@{NSFilePosixPermissions: [NSNumber numberWithShort:0600]}];
- }
- netpgp_setvar(netpgp, "pubring", self.publicKeyRingPath.UTF8String);
- }
-
- if (self.password) {
- const char* cstr = [self.password stringByAppendingString:@"\n"].UTF8String;
- netpgp->passfp = fmemopen((void *)cstr, sizeof(char) * (self.password.length + 1), "r");
- }
-
- /* 4 MiB for a memory file */
- netpgp_setvar(netpgp, "max mem alloc", "4194304");
- if (self.maximumMemoryAllocationSize) {
- netpgp_setvar(netpgp, "max mem alloc", [[NSString stringWithFormat:@"%i",self.maximumMemoryAllocationSize] UTF8String]);
- }
-
- //FIXME: use sha1 because sha256 crashing, don't know why yet
- netpgp_setvar(netpgp, "hash", "sha1");
-
- // Custom variable
- //netpgp_setvar(netpgp, "dont use subkey to encrypt", "1");
-
-#if DEBUG
- netpgp_incvar(netpgp, "verbose", 1);
- netpgp_set_debug(NULL);
-#endif
-
- if (!netpgp_init(netpgp)) {
- NSLog(@"Can't initialize netpgp stack");
- free(netpgp);
- return nil;
- }
-
- return netpgp;
-}
-
-- (void) finishnetpgp:(netpgp_t *)netpgp
-{
- if (!netpgp) {
- return;
- }
-
- netpgp_end(netpgp);
- free(netpgp);
-}
-
-
-@end
diff --git a/enzevalos_iphone/netpgp/fmemopen/README.md b/enzevalos_iphone/netpgp/fmemopen/README.md
deleted file mode 100755
index 476810eb..00000000
--- a/enzevalos_iphone/netpgp/fmemopen/README.md
+++ /dev/null
@@ -1,49 +0,0 @@
-fmemopen for Mac OS and iOS
-===========================
-
-Originally ported from [ingenuitas python-tesseract](https://github.com/ingenuitas/python-tesseract/blob/master/fmemopen.c). Ported by Jeff Verkoeyen under the Apache 2.0 License.
-
-From the fmemopen man page:
-
-> FILE *fmemopen(void *buf, size_t size, const char *mode);
->
-> The fmemopen() function opens a stream that permits the access specified by mode. The stream
-> allows I/O to be performed on the string or memory buffer pointed to by buf. This buffer must be
-> at least size bytes long.
-
-Alas, this method does not exist on BSD operating systems (specifically Mac OS X and iOS). It is
-possible to recreate this functionality using a BSD-specific method called `funopen`.
-
-From the funopen man page:
-
-> FILE * funopen(const void *cookie, int (*readfn)(void *, char *, int),
-> int (*writefn)(void *, const char *, int), fpos_t (*seekfn)(void *, fpos_t, int),
-> int (*closefn)(void *));
->
-> The funopen() function associates a stream with up to four ``I/O functions''. Either readfn or
-> writefn must be specified; the others can be given as an appropriately-typed NULL pointer. These
-> I/O functions will be used to read, write, seek and close the new stream.
-
-fmemopen.c provides a simple implementation of fmemopen using funopen so that you can create FILE
-pointers to blocks of memory.
-
-Adding it to your Project
-=========================
-
-Drag fmemopen.h and fmemopen.c to your project and add them to your target. `#include "fmemopen.h"`
-wherever you need to use `fmemopen`.
-
-Examples
-========
-
-```obj-c
-#import "fmemopen.h"
-
-NSString* string = @"fmemopen in Objective-C";
-const char* cstr = [string UTF8String];
-FILE* file = fmemopen((void *)cstr, sizeof(char) * (string.length + 1), "r");
-
-// fread on file will now read the contents of the NSString
-
-fclose(file);
-```
diff --git a/enzevalos_iphone/netpgp/fmemopen/fmemopen.c b/enzevalos_iphone/netpgp/fmemopen/fmemopen.c
deleted file mode 100755
index 7dd962b4..00000000
--- a/enzevalos_iphone/netpgp/fmemopen/fmemopen.c
+++ /dev/null
@@ -1,93 +0,0 @@
-//
-// Copyright 2012 Jeff Verkoeyen
-// Originally ported from https://github.com/ingenuitas/python-tesseract/blob/master/fmemopen.c
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-//
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/mman.h>
-#include <sys/param.h>
-
-struct fmem {
- size_t pos;
- size_t size;
- char *buffer;
-};
-typedef struct fmem fmem_t;
-
-static int readfn(void *handler, char *buf, int size) {
- fmem_t *mem = handler;
- size_t available = mem->size - mem->pos;
-
- if (size > available) {
- size = (int)MIN(available, INT_MAX);
- }
- memcpy(buf, mem->buffer + mem->pos, sizeof(char) * size);
- mem->pos += size;
-
- return size;
-}
-
-static int writefn(void *handler, const char *buf, int size) {
- fmem_t *mem = handler;
- size_t available = mem->size - mem->pos;
-
- if (size > available) {
- size = (int)MIN(available, INT_MAX);
- }
- memcpy(mem->buffer + mem->pos, buf, sizeof(char) * size);
- mem->pos += size;
-
- return size;
-}
-
-static fpos_t seekfn(void *handler, fpos_t offset, int whence) {
- size_t pos;
- fmem_t *mem = handler;
-
- switch (whence) {
- case SEEK_SET: pos = offset; break;
- case SEEK_CUR: pos = mem->pos + offset; break;
- case SEEK_END: pos = mem->size + offset; break;
- default: return -1;
- }
-
- if (pos > mem->size) {
- return -1;
- }
-
- mem->pos = pos;
- return (fpos_t)pos;
-}
-
-static int closefn(void *handler) {
- free(handler);
- return 0;
-}
-
-FILE *fmemopen(void *buf, size_t size, const char *mode) {
- // This data is released on fclose.
- fmem_t* mem = (fmem_t *) malloc(sizeof(fmem_t));
-
- // Zero-out the structure.
- memset(mem, 0, sizeof(fmem_t));
-
- mem->size = size;
- mem->buffer = buf;
-
- // funopen's man page: https://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/man3/funopen.3.html
- return funopen(mem, readfn, writefn, seekfn, closefn);
-}
diff --git a/enzevalos_iphone/netpgp/fmemopen/fmemopen.h b/enzevalos_iphone/netpgp/fmemopen/fmemopen.h
deleted file mode 100755
index 3d06b20e..00000000
--- a/enzevalos_iphone/netpgp/fmemopen/fmemopen.h
+++ /dev/null
@@ -1,52 +0,0 @@
-//
-// Copyright 2012 Jeff Verkoeyen
-// Originally ported from https://github.com/ingenuitas/python-tesseract/blob/master/fmemopen.c
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-//
-
-#ifndef FMEMOPEN_H_
-#define FMEMOPEN_H_
-
-#ifdef __cplusplus
-extern "C"
-{
-#endif
-
-/**
- * A BSD port of the fmemopen Linux method using funopen.
- *
- * man docs for fmemopen:
- * http://linux.die.net/man/3/fmemopen
- *
- * man docs for funopen:
- * https://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/man3/funopen.3.html
- *
- * This method is ported from ingenuitas' python-tesseract project.
- *
- * You must call fclose on the returned file pointer or memory will be leaked.
- *
- * @param buf The data that will be used to back the FILE* methods. Must be at least
- * @c size bytes.
- * @param size The size of the @c buf data.
- * @param mode The permitted stream operation modes.
- * @returns A pointer that can be used in the fread/fwrite/fseek/fclose family of methods.
- * If a failure occurred NULL will be returned.
- */
-FILE *fmemopen(void *buf, size_t size, const char *mode);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif // #ifndef FMEMOPEN_H_
diff --git a/enzevalos_iphone/netpgp/lib/Licence b/enzevalos_iphone/netpgp/lib/Licence
deleted file mode 100644
index 25a88eb4..00000000
--- a/enzevalos_iphone/netpgp/lib/Licence
+++ /dev/null
@@ -1,36 +0,0 @@
-Copyright (c) 2005 Nominet UK (www.nic.uk)
-All rights reserved.
-Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
-their moral rights under the UK Copyright Design and Patents Act 1988 to
-be recorded as the authors of this copyright work.
-
-This is a BSD-style Open Source licence.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions
-are met:
-
-1. Redistributions of source code must retain the above copyright
- notice, this list of conditions and the following disclaimer.
-
-2. Redistributions in binary form must reproduce the above copyright
- notice, this list of conditions and the following disclaimer in the
- documentation and/or other materials provided with the distribution.
-
-3. The name of Nominet UK or the contributors may not be used to
- endorse or promote products derived from this software without specific
- prior written permission;
-
-and provided that the user accepts the terms of the following disclaimer:
-
-THIS SOFTWARE IS PROVIDED BY NOMINET UK AND CONTRIBUTORS ``AS IS'' AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED. IN NO EVENT SHALL NOMINET UK OR CONTRIBUTORS BE LIABLE
-FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-SUCH DAMAGE.
diff --git a/enzevalos_iphone/netpgp/lib/bufgap.c b/enzevalos_iphone/netpgp/lib/bufgap.c
deleted file mode 100644
index 7e6534d6..00000000
--- a/enzevalos_iphone/netpgp/lib/bufgap.c
+++ /dev/null
@@ -1,520 +0,0 @@
-/* $NetBSD: bufgap.c,v 1.4 2010/08/15 16:10:56 agc Exp $ */
-
-/*-
- * Copyright (c) 1996-2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-#include <stdio.h>
-
-#include <stdlib.h>
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_STRING_H
-#include <string.h>
-#endif
-
-#include "fastctype.h"
-#include "bufgap.h"
-#include "defs.h"
-
-/* macros to get subscripts in buffer */
-#define AFTSUB(bp, n) ((bp)->buf[(int)n])
-#define BEFSUB(bp, n) ((bp)->buf[(int)((bp)->size - (n) - 1)])
-
-/* initial allocation size */
-#ifndef CHUNKSIZE
-#define CHUNKSIZE 256
-#endif
-
-#ifndef KiB
-#define KiB(x) ((x) * 1024)
-#endif
-
-#define BGCHUNKSIZE KiB(4)
-
-#ifndef __UNCONST
-#define __UNCONST(a) ((void *)(unsigned long)(const void *)(a))
-#endif
-
-#ifndef USE_UTF
-#define USE_UTF 0
-#endif
-
-#if !USE_UTF
-#define Rune char
-#define utfbytes(x) strlen(x)
-#define utfrune(a, b) strchr(a, b)
-#define utfnlen(a, b) bounded_strlen(a, b)
-
-static size_t
-bounded_strlen(const char *s, size_t maxlen)
-{
- size_t n;
-
- for (n = 0 ; n < maxlen && s[n] != 0x0 ; n++) {
- }
- return n;
-}
-
-static int
-chartorune(Rune *rp, char *s)
-{
- *rp = s[0];
- return 1;
-}
-
-static int
-priorrune(Rune *rp, char *s)
-{
- *rp = s[0];
- return 1;
-}
-#else
-#include "ure.h"
-#endif
-
-/* save `n' chars of `s' in malloc'd memory */
-static char *
-strnsave(char *s, int n)
-{
- char *cp;
-
- if (n < 0) {
- n = (int)strlen(s);
- }
- NEWARRAY(char, cp, n + 1, "strnsave", return NULL);
- (void) memcpy(cp, s, (size_t)n);
- cp[n] = 0x0;
- return cp;
-}
-
-/* open a file in a buffer gap structure */
-int
-bufgap_open(bufgap_t *bp, const char *f)
-{
- struct stat s;
- int64_t cc;
- FILE *filep;
- char *cp;
-
- (void) memset(bp, 0x0, sizeof(*bp));
- filep = NULL;
- if (f != NULL && (filep = fopen(f, "r")) == NULL) {
- return 0;
- }
- if (f == NULL) {
- bp->size = BGCHUNKSIZE;
- NEWARRAY(char, bp->buf, bp->size, "f_open", return 0);
- } else {
- (void) fstat(fileno(filep), &s);
- bp->size = (int) ((s.st_size / BGCHUNKSIZE) + 1) * BGCHUNKSIZE;
- NEWARRAY(char, bp->buf, bp->size, "f_open", return 0);
- cc = fread(&BEFSUB(bp, s.st_size), sizeof(char),
- (size_t)s.st_size, filep);
- (void) fclose(filep);
- if (cc != s.st_size) {
- FREE(bp->buf);
- FREE(bp);
- return 0;
- }
- bp->name = strnsave(__UNCONST(f), (int)utfbytes(__UNCONST(f)));
- bp->bbc = s.st_size;
- cp = &BEFSUB(bp, cc);
- for (;;) {
- if ((cp = utfrune(cp, '\n')) == NULL) {
- break;
- }
- bp->blc++;
- cp++;
- }
- bp->bcc = utfnlen(&BEFSUB(bp, cc), (size_t)cc);
- }
- return 1;
-}
-
-/* close a buffer gapped file */
-void
-bufgap_close(bufgap_t *bp)
-{
- FREE(bp->buf);
-}
-
-/* move forwards `n' chars/bytes in a buffer gap */
-int
-bufgap_forwards(bufgap_t *bp, uint64_t n, int type)
-{
- Rune r;
- int rlen;
-
- switch(type) {
- case BGChar:
- if (bp->bcc >= n) {
- while (n-- > 0) {
- rlen = chartorune(&r, &BEFSUB(bp, bp->bbc));
- if (rlen == 1) {
- AFTSUB(bp, bp->abc) = BEFSUB(bp, bp->bbc);
- } else {
- (void) memmove(&AFTSUB(bp, bp->abc),
- &BEFSUB(bp, bp->bbc),
- (size_t)rlen);
- }
- bp->acc++;
- bp->bcc--;
- bp->abc += rlen;
- bp->bbc -= rlen;
- if (r == '\n') {
- bp->alc++;
- bp->blc--;
- }
- }
- return 1;
- }
- break;
- case BGByte:
- if (bp->bbc >= n) {
- for ( ; n > 0 ; n -= rlen) {
- rlen = chartorune(&r, &BEFSUB(bp, bp->bbc));
- if (rlen == 1) {
- AFTSUB(bp, bp->abc) = BEFSUB(bp, bp->bbc);
- } else {
- (void) memmove(&AFTSUB(bp, bp->abc),
- &BEFSUB(bp, bp->bbc),
- (size_t)rlen);
- }
- bp->acc++;
- bp->bcc--;
- bp->abc += rlen;
- bp->bbc -= rlen;
- if (r == '\n') {
- bp->alc++;
- bp->blc--;
- }
- }
- return 1;
- }
- }
- return 0;
-}
-
-/* move backwards `n' chars in a buffer gap */
-int
-bufgap_backwards(bufgap_t *bp, uint64_t n, int type)
-{
- Rune r;
- int rlen;
-
- switch(type) {
- case BGChar:
- if (bp->acc >= n) {
- while (n-- > 0) {
- rlen = priorrune(&r, &AFTSUB(bp, bp->abc));
- bp->bcc++;
- bp->acc--;
- bp->bbc += rlen;
- bp->abc -= rlen;
- if (rlen == 1) {
- BEFSUB(bp, bp->bbc) = AFTSUB(bp, bp->abc);
- } else {
- (void) memmove(&BEFSUB(bp, bp->bbc),
- &AFTSUB(bp, bp->abc),
- (size_t)rlen);
- }
- if (r == '\n') {
- bp->blc++;
- bp->alc--;
- }
- }
- return 1;
- }
- break;
- case BGByte:
- if (bp->acc >= n) {
- for ( ; n > 0 ; n -= rlen) {
- rlen = priorrune(&r, &AFTSUB(bp, bp->abc));
- bp->bcc++;
- bp->acc--;
- bp->bbc += rlen;
- bp->abc -= rlen;
- if (rlen == 1) {
- BEFSUB(bp, bp->bbc) = AFTSUB(bp, bp->abc);
- } else {
- (void) memmove(&BEFSUB(bp, bp->bbc),
- &AFTSUB(bp, bp->abc),
- (size_t)rlen);
- }
- if (r == '\n') {
- bp->blc++;
- bp->alc--;
- }
- }
- return 1;
- }
- }
- return 0;
-}
-
-/* move within a buffer gap */
-int
-bufgap_seek(bufgap_t *bp, int64_t off, int whence, int type)
-{
- switch(type) {
- case BGLine:
- switch(whence) {
- case BGFromBOF:
- if (off < 0 || off > (int64_t)(bp->alc + bp->blc)) {
- return 0;
- }
- if (off < (int64_t)bp->alc) {
- while (off <= (int64_t)bp->alc && bufgap_backwards(bp, 1, BGChar)) {
- }
- if (off > 0) {
- (void) bufgap_forwards(bp, 1, BGChar);
- }
- } else if (off > (int64_t)bp->alc) {
- while (off > (int64_t)bp->alc && bufgap_forwards(bp, 1, BGChar)) {
- }
- }
- return 1;
- case BGFromHere:
- return bufgap_seek(bp, (int64_t)(bp->alc + off), BGFromBOF, BGLine);
- case BGFromEOF:
- return bufgap_seek(bp, (int64_t)(bp->alc + bp->blc + off), BGFromBOF, BGLine);
- }
- break;
- case BGChar:
- switch(whence) {
- case BGFromBOF:
- if (off < 0 || off > (int64_t)(bp->acc + bp->bcc)) {
- return 0;
- }
- if (off < (int64_t)bp->acc) {
- return bufgap_backwards(bp, bp->acc - off, BGChar);
- } else if (off > (int64_t)bp->acc) {
- return bufgap_forwards(bp, off - bp->acc, BGChar);
- }
- return 1;
- case BGFromHere:
- return bufgap_seek(bp, (int64_t)(bp->acc + off), BGFromBOF, BGChar);
- case BGFromEOF:
- return bufgap_seek(bp, (int64_t)(bp->acc + bp->bcc + off), BGFromBOF, BGChar);
- }
- break;
- case BGByte:
- switch(whence) {
- case BGFromBOF:
- if (off < 0 || off > (int64_t)(bp->abc + bp->bbc)) {
- return 0;
- }
- if (off < (int64_t)bp->abc) {
- return bufgap_backwards(bp, bp->abc - off, BGByte);
- } else if (off > (int64_t)bp->abc) {
- return bufgap_forwards(bp, off - bp->abc, BGByte);
- }
- return 1;
- case BGFromHere:
- return bufgap_seek(bp, (int64_t)(bp->abc + off), BGFromBOF, BGByte);
- case BGFromEOF:
- return bufgap_seek(bp, (int64_t)(bp->abc + bp->bbc + off), BGFromBOF, BGByte);
- }
- break;
- }
- return 0;
-}
-
-/* return a pointer to the text in the buffer gap */
-char *
-bufgap_getstr(bufgap_t *bp)
-{
- return &BEFSUB(bp, bp->bbc);
-}
-
-/* return the binary text in the buffer gap */
-int
-bufgap_getbin(bufgap_t *bp, void *dst, size_t len)
-{
- int cc;
-
- cc = (bp->bcc < len) ? (int)bp->bcc : (int)len;
- (void) memcpy(dst, &BEFSUB(bp, bp->bbc), len);
- return cc;
-}
-
-/* return offset (from beginning/end) in a buffer gap */
-int64_t
-bufgap_tell(bufgap_t *bp, int whence, int type)
-{
- switch(whence) {
- case BGFromBOF:
- return (type == BGLine) ? bp->alc :
- (type == BGByte) ? bp->abc : bp->acc;
- case BGFromEOF:
- return (type == BGLine) ? bp->blc :
- (type == BGByte) ? bp->bbc : bp->bcc;
- default:
- (void) fprintf(stderr, "weird whence in bufgap_tell\n");
- break;
- }
- return (int64_t)0;
-}
-
-/* return size of buffer gap */
-int64_t
-bufgap_size(bufgap_t *bp, int type)
-{
- return (type == BGLine) ? bp->alc + bp->blc :
- (type == BGChar) ? bp->acc + bp->bcc :
- bp->abc + bp->bbc;
-}
-
-/* insert `n' chars of `s' in a buffer gap */
-int
-bufgap_insert(bufgap_t *bp, const char *s, int n)
-{
- int64_t off;
- Rune r;
- int rlen;
- int i;
-
- if (n < 0) {
- n = (int)strlen(s);
- }
- for (i = 0 ; i < n ; i += rlen) {
- if (bp->bbc + bp->abc == bp->size) {
- off = bufgap_tell(bp, BGFromBOF, BGChar);
- (void) bufgap_seek(bp, 0, BGFromEOF, BGChar);
- bp->size *= 2;
- RENEW(char, bp->buf, bp->size, "bufgap_insert", return 0);
- (void) bufgap_seek(bp, off, BGFromBOF, BGChar);
- }
- if ((rlen = chartorune(&r, __UNCONST(s))) == 1) {
- AFTSUB(bp, bp->abc) = *s;
- } else {
- (void) memmove(&AFTSUB(bp, bp->abc), s, (size_t)rlen);
- }
- if (r == '\n') {
- bp->alc++;
- }
- bp->modified = 1;
- bp->abc += rlen;
- bp->acc++;
- s += rlen;
- }
- return 1;
-}
-
-/* delete `n' bytes from the buffer gap */
-int
-bufgap_delete(bufgap_t *bp, uint64_t n)
-{
- uint64_t i;
- Rune r;
- int rlen;
-
- if (n <= bp->bbc) {
- for (i = 0 ; i < n ; i += rlen) {
- rlen = chartorune(&r, &BEFSUB(bp, bp->bbc));
- if (r == '\n') {
- bp->blc--;
- }
- bp->bbc -= rlen;
- bp->bcc--;
- bp->modified = 1;
- }
- return 1;
- }
- return 0;
-}
-
-/* look at a character in a buffer gap `delta' UTF chars away */
-int
-bufgap_peek(bufgap_t *bp, int64_t delta)
-{
- int ch;
-
- if (delta != 0) {
- if (!bufgap_seek(bp, delta, BGFromHere, BGChar)) {
- return -1;
- }
- }
- ch = BEFSUB(bp, bp->bbc);
- if (delta != 0) {
- (void) bufgap_seek(bp, -delta, BGFromHere, BGChar);
- }
- return ch;
-}
-
-/* return, in malloc'd storage, text from the buffer gap */
-char *
-bufgap_gettext(bufgap_t *bp, int64_t from, int64_t to)
-{
- int64_t off;
- int64_t n;
- char *text;
-
- off = bufgap_tell(bp, BGFromBOF, BGChar);
- NEWARRAY(char, text, (to - from + 1), "bufgap_gettext", return NULL);
- (void) bufgap_seek(bp, from, BGFromBOF, BGChar);
- for (n = 0 ; n < to - from ; n++) {
- text[(int)n] = BEFSUB(bp, bp->bbc - n);
- }
- text[(int)n] = 0x0;
- (void) bufgap_seek(bp, off, BGFromBOF, BGChar);
- return text;
-}
-
-/* return 1 if we wrote the file correctly */
-int
-bufgap_write(bufgap_t *bp, FILE *filep)
-{
- if (fwrite(bp->buf, sizeof(char), (size_t)bp->abc, filep) != (size_t)bp->abc) {
- return 0;
- }
- if (fwrite(&BEFSUB(bp, bp->bbc), sizeof(char), (size_t)bp->bbc, filep) != (size_t)bp->bbc) {
- return 0;
- }
- return 1;
-}
-
-/* tell if the buffer gap is dirty - has been modified */
-int
-bufgap_dirty(bufgap_t *bp)
-{
- return (int)bp->modified;
-}
diff --git a/enzevalos_iphone/netpgp/lib/bufgap.h b/enzevalos_iphone/netpgp/lib/bufgap.h
deleted file mode 100644
index 461126db..00000000
--- a/enzevalos_iphone/netpgp/lib/bufgap.h
+++ /dev/null
@@ -1,88 +0,0 @@
-/* $NetBSD: bufgap.h,v 1.2 2009/12/06 17:43:05 agc Exp $ */
-
-/*-
- * Copyright (c) 1996-2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-#ifndef BUFGAP_H_
-#define BUFGAP_H_ 20091023
-
-#include <sys/types.h>
-
-#include <inttypes.h>
-#include <stdio.h>
-
-#ifndef BUFGAP_VERSION_STRING
-#define BUFGAP_VERSION_STRING "20091022"
-#endif
-
-#ifndef BUFGAP_AUTHOR_STRING
-#define BUFGAP_AUTHOR_STRING "Alistair Crooks (agc@netbsd.org)"
-#endif
-
-/* Constants for Buffer Gap routines */
-enum {
- BGByte,
- BGChar,
- BGLine,
-
- BGFromBOF,
- BGFromHere,
- BGFromEOF
-};
-
-/* this struct describes a file in memory */
-typedef struct bufgap_t {
- uint64_t size; /* size of file */
- uint64_t abc; /* # of bytes after the gap */
- uint64_t bbc; /* # of bytes before the gap */
- uint64_t acc; /* # of utf chars after the gap */
- uint64_t bcc; /* # of utf chars before the gap */
- uint64_t alc; /* # of records after the gap */
- uint64_t blc; /* # of records before the gap */
- char *name; /* file name - perhaps null */
- char *buf; /* buffer-gap buffer */
- char modified; /* file has been modified */
-} bufgap_t;
-
-int bufgap_open(bufgap_t *, const char *);
-void bufgap_close(bufgap_t *);
-int bufgap_forwards(bufgap_t *, uint64_t, int);
-int bufgap_backwards(bufgap_t *, uint64_t, int);
-int bufgap_seek(bufgap_t *, int64_t, int, int);
-char *bufgap_getstr(bufgap_t *);
-int bufgap_getbin(bufgap_t *, void *, size_t);
-int64_t bufgap_tell(bufgap_t *, int, int);
-int64_t bufgap_size(bufgap_t *, int);
-int bufgap_insert(bufgap_t *, const char *, int);
-int bufgap_delete(bufgap_t *, uint64_t);
-int bufgap_peek(bufgap_t *, int64_t);
-char *bufgap_gettext(bufgap_t *, int64_t, int64_t);
-int bufgap_write(bufgap_t *, FILE *);
-int bufgap_dirty(bufgap_t *);
-
-#endif /* !BUFGAP_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/compress.c b/enzevalos_iphone/netpgp/lib/compress.c
deleted file mode 100644
index c1d5a5d3..00000000
--- a/enzevalos_iphone/netpgp/lib/compress.c
+++ /dev/null
@@ -1,501 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-#if defined(__NetBSD__)
-__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: compress.c,v 1.18 2010/10/31 18:31:03 agc Exp $");
-#endif
-
-#ifdef HAVE_ZLIB_H
-#include <zlib.h>
-#endif
-
-#ifdef HAVE_BZLIB_H
-#include <bzlib.h>
-#endif
-
-#include <string.h>
-
-#include "packet-parse.h"
-#include "errors.h"
-#include "netpgpdefs.h"
-#include "crypto.h"
-#include "memory.h"
-#include "writer.h"
-
-#define DECOMPRESS_BUFFER 1024
-
-typedef struct {
- __ops_compression_type_t type;
- __ops_region_t *region;
- uint8_t in[DECOMPRESS_BUFFER];
- uint8_t out[DECOMPRESS_BUFFER];
- z_stream zstream;/* ZIP and ZLIB */
- size_t offset;
- int inflate_ret;
-} z_decompress_t;
-
-#ifdef HAVE_BZLIB_H
-typedef struct {
- __ops_compression_type_t type;
- __ops_region_t *region;
- char in[DECOMPRESS_BUFFER];
- char out[DECOMPRESS_BUFFER];
- bz_stream bzstream; /* BZIP2 */
- size_t offset;
- int inflate_ret;
-} bz_decompress_t;
-#endif
-
-typedef struct {
- z_stream stream;
- uint8_t *src;
- uint8_t *dst;
-} compress_t;
-
-/*
- * \todo remove code duplication between this and
- * bzip2_compressed_data_reader
- */
-static int
-zlib_compressed_data_reader(void *dest, size_t length,
- __ops_error_t **errors,
- __ops_reader_t *readinfo,
- __ops_cbdata_t *cbinfo)
-{
- z_decompress_t *z = __ops_reader_get_arg(readinfo);
- size_t len;
- size_t cc;
- char *cdest = dest;
-
- if (z->type != OPS_C_ZIP && z->type != OPS_C_ZLIB) {
- (void) fprintf(stderr,
- "zlib_compressed_data_reader: weird type %d\n",
- z->type);
- return 0;
- }
-
- if (z->inflate_ret == Z_STREAM_END &&
- z->zstream.next_out == &z->out[z->offset]) {
- return 0;
- }
-
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr,
- "zlib_compressed_data_reader: length %" PRIsize "d\n",
- length);
- }
-
- if (z->region->readc == z->region->length) {
- if (z->inflate_ret != Z_STREAM_END) {
- OPS_ERROR(cbinfo->errors, OPS_E_P_DECOMPRESSION_ERROR,
- "Compressed data didn't end when region ended.");
- }
- }
- for (cc = 0 ; cc < length ; cc += len) {
- if (&z->out[z->offset] == z->zstream.next_out) {
- int ret;
-
- z->zstream.next_out = z->out;
- z->zstream.avail_out = sizeof(z->out);
- z->offset = 0;
- if (z->zstream.avail_in == 0) {
- unsigned n = z->region->length;
-
- if (!z->region->indeterminate) {
- n -= z->region->readc;
- if (n > sizeof(z->in)) {
- n = sizeof(z->in);
- }
- } else {
- n = sizeof(z->in);
- }
- if (!__ops_stacked_limited_read(z->in, n,
- z->region,
- errors, readinfo, cbinfo)) {
- return -1;
- }
-
- z->zstream.next_in = z->in;
- z->zstream.avail_in = (z->region->indeterminate) ?
- z->region->last_read : n;
- }
- ret = inflate(&z->zstream, Z_SYNC_FLUSH);
- if (ret == Z_STREAM_END) {
- if (!z->region->indeterminate &&
- z->region->readc != z->region->length) {
- OPS_ERROR(cbinfo->errors,
- OPS_E_P_DECOMPRESSION_ERROR,
- "Compressed stream ended before packet end.");
- }
- } else if (ret != Z_OK) {
- (void) fprintf(stderr, "ret=%d\n", ret);
- OPS_ERROR(cbinfo->errors,
- OPS_E_P_DECOMPRESSION_ERROR, z->zstream.msg);
- }
- z->inflate_ret = ret;
- }
- if (z->zstream.next_out <= &z->out[z->offset]) {
- (void) fprintf(stderr, "Out of memory in buffer\n");
- return 0;
- }
- len = (size_t)(z->zstream.next_out - &z->out[z->offset]);
- if (len > length) {
- len = length;
- }
- (void) memcpy(&cdest[cc], &z->out[z->offset], len);
- z->offset += len;
- }
-
- return (int)length;
-}
-
-#ifdef HAVE_BZLIB_H
-/* \todo remove code duplication between this and zlib_compressed_data_reader */
-static int
-bzip2_compressed_data_reader(void *dest, size_t length,
- __ops_error_t **errors,
- __ops_reader_t *readinfo,
- __ops_cbdata_t *cbinfo)
-{
- bz_decompress_t *bz = __ops_reader_get_arg(readinfo);
- size_t len;
- size_t cc;
- char *cdest = dest;
-
- if (bz->type != OPS_C_BZIP2) {
- (void) fprintf(stderr, "Weird type %d\n", bz->type);
- return 0;
- }
-
- if (bz->inflate_ret == BZ_STREAM_END &&
- bz->bzstream.next_out == &bz->out[bz->offset]) {
- return 0;
- }
- if (bz->region->readc == bz->region->length) {
- if (bz->inflate_ret != BZ_STREAM_END) {
- OPS_ERROR(cbinfo->errors, OPS_E_P_DECOMPRESSION_ERROR,
- "Compressed data didn't end when region ended.");
- }
- }
- for (cc = 0 ; cc < length ; cc += len) {
- if (&bz->out[bz->offset] == bz->bzstream.next_out) {
- int ret;
-
- bz->bzstream.next_out = (char *) bz->out;
- bz->bzstream.avail_out = sizeof(bz->out);
- bz->offset = 0;
- if (bz->bzstream.avail_in == 0) {
- unsigned n = bz->region->length;
-
- if (!bz->region->indeterminate) {
- n -= bz->region->readc;
- if (n > sizeof(bz->in))
- n = sizeof(bz->in);
- } else
- n = sizeof(bz->in);
-
- if (!__ops_stacked_limited_read(
- (uint8_t *) bz->in,
- n, bz->region,
- errors, readinfo, cbinfo))
- return -1;
-
- bz->bzstream.next_in = bz->in;
- bz->bzstream.avail_in =
- (bz->region->indeterminate) ?
- bz->region->last_read : n;
- }
- ret = BZ2_bzDecompress(&bz->bzstream);
- if (ret == BZ_STREAM_END) {
- if (!bz->region->indeterminate &&
- bz->region->readc != bz->region->length)
- OPS_ERROR(cbinfo->errors,
- OPS_E_P_DECOMPRESSION_ERROR,
- "Compressed stream ended before packet end.");
- } else if (ret != BZ_OK) {
- OPS_ERROR_1(cbinfo->errors,
- OPS_E_P_DECOMPRESSION_ERROR,
- "Invalid return %d from BZ2_bzDecompress", ret);
- }
- bz->inflate_ret = ret;
- }
- if (bz->bzstream.next_out <= &bz->out[bz->offset]) {
- (void) fprintf(stderr, "Out of bz memroy\n");
- return 0;
- }
- len = (size_t)(bz->bzstream.next_out - &bz->out[bz->offset]);
- if (len > length) {
- len = length;
- }
- (void) memcpy(&cdest[cc], &bz->out[bz->offset], len);
- bz->offset += len;
- }
-
- return (int)length;
-}
-#endif
-
-/**
- * \ingroup Core_Compress
- *
- * \param *region Pointer to a region
- * \param *stream How to parse
- * \param type Which compression type to expect
-*/
-
-int
-__ops_decompress(__ops_region_t *region, __ops_stream_t *stream,
- __ops_compression_type_t type)
-{
- z_decompress_t z;
-#ifdef HAVE_BZLIB_H
- bz_decompress_t bz;
-#endif
- const int printerrors = 1;
- int ret;
-
- switch (type) {
- case OPS_C_ZIP:
- case OPS_C_ZLIB:
- (void) memset(&z, 0x0, sizeof(z));
-
- z.region = region;
- z.offset = 0;
- z.type = type;
-
- z.zstream.next_in = Z_NULL;
- z.zstream.avail_in = 0;
- z.zstream.next_out = z.out;
- z.zstream.zalloc = Z_NULL;
- z.zstream.zfree = Z_NULL;
- z.zstream.opaque = Z_NULL;
-
- break;
-
-#ifdef HAVE_BZLIB_H
- case OPS_C_BZIP2:
- (void) memset(&bz, 0x0, sizeof(bz));
-
- bz.region = region;
- bz.offset = 0;
- bz.type = type;
-
- bz.bzstream.next_in = NULL;
- bz.bzstream.avail_in = 0;
- bz.bzstream.next_out = bz.out;
- bz.bzstream.bzalloc = NULL;
- bz.bzstream.bzfree = NULL;
- bz.bzstream.opaque = NULL;
-#endif
-
- break;
-
- default:
- OPS_ERROR_1(&stream->errors,
- OPS_E_ALG_UNSUPPORTED_COMPRESS_ALG,
- "Compression algorithm %d is not yet supported", type);
- return 0;
- }
-
- switch (type) {
- case OPS_C_ZIP:
- /* LINTED */ /* this is a lint problem in zlib.h header */
- ret = (int)inflateInit2(&z.zstream, -15);
- break;
-
- case OPS_C_ZLIB:
- /* LINTED */ /* this is a lint problem in zlib.h header */
- ret = (int)inflateInit(&z.zstream);
- break;
-
-#ifdef HAVE_BZLIB_H
- case OPS_C_BZIP2:
- ret = BZ2_bzDecompressInit(&bz.bzstream, 1, 0);
- break;
-#endif
-
- default:
- OPS_ERROR_1(&stream->errors,
- OPS_E_ALG_UNSUPPORTED_COMPRESS_ALG,
- "Compression algorithm %d is not yet supported", type);
- return 0;
- }
-
- switch (type) {
- case OPS_C_ZIP:
- case OPS_C_ZLIB:
- if (ret != Z_OK) {
- OPS_ERROR_1(&stream->errors,
- OPS_E_P_DECOMPRESSION_ERROR,
-"Cannot initialise ZIP or ZLIB stream for decompression: error=%d", ret);
- return 0;
- }
- __ops_reader_push(stream, zlib_compressed_data_reader,
- NULL, &z);
- break;
-
-#ifdef HAVE_BZLIB_H
- case OPS_C_BZIP2:
- if (ret != BZ_OK) {
- OPS_ERROR_1(&stream->errors,
- OPS_E_P_DECOMPRESSION_ERROR,
-"Cannot initialise BZIP2 stream for decompression: error=%d", ret);
- return 0;
- }
- __ops_reader_push(stream, bzip2_compressed_data_reader,
- NULL, &bz);
- break;
-#endif
-
- default:
- OPS_ERROR_1(&stream->errors,
- OPS_E_ALG_UNSUPPORTED_COMPRESS_ALG,
- "Compression algorithm %d is not yet supported", type);
- return 0;
- }
-
- ret = __ops_parse(stream, !printerrors);
-
- __ops_reader_pop(stream);
-
- return ret;
-}
-
-/**
-\ingroup Core_WritePackets
-\brief Writes Compressed packet
-\param data Data to write out
-\param len Length of data
-\param output Write settings
-\return 1 if OK; else 0
-*/
-
-unsigned
-__ops_writez(__ops_output_t *out, const uint8_t *data, const unsigned len)
-{
- compress_t *zip;
- size_t sz_in;
- size_t sz_out;
- int ret;
- int r = 0;
-
- /* compress the data */
- const int level = Z_DEFAULT_COMPRESSION; /* \todo allow varying
- * levels */
-
- if ((zip = calloc(1, sizeof(*zip))) == NULL) {
- (void) fprintf(stderr, "__ops_writez: bad alloc\n");
- return 0;
- }
- zip->stream.zalloc = Z_NULL;
- zip->stream.zfree = Z_NULL;
- zip->stream.opaque = NULL;
-
- /* all other fields set to zero by use of calloc */
-
- /* LINTED */ /* this is a lint problem in zlib.h header */
- if ((int)deflateInit(&zip->stream, level) != Z_OK) {
- (void) fprintf(stderr, "__ops_writez: can't initialise\n");
- return 0;
- }
- /* do necessary transformation */
- /* copy input to maintain const'ness of src */
- if (zip->src != NULL || zip->dst != NULL) {
- (void) fprintf(stderr, "__ops_writez: non-null streams\n");
- return 0;
- }
-
- sz_in = len * sizeof(uint8_t);
- sz_out = ((101 * sz_in) / 100) + 12; /* from zlib webpage */
- if ((zip->src = calloc(1, sz_in)) == NULL) {
- free(zip);
- (void) fprintf(stderr, "__ops_writez: bad alloc2\n");
- return 0;
- }
- if ((zip->dst = calloc(1, sz_out)) == NULL) {
- free(zip->src);
- free(zip);
- (void) fprintf(stderr, "__ops_writez: bad alloc3\n");
- return 0;
- }
- (void) memcpy(zip->src, data, len);
-
- /* setup stream */
- zip->stream.next_in = zip->src;
- zip->stream.avail_in = (unsigned)sz_in;
- zip->stream.total_in = 0;
-
- zip->stream.next_out = zip->dst;
- zip->stream.avail_out = (unsigned)sz_out;
- zip->stream.total_out = 0;
-
- do {
- r = deflate(&zip->stream, Z_FINISH);
- } while (r != Z_STREAM_END);
-
- /* write it out */
- ret = __ops_write_ptag(out, OPS_PTAG_CT_COMPRESSED) &&
- __ops_write_length(out, (unsigned)(zip->stream.total_out + 1))&&
- __ops_write_scalar(out, OPS_C_ZLIB, 1) &&
- __ops_write(out, zip->dst, (unsigned)zip->stream.total_out);
-
- free(zip->src);
- free(zip->dst);
- free(zip);
- return ret;
-}
diff --git a/enzevalos_iphone/netpgp/lib/config.h b/enzevalos_iphone/netpgp/lib/config.h
deleted file mode 100644
index 88ae0608..00000000
--- a/enzevalos_iphone/netpgp/lib/config.h
+++ /dev/null
@@ -1,181 +0,0 @@
-/* src/lib/config.h. Generated from config.h.in by configure. */
-/* src/lib/config.h.in. Generated from configure.ac by autoheader. */
-
-/* Define to 1 if you have the <bzlib.h> header file. */
-#define HAVE_BZLIB_H 1
-
-/* Define to 1 if you have the <CommonCrypto/CommonDigest.h> header file. */
-#define HAVE_COMMONCRYPTO_COMMONDIGEST_H 1
-
-/* Define to 1 if you have the <direct.h> header file. */
-/* #undef HAVE_DIRECT_H */
-
-/* Define to 1 if you have the <dlfcn.h> header file. */
-#define HAVE_DLFCN_H 1
-
-/* Define to 1 if you have the <dmalloc.h> header file. */
-/* #undef HAVE_DMALLOC_H */
-
-/* Define to 1 if you have the <errno.h> header file. */
-#define HAVE_ERRNO_H 1
-
-/* Define to 1 if you have the <fcntl.h> header file. */
-#define HAVE_FCNTL_H 1
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-#define HAVE_INTTYPES_H 1
-
-/* Define to 1 if you have the <limits.h> header file. */
-#define HAVE_LIMITS_H 1
-
-/* Define to 1 if the system has the type `long long int'. */
-#define HAVE_LONG_LONG_INT 1
-
-/* Define to 1 if you have the <malloc.h> header file. */
-/* #undef HAVE_MALLOC_H */
-
-/* Define to 1 if you have the <memory.h> header file. */
-#define HAVE_MEMORY_H 1
-
-/* Define to 1 if you have the <openssl/aes.h> header file. */
-#define HAVE_OPENSSL_AES_H 1
-
-/* Define to 1 if you have the <openssl/bn.h> header file. */
-#define HAVE_OPENSSL_BN_H 1
-
-/* Define to 1 if you have the <openssl/camellia.h> header file. */
-#define HAVE_OPENSSL_CAMELLIA_H 1
-
-/* Define to 1 if you have the <openssl/cast.h> header file. */
-#define HAVE_OPENSSL_CAST_H 1
-
-/* Define to 1 if you have the <openssl/des.h> header file. */
-#define HAVE_OPENSSL_DES_H 1
-
-/* Define to 1 if you have the <openssl/dsa.h> header file. */
-#define HAVE_OPENSSL_DSA_H 1
-
-/* Define to 1 if you have the <openssl/err.h> header file. */
-#define HAVE_OPENSSL_ERR_H 1
-
-/* Define to 1 if you have the <openssl/idea.h> header file. */
-#define HAVE_OPENSSL_IDEA_H 1
-
-/* Define to 1 if you have the <openssl/md5.h> header file. */
-#define HAVE_OPENSSL_MD5_H 1
-
-/* Define to 1 if you have the <openssl/rand.h> header file. */
-#define HAVE_OPENSSL_RAND_H 1
-
-/* Define to 1 if you have the <openssl/rsa.h> header file. */
-#define HAVE_OPENSSL_RSA_H 1
-
-/* Define to 1 if you have the <openssl/sha.h> header file. */
-#define HAVE_OPENSSL_SHA_H 1
-
-/* Define to 1 if the system has the type `SHA256_CTX'. */
-#define HAVE_SHA256_CTX 1
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#define HAVE_STDINT_H 1
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#define HAVE_STDLIB_H 1
-
-/* Define to 1 if you have the <strings.h> header file. */
-#define HAVE_STRINGS_H 1
-
-/* Define to 1 if you have the <string.h> header file. */
-#define HAVE_STRING_H 1
-
-/* Define to 1 if you have the <sys/cdefs.h> header file. */
-#define HAVE_SYS_CDEFS_H 1
-
-/* Define to 1 if you have the <sys/file.h> header file. */
-#define HAVE_SYS_FILE_H 1
-
-/* Define to 1 if you have the <sys/mman.h> header file. */
-#define HAVE_SYS_MMAN_H 1
-
-/* Define to 1 if you have the <sys/param.h> header file. */
-#define HAVE_SYS_PARAM_H 1
-
-/* Define to 1 if you have the <sys/resource.h> header file. */
-#define HAVE_SYS_RESOURCE_H 1
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#define HAVE_SYS_STAT_H 1
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#define HAVE_SYS_TYPES_H 1
-
-/* Define to 1 if you have the <sys/uio.h> header file. */
-#define HAVE_SYS_UIO_H 1
-
-/* Define to 1 if you have the <unistd.h> header file. */
-#define HAVE_UNISTD_H 1
-
-/* Define to 1 if you have the <zlib.h> header file. */
-#define HAVE_ZLIB_H 1
-
-/* Define to the sub-directory in which libtool stores uninstalled libraries.
- */
-#define LT_OBJDIR ".libs/"
-
-/* Name of package */
-#define PACKAGE "netpgp"
-
-/* Define to the address where bug reports for this package should be sent. */
-#define PACKAGE_BUGREPORT "Alistair Crooks <agc@netbsd.org> c0596823"
-
-/* Define to the full name of this package. */
-#define PACKAGE_NAME "netpgp"
-
-/* Define to the full name and version of this package. */
-#define PACKAGE_STRING "netpgp 20101107"
-
-/* Define to the one symbol short name of this package. */
-#define PACKAGE_TARNAME "netpgp"
-
-/* Define to the version of this package. */
-#define PACKAGE_VERSION "20101107"
-
-/* Define to 1 if you have the ANSI C header files. */
-#define STDC_HEADERS 1
-
-/* Version number of package */
-#define VERSION "20101107"
-
-/* Define for Solaris 2.5.1 so the uint32_t typedef from <sys/synch.h>,
- <pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
- #define below would cause a syntax error. */
-/* #undef _UINT32_T */
-
-/* Define for Solaris 2.5.1 so the uint64_t typedef from <sys/synch.h>,
- <pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
- #define below would cause a syntax error. */
-/* #undef _UINT64_T */
-
-/* Define for Solaris 2.5.1 so the uint8_t typedef from <sys/synch.h>,
- <pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
- #define below would cause a syntax error. */
-/* #undef _UINT8_T */
-
-/* Define to `unsigned int' if <sys/types.h> does not define. */
-/* #undef size_t */
-
-/* Define to the type of an unsigned integer type of width exactly 16 bits if
- such a type exists and the standard includes do not define it. */
-/* #undef uint16_t */
-
-/* Define to the type of an unsigned integer type of width exactly 32 bits if
- such a type exists and the standard includes do not define it. */
-/* #undef uint32_t */
-
-/* Define to the type of an unsigned integer type of width exactly 64 bits if
- such a type exists and the standard includes do not define it. */
-/* #undef uint64_t */
-
-/* Define to the type of an unsigned integer type of width exactly 8 bits if
- such a type exists and the standard includes do not define it. */
-/* #undef uint8_t */
diff --git a/enzevalos_iphone/netpgp/lib/create.c b/enzevalos_iphone/netpgp/lib/create.c
deleted file mode 100644
index f92401f7..00000000
--- a/enzevalos_iphone/netpgp/lib/create.c
+++ /dev/null
@@ -1,1305 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-#if defined(__NetBSD__)
-__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: create.c,v 1.36 2010/11/07 02:29:28 agc Exp $");
-#endif
-
-#include <sys/types.h>
-#include <sys/param.h>
-#include <sys/stat.h>
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#include <string.h>
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_OPENSSL_CAST_H
-#include <openssl/cast.h>
-#endif
-
-#include "create.h"
-#include "keyring.h"
-#include "packet.h"
-#include "signature.h"
-#include "writer.h"
-#include "readerwriter.h"
-#include "memory.h"
-#include "netpgpdefs.h"
-#include "netpgpdigest.h"
-
-/**
- * \ingroup Core_Create
- * \param length
- * \param type
- * \param output
- * \return 1 if OK, otherwise 0
- */
-
-unsigned
-__ops_write_ss_header(__ops_output_t *output,
- unsigned length,
- __ops_content_enum type)
-{
- return __ops_write_length(output, length) &&
- __ops_write_scalar(output, (unsigned)(type -
- (unsigned)OPS_PTAG_SIG_SUBPKT_BASE), 1);
-}
-
-/*
- * XXX: the general idea of _fast_ is that it doesn't copy stuff the safe
- * (i.e. non _fast_) version will, and so will also need to be freed.
- */
-
-/**
- * \ingroup Core_Create
- *
- * __ops_fast_create_userid() sets id->userid to the given userid.
- * This is fast because it is only copying a char*. However, if userid
- * is changed or freed in the future, this could have injurious results.
- * \param id
- * \param userid
- */
-
-void
-__ops_fast_create_userid(uint8_t **id, uint8_t *userid)
-{
- *id = userid;
-}
-
-/**
- * \ingroup Core_WritePackets
- * \brief Writes a User Id packet
- * \param id
- * \param output
- * \return 1 if OK, otherwise 0
- */
-unsigned
-__ops_write_struct_userid(__ops_output_t *output, const uint8_t *id)
-{
- return __ops_write_ptag(output, OPS_PTAG_CT_USER_ID) &&
- __ops_write_length(output, (unsigned)strlen((const char *) id)) &&
- __ops_write(output, id, (unsigned)strlen((const char *) id));
-}
-
-/**
- * \ingroup Core_WritePackets
- * \brief Write a User Id packet.
- * \param userid
- * \param output
- *
- * \return return value from __ops_write_struct_userid()
- */
-unsigned
-__ops_write_userid(const uint8_t *userid, __ops_output_t *output)
-{
- return __ops_write_struct_userid(output, userid);
-}
-
-/**
-\ingroup Core_MPI
-*/
-static unsigned
-mpi_length(const BIGNUM *bn)
-{
- return (unsigned)(2 + (BN_num_bits(bn) + 7) / 8);
-}
-
-static unsigned
-pubkey_length(const __ops_pubkey_t *key)
-{
- switch (key->alg) {
- case OPS_PKA_DSA:
- return mpi_length(key->key.dsa.p) + mpi_length(key->key.dsa.q) +
- mpi_length(key->key.dsa.g) + mpi_length(key->key.dsa.y);
-
- case OPS_PKA_RSA:
- return mpi_length(key->key.rsa.n) + mpi_length(key->key.rsa.e);
-
- default:
- (void) fprintf(stderr,
- "pubkey_length: unknown key algorithm\n");
- }
- return 0;
-}
-
-static unsigned
-seckey_length(const __ops_seckey_t *key)
-{
- int len;
-
- len = 0;
- switch (key->pubkey.alg) {
- case OPS_PKA_DSA:
- return (unsigned)(mpi_length(key->key.dsa.x) + pubkey_length(&key->pubkey));
- case OPS_PKA_RSA:
- len = mpi_length(key->key.rsa.d) + mpi_length(key->key.rsa.p) +
- mpi_length(key->key.rsa.q) + mpi_length(key->key.rsa.u);
-
- return (unsigned)(len + pubkey_length(&key->pubkey));
- default:
- (void) fprintf(stderr,
- "seckey_length: unknown key algorithm\n");
- }
- return 0;
-}
-
-/**
- * \ingroup Core_Create
- * \param key
- * \param t
- * \param n
- * \param e
-*/
-void
-__ops_fast_create_rsa_pubkey(__ops_pubkey_t *key, time_t t,
- BIGNUM *n, BIGNUM *e)
-{
- key->version = OPS_V4;
- key->birthtime = t;
- key->alg = OPS_PKA_RSA;
- key->key.rsa.n = n;
- key->key.rsa.e = e;
-}
-
-/*
- * Note that we support v3 keys here because they're needed for for
- * verification - the writer doesn't allow them, though
- */
-static unsigned
-write_pubkey_body(const __ops_pubkey_t *key, __ops_output_t *output)
-{
- if (!(__ops_write_scalar(output, (unsigned)key->version, 1) &&
- __ops_write_scalar(output, (unsigned)key->birthtime, 4))) {
- return 0;
- }
-
- if (key->version != 4 &&
- !__ops_write_scalar(output, key->days_valid, 2)) {
- return 0;
- }
-
- if (!__ops_write_scalar(output, (unsigned)key->alg, 1)) {
- return 0;
- }
-
- switch (key->alg) {
- case OPS_PKA_DSA:
- return __ops_write_mpi(output, key->key.dsa.p) &&
- __ops_write_mpi(output, key->key.dsa.q) &&
- __ops_write_mpi(output, key->key.dsa.g) &&
- __ops_write_mpi(output, key->key.dsa.y);
-
- case OPS_PKA_RSA:
- case OPS_PKA_RSA_ENCRYPT_ONLY:
- case OPS_PKA_RSA_SIGN_ONLY:
- return __ops_write_mpi(output, key->key.rsa.n) &&
- __ops_write_mpi(output, key->key.rsa.e);
-
- case OPS_PKA_ELGAMAL:
- return __ops_write_mpi(output, key->key.elgamal.p) &&
- __ops_write_mpi(output, key->key.elgamal.g) &&
- __ops_write_mpi(output, key->key.elgamal.y);
-
- default:
- (void) fprintf(stderr,
- "write_pubkey_body: bad algorithm\n");
- break;
- }
- return 0;
-}
-
-/*
- * Note that we support v3 keys here because they're needed for
- * verification.
- */
-static unsigned
-write_seckey_body(const __ops_seckey_t *key,
- const uint8_t *passphrase,
- const size_t pplen,
- __ops_output_t *output)
-{
- /* RFC4880 Section 5.5.3 Secret-Key Packet Formats */
-
- __ops_crypt_t crypted;
- __ops_hash_t hash;
- unsigned done = 0;
- unsigned i = 0;
- uint8_t hashed[OPS_SHA1_HASH_SIZE];
- uint8_t sesskey[CAST_KEY_LENGTH];
-
- if (!write_pubkey_body(&key->pubkey, output)) {
- return 0;
- }
- if (key->s2k_usage != OPS_S2KU_ENCRYPTED_AND_HASHED) {
- (void) fprintf(stderr, "write_seckey_body: s2k usage\n");
- return 0;
- }
- if (!__ops_write_scalar(output, (unsigned)key->s2k_usage, 1)) {
- return 0;
- }
-
- if (key->alg != OPS_SA_CAST5) {
- (void) fprintf(stderr, "write_seckey_body: algorithm\n");
- return 0;
- }
- if (!__ops_write_scalar(output, (unsigned)key->alg, 1)) {
- return 0;
- }
-
- if (key->s2k_specifier != OPS_S2KS_SIMPLE &&
- key->s2k_specifier != OPS_S2KS_SALTED) {
- /* = 1 \todo could also be iterated-and-salted */
- (void) fprintf(stderr, "write_seckey_body: s2k spec\n");
- return 0;
- }
- if (!__ops_write_scalar(output, (unsigned)key->s2k_specifier, 1)) {
- return 0;
- }
- if (!__ops_write_scalar(output, (unsigned)key->hash_alg, 1)) {
- return 0;
- }
-
- switch (key->s2k_specifier) {
- case OPS_S2KS_SIMPLE:
- /* nothing more to do */
- break;
-
- case OPS_S2KS_SALTED:
- /* 8-octet salt value */
- __ops_random(__UNCONST(&key->salt[0]), OPS_SALT_SIZE);
- if (!__ops_write(output, key->salt, OPS_SALT_SIZE)) {
- return 0;
- }
- break;
-
- /*
- * \todo case OPS_S2KS_ITERATED_AND_SALTED: // 8-octet salt
- * value // 1-octet count break;
- */
-
- default:
- (void) fprintf(stderr,
- "invalid/unsupported s2k specifier %d\n",
- key->s2k_specifier);
- return 0;
- }
-
- if (!__ops_write(output, &key->iv[0], __ops_block_size(key->alg))) {
- return 0;
- }
-
- /*
- * create the session key for encrypting the algorithm-specific
- * fields
- */
-
- switch (key->s2k_specifier) {
- case OPS_S2KS_SIMPLE:
- case OPS_S2KS_SALTED:
- /* RFC4880: section 3.7.1.1 and 3.7.1.2 */
-
- for (done = 0, i = 0; done < CAST_KEY_LENGTH; i++) {
- unsigned j;
- uint8_t zero = 0;
- int needed;
- int size;
-
- needed = CAST_KEY_LENGTH - done;
- size = MIN(needed, OPS_SHA1_HASH_SIZE);
-
- __ops_hash_any(&hash, key->hash_alg);
- if (!hash.init(&hash)) {
- (void) fprintf(stderr, "write_seckey_body: bad alloc\n");
- return 0;
- }
-
- /* preload if iterating */
- for (j = 0; j < i; j++) {
- /*
- * Coverity shows a DEADCODE error on this
- * line. This is expected since the hardcoded
- * use of SHA1 and CAST5 means that it will
- * not used. This will change however when
- * other algorithms are supported.
- */
- hash.add(&hash, &zero, 1);
- }
-
- if (key->s2k_specifier == OPS_S2KS_SALTED) {
- hash.add(&hash, key->salt, OPS_SALT_SIZE);
- }
- hash.add(&hash, passphrase, (unsigned)pplen);
- hash.finish(&hash, hashed); // this is crashing 'i' value is completly wrong after this
-
- /*
- * if more in hash than is needed by session key, use
- * the leftmost octets
- */
- (void) memcpy(&sesskey[i * OPS_SHA1_HASH_SIZE],
- hashed, (unsigned)size);
- done += (unsigned)size;
- if (done > CAST_KEY_LENGTH) {
- (void) fprintf(stderr,
- "write_seckey_body: short add\n");
- return 0;
- }
- }
-
- break;
-
- /*
- * \todo case OPS_S2KS_ITERATED_AND_SALTED: * 8-octet salt
- * value * 1-octet count break;
- */
-
- default:
- (void) fprintf(stderr,
- "invalid/unsupported s2k specifier %d\n",
- key->s2k_specifier);
- return 0;
- }
-
- /* use this session key to encrypt */
-
- __ops_crypt_any(&crypted, key->alg);
- crypted.set_iv(&crypted, key->iv);
- crypted.set_crypt_key(&crypted, sesskey);
- __ops_encrypt_init(&crypted);
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "writing: iv=", key->iv, __ops_block_size(key->alg));
- hexdump(stderr, "key= ", sesskey, CAST_KEY_LENGTH);
- (void) fprintf(stderr, "\nturning encryption on...\n");
- }
- __ops_push_enc_crypt(output, &crypted);
-
- switch (key->pubkey.alg) {
- /* case OPS_PKA_DSA: */
- /* return __ops_write_mpi(output, key->key.dsa.x); */
-
- case OPS_PKA_RSA:
- case OPS_PKA_RSA_ENCRYPT_ONLY:
- case OPS_PKA_RSA_SIGN_ONLY:
-
- if (!__ops_write_mpi(output, key->key.rsa.d) ||
- !__ops_write_mpi(output, key->key.rsa.p) ||
- !__ops_write_mpi(output, key->key.rsa.q) ||
- !__ops_write_mpi(output, key->key.rsa.u)) {
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr,
- "4 x mpi not written - problem\n");
- }
- return 0;
- }
- break;
- case OPS_PKA_DSA:
- return __ops_write_mpi(output, key->key.dsa.x);
- case OPS_PKA_ELGAMAL:
- return __ops_write_mpi(output, key->key.elgamal.x);
- default:
- return 0;
- }
-
- if (!__ops_write(output, key->checkhash, OPS_CHECKHASH_SIZE)) {
- return 0;
- }
-
- __ops_writer_pop(output);
-
- return 1;
-}
-
-/**
- * \ingroup Core_WritePackets
- * \brief Writes a Public Key packet
- * \param key
- * \param output
- * \return 1 if OK, otherwise 0
- */
-static unsigned
-write_struct_pubkey(__ops_output_t *output, const __ops_pubkey_t *key)
-{
- return __ops_write_ptag(output, OPS_PTAG_CT_PUBLIC_KEY) &&
- __ops_write_length(output, 1 + 4 + 1 + pubkey_length(key)) &&
- write_pubkey_body(key, output);
-}
-
-
-/**
- \ingroup HighLevel_KeyWrite
-
- \brief Writes a transferable PGP public key to the given output stream.
-
- \param keydata Key to be written
- \param armoured Flag is set for armoured output
- \param output Output stream
-
-*/
-
-unsigned
-__ops_write_xfer_pubkey(__ops_output_t *output,
- const __ops_key_t *key,
- const unsigned armoured)
-{
- unsigned i, j;
-
- if (armoured) {
- __ops_writer_push_armoured(output, OPS_PGP_PUBLIC_KEY_BLOCK);
- }
- /* public key */
- if (!write_struct_pubkey(output, &key->key.pubkey)) {
- return 0;
- }
-
- /* TODO: revocation signatures go here */
-
- /* user ids and corresponding signatures */
- for (i = 0; i < key->uidc; i++) {
- if (!__ops_write_struct_userid(output, key->uids[i])) {
- return 0;
- }
- for (j = 0; j < key->packetc; j++) {
- if (!__ops_write(output, key->packets[j].raw, (unsigned)key->packets[j].length)) {
- return 0;
- }
- }
- }
-
- /* TODO: user attributes and corresponding signatures */
-
- /*
- * subkey packets and corresponding signatures and optional
- * revocation
- */
-
- if (armoured) {
- __ops_writer_info_finalise(&output->errors, &output->writer);
- __ops_writer_pop(output);
- }
- return 1;
-}
-
-/**
- \ingroup HighLevel_KeyWrite
-
- \brief Writes a transferable PGP secret key to the given output stream.
-
- \param keydata Key to be written
- \param passphrase
- \param pplen
- \param armoured Flag is set for armoured output
- \param output Output stream
-
-*/
-
-unsigned
-__ops_write_xfer_seckey(__ops_output_t *output,
- const __ops_key_t *key,
- const uint8_t *passphrase,
- const size_t pplen,
- unsigned armoured)
-{
- unsigned i, j;
-
- if (armoured) {
- __ops_writer_push_armoured(output, OPS_PGP_PRIVATE_KEY_BLOCK);
- }
- /* public key */
- if (!__ops_write_struct_seckey(&key->key.seckey, passphrase,
- pplen, output)) {
- return 0;
- }
-
- /* TODO: revocation signatures go here */
-
- /* user ids and corresponding signatures */
- for (i = 0; i < key->uidc; i++) {
- if (!__ops_write_struct_userid(output, key->uids[i])) {
- return 0;
- }
- for (j = 0; j < key->packetc; j++) {
- if (!__ops_write(output, key->packets[j].raw, (unsigned)key->packets[j].length)) {
- return 0;
- }
- }
- }
-
- /* TODO: user attributes and corresponding signatures */
-
- /*
- * subkey packets and corresponding signatures and optional
- * revocation
- */
-
- if (armoured) {
- __ops_writer_info_finalise(&output->errors, &output->writer);
- __ops_writer_pop(output);
- }
- return 1;
-}
-
-/**
- * \ingroup Core_WritePackets
- * \brief Writes one RSA public key packet.
- * \param t Creation time
- * \param n RSA public modulus
- * \param e RSA public encryption exponent
- * \param output Writer settings
- *
- * \return 1 if OK, otherwise 0
- */
-
-unsigned
-__ops_write_rsa_pubkey(time_t t, const BIGNUM *n,
- const BIGNUM *e,
- __ops_output_t *output)
-{
- __ops_pubkey_t key;
-
- __ops_fast_create_rsa_pubkey(&key, t, __UNCONST(n), __UNCONST(e));
- return write_struct_pubkey(output, &key);
-}
-
-/**
- * \ingroup Core_Create
- * \param out
- * \param key
- * \param make_packet
- */
-
-void
-__ops_build_pubkey(__ops_memory_t *out, const __ops_pubkey_t *key,
- unsigned make_packet)
-{
- __ops_output_t *output;
-
- output = __ops_output_new();
- __ops_memory_init(out, 128);
- __ops_writer_set_memory(output, out);
- write_pubkey_body(key, output);
- if (make_packet) {
- __ops_memory_make_packet(out, OPS_PTAG_CT_PUBLIC_KEY);
- }
- __ops_output_delete(output);
-}
-
-/**
- * \ingroup Core_Create
- *
- * Create an RSA secret key structure. If a parameter is marked as
- * [OPTIONAL], then it can be omitted and will be calculated from
- * other params - or, in the case of e, will default to 0x10001.
- *
- * Parameters are _not_ copied, so will be freed if the structure is
- * freed.
- *
- * \param key The key structure to be initialised.
- * \param t
- * \param d The RSA parameter d (=e^-1 mod (p-1)(q-1)) [OPTIONAL]
- * \param p The RSA parameter p
- * \param q The RSA parameter q (q > p)
- * \param u The RSA parameter u (=p^-1 mod q) [OPTIONAL]
- * \param n The RSA public parameter n (=p*q) [OPTIONAL]
- * \param e The RSA public parameter e */
-
-void
-__ops_fast_create_rsa_seckey(__ops_seckey_t *key, time_t t,
- BIGNUM *d, BIGNUM *p, BIGNUM *q, BIGNUM *u,
- BIGNUM *n, BIGNUM *e)
-{
- __ops_fast_create_rsa_pubkey(&key->pubkey, t, n, e);
-
- /* XXX: calculate optionals */
- key->key.rsa.d = d;
- key->key.rsa.p = p;
- key->key.rsa.q = q;
- key->key.rsa.u = u;
-
- key->s2k_usage = OPS_S2KU_NONE;
-
- /* XXX: sanity check and add errors... */
-}
-
-/**
- * \ingroup Core_WritePackets
- * \brief Writes a Secret Key packet.
- * \param key The secret key
- * \param passphrase The passphrase
- * \param pplen Length of passphrase
- * \param output
- * \return 1 if OK; else 0
- */
-unsigned
-__ops_write_struct_seckey(const __ops_seckey_t *key,
- const uint8_t *passphrase,
- const size_t pplen,
- __ops_output_t *output)
-{
- int length = 0;
-
- if (key->pubkey.version != 4) {
- (void) fprintf(stderr,
- "__ops_write_struct_seckey: public key version\n");
- return 0;
- }
-
- /* Ref: RFC4880 Section 5.5.3 */
-
- /* pubkey, excluding MPIs */
- length += 1 + 4 + 1 + 1;
-
- /* s2k usage */
- length += 1;
-
- switch (key->s2k_usage) {
- case OPS_S2KU_NONE:
- /* nothing to add */
- break;
-
- case OPS_S2KU_ENCRYPTED_AND_HASHED: /* 254 */
- case OPS_S2KU_ENCRYPTED: /* 255 */
-
- /* Ref: RFC4880 Section 3.7 */
- length += 1; /* s2k_specifier */
-
- switch (key->s2k_specifier) {
- case OPS_S2KS_SIMPLE:
- length += 1; /* hash algorithm */
- break;
-
- case OPS_S2KS_SALTED:
- length += 1 + 8; /* hash algorithm + salt */
- break;
-
- case OPS_S2KS_ITERATED_AND_SALTED:
- length += 1 + 8 + 1; /* hash algorithm, salt +
- * count */
- break;
-
- default:
- (void) fprintf(stderr,
- "__ops_write_struct_seckey: s2k spec\n");
- return 0;
- }
- break;
-
- default:
- (void) fprintf(stderr,
- "__ops_write_struct_seckey: s2k usage\n");
- return 0;
- }
-
- /* IV */
- if (key->s2k_usage) {
- length += __ops_block_size(key->alg);
- }
- /* checksum or hash */
- switch (key->s2k_usage) {
- case OPS_S2KU_NONE:
- case OPS_S2KU_ENCRYPTED:
- length += 2;
- break;
-
- case OPS_S2KU_ENCRYPTED_AND_HASHED:
- length += OPS_CHECKHASH_SIZE;
- break;
-
- default:
- (void) fprintf(stderr,
- "__ops_write_struct_seckey: s2k cksum usage\n");
- return 0;
- }
-
- /* secret key and public key MPIs */
- length += (unsigned)seckey_length(key);
-
- return __ops_write_ptag(output, OPS_PTAG_CT_SECRET_KEY) &&
- /* __ops_write_length(output,1+4+1+1+seckey_length(key)+2) && */
- __ops_write_length(output, (unsigned)length) &&
- write_seckey_body(key, passphrase, pplen, output);
-}
-
-/**
- * \ingroup Core_Create
- *
- * \brief Create a new __ops_output_t structure.
- *
- * \return the new structure.
- * \note It is the responsiblity of the caller to call __ops_output_delete().
- * \sa __ops_output_delete()
- */
-__ops_output_t *
-__ops_output_new(void)
-{
- return calloc(1, sizeof(__ops_output_t));
-}
-
-/**
- * \ingroup Core_Create
- * \brief Delete an __ops_output_t strucut and associated resources.
- *
- * Delete an __ops_output_t structure. If a writer is active, then
- * that is also deleted.
- *
- * \param info the structure to be deleted.
- */
-void
-__ops_output_delete(__ops_output_t *output)
-{
- __ops_writer_info_delete(&output->writer);
- free(output);
-}
-
-/**
- \ingroup Core_Create
- \brief Calculate the checksum for a session key
- \param sesskey Session Key to use
- \param cs Checksum to be written
- \return 1 if OK; else 0
-*/
-unsigned
-__ops_calc_sesskey_checksum(__ops_pk_sesskey_t *sesskey, uint8_t cs[2])
-{
- uint32_t checksum = 0;
- unsigned i;
-
- if (!__ops_is_sa_supported(sesskey->symm_alg)) {
- return 0;
- }
-
- for (i = 0; i < __ops_key_size(sesskey->symm_alg); i++) {
- checksum += sesskey->key[i];
- }
- checksum = checksum % 65536;
-
- cs[0] = (uint8_t)((checksum >> 8) & 0xff);
- cs[1] = (uint8_t)(checksum & 0xff);
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "nm buf checksum:", cs, 2);
- }
- return 1;
-}
-
-static unsigned
-create_unencoded_m_buf(__ops_pk_sesskey_t *sesskey, __ops_crypt_t *cipherinfo, uint8_t *m_buf)
-{
- unsigned i;
-
- /* m_buf is the buffer which will be encoded in PKCS#1 block
- * encoding to form the "m" value used in the Public Key
- * Encrypted Session Key Packet as defined in RFC Section 5.1
- * "Public-Key Encrypted Session Key Packet"
- */
- m_buf[0] = sesskey->symm_alg;
- for (i = 0; i < cipherinfo->keysize ; i++) {
- /* XXX - Flexelint - Warning 679: Suspicious Truncation in arithmetic expression combining with pointer */
- m_buf[1 + i] = sesskey->key[i];
- }
-
- return __ops_calc_sesskey_checksum(sesskey,
- m_buf + 1 + cipherinfo->keysize);
-}
-
-/**
-\ingroup Core_Create
-\brief implementation of EME-PKCS1-v1_5-ENCODE, as defined in OpenPGP RFC
-\param M
-\param mLen
-\param pubkey
-\param EM
-\return 1 if OK; else 0
-*/
-unsigned
-encode_m_buf(const uint8_t *M, size_t mLen, const __ops_pubkey_t * pubkey,
- uint8_t *EM)
-{
- unsigned k;
- unsigned i;
-
- /* implementation of EME-PKCS1-v1_5-ENCODE, as defined in OpenPGP RFC */
- switch (pubkey->alg) {
- case OPS_PKA_RSA:
- k = (unsigned)BN_num_bytes(pubkey->key.rsa.n);
- if (mLen > k - 11) {
- (void) fprintf(stderr, "encode_m_buf: message too long\n");
- return 0;
- }
- break;
- case OPS_PKA_DSA:
- case OPS_PKA_ELGAMAL:
- k = (unsigned)BN_num_bytes(pubkey->key.elgamal.p);
- if (mLen > k - 11) {
- (void) fprintf(stderr, "encode_m_buf: message too long\n");
- return 0;
- }
- break;
- default:
- (void) fprintf(stderr, "encode_m_buf: pubkey algorithm\n");
- return 0;
- }
- /* these two bytes defined by RFC */
- EM[0] = 0x00;
- EM[1] = 0x02;
- /* add non-zero random bytes of length k - mLen -3 */
- for (i = 2; i < (k - mLen) - 1; ++i) {
- do {
- __ops_random(EM + i, 1);
- } while (EM[i] == 0);
- }
- if (i < 8 + 2) {
- (void) fprintf(stderr, "encode_m_buf: bad i len\n");
- return 0;
- }
- EM[i++] = 0;
- (void) memcpy(EM + i, M, mLen);
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "Encoded Message:", EM, mLen);
- }
- return 1;
-}
-
-/**
- \ingroup Core_Create
-\brief Creates an __ops_pk_sesskey_t struct from keydata
-\param key Keydata to use
-\return __ops_pk_sesskey_t struct
-\note It is the caller's responsiblity to free the returned pointer
-\note Currently hard-coded to use CAST5
-\note Currently hard-coded to use RSA
-*/
-__ops_pk_sesskey_t *
-__ops_create_pk_sesskey(const __ops_key_t *key, const char *ciphername, int dont_use_subkey_to_encrypt)
-{
- /*
- * Creates a random session key and encrypts it for the given key
- *
- * Encryption used is PK,
- * can be any, we're hardcoding RSA for now
- */
-
- const __ops_pubkey_t *pubkey;
- __ops_pk_sesskey_t *sesskey;
- __ops_symm_alg_t cipher;
- const uint8_t *id;
- __ops_crypt_t cipherinfo;
- uint8_t *unencoded_m_buf;
- uint8_t *encoded_m_buf;
- size_t sz_encoded_m_buf;
-
- if (memcmp(key->encid, "\0\0\0\0\0\0\0\0", 8) == 0) {
- pubkey = __ops_get_pubkey(key);
- id = key->sigid;
- } else if (dont_use_subkey_to_encrypt) {
- //DUPA
- pubkey = __ops_get_pubkey(key);
- id = key->sigid;
- } else {
- pubkey = &key->enckey;
- id = key->encid;
- }
- /* allocate unencoded_m_buf here */
- (void) memset(&cipherinfo, 0x0, sizeof(cipherinfo));
- __ops_crypt_any(&cipherinfo,
- cipher = __ops_str_to_cipher((ciphername) ? ciphername : "cast5"));
- unencoded_m_buf = calloc(1, cipherinfo.keysize + 1 + 2);
- if (unencoded_m_buf == NULL) {
- (void) fprintf(stderr,
- "__ops_create_pk_sesskey: can't allocate\n");
- return NULL;
- }
- switch(pubkey->alg) {
- case OPS_PKA_RSA:
- sz_encoded_m_buf = BN_num_bytes(pubkey->key.rsa.n);
- break;
- case OPS_PKA_DSA:
- case OPS_PKA_ELGAMAL:
- sz_encoded_m_buf = BN_num_bytes(pubkey->key.elgamal.p);
- break;
- default:
- sz_encoded_m_buf = 0;
- break;
- }
- if ((encoded_m_buf = calloc(1, sz_encoded_m_buf)) == NULL) {
- (void) fprintf(stderr,
- "__ops_create_pk_sesskey: can't allocate\n");
- free(unencoded_m_buf);
- return NULL;
- }
- if ((sesskey = calloc(1, sizeof(*sesskey))) == NULL) {
- (void) fprintf(stderr,
- "__ops_create_pk_sesskey: can't allocate\n");
- free(unencoded_m_buf);
- free(encoded_m_buf);
- return NULL;
- }
- if (key->type != OPS_PTAG_CT_PUBLIC_KEY) {
- (void) fprintf(stderr,
- "__ops_create_pk_sesskey: bad type\n");
- free(unencoded_m_buf);
- free(encoded_m_buf);
- free(sesskey);
- return NULL;
- }
- sesskey->version = OPS_PKSK_V3;
- (void) memcpy(sesskey->key_id, id, sizeof(sesskey->key_id));
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "Encrypting for keyid", id, sizeof(sesskey->key_id));
- }
- switch (pubkey->alg) {
- case OPS_PKA_RSA:
- case OPS_PKA_DSA:
- case OPS_PKA_ELGAMAL:
- break;
- default:
- (void) fprintf(stderr,
- "__ops_create_pk_sesskey: bad pubkey algorithm\n");
- free(unencoded_m_buf);
- free(encoded_m_buf);
- free(sesskey);
- return NULL;
- }
- sesskey->alg = pubkey->alg;
-
- sesskey->symm_alg = cipher;
- __ops_random(sesskey->key, cipherinfo.keysize);
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "sesskey created", sesskey->key,
- cipherinfo.keysize + 1 + 2);
- }
- if (create_unencoded_m_buf(sesskey, &cipherinfo, &unencoded_m_buf[0]) == 0) {
- free(unencoded_m_buf);
- free(encoded_m_buf);
- free(sesskey);
- return NULL;
- }
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "uuencoded m buf", unencoded_m_buf, cipherinfo.keysize + 1 + 2);
- }
- encode_m_buf(unencoded_m_buf, cipherinfo.keysize + 1 + 2, pubkey, encoded_m_buf);
-
- /* and encrypt it */
- switch (key->key.pubkey.alg) {
- case OPS_PKA_RSA:
- if (!__ops_rsa_encrypt_mpi(encoded_m_buf, sz_encoded_m_buf, pubkey,
- &sesskey->params)) {
- free(unencoded_m_buf);
- free(encoded_m_buf);
- free(sesskey);
- return NULL;
- }
- break;
- case OPS_PKA_DSA:
- case OPS_PKA_ELGAMAL:
- if (!__ops_elgamal_encrypt_mpi(encoded_m_buf, sz_encoded_m_buf, pubkey,
- &sesskey->params)) {
- free(unencoded_m_buf);
- free(encoded_m_buf);
- free(sesskey);
- return NULL;
- }
- break;
- default:
- /* will not get here - for lint only */
- break;
- }
- free(unencoded_m_buf);
- free(encoded_m_buf);
- return sesskey;
-}
-
-/**
-\ingroup Core_WritePackets
-\brief Writes Public Key Session Key packet
-\param info Write settings
-\param pksk Public Key Session Key to write out
-\return 1 if OK; else 0
-*/
-unsigned
-__ops_write_pk_sesskey(__ops_output_t *output, __ops_pk_sesskey_t *pksk)
-{
- /* XXX - Flexelint - Pointer parameter 'pksk' (line 1076) could be declared as pointing to const */
- if (pksk == NULL) {
- (void) fprintf(stderr,
- "__ops_write_pk_sesskey: NULL pksk\n");
- return 0;
- }
- switch (pksk->alg) {
- case OPS_PKA_RSA:
- return __ops_write_ptag(output, OPS_PTAG_CT_PK_SESSION_KEY) &&
- __ops_write_length(output, (unsigned)(1 + 8 + 1 +
- BN_num_bytes(pksk->params.rsa.encrypted_m) + 2)) &&
- __ops_write_scalar(output, (unsigned)pksk->version, 1) &&
- __ops_write(output, pksk->key_id, 8) &&
- __ops_write_scalar(output, (unsigned)pksk->alg, 1) &&
- __ops_write_mpi(output, pksk->params.rsa.encrypted_m)
- /* ?? && __ops_write_scalar(output, 0, 2); */
- ;
- case OPS_PKA_DSA:
- case OPS_PKA_ELGAMAL:
- return __ops_write_ptag(output, OPS_PTAG_CT_PK_SESSION_KEY) &&
- __ops_write_length(output, (unsigned)(1 + 8 + 1 +
- BN_num_bytes(pksk->params.elgamal.g_to_k) + 2 +
- BN_num_bytes(pksk->params.elgamal.encrypted_m) + 2)) &&
- __ops_write_scalar(output, (unsigned)pksk->version, 1) &&
- __ops_write(output, pksk->key_id, 8) &&
- __ops_write_scalar(output, (unsigned)pksk->alg, 1) &&
- __ops_write_mpi(output, pksk->params.elgamal.g_to_k) &&
- __ops_write_mpi(output, pksk->params.elgamal.encrypted_m)
- /* ?? && __ops_write_scalar(output, 0, 2); */
- ;
- default:
- (void) fprintf(stderr,
- "__ops_write_pk_sesskey: bad algorithm\n");
- return 0;
- }
-}
-
-/**
-\ingroup Core_WritePackets
-\brief Writes MDC packet
-\param hashed Hash for MDC
-\param output Write settings
-\return 1 if OK; else 0
-*/
-
-unsigned
-__ops_write_mdc(__ops_output_t *output, const uint8_t *hashed)
-{
- /* write it out */
- return __ops_write_ptag(output, OPS_PTAG_CT_MDC) &&
- __ops_write_length(output, OPS_SHA1_HASH_SIZE) &&
- __ops_write(output, hashed, OPS_SHA1_HASH_SIZE);
-}
-
-/**
-\ingroup Core_WritePackets
-\brief Writes Literal Data packet from buffer
-\param data Buffer to write out
-\param maxlen Max length of buffer
-\param type Literal Data Type
-\param output Write settings
-\return 1 if OK; else 0
-*/
-unsigned
-__ops_write_litdata(__ops_output_t *output,
- const uint8_t *data,
- const int maxlen,
- const __ops_litdata_enum type)
-{
- /*
- * RFC4880 does not specify a meaning for filename or date.
- * It is implementation-dependent.
- * We will not implement them.
- */
- /* \todo do we need to check text data for <cr><lf> line endings ? */
- return __ops_write_ptag(output, OPS_PTAG_CT_LITDATA) &&
- __ops_write_length(output, (unsigned)(1 + 1 + 4 + maxlen)) &&
- __ops_write_scalar(output, (unsigned)type, 1) &&
- __ops_write_scalar(output, 0, 1) &&
- __ops_write_scalar(output, 0, 4) &&
- __ops_write(output, data, (unsigned)maxlen);
-}
-
-/**
-\ingroup Core_WritePackets
-\brief Writes Literal Data packet from contents of file
-\param filename Name of file to read from
-\param type Literal Data Type
-\param output Write settings
-\return 1 if OK; else 0
-*/
-
-unsigned
-__ops_fileread_litdata(const char *filename,
- const __ops_litdata_enum type,
- __ops_output_t *output)
-{
- __ops_memory_t *mem;
- unsigned ret;
- int len;
-
- mem = __ops_memory_new();
- if (!__ops_mem_readfile(mem, filename)) {
- (void) fprintf(stderr, "__ops_mem_readfile of '%s' failed\n", filename);
- return 0;
- }
- len = (int)__ops_mem_len(mem);
- ret = __ops_write_litdata(output, __ops_mem_data(mem), len, type);
- __ops_memory_free(mem);
- return ret;
-}
-
-/**
- \ingroup HighLevel_General
-
- \brief Writes contents of buffer into file
-
- \param filename Filename to write to
- \param buf Buffer to write to file
- \param len Size of buffer
- \param overwrite Flag to set whether to overwrite an existing file
- \return 1 if OK; 0 if error
-*/
-
-int
-__ops_filewrite(const char *filename, const char *buf,
- const size_t len, const unsigned overwrite)
-{
- int flags;
- int fd;
-
- flags = O_WRONLY | O_CREAT;
- if (overwrite) {
- flags |= O_TRUNC;
- } else {
- flags |= O_EXCL;
- }
-#ifdef O_BINARY
- flags |= O_BINARY;
-#endif
- fd = open(filename, flags, 0600);
- if (fd < 0) {
- (void) fprintf(stderr, "can't open '%s'\n", filename);
- return 0;
- }
- if (write(fd, buf, len) != (int)len) {
- (void) close(fd);
- return 0;
- }
-
- return (close(fd) == 0);
-}
-
-/**
-\ingroup Core_WritePackets
-\brief Write Symmetrically Encrypted packet
-\param data Data to encrypt
-\param len Length of data
-\param output Write settings
-\return 1 if OK; else 0
-\note Hard-coded to use AES256
-*/
-unsigned
-__ops_write_symm_enc_data(const uint8_t *data,
- const int len,
- __ops_output_t * output)
-{
- __ops_crypt_t crypt_info;
- uint8_t *encrypted = (uint8_t *) NULL;
- size_t encrypted_sz;
- int done = 0;
-
- /* \todo assume AES256 for now */
- __ops_crypt_any(&crypt_info, OPS_SA_AES_256);
- __ops_encrypt_init(&crypt_info);
-
- encrypted_sz = (size_t)(len + crypt_info.blocksize + 2);
- if ((encrypted = calloc(1, encrypted_sz)) == NULL) {
- (void) fprintf(stderr, "can't allocate %" PRIsize "d\n",
- encrypted_sz);
- return 0;
- }
-
- done = (int)__ops_encrypt_se(&crypt_info, encrypted, data, (unsigned)len);
- if (done != len) {
- (void) fprintf(stderr,
- "__ops_write_symm_enc_data: done != len\n");
- return 0;
- }
-
- return __ops_write_ptag(output, OPS_PTAG_CT_SE_DATA) &&
- __ops_write_length(output, (unsigned)(1 + encrypted_sz)) &&
- __ops_write(output, data, (unsigned)len);
-}
-
-/**
-\ingroup Core_WritePackets
-\brief Write a One Pass Signature packet
-\param seckey Secret Key to use
-\param hash_alg Hash Algorithm to use
-\param sig_type Signature type
-\param output Write settings
-\return 1 if OK; else 0
-*/
-unsigned
-__ops_write_one_pass_sig(__ops_output_t *output,
- const __ops_seckey_t *seckey,
- const __ops_hash_alg_t hash_alg,
- const __ops_sig_type_t sig_type)
-{
- uint8_t keyid[OPS_KEY_ID_SIZE];
-
- __ops_keyid(keyid, OPS_KEY_ID_SIZE, &seckey->pubkey, OPS_HASH_SHA1); /* XXX - hardcoded */
- return __ops_write_ptag(output, OPS_PTAG_CT_1_PASS_SIG) &&
- __ops_write_length(output, 1 + 1 + 1 + 1 + 8 + 1) &&
- __ops_write_scalar(output, 3, 1) /* version */ &&
- __ops_write_scalar(output, (unsigned)sig_type, 1) &&
- __ops_write_scalar(output, (unsigned)hash_alg, 1) &&
- __ops_write_scalar(output, (unsigned)seckey->pubkey.alg, 1) &&
- __ops_write(output, keyid, 8) &&
- __ops_write_scalar(output, 1, 1);
-}
diff --git a/enzevalos_iphone/netpgp/lib/create.h b/enzevalos_iphone/netpgp/lib/create.h
deleted file mode 100644
index 65471ffa..00000000
--- a/enzevalos_iphone/netpgp/lib/create.h
+++ /dev/null
@@ -1,119 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- */
-#ifndef CREATE_H_
-#define CREATE_H_
-
-#include "types.h"
-#include "packet.h"
-#include "crypto.h"
-#include "errors.h"
-#include "keyring.h"
-#include "writer.h"
-#include "memory.h"
-
-/**
- * \ingroup Create
- * This struct contains the required information about how to write this stream
- */
-struct __ops_output_t {
- __ops_writer_t writer;
- __ops_error_t *errors; /* error stack */
-};
-
-__ops_output_t *__ops_output_new(void);
-void __ops_output_delete(__ops_output_t *);
-
-int __ops_filewrite(const char *, const char *, const size_t, const unsigned);
-
-void __ops_build_pubkey(__ops_memory_t *, const __ops_pubkey_t *, unsigned);
-
-unsigned __ops_calc_sesskey_checksum(__ops_pk_sesskey_t *, uint8_t *);
-unsigned __ops_write_struct_userid(__ops_output_t *, const uint8_t *);
-unsigned __ops_write_ss_header(__ops_output_t *, unsigned, __ops_content_enum);
-unsigned __ops_write_struct_seckey(const __ops_seckey_t *,
- const uint8_t *,
- const size_t,
- __ops_output_t *);
-unsigned __ops_write_one_pass_sig(__ops_output_t *,
- const __ops_seckey_t *,
- const __ops_hash_alg_t,
- const __ops_sig_type_t);
-unsigned __ops_write_litdata(__ops_output_t *,
- const uint8_t *,
- const int,
- const __ops_litdata_enum);
-__ops_pk_sesskey_t *__ops_create_pk_sesskey(const __ops_key_t *, const char *, int);
-unsigned __ops_write_pk_sesskey(__ops_output_t *, __ops_pk_sesskey_t *);
-unsigned __ops_write_xfer_pubkey(__ops_output_t *,
- const __ops_key_t *, const unsigned);
-unsigned __ops_write_xfer_seckey(__ops_output_t *,
- const __ops_key_t *,
- const uint8_t *,
- const size_t,
- const unsigned);
-
-void __ops_fast_create_userid(uint8_t **, uint8_t *);
-unsigned __ops_write_userid(const uint8_t *, __ops_output_t *);
-void __ops_fast_create_rsa_pubkey(__ops_pubkey_t *, time_t, BIGNUM *, BIGNUM *);
-unsigned __ops_write_rsa_pubkey(time_t, const BIGNUM *, const BIGNUM *,
- __ops_output_t *);
-void __ops_fast_create_rsa_seckey(__ops_seckey_t *, time_t, BIGNUM *,
- BIGNUM *, BIGNUM *, BIGNUM *,
- BIGNUM *, BIGNUM *);
-unsigned encode_m_buf(const uint8_t *, size_t, const __ops_pubkey_t *,
- uint8_t *);
-unsigned __ops_fileread_litdata(const char *, const __ops_litdata_enum,
- __ops_output_t *);
-unsigned __ops_write_symm_enc_data(const uint8_t *, const int,
- __ops_output_t *);
-
-#endif /* CREATE_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/crypto.c b/enzevalos_iphone/netpgp/lib/crypto.c
deleted file mode 100644
index 481d05f9..00000000
--- a/enzevalos_iphone/netpgp/lib/crypto.c
+++ /dev/null
@@ -1,602 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-#if defined(__NetBSD__)
-__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: crypto.c,v 1.31 2010/11/07 06:56:52 agc Exp $");
-#endif
-
-#include <sys/types.h>
-#include <sys/stat.h>
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#include <string.h>
-
-#include "types.h"
-#include "crypto.h"
-#include "readerwriter.h"
-#include "memory.h"
-#include "netpgpdefs.h"
-#include "signature.h"
-
-/**
-\ingroup Core_MPI
-\brief Decrypt and unencode MPI
-\param buf Buffer in which to write decrypted unencoded MPI
-\param buflen Length of buffer
-\param encmpi
-\param seckey
-\return length of MPI
-\note only RSA at present
-*/
-int
-__ops_decrypt_decode_mpi(uint8_t *buf,
- unsigned buflen,
- const BIGNUM *g_to_k,
- const BIGNUM *encmpi,
- const __ops_seckey_t *seckey)
-{
- unsigned mpisize;
- uint8_t encmpibuf[NETPGP_BUFSIZ];
- uint8_t mpibuf[NETPGP_BUFSIZ];
- uint8_t gkbuf[NETPGP_BUFSIZ];
- int i;
- int n;
-
- mpisize = (unsigned)BN_num_bytes(encmpi);
- /* MPI can't be more than 65,536 */
- if (mpisize > sizeof(encmpibuf)) {
- (void) fprintf(stderr, "mpisize too big %u\n", mpisize);
- return -1;
- }
- switch (seckey->pubkey.alg) {
- case OPS_PKA_RSA:
- BN_bn2bin(encmpi, encmpibuf);
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "encrypted", encmpibuf, 16);
- }
- n = __ops_rsa_private_decrypt(mpibuf, encmpibuf,
- (unsigned)(BN_num_bits(encmpi) + 7) / 8,
- &seckey->key.rsa, &seckey->pubkey.key.rsa);
- if (n == -1) {
- (void) fprintf(stderr, "ops_rsa_private_decrypt failure\n");
- return -1;
- }
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "decrypted", mpibuf, 16);
- }
- if (n <= 0) {
- return -1;
- }
- /* Decode EME-PKCS1_V1_5 (RFC 2437). */
- if (mpibuf[0] != 0 || mpibuf[1] != 2) {
- return -1;
- }
- /* Skip the random bytes. */
- for (i = 2; i < n && mpibuf[i]; ++i) {
- }
- if (i == n || i < 10) {
- return -1;
- }
- /* Skip the zero */
- i += 1;
- /* this is the unencoded m buf */
- if ((unsigned) (n - i) <= buflen) {
- (void) memcpy(buf, mpibuf + i, (unsigned)(n - i)); /* XXX - Flexelint */
- }
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "decoded m", buf, (size_t)(n - i));
- }
- return n - i;
- case OPS_PKA_DSA:
- case OPS_PKA_ELGAMAL:
- (void) BN_bn2bin(g_to_k, gkbuf);
- (void) BN_bn2bin(encmpi, encmpibuf);
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "encrypted", encmpibuf, 16);
- }
- n = __ops_elgamal_private_decrypt(mpibuf, gkbuf, encmpibuf,
- (unsigned)BN_num_bytes(encmpi),
- &seckey->key.elgamal, &seckey->pubkey.key.elgamal);
- if (n == -1) {
- (void) fprintf(stderr, "ops_elgamal_private_decrypt failure\n");
- return -1;
- }
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "decrypted", mpibuf, 16);
- }
- if (n <= 0) {
- return -1;
- }
- /* Decode EME-PKCS1_V1_5 (RFC 2437). */
- if (mpibuf[0] != 2) {
- fprintf(stderr, "mpibuf mismatch\n");
- return -1;
- }
- /* Skip the random bytes. */
- for (i = 1; i < n && mpibuf[i]; ++i) {
- }
- if (i == n || i < 10) {
- fprintf(stderr, "175 n %d\n", n);
- return -1;
- }
- /* Skip the zero */
- i += 1;
- /* this is the unencoded m buf */
- if ((unsigned) (n - i) <= buflen) {
- (void) memcpy(buf, mpibuf + i, (unsigned)(n - i)); /* XXX - Flexelint */
- }
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "decoded m", buf, (size_t)(n - i));
- }
- return n - i;
- default:
- (void) fprintf(stderr, "pubkey algorithm wrong\n");
- return -1;
- }
-}
-
-/**
-\ingroup Core_MPI
-\brief RSA-encrypt an MPI
-*/
-unsigned
-__ops_rsa_encrypt_mpi(const uint8_t *encoded_m_buf,
- const size_t sz_encoded_m_buf,
- const __ops_pubkey_t * pubkey,
- __ops_pk_sesskey_params_t * skp)
-{
-
- uint8_t encmpibuf[NETPGP_BUFSIZ];
- int n;
-
- if (sz_encoded_m_buf != (size_t)BN_num_bytes(pubkey->key.rsa.n)) {
- (void) fprintf(stderr, "sz_encoded_m_buf wrong\n");
- return 0;
- }
-
- n = __ops_rsa_public_encrypt(encmpibuf, encoded_m_buf,
- sz_encoded_m_buf, &pubkey->key.rsa);
- if (n == -1) {
- (void) fprintf(stderr, "__ops_rsa_public_encrypt failure\n");
- return 0;
- }
-
- if (n <= 0)
- return 0;
-
- skp->rsa.encrypted_m = BN_bin2bn(encmpibuf, n, NULL);
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "encrypted mpi", encmpibuf, 16);
- }
- return 1;
-}
-
-/**
-\ingroup Core_MPI
-\brief Elgamal-encrypt an MPI
-*/
-unsigned
-__ops_elgamal_encrypt_mpi(const uint8_t *encoded_m_buf,
- const size_t sz_encoded_m_buf,
- const __ops_pubkey_t * pubkey,
- __ops_pk_sesskey_params_t * skp)
-{
-
- uint8_t encmpibuf[NETPGP_BUFSIZ];
- uint8_t g_to_k[NETPGP_BUFSIZ];
- int n;
-
- if (sz_encoded_m_buf != (size_t)BN_num_bytes(pubkey->key.elgamal.p)) {
- (void) fprintf(stderr, "sz_encoded_m_buf wrong\n");
- return 0;
- }
-
- n = __ops_elgamal_public_encrypt(g_to_k, encmpibuf, encoded_m_buf,
- sz_encoded_m_buf, &pubkey->key.elgamal);
- if (n == -1) {
- (void) fprintf(stderr, "__ops_elgamal_public_encrypt failure\n");
- return 0;
- }
-
- if (n <= 0)
- return 0;
-
- skp->elgamal.g_to_k = BN_bin2bn(g_to_k, n / 2, NULL);
- skp->elgamal.encrypted_m = BN_bin2bn(encmpibuf, n / 2, NULL);
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "encrypted mpi", encmpibuf, 16);
- }
- return 1;
-}
-
-static __ops_cb_ret_t
-write_parsed_cb(const __ops_packet_t *pkt, __ops_cbdata_t *cbinfo)
-{
- const __ops_contents_t *content = &pkt->u;
-
- if (__ops_get_debug_level(__FILE__)) {
- printf("write_parsed_cb: ");
- __ops_print_packet(&cbinfo->printstate, pkt);
- }
- if (pkt->tag != OPS_PTAG_CT_UNARMOURED_TEXT && cbinfo->printstate.skipping) {
- puts("...end of skip");
- cbinfo->printstate.skipping = 0;
- }
- switch (pkt->tag) {
- case OPS_PTAG_CT_UNARMOURED_TEXT:
- printf("OPS_PTAG_CT_UNARMOURED_TEXT\n");
- if (!cbinfo->printstate.skipping) {
- puts("Skipping...");
- cbinfo->printstate.skipping = 1;
- }
- fwrite(content->unarmoured_text.data, 1,
- content->unarmoured_text.length, stdout);
- break;
-
- case OPS_PTAG_CT_PK_SESSION_KEY:
- return __ops_pk_sesskey_cb(pkt, cbinfo);
-
- case OPS_GET_SECKEY:
- if (cbinfo->sshseckey) {
- *content->get_seckey.seckey = cbinfo->sshseckey;
- return OPS_KEEP_MEMORY;
- }
- return __ops_get_seckey_cb(pkt, cbinfo);
-
- case OPS_GET_PASSPHRASE:
- return cbinfo->cryptinfo.getpassphrase(pkt, cbinfo);
-
- case OPS_PTAG_CT_LITDATA_BODY:
- return __ops_litdata_cb(pkt, cbinfo);
-
- case OPS_PTAG_CT_ARMOUR_HEADER:
- case OPS_PTAG_CT_ARMOUR_TRAILER:
- case OPS_PTAG_CT_ENCRYPTED_PK_SESSION_KEY:
- case OPS_PTAG_CT_COMPRESSED:
- case OPS_PTAG_CT_LITDATA_HEADER:
- case OPS_PTAG_CT_SE_IP_DATA_BODY:
- case OPS_PTAG_CT_SE_IP_DATA_HEADER:
- case OPS_PTAG_CT_SE_DATA_BODY:
- case OPS_PTAG_CT_SE_DATA_HEADER:
- /* Ignore these packets */
- /* They're handled in __ops_parse_packet() */
- /* and nothing else needs to be done */
- break;
-
- default:
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(stderr, "Unexpected packet tag=%d (0x%x)\n",
- pkt->tag,
- pkt->tag);
- }
- break;
- }
-
- return OPS_RELEASE_MEMORY;
-}
-
-/**
-\ingroup HighLevel_Crypto
-Encrypt a file
-\param infile Name of file to be encrypted
-\param outfile Name of file to write to. If NULL, name is constructed from infile
-\param pubkey Public Key to encrypt file for
-\param use_armour Write armoured text, if set
-\param allow_overwrite Allow output file to be overwrwritten if it exists
-\return 1 if OK; else 0
-*/
-unsigned
-__ops_encrypt_file(__ops_io_t *io,
- const char *infile,
- const char *outfile,
- const __ops_key_t *key,
- const unsigned use_armour,
- const unsigned allow_overwrite,
- const char *cipher,
- int dont_use_subkey_to_encrypt)
-{
- __ops_output_t *output;
- __ops_memory_t *inmem;
- int fd_out;
-
- __OPS_USED(io);
- inmem = __ops_memory_new();
- if (!__ops_mem_readfile(inmem, infile)) {
- return 0;
- }
- fd_out = __ops_setup_file_write(&output, outfile, allow_overwrite);
- if (fd_out < 0) {
- __ops_memory_free(inmem);
- return 0;
- }
-
- /* set armoured/not armoured here */
- if (use_armour) {
- __ops_writer_push_armor_msg(output);
- }
-
- /* Push the encrypted writer */
- if (!__ops_push_enc_se_ip(output, key, cipher, dont_use_subkey_to_encrypt)) {
- __ops_memory_free(inmem);
- return 0;
- }
-
- /* This does the writing */
- __ops_write(output, __ops_mem_data(inmem), (unsigned)__ops_mem_len(inmem));
-
- /* tidy up */
- __ops_memory_free(inmem);
- __ops_teardown_file_write(output, fd_out);
-
- return 1;
-}
-
-/* encrypt the contents of the input buffer, and return the mem structure */
-__ops_memory_t *
-__ops_encrypt_buf(__ops_io_t *io,
- const void *input,
- const size_t insize,
- const __ops_key_t *pubkey,
- const unsigned use_armour,
- const char *cipher,
- int dont_use_subkey_to_encrypt)
-{
- __ops_output_t *output;
- __ops_memory_t *outmem;
-
- __OPS_USED(io);
- if (input == NULL) {
- (void) fprintf(io->errs,
- "__ops_encrypt_buf: null memory\n");
- return 0;
- }
-
- __ops_setup_memory_write(&output, &outmem, insize);
-
- /* set armoured/not armoured here */
- if (use_armour) {
- __ops_writer_push_armor_msg(output);
- }
-
- /* Push the encrypted writer */
- __ops_push_enc_se_ip(output, pubkey, cipher, dont_use_subkey_to_encrypt);
-
- /* This does the writing */
- __ops_write(output, input, (unsigned)insize);
-
- /* tidy up */
- __ops_writer_close(output);
- __ops_output_delete(output);
-
- return outmem;
-}
-
-/**
- \ingroup HighLevel_Crypto
- \brief Decrypt a file.
- \param infile Name of file to be decrypted
- \param outfile Name of file to write to. If NULL, the filename is constructed from the input filename, following GPG conventions.
- \param keyring Keyring to use
- \param use_armour Expect armoured text, if set
- \param allow_overwrite Allow output file to overwritten, if set.
- \param getpassfunc Callback to use to get passphrase
-*/
-
-unsigned
-__ops_decrypt_file(__ops_io_t *io,
- const char *infile,
- const char *outfile,
- __ops_keyring_t *secring,
- __ops_keyring_t *pubring,
- const unsigned use_armour,
- const unsigned allow_overwrite,
- const unsigned sshkeys,
- void *passfp,
- __ops_cbfunc_t *getpassfunc)
-{
- __ops_stream_t *parse = NULL;
- const int printerrors = 1;
- char *filename = NULL;
- int fd_in;
- int fd_out;
-
- /* setup for reading from given input file */
- fd_in = __ops_setup_file_read(io, &parse, infile,
- NULL,
- write_parsed_cb,
- 0);
- if (fd_in < 0) {
- perror(infile);
- return 0;
- }
- /* setup output filename */
- if (outfile) {
- fd_out = __ops_setup_file_write(&parse->cbinfo.output, outfile,
- allow_overwrite);
- if (fd_out < 0) {
- perror(outfile);
- __ops_teardown_file_read(parse, fd_in);
- return 0;
- }
- } else {
- const int suffixlen = 4;
- const char *suffix = infile + strlen(infile) - suffixlen;
- unsigned filenamelen;
-
- if (strcmp(suffix, ".gpg") == 0 ||
- strcmp(suffix, ".asc") == 0) {
- filenamelen = (unsigned)(strlen(infile) - strlen(suffix));
- if ((filename = calloc(1, filenamelen + 1)) == NULL) {
- (void) fprintf(stderr, "can't allocate %" PRIsize "d bytes\n",
- (size_t)(filenamelen + 1));
- return 0;
- }
- (void) strncpy(filename, infile, filenamelen);
- filename[filenamelen] = 0x0;
- }
-
- fd_out = __ops_setup_file_write(&parse->cbinfo.output,
- filename, allow_overwrite);
- if (fd_out < 0) {
- perror(filename);
- free(filename);
- __ops_teardown_file_read(parse, fd_in);
- return 0;
- }
- }
-
- /* \todo check for suffix matching armour param */
-
- /* setup for writing decrypted contents to given output file */
-
- /* setup keyring and passphrase callback */
- parse->cbinfo.cryptinfo.secring = secring;
- parse->cbinfo.passfp = passfp;
- parse->cbinfo.cryptinfo.getpassphrase = getpassfunc;
- parse->cbinfo.cryptinfo.pubring = pubring;
- parse->cbinfo.sshseckey = (sshkeys) ? &secring->keys[0].key.seckey : NULL;
-
- /* Set up armour/passphrase options */
- if (use_armour) {
- __ops_reader_push_dearmour(parse);
- }
-
- /* Do it */
- __ops_parse(parse, printerrors);
-
- /* Unsetup */
- if (use_armour) {
- __ops_reader_pop_dearmour(parse);
- }
-
- if (filename) {
- __ops_teardown_file_write(parse->cbinfo.output, fd_out);
- free(filename);
- }
- __ops_teardown_file_read(parse, fd_in);
- /* \todo cleardown crypt */
-
- return 1;
-}
-
-/* decrypt an area of memory */
-__ops_memory_t *
-__ops_decrypt_buf(__ops_io_t *io,
- const void *input,
- const size_t insize,
- __ops_keyring_t *secring,
- __ops_keyring_t *pubring,
- const unsigned use_armour,
- const unsigned sshkeys,
- void *passfp,
- __ops_cbfunc_t *getpassfunc)
-{
- __ops_stream_t *parse = NULL;
- __ops_memory_t *outmem;
- __ops_memory_t *inmem;
- const int printerrors = 1;
-
- if (input == NULL) {
- (void) fprintf(io->errs,
- "__ops_encrypt_buf: null memory\n");
- return 0;
- }
-
- inmem = __ops_memory_new();
- __ops_memory_add(inmem, input, insize);
-
- /* set up to read from memory */
- __ops_setup_memory_read(io, &parse, inmem,
- NULL,
- write_parsed_cb,
- 0);
-
- /* setup for writing decrypted contents to given output file */
- __ops_setup_memory_write(&parse->cbinfo.output, &outmem, insize);
-
- /* setup keyring and passphrase callback */
- parse->cbinfo.cryptinfo.secring = secring;
- parse->cbinfo.cryptinfo.pubring = pubring;
- parse->cbinfo.passfp = passfp;
- parse->cbinfo.cryptinfo.getpassphrase = getpassfunc;
- parse->cbinfo.sshseckey = (sshkeys) ? &secring->keys[0].key.seckey : NULL;
-
- /* Set up armour/passphrase options */
- if (use_armour) {
- __ops_reader_push_dearmour(parse);
- }
-
- /* Do it */
- __ops_parse(parse, printerrors);
-
- /* Unsetup */
- if (use_armour) {
- __ops_reader_pop_dearmour(parse);
- }
-
- /* tidy up */
- __ops_teardown_memory_read(parse, inmem);
-
- __ops_writer_close(parse->cbinfo.output);
- __ops_output_delete(parse->cbinfo.output);
-
- return outmem;
-}
-
diff --git a/enzevalos_iphone/netpgp/lib/crypto.h b/enzevalos_iphone/netpgp/lib/crypto.h
deleted file mode 100644
index a28033c4..00000000
--- a/enzevalos_iphone/netpgp/lib/crypto.h
+++ /dev/null
@@ -1,307 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- */
-
-#ifndef CRYPTO_H_
-#define CRYPTO_H_
-
-#include "keyring.h"
-#include "packet.h"
-#include "memory.h"
-#include "packet-parse.h"
-
-#include <openssl/dsa.h>
-
-#define OPS_MIN_HASH_SIZE 16
-
-/** _ops_hash_t */
-struct _ops_hash_t {
- __ops_hash_alg_t alg; /* algorithm */
- size_t size; /* size */
- const char *name; /* what it's known as */
- int (*init)(__ops_hash_t *);
- void (*add)(__ops_hash_t *, const uint8_t *, unsigned);
- unsigned (*finish)(__ops_hash_t *, uint8_t *);
- void *data; /* blob for data */
-};
-
-/** _ops_crypt_t */
-struct _ops_crypt_t {
- __ops_symm_alg_t alg;
- size_t blocksize;
- size_t keysize;
- void (*set_iv)(__ops_crypt_t *, const uint8_t *);
- void (*set_crypt_key)(__ops_crypt_t *, const uint8_t *);
- int (*base_init)(__ops_crypt_t *);
- void (*decrypt_resync)(__ops_crypt_t *);
- /* encrypt/decrypt one block */
- void (*block_encrypt)(__ops_crypt_t *, void *, const void *);
- void (*block_decrypt)(__ops_crypt_t *, void *, const void *);
- /* Standard CFB encrypt/decrypt (as used by Sym Enc Int Prot packets) */
- void (*cfb_encrypt)(__ops_crypt_t *, void *, const void *, size_t);
- void (*cfb_decrypt)(__ops_crypt_t *, void *, const void *, size_t);
- void (*decrypt_finish)(__ops_crypt_t *);
- uint8_t iv[OPS_MAX_BLOCK_SIZE];
- uint8_t civ[OPS_MAX_BLOCK_SIZE];
- uint8_t siv[OPS_MAX_BLOCK_SIZE];
- /* siv is needed for weird v3 resync */
- uint8_t key[OPS_MAX_KEY_SIZE];
- int num;
- /* num is offset - see openssl _encrypt doco */
- void *encrypt_key;
- void *decrypt_key;
-};
-
-void __ops_crypto_finish(void);
-void __ops_hash_md5(__ops_hash_t *);
-void __ops_hash_sha1(__ops_hash_t *);
-void __ops_hash_sha256(__ops_hash_t *);
-void __ops_hash_sha512(__ops_hash_t *);
-void __ops_hash_sha384(__ops_hash_t *);
-void __ops_hash_sha224(__ops_hash_t *);
-void __ops_hash_any(__ops_hash_t *, __ops_hash_alg_t);
-__ops_hash_alg_t __ops_str_to_hash_alg(const char *);
-const char *__ops_text_from_hash(__ops_hash_t *);
-unsigned __ops_hash_size(__ops_hash_alg_t);
-unsigned __ops_hash(uint8_t *, __ops_hash_alg_t, const void *, size_t);
-
-void __ops_hash_add_int(__ops_hash_t *, unsigned, unsigned);
-
-unsigned __ops_dsa_verify(const uint8_t *, size_t,
- const __ops_dsa_sig_t *,
- const __ops_dsa_pubkey_t *);
-
-int __ops_rsa_public_decrypt(uint8_t *, const uint8_t *, size_t,
- const __ops_rsa_pubkey_t *);
-int __ops_rsa_public_encrypt(uint8_t *, const uint8_t *, size_t,
- const __ops_rsa_pubkey_t *);
-
-int __ops_rsa_private_encrypt(uint8_t *, const uint8_t *, size_t,
- const __ops_rsa_seckey_t *, const __ops_rsa_pubkey_t *);
-int __ops_rsa_private_decrypt(uint8_t *, const uint8_t *, size_t,
- const __ops_rsa_seckey_t *, const __ops_rsa_pubkey_t *);
-
-int __ops_elgamal_public_encrypt(uint8_t *, uint8_t *, const uint8_t *, size_t,
- const __ops_elgamal_pubkey_t *);
-int __ops_elgamal_private_decrypt(uint8_t *, const uint8_t *, const uint8_t *, size_t,
- const __ops_elgamal_seckey_t *, const __ops_elgamal_pubkey_t *);
-
-__ops_symm_alg_t __ops_str_to_cipher(const char *);
-unsigned __ops_block_size(__ops_symm_alg_t);
-unsigned __ops_key_size(__ops_symm_alg_t);
-
-int __ops_decrypt_data(__ops_content_enum, __ops_region_t *,
- __ops_stream_t *);
-
-int __ops_crypt_any(__ops_crypt_t *, __ops_symm_alg_t);
-void __ops_decrypt_init(__ops_crypt_t *);
-void __ops_encrypt_init(__ops_crypt_t *);
-size_t __ops_decrypt_se(__ops_crypt_t *, void *, const void *, size_t);
-size_t __ops_encrypt_se(__ops_crypt_t *, void *, const void *, size_t);
-size_t __ops_decrypt_se_ip(__ops_crypt_t *, void *, const void *, size_t);
-size_t __ops_encrypt_se_ip(__ops_crypt_t *, void *, const void *, size_t);
-unsigned __ops_is_sa_supported(__ops_symm_alg_t);
-
-void __ops_reader_push_decrypt(__ops_stream_t *, __ops_crypt_t *,
- __ops_region_t *);
-void __ops_reader_pop_decrypt(__ops_stream_t *);
-
-/* Hash everything that's read */
-void __ops_reader_push_hash(__ops_stream_t *, __ops_hash_t *);
-void __ops_reader_pop_hash(__ops_stream_t *);
-
-int __ops_decrypt_decode_mpi(uint8_t *, unsigned, const BIGNUM *,
- const BIGNUM *, const __ops_seckey_t *);
-
-unsigned __ops_rsa_encrypt_mpi(const uint8_t *, const size_t,
- const __ops_pubkey_t *,
- __ops_pk_sesskey_params_t *);
-unsigned __ops_elgamal_encrypt_mpi(const uint8_t *, const size_t,
- const __ops_pubkey_t *,
- __ops_pk_sesskey_params_t *);
-
-/* Encrypt everything that's written */
-struct __ops_key_data;
-void __ops_writer_push_encrypt(__ops_output_t *,
- const struct __ops_key_data *);
-
-unsigned __ops_encrypt_file(__ops_io_t *, const char *, const char *,
- const __ops_key_t *,
- const unsigned, const unsigned, const char *,
- int);
-unsigned __ops_decrypt_file(__ops_io_t *,
- const char *,
- const char *,
- __ops_keyring_t *,
- __ops_keyring_t *,
- const unsigned,
- const unsigned,
- const unsigned,
- void *,
- __ops_cbfunc_t *);
-
-__ops_memory_t *
-__ops_encrypt_buf(__ops_io_t *, const void *, const size_t,
- const __ops_key_t *,
- const unsigned, const char *,
- int);
-__ops_memory_t *
-__ops_decrypt_buf(__ops_io_t *,
- const void *,
- const size_t,
- __ops_keyring_t *,
- __ops_keyring_t *,
- const unsigned,
- const unsigned,
- void *,
- __ops_cbfunc_t *);
-
-/* Keys */
-__ops_key_t *__ops_rsa_new_selfsign_key(const int,
- const unsigned long, uint8_t *, const char *,
- const char *);
-
-int __ops_dsa_size(const __ops_dsa_pubkey_t *);
-DSA_SIG *__ops_dsa_sign(uint8_t *, unsigned,
- const __ops_dsa_seckey_t *,
- const __ops_dsa_pubkey_t *);
-
-int openssl_read_pem_seckey(const char *, __ops_key_t *, const char *, int);
-
-/** __ops_reader_t */
-struct __ops_reader_t {
- __ops_reader_func_t *reader; /* reader func to get parse data */
- __ops_reader_destroyer_t *destroyer;
- void *arg; /* args to pass to reader function */
- unsigned accumulate:1; /* set to gather packet data */
- uint8_t *accumulated; /* the accumulated data */
- unsigned asize; /* size of the buffer */
- unsigned alength;/* used buffer */
- unsigned position; /* reader-specific offset */
- __ops_reader_t *next;
- __ops_stream_t *parent;/* parent parse_info structure */
-};
-
-
-/** __ops_cryptinfo_t
- Encrypt/decrypt settings
-*/
-struct __ops_cryptinfo_t {
- char *passphrase;
- __ops_keyring_t *secring;
- const __ops_key_t *keydata;
- __ops_cbfunc_t *getpassphrase;
- __ops_keyring_t *pubring;
-};
-
-/** __ops_cbdata_t */
-struct __ops_cbdata_t {
- __ops_cbfunc_t *cbfunc; /* callback function */
- void *arg; /* args to pass to callback func */
- __ops_error_t **errors; /* address of error stack */
- __ops_cbdata_t *next;
- __ops_output_t *output;/* used if writing out parsed info */
- __ops_io_t *io; /* error/output messages */
- void *passfp; /* fp for passphrase input */
- __ops_cryptinfo_t cryptinfo; /* used when decrypting */
- __ops_printstate_t printstate; /* used to keep state when printing */
- __ops_seckey_t *sshseckey; /* secret key for ssh */
-};
-
-/** __ops_hashtype_t */
-typedef struct {
- __ops_hash_t hash; /* hashes we should hash data with */
- uint8_t keyid[OPS_KEY_ID_SIZE];
-} __ops_hashtype_t;
-
-#define NTAGS 0x100 /* == 256 */
-
-/** \brief Structure to hold information about a packet parse.
- *
- * This information includes options about the parse:
- * - whether the packet contents should be accumulated or not
- * - whether signature subpackets should be parsed or left raw
- *
- * It contains options specific to the parsing of armoured data:
- * - whether headers are allowed in armoured data without a gap
- * - whether a blank line is allowed at the start of the armoured data
- *
- * It also specifies :
- * - the callback function to use and its arguments
- * - the reader function to use and its arguments
- *
- * It also contains information about the current state of the parse:
- * - offset from the beginning
- * - the accumulated data, if any
- * - the size of the buffer, and how much has been used
- *
- * It has a linked list of errors.
- */
-
-struct __ops_stream_t {
- uint8_t ss_raw[NTAGS / 8];
- /* 1 bit / sig-subpkt type; set to get raw data */
- uint8_t ss_parsed[NTAGS / 8];
- /* 1 bit / sig-subpkt type; set to get parsed data */
- __ops_reader_t readinfo;
- __ops_cbdata_t cbinfo;
- __ops_error_t *errors;
- void *io; /* io streams */
- __ops_crypt_t decrypt;
- __ops_cryptinfo_t cryptinfo;
- size_t hashc;
- __ops_hashtype_t *hashes;
- unsigned reading_v3_secret:1;
- unsigned reading_mpi_len:1;
- unsigned exact_read:1;
-};
-
-#endif /* CRYPTO_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/defs.h b/enzevalos_iphone/netpgp/lib/defs.h
deleted file mode 100644
index 2c62eb8d..00000000
--- a/enzevalos_iphone/netpgp/lib/defs.h
+++ /dev/null
@@ -1,92 +0,0 @@
-/* $NetBSD: defs.h,v 1.2 2009/12/06 17:43:05 agc Exp $ */
-
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-#ifndef DEFS_H_
-#define DEFS_H_
-
-#include <sys/types.h>
-#include <sys/param.h>
-
-#ifdef HAVE_INTTYPES_H
-#include <inttypes.h>
-#endif
-
-#ifdef HAVE_STDINT_H
-#include <stdint.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#define NEWARRAY(type,ptr,size,where,action) do { \
- if ((ptr = calloc(sizeof(type), (unsigned)(size))) == NULL) { \
- (void) fprintf(stderr, "%s: can't allocate %lu bytes\n", \
- where, (unsigned long)(size * sizeof(type))); \
- action; \
- } \
-} while( /* CONSTCOND */ 0)
-
-#define RENEW(type,ptr,size,where,action) do { \
- type *_newptr; \
- _newptr = realloc(ptr, (size_t)(sizeof(type) * (size))); \
- if (_newptr == NULL) { \
- (void) fprintf(stderr, "%s: can't realloc %lu bytes\n", \
- where, (unsigned long)(size * sizeof(type))); \
- action; \
- } else { \
- ptr = _newptr; \
- } \
-} while( /* CONSTCOND */ 0)
-
-#define NEW(type, ptr, where, action) NEWARRAY(type, ptr, 1, where, action)
-
-#define FREE(ptr) (void) free(ptr)
-
-#define ALLOC(type, v, size, c, init, incr, where, action) do { \
- uint32_t _newsize = size; \
- if (size == 0) { \
- _newsize = init; \
- NEWARRAY(type, v, _newsize, where ": new", action); \
- } else if (c == size) { \
- _newsize = size + incr; \
- RENEW(type, v, _newsize, where ": renew", action); \
- } \
- size = _newsize; \
-} while( /* CONSTCOND */ 0)
-
-#define DEFINE_ARRAY(name, type) \
-typedef struct name { \
- uint32_t c; \
- uint32_t size; \
- type *v; \
-} name
-
-#endif /* !DEFS_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/errors.h b/enzevalos_iphone/netpgp/lib/errors.h
deleted file mode 100644
index ac8f442c..00000000
--- a/enzevalos_iphone/netpgp/lib/errors.h
+++ /dev/null
@@ -1,169 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- */
-
-#ifndef ERRORS_H_
-#define ERRORS_H_
-
-#include <errno.h>
-
-/** error codes */
-/* Remember to add names to map in errors.c */
-typedef enum {
- OPS_E_OK = 0x0000, /* no error */
- OPS_E_FAIL = 0x0001, /* general error */
- OPS_E_SYSTEM_ERROR = 0x0002, /* system error, look at errno for
- * details */
- OPS_E_UNIMPLEMENTED = 0x0003, /* feature not yet implemented */
-
- /* reader errors */
- OPS_E_R = 0x1000, /* general reader error */
- OPS_E_R_READ_FAILED = OPS_E_R + 1,
- OPS_E_R_EARLY_EOF = OPS_E_R + 2,
- OPS_E_R_BAD_FORMAT = OPS_E_R + 3, /* For example, malformed
- * armour */
- OPS_E_R_UNSUPPORTED = OPS_E_R + 4,
- OPS_E_R_UNCONSUMED_DATA = OPS_E_R + 5,
-
- /* writer errors */
- OPS_E_W = 0x2000, /* general writer error */
- OPS_E_W_WRITE_FAILED = OPS_E_W + 1,
- OPS_E_W_WRITE_TOO_SHORT = OPS_E_W + 2,
-
- /* parser errors */
- OPS_E_P = 0x3000, /* general parser error */
- OPS_E_P_NOT_ENOUGH_DATA = OPS_E_P + 1,
- OPS_E_P_UNKNOWN_TAG = OPS_E_P + 2,
- OPS_E_P_PACKET_CONSUMED = OPS_E_P + 3,
- OPS_E_P_MPI_FORMAT_ERROR = OPS_E_P + 4,
- OPS_E_P_PACKET_NOT_CONSUMED = OPS_E_P + 5,
- OPS_E_P_DECOMPRESSION_ERROR = OPS_E_P + 6,
- OPS_E_P_NO_USERID = OPS_E_P + 7,
-
- /* creator errors */
- OPS_E_C = 0x4000, /* general creator error */
-
- /* validation errors */
- OPS_E_V = 0x5000, /* general validation error */
- OPS_E_V_BAD_SIGNATURE = OPS_E_V + 1,
- OPS_E_V_NO_SIGNATURE = OPS_E_V + 2,
- OPS_E_V_UNKNOWN_SIGNER = OPS_E_V + 3,
- OPS_E_V_BAD_HASH = OPS_E_V + 4,
-
- /* Algorithm support errors */
- OPS_E_ALG = 0x6000, /* general algorithm error */
- OPS_E_ALG_UNSUPPORTED_SYMMETRIC_ALG = OPS_E_ALG + 1,
- OPS_E_ALG_UNSUPPORTED_PUBLIC_KEY_ALG = OPS_E_ALG + 2,
- OPS_E_ALG_UNSUPPORTED_SIGNATURE_ALG = OPS_E_ALG + 3,
- OPS_E_ALG_UNSUPPORTED_HASH_ALG = OPS_E_ALG + 4,
- OPS_E_ALG_UNSUPPORTED_COMPRESS_ALG = OPS_E_ALG + 5,
-
- /* Protocol errors */
- OPS_E_PROTO = 0x7000, /* general protocol error */
- OPS_E_PROTO_BAD_SYMMETRIC_DECRYPT = OPS_E_PROTO + 2,
- OPS_E_PROTO_UNKNOWN_SS = OPS_E_PROTO + 3,
- OPS_E_PROTO_CRITICAL_SS_IGNORED = OPS_E_PROTO + 4,
- OPS_E_PROTO_BAD_PUBLIC_KEY_VRSN = OPS_E_PROTO + 5,
- OPS_E_PROTO_BAD_SIGNATURE_VRSN = OPS_E_PROTO + 6,
- OPS_E_PROTO_BAD_ONE_PASS_SIG_VRSN = OPS_E_PROTO + 7,
- OPS_E_PROTO_BAD_PKSK_VRSN = OPS_E_PROTO + 8,
- OPS_E_PROTO_DECRYPTED_MSG_WRONG_LEN = OPS_E_PROTO + 9,
- OPS_E_PROTO_BAD_SK_CHECKSUM = OPS_E_PROTO + 10
-} __ops_errcode_t;
-
-/** one entry in a linked list of errors */
-typedef struct __ops_error {
- __ops_errcode_t errcode;
- int sys_errno; /* irrelevent unless errcode ==
- * OPS_E_SYSTEM_ERROR */
- char *comment;
- const char *file;
- int line;
- struct __ops_error *next;
-} __ops_error_t;
-
-const char *__ops_errcode(const __ops_errcode_t);
-
-void
-__ops_push_error(__ops_error_t **, __ops_errcode_t,
- int,
- const char *, int, const char *,...);
-void __ops_print_error(__ops_error_t *);
-void __ops_print_errors(__ops_error_t *);
-void __ops_free_errors(__ops_error_t *);
-int __ops_has_error(__ops_error_t *, __ops_errcode_t);
-
-#define OPS_SYSTEM_ERROR_1(err,code,sys,fmt,arg) do { \
- __ops_push_error(err,OPS_E_SYSTEM_ERROR,errno,__FILE__,__LINE__,sys);\
- __ops_push_error(err,code,0,__FILE__,__LINE__,fmt,arg); \
-} while(/*CONSTCOND*/0)
-
-#define OPS_MEMORY_ERROR(err) { \
- fprintf(stderr, "Memory error\n"); \
-} /* \todo placeholder for better error
- * handling */
-#define OPS_ERROR(err,code,fmt) do { \
- __ops_push_error(err,code,0,__FILE__,__LINE__,fmt); \
-} while(/*CONSTCOND*/0)
-#define OPS_ERROR_1(err,code,fmt,arg) do { \
- __ops_push_error(err,code,0,__FILE__,__LINE__,fmt,arg); \
-} while(/*CONSTCOND*/0)
-#define OPS_ERROR_2(err,code,fmt,arg,arg2) do { \
- __ops_push_error(err,code,0,__FILE__,__LINE__,fmt,arg,arg2); \
-} while(/*CONSTCOND*/0)
-#define OPS_ERROR_3(err,code,fmt,arg,arg2,arg3) do { \
- __ops_push_error(err,code,0,__FILE__,__LINE__,fmt,arg,arg2,arg3); \
-} while(/*CONSTCOND*/0)
-#define OPS_ERROR_4(err,code,fmt,arg,arg2,arg3,arg4) do { \
- __ops_push_error(err,code,0,__FILE__,__LINE__,fmt,arg,arg2,arg3,arg4); \
-} while(/*CONSTCOND*/0)
-
-#endif /* ERRORS_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/fastctype.c b/enzevalos_iphone/netpgp/lib/fastctype.c
deleted file mode 100644
index e10a2fb5..00000000
--- a/enzevalos_iphone/netpgp/lib/fastctype.c
+++ /dev/null
@@ -1,370 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-#include <stdint.h>
-
-#include "fastctype.h"
-
-#define UPPER 0x01
-#define LOWER 0x02
-#define OCTAL 0x04
-#define DEC 0x08
-#define HEX 0x10
-#define SPACE 0x20
-#define PUNCT 0x40
-
-static const uint8_t fastctypes[] = {
- 0, /* 0 */
- 0, /* 1 */
- 0, /* 2 */
- 0, /* 3 */
- 0, /* 4 */
- 0, /* 5 */
- 0, /* 6 */
- 0, /* 7 */
- 0, /* 8 */
- SPACE, /* 9 */
- SPACE, /* 10 */
- 0, /* 11 */
- 0, /* 12 */
- SPACE, /* 13 */
- 0, /* 14 */
- 0, /* 15 */
- 0, /* 16 */
- 0, /* 17 */
- 0, /* 18 */
- 0, /* 19 */
- 0, /* 20 */
- 0, /* 21 */
- 0, /* 22 */
- 0, /* 23 */
- 0, /* 24 */
- 0, /* 25 */
- 0, /* 26 */
- 0, /* 27 */
- 0, /* 28 */
- 0, /* 29 */
- 0, /* 30 */
- 0, /* 31 */
- SPACE, /* 32 */
- PUNCT, /* 33 */
- PUNCT, /* 34 */
- PUNCT, /* 35 */
- PUNCT, /* 36 */
- PUNCT, /* 37 */
- PUNCT, /* 38 */
- PUNCT, /* 39 */
- PUNCT, /* 40 */
- PUNCT, /* 41 */
- PUNCT, /* 42 */
- PUNCT, /* 43 */
- PUNCT, /* 44 */
- PUNCT, /* 45 */
- PUNCT, /* 46 */
- PUNCT, /* 47 */
- OCTAL | DEC | HEX, /* 48 */
- OCTAL | DEC | HEX, /* 49 */
- OCTAL | DEC | HEX, /* 50 */
- OCTAL | DEC | HEX, /* 51 */
- OCTAL | DEC | HEX, /* 52 */
- OCTAL | DEC | HEX, /* 53 */
- OCTAL | DEC | HEX, /* 54 */
- OCTAL | DEC | HEX, /* 55 */
- DEC | HEX, /* 56 */
- DEC | HEX, /* 57 */
- PUNCT, /* 58 */
- PUNCT, /* 59 */
- PUNCT, /* 60 */
- PUNCT, /* 61 */
- PUNCT, /* 62 */
- PUNCT, /* 63 */
- PUNCT, /* 64 */
- HEX | UPPER, /* 65 */
- HEX | UPPER, /* 66 */
- HEX | UPPER, /* 67 */
- HEX | UPPER, /* 68 */
- HEX | UPPER, /* 69 */
- HEX | UPPER, /* 70 */
- UPPER, /* 71 */
- UPPER, /* 72 */
- UPPER, /* 73 */
- UPPER, /* 74 */
- UPPER, /* 75 */
- UPPER, /* 76 */
- UPPER, /* 77 */
- UPPER, /* 78 */
- UPPER, /* 79 */
- UPPER, /* 80 */
- UPPER, /* 81 */
- UPPER, /* 82 */
- UPPER, /* 83 */
- UPPER, /* 84 */
- UPPER, /* 85 */
- UPPER, /* 86 */
- UPPER, /* 87 */
- UPPER, /* 88 */
- UPPER, /* 89 */
- UPPER, /* 90 */
- PUNCT, /* 91 */
- PUNCT, /* 92 */
- PUNCT, /* 93 */
- PUNCT, /* 94 */
- PUNCT, /* 95 */
- PUNCT, /* 96 */
- HEX | LOWER, /* 97 */
- HEX | LOWER, /* 98 */
- HEX | LOWER, /* 99 */
- HEX | LOWER, /* 100 */
- HEX | LOWER, /* 101 */
- HEX | LOWER, /* 102 */
- LOWER, /* 103 */
- LOWER, /* 104 */
- LOWER, /* 105 */
- LOWER, /* 106 */
- LOWER, /* 107 */
- LOWER, /* 108 */
- LOWER, /* 109 */
- LOWER, /* 110 */
- LOWER, /* 111 */
- LOWER, /* 112 */
- LOWER, /* 113 */
- LOWER, /* 114 */
- LOWER, /* 115 */
- LOWER, /* 116 */
- LOWER, /* 117 */
- LOWER, /* 118 */
- LOWER, /* 119 */
- LOWER, /* 120 */
- LOWER, /* 121 */
- LOWER, /* 122 */
- PUNCT, /* 123 */
- PUNCT, /* 124 */
- PUNCT, /* 125 */
- PUNCT, /* 126 */
- PUNCT, /* 127 */
- 0, /* 128 */
- 0, /* 129 */
- 0, /* 130 */
- 0, /* 131 */
- 0, /* 132 */
- 0, /* 133 */
- 0, /* 134 */
- 0, /* 135 */
- 0, /* 136 */
- 0, /* 137 */
- 0, /* 138 */
- 0, /* 139 */
- 0, /* 140 */
- 0, /* 141 */
- 0, /* 142 */
- 0, /* 143 */
- 0, /* 144 */
- 0, /* 145 */
- 0, /* 146 */
- 0, /* 147 */
- 0, /* 148 */
- 0, /* 149 */
- 0, /* 150 */
- 0, /* 151 */
- 0, /* 152 */
- 0, /* 153 */
- 0, /* 154 */
- 0, /* 155 */
- 0, /* 156 */
- 0, /* 157 */
- 0, /* 158 */
- 0, /* 159 */
- 0, /* 160 */
- 0, /* 161 */
- 0, /* 162 */
- 0, /* 163 */
- 0, /* 164 */
- 0, /* 165 */
- 0, /* 166 */
- 0, /* 167 */
- 0, /* 168 */
- 0, /* 169 */
- 0, /* 170 */
- 0, /* 171 */
- 0, /* 172 */
- 0, /* 173 */
- 0, /* 174 */
- 0, /* 175 */
- 0, /* 176 */
- 0, /* 177 */
- 0, /* 178 */
- 0, /* 179 */
- 0, /* 180 */
- 0, /* 181 */
- 0, /* 182 */
- 0, /* 183 */
- 0, /* 184 */
- 0, /* 185 */
- 0, /* 186 */
- 0, /* 187 */
- 0, /* 188 */
- 0, /* 189 */
- 0, /* 190 */
- 0, /* 191 */
- 0, /* 192 */
- 0, /* 193 */
- 0, /* 194 */
- 0, /* 195 */
- 0, /* 196 */
- 0, /* 197 */
- 0, /* 198 */
- 0, /* 199 */
- 0, /* 200 */
- 0, /* 201 */
- 0, /* 202 */
- 0, /* 203 */
- 0, /* 204 */
- 0, /* 205 */
- 0, /* 206 */
- 0, /* 207 */
- 0, /* 208 */
- 0, /* 209 */
- 0, /* 210 */
- 0, /* 211 */
- 0, /* 212 */
- 0, /* 213 */
- 0, /* 214 */
- 0, /* 215 */
- 0, /* 216 */
- 0, /* 217 */
- 0, /* 218 */
- 0, /* 219 */
- 0, /* 220 */
- 0, /* 221 */
- 0, /* 222 */
- 0, /* 223 */
- 0, /* 224 */
- 0, /* 225 */
- 0, /* 226 */
- 0, /* 227 */
- 0, /* 228 */
- 0, /* 229 */
- 0, /* 230 */
- 0, /* 231 */
- 0, /* 232 */
- 0, /* 233 */
- 0, /* 234 */
- 0, /* 235 */
- 0, /* 236 */
- 0, /* 237 */
- 0, /* 238 */
- 0, /* 239 */
- 0, /* 240 */
- 0, /* 241 */
- 0, /* 242 */
- 0, /* 243 */
- 0, /* 244 */
- 0, /* 245 */
- 0, /* 246 */
- 0, /* 247 */
- 0, /* 248 */
- 0, /* 249 */
- 0, /* 250 */
- 0, /* 251 */
- 0, /* 252 */
- 0, /* 253 */
- 0, /* 254 */
- 0 /* 255 */
-};
-
-int
-fast_isalnum(uint8_t c)
-{
- return fastctypes[c] & (UPPER | LOWER | OCTAL | DEC | HEX);
-}
-
-int
-fast_isalpha(uint8_t c)
-{
- return fastctypes[c] & (UPPER | LOWER);
-}
-
-int
-fast_isascii(uint8_t c)
-{
- return (c > 0 && c <= 127);
-}
-
-int
-fast_iscntrl(uint8_t c)
-{
- return (c > 0 && c < 32) || c == 127;
-}
-
-int
-fast_isprint(uint8_t c)
-{
- return (c >= 32 && c < 127);
-}
-
-int
-fast_isdigit(uint8_t c)
-{
- return fastctypes[c] & DEC;
-}
-
-int
-fast_islower(uint8_t c)
-{
- return fastctypes[c] & LOWER;
-}
-
-int
-fast_isupper(uint8_t c)
-{
- return fastctypes[c] & UPPER;
-}
-
-int
-fast_isspace(uint8_t c)
-{
- return fastctypes[c] & SPACE;
-}
-
-int
-fast_tolower(uint8_t c)
-{
- return (fastctypes[c] & UPPER) ? 'a' + (c - 'A') : c;
-}
-
-int
-fast_toupper(uint8_t c)
-{
- return (fastctypes[c] & LOWER) ? 'A' + (c - 'a') : c;
-}
-
-int
-fast_isxdigit(uint8_t c)
-{
- return fastctypes[c] & HEX;
-}
diff --git a/enzevalos_iphone/netpgp/lib/fastctype.h b/enzevalos_iphone/netpgp/lib/fastctype.h
deleted file mode 100644
index c6006835..00000000
--- a/enzevalos_iphone/netpgp/lib/fastctype.h
+++ /dev/null
@@ -1,62 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-#ifndef FASTCTYPE_H_
-#define FASTCTYPE_H_
-
-#ifdef HAVE_INTTYPES_H
-#include <inttypes.h>
-#endif
-
-int fast_isalnum(uint8_t);
-int fast_isalpha(uint8_t);
-int fast_isascii(uint8_t);
-int fast_iscntrl(uint8_t);
-int fast_isdigit(uint8_t);
-int fast_islower(uint8_t);
-int fast_isupper(uint8_t);
-int fast_isprint(uint8_t);
-int fast_isspace(uint8_t);
-int fast_isxdigit(uint8_t);
-int fast_tolower(uint8_t);
-int fast_toupper(uint8_t);
-
-#define isalnum(x) fast_isalnum(x)
-#define isalpha(x) fast_isalpha(x)
-#define isascii(x) fast_isascii(x)
-#define iscntrl(x) fast_iscntrl(x)
-#define isdigit(x) fast_isdigit(x)
-#define islower(x) fast_islower(x)
-#define isupper(x) fast_isupper(x)
-#define isprint(x) fast_isprint(x)
-#define isspace(x) fast_isspace(x)
-#define tolower(x) fast_tolower(x)
-#define toupper(x) fast_toupper(x)
-#define isxdigit(x) fast_isxdigit(x)
-
-#endif
diff --git a/enzevalos_iphone/netpgp/lib/keyring.c b/enzevalos_iphone/netpgp/lib/keyring.c
deleted file mode 100644
index 6b9f8f5e..00000000
--- a/enzevalos_iphone/netpgp/lib/keyring.c
+++ /dev/null
@@ -1,1153 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-#if defined(__NetBSD__)
-__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: keyring.c,v 1.47 2010/10/31 19:45:53 stacktic Exp $");
-#endif
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#include <regex.h>
-#include <stdlib.h>
-#include <string.h>
-
-#ifdef HAVE_TERMIOS_H
-#include <termios.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#include "types.h"
-#include "keyring.h"
-#include "packet-parse.h"
-#include "signature.h"
-#include "netpgpsdk.h"
-#include "readerwriter.h"
-#include "netpgpdefs.h"
-#include "packet.h"
-#include "crypto.h"
-#include "validate.h"
-#include "netpgpdefs.h"
-#include "netpgpdigest.h"
-
-
-
-/**
- \ingroup HighLevel_Keyring
-
- \brief Creates a new __ops_key_t struct
-
- \return A new __ops_key_t struct, initialised to zero.
-
- \note The returned __ops_key_t struct must be freed after use with __ops_keydata_free.
-*/
-
-__ops_key_t *
-__ops_keydata_new(void)
-{
- return calloc(1, sizeof(__ops_key_t));
-}
-
-
-/**
- \ingroup HighLevel_Keyring
-
- \brief Frees keydata and its memory
-
- \param keydata Key to be freed.
-
- \note This frees the keydata itself, as well as any other memory alloc-ed by it.
-*/
-void
-__ops_keydata_free(__ops_key_t *keydata)
-{
- unsigned n;
-
- for (n = 0; n < keydata->uidc; ++n) {
- __ops_userid_free(&keydata->uids[n]);
- }
- free(keydata->uids);
- keydata->uids = NULL;
- keydata->uidc = 0;
-
- for (n = 0; n < keydata->packetc; ++n) {
- __ops_subpacket_free(&keydata->packets[n]);
- }
- free(keydata->packets);
- keydata->packets = NULL;
- keydata->packetc = 0;
-
- if (keydata->type == OPS_PTAG_CT_PUBLIC_KEY) {
- __ops_pubkey_free(&keydata->key.pubkey);
- } else {
- __ops_seckey_free(&keydata->key.seckey);
- }
-
- free(keydata);
-}
-
-/**
- \ingroup HighLevel_KeyGeneral
-
- \brief Returns the public key in the given keydata.
- \param keydata
-
- \return Pointer to public key
-
- \note This is not a copy, do not free it after use.
-*/
-
-const __ops_pubkey_t *
-__ops_get_pubkey(const __ops_key_t *keydata)
-{
- return (keydata->type == OPS_PTAG_CT_PUBLIC_KEY) ?
- &keydata->key.pubkey :
- &keydata->key.seckey.pubkey;
-}
-
-/**
-\ingroup HighLevel_KeyGeneral
-
-\brief Check whether this is a secret key or not.
-*/
-
-unsigned
-__ops_is_key_secret(const __ops_key_t *data)
-{
- return data->type != OPS_PTAG_CT_PUBLIC_KEY;
-}
-
-/**
- \ingroup HighLevel_KeyGeneral
-
- \brief Returns the secret key in the given keydata.
-
- \note This is not a copy, do not free it after use.
-
- \note This returns a const. If you need to be able to write to this
- pointer, use __ops_get_writable_seckey
-*/
-
-const __ops_seckey_t *
-__ops_get_seckey(const __ops_key_t *data)
-{
- return (data->type == OPS_PTAG_CT_SECRET_KEY) ?
- &data->key.seckey : NULL;
-}
-
-/**
- \ingroup HighLevel_KeyGeneral
-
- \brief Returns the secret key in the given keydata.
-
- \note This is not a copy, do not free it after use.
-
- \note If you do not need to be able to modify this key, there is an
- equivalent read-only function __ops_get_seckey.
-*/
-
-__ops_seckey_t *
-__ops_get_writable_seckey(__ops_key_t *data)
-{
- return (data->type == OPS_PTAG_CT_SECRET_KEY) ?
- &data->key.seckey : NULL;
-}
-
-/* utility function to zero out memory */
-void
-__ops_forget(void *vp, unsigned size)
-{
- (void) memset(vp, 0x0, size);
-}
-
-typedef struct {
- FILE *passfp;
- const __ops_key_t *key;
- char *passphrase;
- __ops_seckey_t *seckey;
-} decrypt_t;
-
-static __ops_cb_ret_t
-decrypt_cb(const __ops_packet_t *pkt, __ops_cbdata_t *cbinfo)
-{
- const __ops_contents_t *content = &pkt->u;
- decrypt_t *decrypt;
- char pass[MAX_PASSPHRASE_LENGTH];
-
- decrypt = __ops_callback_arg(cbinfo);
- switch (pkt->tag) {
- case OPS_PARSER_PTAG:
- case OPS_PTAG_CT_USER_ID:
- case OPS_PTAG_CT_SIGNATURE:
- case OPS_PTAG_CT_SIGNATURE_HEADER:
- case OPS_PTAG_CT_SIGNATURE_FOOTER:
- case OPS_PTAG_CT_TRUST:
- break;
-
- case OPS_GET_PASSPHRASE:
- (void) __ops_getpassphrase(decrypt->passfp, pass, sizeof(pass));
- *content->skey_passphrase.passphrase = netpgp_strdup(pass);
- __ops_forget(pass, (unsigned)sizeof(pass));
- return OPS_KEEP_MEMORY;
-
- case OPS_PARSER_ERRCODE:
- switch (content->errcode.errcode) {
- case OPS_E_P_MPI_FORMAT_ERROR:
- /* Generally this means a bad passphrase */
- fprintf(stderr, "Bad passphrase!\n");
- return OPS_RELEASE_MEMORY;
-
- case OPS_E_P_PACKET_CONSUMED:
- /* And this is because of an error we've accepted */
- return OPS_RELEASE_MEMORY;
- default:
- break;
- }
- (void) fprintf(stderr, "parse error: %s\n",
- __ops_errcode(content->errcode.errcode));
- return OPS_FINISHED;
-
- case OPS_PARSER_ERROR:
- fprintf(stderr, "parse error: %s\n", content->error);
- return OPS_FINISHED;
-
- case OPS_PTAG_CT_SECRET_KEY:
- if ((decrypt->seckey = calloc(1, sizeof(*decrypt->seckey))) == NULL) {
- (void) fprintf(stderr, "decrypt_cb: bad alloc\n");
- return OPS_FINISHED;
- }
- decrypt->seckey->checkhash = calloc(1, OPS_CHECKHASH_SIZE);
- *decrypt->seckey = content->seckey;
- return OPS_KEEP_MEMORY;
-
- case OPS_PARSER_PACKET_END:
- /* nothing to do */
- break;
-
- default:
- fprintf(stderr, "Unexpected tag %d (0x%x)\n", pkt->tag,
- pkt->tag);
- return OPS_FINISHED;
- }
-
- return OPS_RELEASE_MEMORY;
-}
-
-/**
-\ingroup Core_Keys
-\brief Decrypts secret key from given keydata with given passphrase
-\param key Key from which to get secret key
-\param passphrase Passphrase to use to decrypt secret key
-\return secret key
-*/
-__ops_seckey_t *
-__ops_decrypt_seckey(const __ops_key_t *key, void *passfp)
-{
- __ops_stream_t *stream;
- const int printerrors = 1;
- decrypt_t decrypt;
-
- (void) memset(&decrypt, 0x0, sizeof(decrypt));
- decrypt.key = key;
- decrypt.passfp = passfp;
- stream = __ops_new(sizeof(*stream));
- __ops_keydata_reader_set(stream, key);
- __ops_set_callback(stream, decrypt_cb, &decrypt);
- stream->readinfo.accumulate = 1;
- __ops_parse(stream, !printerrors);
- return decrypt.seckey;
-}
-
-/**
-\ingroup Core_Keys
-\brief Set secret key in content
-\param content Content to be set
-\param key Keydata to get secret key from
-*/
-void
-__ops_set_seckey(__ops_contents_t *cont, const __ops_key_t *key)
-{
- *cont->get_seckey.seckey = &key->key.seckey;
-}
-
-/**
-\ingroup Core_Keys
-\brief Get Key ID from keydata
-\param key Keydata to get Key ID from
-\return Pointer to Key ID inside keydata
-*/
-const uint8_t *
-__ops_get_key_id(const __ops_key_t *key)
-{
- return key->sigid;
-}
-
-/**
-\ingroup Core_Keys
-\brief How many User IDs in this key?
-\param key Keydata to check
-\return Num of user ids
-*/
-unsigned
-__ops_get_userid_count(const __ops_key_t *key)
-{
- return key->uidc;
-}
-
-/**
-\ingroup Core_Keys
-\brief Get indexed user id from key
-\param key Key to get user id from
-\param index Which key to get
-\return Pointer to requested user id
-*/
-const uint8_t *
-__ops_get_userid(const __ops_key_t *key, unsigned subscript)
-{
- return key->uids[subscript];
-}
-
-/**
- \ingroup HighLevel_Supported
- \brief Checks whether key's algorithm and type are supported by OpenPGP::SDK
- \param keydata Key to be checked
- \return 1 if key algorithm and type are supported by OpenPGP::SDK; 0 if not
-*/
-
-unsigned
-__ops_is_key_supported(const __ops_key_t *key)
-{
- if (key->type == OPS_PTAG_CT_PUBLIC_KEY) {
- switch(key->key.pubkey.alg) {
- case OPS_PKA_RSA:
- case OPS_PKA_DSA:
- case OPS_PKA_ELGAMAL:
- return 1;
- default:
- break;
- }
- }
- return 0;
-}
-
-/* \todo check where userid pointers are copied */
-/**
-\ingroup Core_Keys
-\brief Copy user id, including contents
-\param dst Destination User ID
-\param src Source User ID
-\note If dst already has a userid, it will be freed.
-*/
-static uint8_t *
-__ops_copy_userid(uint8_t **dst, const uint8_t *src)
-{
- size_t len;
-
- len = strlen((const char *) src);
- if (*dst) {
- free(*dst);
- }
- if ((*dst = calloc(1, len + 1)) == NULL) {
- (void) fprintf(stderr, "__ops_copy_userid: bad alloc\n");
- } else {
- (void) memcpy(*dst, src, len);
- }
- return *dst;
-}
-
-/* \todo check where pkt pointers are copied */
-/**
-\ingroup Core_Keys
-\brief Copy packet, including contents
-\param dst Destination packet
-\param src Source packet
-\note If dst already has a packet, it will be freed.
-*/
-static __ops_subpacket_t *
-__ops_copy_packet(__ops_subpacket_t *dst, const __ops_subpacket_t *src)
-{
- if (dst->raw) {
- free(dst->raw);
- }
- if ((dst->raw = calloc(1, src->length)) == NULL) {
- (void) fprintf(stderr, "__ops_copy_packet: bad alloc\n");
- } else {
- dst->length = src->length;
- (void) memcpy(dst->raw, src->raw, src->length);
- }
- return dst;
-}
-
-/**
-\ingroup Core_Keys
-\brief Add User ID to key
-\param key Key to which to add User ID
-\param userid User ID to add
-\return Pointer to new User ID
-*/
-uint8_t *
-__ops_add_userid(__ops_key_t *key, const uint8_t *userid)
-{
- uint8_t **uidp;
-
- EXPAND_ARRAY(key, uid);
- /* initialise new entry in array */
- uidp = &key->uids[key->uidc++];
- *uidp = NULL;
- /* now copy it */
- return __ops_copy_userid(uidp, userid);
-}
-
-void print_packet_hex(const __ops_subpacket_t *pkt);
-
-/**
-\ingroup Core_Keys
-\brief Add packet to key
-\param keydata Key to which to add packet
-\param packet Packet to add
-\return Pointer to new packet
-*/
-__ops_subpacket_t *
-__ops_add_subpacket(__ops_key_t *keydata, const __ops_subpacket_t *packet)
-{
- __ops_subpacket_t *subpktp;
-
- EXPAND_ARRAY(keydata, packet);
- /* initialise new entry in array */
- subpktp = &keydata->packets[keydata->packetc++];
- subpktp->length = 0;
- subpktp->raw = NULL;
- /* now copy it */
- return __ops_copy_packet(subpktp, packet);
-}
-
-/**
-\ingroup Core_Keys
-\brief Add selfsigned User ID to key
-\param keydata Key to which to add user ID
-\param userid Self-signed User ID to add
-\return 1 if OK; else 0
-*/
-unsigned
-__ops_add_selfsigned_userid(__ops_key_t *key, uint8_t *userid)
-{
- __ops_create_sig_t *sig;
- __ops_subpacket_t sigpacket;
- __ops_memory_t *mem_userid = NULL;
- __ops_output_t *useridoutput = NULL;
- __ops_memory_t *mem_sig = NULL;
- __ops_output_t *sigoutput = NULL;
-
- /*
- * create signature packet for this userid
- */
-
- /* create userid pkt */
- __ops_setup_memory_write(&useridoutput, &mem_userid, 128);
- __ops_write_struct_userid(useridoutput, userid);
-
- /* create sig for this pkt */
- sig = __ops_create_sig_new();
- __ops_sig_start_key_sig(sig, &key->key.seckey.pubkey, userid, OPS_CERT_POSITIVE);
- __ops_add_time(sig, (int64_t)time(NULL), "birth");
- __ops_add_key_flags(sig, OPS_KEYFLAG_SIGN_DATA | OPS_KEYFLAG_CERT_KEYS | OPS_KEYFLAG_ENC_COMM | OPS_KEYFLAG_ENC_STORAGE);
- __ops_add_issuer_keyid(sig, key->sigid);
- __ops_add_primary_userid(sig, 1);
- __ops_end_hashed_subpkts(sig);
-
- __ops_setup_memory_write(&sigoutput, &mem_sig, 128);
- __ops_write_sig(sigoutput, sig, &key->key.seckey.pubkey, &key->key.seckey);
-
- /* add this packet to key */
- sigpacket.length = __ops_mem_len(mem_sig);
- sigpacket.raw = __ops_mem_data(mem_sig);
-
- /* add userid to key */
- (void) __ops_add_userid(key, userid);
- (void) __ops_add_subpacket(key, &sigpacket);
-
- /* cleanup */
- __ops_create_sig_delete(sig);
- __ops_output_delete(useridoutput);
- __ops_output_delete(sigoutput);
- __ops_memory_free(mem_userid);
- __ops_memory_free(mem_sig);
-
- return 1;
-}
-
-/**
-\ingroup Core_Keys
-\brief Initialise __ops_key_t
-\param keydata Keydata to initialise
-\param type OPS_PTAG_CT_PUBLIC_KEY or OPS_PTAG_CT_SECRET_KEY
-*/
-void
-__ops_keydata_init(__ops_key_t *keydata, const __ops_content_enum type)
-{
- if (keydata->type != OPS_PTAG_CT_RESERVED) {
- (void) fprintf(stderr,
- "__ops_keydata_init: wrong keydata type\n");
- } else if (type != OPS_PTAG_CT_PUBLIC_KEY &&
- type != OPS_PTAG_CT_SECRET_KEY) {
- (void) fprintf(stderr, "__ops_keydata_init: wrong type\n");
- } else {
- keydata->type = type;
- }
-}
-
-/* used to point to data during keyring read */
-typedef struct keyringcb_t {
- __ops_keyring_t *keyring; /* the keyring we're reading */
-} keyringcb_t;
-
-
-static __ops_cb_ret_t
-cb_keyring_read(const __ops_packet_t *pkt, __ops_cbdata_t *cbinfo)
-{
- __ops_keyring_t *keyring;
- __ops_revoke_t *revocation;
- __ops_key_t *key;
- keyringcb_t *cb;
-
- cb = __ops_callback_arg(cbinfo);
- keyring = cb->keyring;
- switch (pkt->tag) {
- case OPS_PARSER_PTAG:
- case OPS_PTAG_CT_ENCRYPTED_SECRET_KEY:
- /* we get these because we didn't prompt */
- break;
- case OPS_PTAG_CT_SIGNATURE_HEADER:
- key = &keyring->keys[keyring->keyc - 1];
- EXPAND_ARRAY(key, subsig);
- key->subsigs[key->subsigc].uid = key->uidc - 1;
- (void) memcpy(&key->subsigs[key->subsigc].sig, &pkt->u.sig,
- sizeof(pkt->u.sig));
- key->subsigc += 1;
- break;
- case OPS_PTAG_CT_SIGNATURE:
- key = &keyring->keys[keyring->keyc - 1];
- EXPAND_ARRAY(key, subsig);
- key->subsigs[key->subsigc].uid = key->uidc - 1;
- (void) memcpy(&key->subsigs[key->subsigc].sig, &pkt->u.sig,
- sizeof(pkt->u.sig));
- key->subsigc += 1;
- break;
- case OPS_PTAG_CT_TRUST:
- key = &keyring->keys[keyring->keyc - 1];
- key->subsigs[key->subsigc - 1].trustlevel = pkt->u.ss_trust.level;
- key->subsigs[key->subsigc - 1].trustamount = pkt->u.ss_trust.amount;
- break;
- case OPS_PTAG_SS_KEY_EXPIRY:
- EXPAND_ARRAY(keyring, key);
- if (keyring->keyc > 0) {
- keyring->keys[keyring->keyc - 1].key.pubkey.duration = pkt->u.ss_time;
- }
- break;
- case OPS_PTAG_SS_ISSUER_KEY_ID:
- key = &keyring->keys[keyring->keyc - 1];
- (void) memcpy(&key->subsigs[key->subsigc - 1].sig.info.signer_id,
- pkt->u.ss_issuer,
- sizeof(pkt->u.ss_issuer));
- key->subsigs[key->subsigc - 1].sig.info.signer_id_set = 1;
- break;
- case OPS_PTAG_SS_CREATION_TIME:
- key = &keyring->keys[keyring->keyc - 1];
- key->subsigs[key->subsigc - 1].sig.info.birthtime = pkt->u.ss_time;
- key->subsigs[key->subsigc - 1].sig.info.birthtime_set = 1;
- break;
- case OPS_PTAG_SS_EXPIRATION_TIME:
- key = &keyring->keys[keyring->keyc - 1];
- key->subsigs[key->subsigc - 1].sig.info.duration = pkt->u.ss_time;
- key->subsigs[key->subsigc - 1].sig.info.duration_set = 1;
- break;
- case OPS_PTAG_SS_PRIMARY_USER_ID:
- key = &keyring->keys[keyring->keyc - 1];
- key->uid0 = key->uidc - 1;
- break;
- case OPS_PTAG_SS_REVOCATION_REASON:
- key = &keyring->keys[keyring->keyc - 1];
- if (key->uidc == 0) {
- /* revoke whole key */
- key->revoked = 1;
- revocation = &key->revocation;
- } else {
- /* revoke the user id */
- EXPAND_ARRAY(key, revoke);
- revocation = &key->revokes[key->revokec];
- key->revokes[key->revokec].uid = key->uidc - 1;
- key->revokec += 1;
- }
- revocation->code = pkt->u.ss_revocation.code;
- revocation->reason = netpgp_strdup(__ops_show_ss_rr_code(pkt->u.ss_revocation.code));
- break;
- case OPS_PTAG_CT_SIGNATURE_FOOTER:
- case OPS_PARSER_ERRCODE:
- break;
-
- default:
- break;
- }
-
- return OPS_RELEASE_MEMORY;
-}
-
-/**
- \ingroup HighLevel_KeyringRead
-
- \brief Reads a keyring from a file
-
- \param keyring Pointer to an existing __ops_keyring_t struct
- \param armour 1 if file is armoured; else 0
- \param filename Filename of keyring to be read
-
- \return __ops 1 if OK; 0 on error
-
- \note Keyring struct must already exist.
-
- \note Can be used with either a public or secret keyring.
-
- \note You must call __ops_keyring_free() after usage to free alloc-ed memory.
-
- \note If you call this twice on the same keyring struct, without calling
- __ops_keyring_free() between these calls, you will introduce a memory leak.
-
- \sa __ops_keyring_read_from_mem()
- \sa __ops_keyring_free()
-
-*/
-
-unsigned
-__ops_keyring_fileread(__ops_keyring_t *keyring,
- const unsigned armour,
- const char *filename)
-{
- __ops_stream_t *stream;
- keyringcb_t cb;
- unsigned res = 1;
- int fd;
-
- (void) memset(&cb, 0x0, sizeof(cb));
- cb.keyring = keyring;
- stream = __ops_new(sizeof(*stream));
-
- /* add this for the moment, */
- /*
- * \todo need to fix the problems with reading signature subpackets
- * later
- */
-
- /* __ops_parse_options(parse,OPS_PTAG_SS_ALL,OPS_PARSE_RAW); */
- __ops_parse_options(stream, OPS_PTAG_SS_ALL, OPS_PARSE_PARSED);
-
-#ifdef O_BINARY
- fd = open(filename, O_RDONLY | O_BINARY);
-#else
- fd = open(filename, O_RDONLY);
-#endif
- if (fd < 0) {
- __ops_stream_delete(stream);
- perror(filename);
- return 0;
- }
-#ifdef USE_MMAP_FOR_FILES
- __ops_reader_set_mmap(stream, fd);
-#else
- __ops_reader_set_fd(stream, fd);
-#endif
-
- __ops_set_callback(stream, cb_keyring_read, &cb);
-
- if (armour) {
- __ops_reader_push_dearmour(stream);
- }
- res = __ops_parse_and_accumulate(keyring, stream);
- __ops_print_errors(__ops_stream_get_errors(stream));
-
- if (armour) {
- __ops_reader_pop_dearmour(stream);
- }
-
- (void)close(fd);
-
- __ops_stream_delete(stream);
-
- return res;
-}
-
-/**
- \ingroup HighLevel_KeyringRead
-
- \brief Reads a keyring from memory
-
- \param keyring Pointer to existing __ops_keyring_t struct
- \param armour 1 if file is armoured; else 0
- \param mem Pointer to a __ops_memory_t struct containing keyring to be read
-
- \return __ops 1 if OK; 0 on error
-
- \note Keyring struct must already exist.
-
- \note Can be used with either a public or secret keyring.
-
- \note You must call __ops_keyring_free() after usage to free alloc-ed memory.
-
- \note If you call this twice on the same keyring struct, without calling
- __ops_keyring_free() between these calls, you will introduce a memory leak.
-
- \sa __ops_keyring_fileread
- \sa __ops_keyring_free
-*/
-unsigned
-__ops_keyring_read_from_mem(__ops_io_t *io,
- __ops_keyring_t *keyring,
- const unsigned armour,
- __ops_memory_t *mem)
-{
- __ops_stream_t *stream;
- const unsigned noaccum = 0;
- keyringcb_t cb;
- unsigned res;
-
- (void) memset(&cb, 0x0, sizeof(cb));
- cb.keyring = keyring;
- stream = __ops_new(sizeof(*stream));
- __ops_parse_options(stream, OPS_PTAG_SS_ALL, OPS_PARSE_PARSED);
- __ops_setup_memory_read(io, &stream, mem, &cb, cb_keyring_read,
- noaccum);
- if (armour) {
- __ops_reader_push_dearmour(stream);
- }
- res = (unsigned)__ops_parse_and_accumulate(keyring, stream);
- __ops_print_errors(__ops_stream_get_errors(stream));
- if (armour) {
- __ops_reader_pop_dearmour(stream);
- }
- /* don't call teardown_memory_read because memory was passed in */
- __ops_stream_delete(stream);
- return res;
-}
-
-/**
- \ingroup HighLevel_KeyringRead
-
- \brief Frees keyring's contents (but not keyring itself)
-
- \param keyring Keyring whose data is to be freed
-
- \note This does not free keyring itself, just the memory alloc-ed in it.
- */
-void
-__ops_keyring_free(__ops_keyring_t *keyring)
-{
- (void)free(keyring->keys);
- keyring->keys = NULL;
- keyring->keyc = keyring->keyvsize = 0;
-}
-
-/**
- \ingroup HighLevel_KeyringFind
-
- \brief Finds key in keyring from its Key ID
-
- \param keyring Keyring to be searched
- \param keyid ID of required key
-
- \return Pointer to key, if found; NULL, if not found
-
- \note This returns a pointer to the key inside the given keyring,
- not a copy. Do not free it after use.
-
-*/
-const __ops_key_t *
-__ops_getkeybyid(__ops_io_t *io, const __ops_keyring_t *keyring,
- const uint8_t *keyid, unsigned *from, __ops_pubkey_t **pubkey)
-{
- uint8_t nullid[OPS_KEY_ID_SIZE];
-
- (void) memset(nullid, 0x0, sizeof(nullid));
- for ( ; keyring && *from < keyring->keyc; *from += 1) {
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(io->errs, "keyring sig keyid", keyring->keys[*from].sigid, OPS_KEY_ID_SIZE);
- hexdump(io->errs, "keyring enc keyid", keyring->keys[*from].encid, OPS_KEY_ID_SIZE);
- hexdump(io->errs, "keyid", keyid, OPS_KEY_ID_SIZE);
- }
- if (memcmp(keyring->keys[*from].sigid, keyid, OPS_KEY_ID_SIZE) == 0 ||
- memcmp(&keyring->keys[*from].sigid[OPS_KEY_ID_SIZE / 2],
- keyid, OPS_KEY_ID_SIZE / 2) == 0) {
- if (pubkey) {
- *pubkey = &keyring->keys[*from].key.pubkey;
- }
- return &keyring->keys[*from];
- }
- if (memcmp(&keyring->keys[*from].encid, nullid, sizeof(nullid)) == 0) {
- continue;
- }
- if (memcmp(&keyring->keys[*from].encid, keyid, OPS_KEY_ID_SIZE) == 0 ||
- memcmp(&keyring->keys[*from].encid[OPS_KEY_ID_SIZE / 2], keyid, OPS_KEY_ID_SIZE / 2) == 0) {
- if (pubkey) {
- *pubkey = &keyring->keys[*from].enckey;
- }
- return &keyring->keys[*from];
- }
- }
- return NULL;
-}
-
-/* convert a string keyid into a binary keyid */
-static void
-str2keyid(const char *userid, uint8_t *keyid, size_t len)
-{
- static const char *uppers = "0123456789ABCDEF";
- static const char *lowers = "0123456789abcdef";
- const char *hi;
- const char *lo;
- uint8_t hichar;
- uint8_t lochar;
- size_t j;
- int i;
-
- for (i = 0, j = 0 ; j < len && userid[i] && userid[i + 1] ; i += 2, j++) {
- if ((hi = strchr(uppers, userid[i])) == NULL) {
- if ((hi = strchr(lowers, userid[i])) == NULL) {
- break;
- }
- hichar = (uint8_t)(hi - lowers);
- } else {
- hichar = (uint8_t)(hi - uppers);
- }
- if ((lo = strchr(uppers, userid[i + 1])) == NULL) {
- if ((lo = strchr(lowers, userid[i + 1])) == NULL) {
- break;
- }
- lochar = (uint8_t)(lo - lowers);
- } else {
- lochar = (uint8_t)(lo - uppers);
- }
- keyid[j] = (hichar << 4) | (lochar);
- }
- keyid[j] = 0x0;
-}
-
-/* return the next key which matches, starting searching at *from */
-static const __ops_key_t *
-getkeybyname(__ops_io_t *io,
- const __ops_keyring_t *keyring,
- const char *name,
- unsigned *from)
-{
- const __ops_key_t *kp;
- uint8_t **uidp;
- unsigned i = 0;
- __ops_key_t *keyp;
- unsigned savedstart;
- regex_t r;
- uint8_t keyid[OPS_KEY_ID_SIZE + 1];
- size_t len;
-
- if (!keyring || !name || !from) {
- return NULL;
- }
- len = strlen(name);
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(io->outs, "[%u] name '%s', len %zu\n",
- *from, name, len);
- }
- /* first try name as a keyid */
- (void) memset(keyid, 0x0, sizeof(keyid));
- str2keyid(name, keyid, sizeof(keyid));
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(io->outs, "keyid", keyid, 4);
- }
- savedstart = *from;
- if ((kp = __ops_getkeybyid(io, keyring, keyid, from, NULL)) != NULL) {
- return kp;
- }
- *from = savedstart;
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(io->outs, "regex match '%s' from %u\n",
- name, *from);
- }
- /* match on full name or email address as a NOSUB, ICASE regexp */
- (void) regcomp(&r, name, REG_EXTENDED | REG_ICASE);
- for (keyp = &keyring->keys[*from]; *from < keyring->keyc; *from += 1, keyp++) {
- uidp = keyp->uids;
- for (i = 0 ; i < keyp->uidc; i++, uidp++) {
- if (regexec(&r, (char *)*uidp, 0, NULL, 0) == 0) {
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(io->outs,
- "MATCHED keyid \"%s\" len %" PRIsize "u\n",
- (char *) *uidp, len);
- }
- regfree(&r);
- return keyp;
- }
- }
- }
- regfree(&r);
- return NULL;
-}
-
-/**
- \ingroup HighLevel_KeyringFind
-
- \brief Finds key from its User ID
-
- \param keyring Keyring to be searched
- \param userid User ID of required key
-
- \return Pointer to Key, if found; NULL, if not found
-
- \note This returns a pointer to the key inside the keyring, not a
- copy. Do not free it.
-
-*/
-const __ops_key_t *
-__ops_getkeybyname(__ops_io_t *io,
- const __ops_keyring_t *keyring,
- const char *name)
-{
- unsigned from;
-
- from = 0;
- return getkeybyname(io, keyring, name, &from);
-}
-
-const __ops_key_t *
-__ops_getnextkeybyname(__ops_io_t *io,
- const __ops_keyring_t *keyring,
- const char *name,
- unsigned *n)
-{
- return getkeybyname(io, keyring, name, n);
-}
-
-/**
- \ingroup HighLevel_KeyringList
-
- \brief Prints all keys in keyring to stdout.
-
- \param keyring Keyring to use
-
- \return none
-*/
-int
-__ops_keyring_list(__ops_io_t *io, const __ops_keyring_t *keyring, const int psigs)
-{
- __ops_key_t *key;
- unsigned n;
-
- (void) fprintf(io->res, "%u key%s\n", keyring->keyc,
- (keyring->keyc == 1) ? "" : "s");
- for (n = 0, key = keyring->keys; n < keyring->keyc; ++n, ++key) {
- if (__ops_is_key_secret(key)) {
- __ops_print_keydata(io, keyring, key, "sec",
- &key->key.seckey.pubkey, 0);
- } else {
- __ops_print_keydata(io, keyring, key, "signature ", &key->key.pubkey, psigs);
- }
- (void) fputc('\n', io->res);
- }
- return 1;
-}
-
-int
-__ops_keyring_json(__ops_io_t *io, const __ops_keyring_t *keyring, mj_t *obj, const int psigs)
-{
- __ops_key_t *key;
- unsigned n;
-
- (void) memset(obj, 0x0, sizeof(*obj));
- mj_create(obj, "array");
- obj->size = keyring->keyvsize;
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(io->errs, "__ops_keyring_json: vsize %u\n", obj->size);
- }
- if ((obj->value.v = calloc(sizeof(*obj->value.v), obj->size)) == NULL) {
- (void) fprintf(io->errs, "calloc failure\n");
- return 0;
- }
- for (n = 0, key = keyring->keys; n < keyring->keyc; ++n, ++key) {
- if (__ops_is_key_secret(key)) {
- __ops_sprint_mj(io, keyring, key, &obj->value.v[obj->c],
- "sec", &key->key.seckey.pubkey, psigs);
- } else {
- __ops_sprint_mj(io, keyring, key, &obj->value.v[obj->c],
- "signature ", &key->key.pubkey, psigs);
- }
- if (obj->value.v[obj->c].type != 0) {
- obj->c += 1;
- }
- }
- if (__ops_get_debug_level(__FILE__)) {
- char *s;
-
- mj_asprint(&s, obj);
- (void) fprintf(stderr, "__ops_keyring_json: '%s'\n", s);
- free(s);
- }
- return 1;
-}
-
-
-/* this interface isn't right - hook into callback for getting passphrase */
-char *
-__ops_export_key(__ops_io_t *io, const __ops_key_t *keydata, uint8_t *passphrase)
-{
- __ops_output_t *output;
- __ops_memory_t *mem;
- char *cp;
-
- __OPS_USED(io);
- __ops_setup_memory_write(&output, &mem, 128);
- if (keydata->type == OPS_PTAG_CT_PUBLIC_KEY) {
- __ops_write_xfer_pubkey(output, keydata, 1);
- } else {
- __ops_write_xfer_seckey(output, keydata, passphrase,
- strlen((char *)passphrase), 1);
- }
- cp = netpgp_strdup(__ops_mem_data(mem));
- __ops_teardown_memory_write(output, mem);
- return cp;
-}
-
-/* add a key to a public keyring */
-int
-__ops_add_to_pubring(__ops_keyring_t *keyring, const __ops_pubkey_t *pubkey, __ops_content_enum tag)
-{
- __ops_key_t *key;
- time_t duration;
-
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(stderr, "__ops_add_to_pubring (type %u)\n", tag);
- }
- switch(tag) {
- case OPS_PTAG_CT_PUBLIC_KEY:
- EXPAND_ARRAY(keyring, key);
- key = &keyring->keys[keyring->keyc++];
- duration = key->key.pubkey.duration;
- (void) memset(key, 0x0, sizeof(*key));
- key->type = tag;
- __ops_keyid(key->sigid, OPS_KEY_ID_SIZE, pubkey, keyring->hashtype);
- __ops_fingerprint(&key->sigfingerprint, pubkey, keyring->hashtype);
- key->key.pubkey = *pubkey;
- key->key.pubkey.duration = duration;
- return 1;
- case OPS_PTAG_CT_PUBLIC_SUBKEY:
- /* subkey is not the first */
- key = &keyring->keys[keyring->keyc - 1];
- __ops_keyid(key->encid, OPS_KEY_ID_SIZE, pubkey, keyring->hashtype);
- duration = key->key.pubkey.duration;
- (void) memcpy(&key->enckey, pubkey, sizeof(key->enckey));
- key->enckey.duration = duration;
- return 1;
- default:
- return 0;
- }
-}
-
-/* add a key to a secret keyring */
-int
-__ops_add_to_secring(__ops_keyring_t *keyring, const __ops_seckey_t *seckey)
-{
- const __ops_pubkey_t *pubkey;
- __ops_key_t *key;
-
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(stderr, "__ops_add_to_secring\n");
- }
- if (keyring->keyc > 0) {
- key = &keyring->keys[keyring->keyc - 1];
- if (__ops_get_debug_level(__FILE__) &&
- key->key.pubkey.alg == OPS_PKA_DSA &&
- seckey->pubkey.alg == OPS_PKA_ELGAMAL) {
- fprintf(stderr, "__ops_add_to_secring: found elgamal seckey\n");
- }
- }
- EXPAND_ARRAY(keyring, key);
- key = &keyring->keys[keyring->keyc++];
- (void) memset(key, 0x0, sizeof(*key));
- pubkey = &seckey->pubkey;
- __ops_keyid(key->sigid, OPS_KEY_ID_SIZE, pubkey, keyring->hashtype);
- __ops_fingerprint(&key->sigfingerprint, pubkey, keyring->hashtype);
- key->type = OPS_PTAG_CT_SECRET_KEY;
- key->key.seckey = *seckey;
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(stderr, "__ops_add_to_secring: keyc %u\n", keyring->keyc);
- }
- return 1;
-}
-
-/* append one keyring to another */
-int
-__ops_append_keyring(__ops_keyring_t *keyring, __ops_keyring_t *newring)
-{
- unsigned i;
-
- for (i = 0 ; i < newring->keyc ; i++) {
- EXPAND_ARRAY(keyring, key);
- (void) memcpy(&keyring->keys[keyring->keyc], &newring->keys[i],
- sizeof(newring->keys[i]));
- keyring->keyc += 1;
- }
- return 1;
-}
diff --git a/enzevalos_iphone/netpgp/lib/keyring.h b/enzevalos_iphone/netpgp/lib/keyring.h
deleted file mode 100644
index 927791da..00000000
--- a/enzevalos_iphone/netpgp/lib/keyring.h
+++ /dev/null
@@ -1,152 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- */
-
-#ifndef KEYRING_H_
-#define KEYRING_H_
-
-#include "packet.h"
-#include "packet-parse.h"
-#include "mj.h"
-
-enum {
- MAX_ID_LENGTH = 128,
- MAX_PASSPHRASE_LENGTH = 256
-};
-
-typedef struct __ops_key_t __ops_key_t;
-
-/** \struct __ops_keyring_t
- * A keyring
- */
-typedef struct __ops_keyring_t {
- DYNARRAY(__ops_key_t, key);
- __ops_hash_alg_t hashtype;
-} __ops_keyring_t;
-
-const __ops_key_t *__ops_getkeybyid(__ops_io_t *,
- const __ops_keyring_t *,
- const uint8_t *,
- unsigned *,
- __ops_pubkey_t **);
-const __ops_key_t *__ops_getkeybyname(__ops_io_t *,
- const __ops_keyring_t *,
- const char *);
-const __ops_key_t *__ops_getnextkeybyname(__ops_io_t *,
- const __ops_keyring_t *,
- const char *,
- unsigned *);
-void __ops_keydata_free(__ops_key_t *);
-void __ops_keyring_free(__ops_keyring_t *);
-void __ops_dump_keyring(const __ops_keyring_t *);
-const __ops_pubkey_t *__ops_get_pubkey(const __ops_key_t *);
-unsigned __ops_is_key_secret(const __ops_key_t *);
-const __ops_seckey_t *__ops_get_seckey(const __ops_key_t *);
-__ops_seckey_t *__ops_get_writable_seckey(__ops_key_t *);
-__ops_seckey_t *__ops_decrypt_seckey(const __ops_key_t *, void *);
-
-unsigned __ops_keyring_fileread(__ops_keyring_t *, const unsigned,
- const char *);
-
-int __ops_keyring_list(__ops_io_t *, const __ops_keyring_t *, const int);
-int __ops_keyring_json(__ops_io_t *, const __ops_keyring_t *, mj_t *, const int);
-
-void __ops_set_seckey(__ops_contents_t *, const __ops_key_t *);
-void __ops_forget(void *, unsigned);
-
-const uint8_t *__ops_get_key_id(const __ops_key_t *);
-unsigned __ops_get_userid_count(const __ops_key_t *);
-const uint8_t *__ops_get_userid(const __ops_key_t *, unsigned);
-unsigned __ops_is_key_supported(const __ops_key_t *);
-
-uint8_t *__ops_add_userid(__ops_key_t *, const uint8_t *);
-__ops_subpacket_t *__ops_add_subpacket(__ops_key_t *,
- const __ops_subpacket_t *);
-
-unsigned __ops_add_selfsigned_userid(__ops_key_t *, uint8_t *);
-
-__ops_key_t *__ops_keydata_new(void);
-void __ops_keydata_init(__ops_key_t *, const __ops_content_enum);
-
-int __ops_parse_and_accumulate(__ops_keyring_t *, __ops_stream_t *);
-
-int __ops_sprint_keydata(__ops_io_t *, const __ops_keyring_t *,
- const __ops_key_t *, char **, const char *,
- const __ops_pubkey_t *, const int);
-int __ops_sprint_mj(__ops_io_t *, const __ops_keyring_t *,
- const __ops_key_t *, mj_t *, const char *,
- const __ops_pubkey_t *, const int);
-int __ops_hkp_sprint_keydata(__ops_io_t *, const __ops_keyring_t *,
- const __ops_key_t *, char **,
- const __ops_pubkey_t *, const int);
-void __ops_print_keydata(__ops_io_t *, const __ops_keyring_t *, const __ops_key_t *,
- const char *, const __ops_pubkey_t *, const int);
-void __ops_print_sig(__ops_io_t *, const __ops_key_t *, const char *,
- const __ops_pubkey_t *);
-void __ops_print_pubkey(const __ops_pubkey_t *);
-int __ops_sprint_pubkey(const __ops_key_t *, char *, size_t);
-
-int __ops_list_packets(__ops_io_t *,
- char *,
- unsigned,
- __ops_keyring_t *,
- __ops_keyring_t *,
- void *,
- __ops_cbfunc_t *);
-
-char *__ops_export_key(__ops_io_t *, const __ops_key_t *, uint8_t *);
-
-int __ops_add_to_pubring(__ops_keyring_t *, const __ops_pubkey_t *, __ops_content_enum tag);
-int __ops_add_to_secring(__ops_keyring_t *, const __ops_seckey_t *);
-
-int __ops_append_keyring(__ops_keyring_t *, __ops_keyring_t *);
-
-#endif /* KEYRING_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/memory.h b/enzevalos_iphone/netpgp/lib/memory.h
deleted file mode 100644
index 8429380b..00000000
--- a/enzevalos_iphone/netpgp/lib/memory.h
+++ /dev/null
@@ -1,87 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- */
-#ifndef MEMORY_H_
-#define MEMORY_H_
-
-#include <sys/types.h>
-
-#include "packet.h"
-
-/** __ops_memory_t
- */
-typedef struct __ops_memory_t {
- uint8_t *buf;
- size_t length;
- size_t allocated;
- unsigned mmapped;
-} __ops_memory_t;
-
-
-__ops_memory_t *__ops_memory_new(void);
-void __ops_memory_free(__ops_memory_t *);
-void __ops_memory_init(__ops_memory_t *, size_t);
-void __ops_memory_pad(__ops_memory_t *, size_t);
-void __ops_memory_add(__ops_memory_t *, const uint8_t *, size_t);
-void __ops_memory_place_int(__ops_memory_t *, unsigned, unsigned, size_t);
-void __ops_memory_make_packet(__ops_memory_t *, __ops_content_enum);
-void __ops_memory_clear(__ops_memory_t *);
-void __ops_memory_release(__ops_memory_t *);
-
-void __ops_writer_set_memory(__ops_output_t *, __ops_memory_t *);
-
-size_t __ops_mem_len(const __ops_memory_t *);
-void *__ops_mem_data(__ops_memory_t *);
-int __ops_mem_readfile(__ops_memory_t *, const char *);
-
-void __ops_random(void *, size_t);
-
-#endif /* MEMORY_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/misc.c b/enzevalos_iphone/netpgp/lib/misc.c
deleted file mode 100644
index 0b90c170..00000000
--- a/enzevalos_iphone/netpgp/lib/misc.c
+++ /dev/null
@@ -1,1353 +0,0 @@
-/*-
- * Copyright (c) 2009,2010 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-#if defined(__NetBSD__)
-__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: misc.c,v 1.37 2010/11/04 06:45:28 agc Exp $");
-#endif
-
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/mman.h>
-
-#include <stdarg.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_OPENSSL_RAND_H
-#include <openssl/rand.h>
-#endif
-
-#include "errors.h"
-#include "packet.h"
-#include "crypto.h"
-#include "create.h"
-#include "fastctype.h"
-#include "packet-parse.h"
-#include "packet-show.h"
-#include "signature.h"
-#include "netpgpsdk.h"
-#include "netpgpdefs.h"
-#include "memory.h"
-#include "readerwriter.h"
-#include "version.h"
-#include "netpgpdigest.h"
-
-#ifdef WIN32
-#define vsnprintf _vsnprintf
-#endif
-
-
-typedef struct {
- __ops_keyring_t *keyring;
-} accumulate_t;
-
-/**
- * \ingroup Core_Callbacks
- */
-static __ops_cb_ret_t
-accumulate_cb(const __ops_packet_t *pkt, __ops_cbdata_t *cbinfo)
-{
- const __ops_contents_t *content = &pkt->u;
- __ops_keyring_t *keyring;
- accumulate_t *accumulate;
-
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr, "accumulate callback: packet tag %u\n", pkt->tag);
- }
- accumulate = __ops_callback_arg(cbinfo);
- keyring = accumulate->keyring;
- switch (pkt->tag) {
- case OPS_PTAG_CT_PUBLIC_KEY:
- case OPS_PTAG_CT_PUBLIC_SUBKEY:
- __ops_add_to_pubring(keyring, &content->pubkey, pkt->tag);
- return OPS_KEEP_MEMORY;
- case OPS_PTAG_CT_SECRET_KEY:
- case OPS_PTAG_CT_ENCRYPTED_SECRET_KEY:
- __ops_add_to_secring(keyring, &content->seckey);
- return OPS_KEEP_MEMORY;
- case OPS_PTAG_CT_USER_ID:
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr, "User ID: %s for key %d\n",
- content->userid,
- keyring->keyc - 1);
- }
- if (keyring->keyc == 0) {
- OPS_ERROR(cbinfo->errors, OPS_E_P_NO_USERID, "No userid found");
- } else {
- __ops_add_userid(&keyring->keys[keyring->keyc - 1], content->userid);
- }
- return OPS_KEEP_MEMORY;
- case OPS_PARSER_PACKET_END:
- if (keyring->keyc > 0) {
- __ops_add_subpacket(&keyring->keys[keyring->keyc - 1],
- &content->packet);
- return OPS_KEEP_MEMORY;
- }
- return OPS_RELEASE_MEMORY;
- case OPS_PARSER_ERROR:
- (void) fprintf(stderr, "Error: %s\n", content->error);
- return OPS_FINISHED;
- case OPS_PARSER_ERRCODE:
- (void) fprintf(stderr, "parse error: %s\n",
- __ops_errcode(content->errcode.errcode));
- break;
- default:
- break;
- }
- /* XXX: we now exclude so many things, we should either drop this or */
- /* do something to pass on copies of the stuff we keep */
- return __ops_stacked_callback(pkt, cbinfo);
-}
-
-/**
- * \ingroup Core_Parse
- *
- * Parse packets from an input stream until EOF or error.
- *
- * Key data found in the parsed data is added to #keyring.
- *
- * \param keyring Pointer to an existing keyring
- * \param parse Options to use when parsing
-*/
-int
-__ops_parse_and_accumulate(__ops_keyring_t *keyring, __ops_stream_t *parse)
-{
- accumulate_t accumulate;
- const int printerrors = 1;
- int ret;
-
- if (parse->readinfo.accumulate) {
- (void) fprintf(stderr,
- "__ops_parse_and_accumulate: already init\n");
- return 0;
- }
-
- (void) memset(&accumulate, 0x0, sizeof(accumulate));
-
- accumulate.keyring = keyring;
-
- __ops_callback_push(parse, accumulate_cb, &accumulate);
- parse->readinfo.accumulate = 1;
- ret = __ops_parse(parse, !printerrors);
-
- return ret;
-}
-
-
-/** \file
- * \brief Error Handling
- */
-#define ERRNAME(code) { code, #code }
-
-static __ops_errcode_name_map_t errcode_name_map[] = {
- ERRNAME(OPS_E_OK),
- ERRNAME(OPS_E_FAIL),
- ERRNAME(OPS_E_SYSTEM_ERROR),
- ERRNAME(OPS_E_UNIMPLEMENTED),
-
- ERRNAME(OPS_E_R),
- ERRNAME(OPS_E_R_READ_FAILED),
- ERRNAME(OPS_E_R_EARLY_EOF),
- ERRNAME(OPS_E_R_BAD_FORMAT),
- ERRNAME(OPS_E_R_UNCONSUMED_DATA),
-
- ERRNAME(OPS_E_W),
- ERRNAME(OPS_E_W_WRITE_FAILED),
- ERRNAME(OPS_E_W_WRITE_TOO_SHORT),
-
- ERRNAME(OPS_E_P),
- ERRNAME(OPS_E_P_NOT_ENOUGH_DATA),
- ERRNAME(OPS_E_P_UNKNOWN_TAG),
- ERRNAME(OPS_E_P_PACKET_CONSUMED),
- ERRNAME(OPS_E_P_MPI_FORMAT_ERROR),
-
- ERRNAME(OPS_E_C),
-
- ERRNAME(OPS_E_V),
- ERRNAME(OPS_E_V_BAD_SIGNATURE),
- ERRNAME(OPS_E_V_NO_SIGNATURE),
- ERRNAME(OPS_E_V_UNKNOWN_SIGNER),
-
- ERRNAME(OPS_E_ALG),
- ERRNAME(OPS_E_ALG_UNSUPPORTED_SYMMETRIC_ALG),
- ERRNAME(OPS_E_ALG_UNSUPPORTED_PUBLIC_KEY_ALG),
- ERRNAME(OPS_E_ALG_UNSUPPORTED_SIGNATURE_ALG),
- ERRNAME(OPS_E_ALG_UNSUPPORTED_HASH_ALG),
-
- ERRNAME(OPS_E_PROTO),
- ERRNAME(OPS_E_PROTO_BAD_SYMMETRIC_DECRYPT),
- ERRNAME(OPS_E_PROTO_UNKNOWN_SS),
- ERRNAME(OPS_E_PROTO_CRITICAL_SS_IGNORED),
- ERRNAME(OPS_E_PROTO_BAD_PUBLIC_KEY_VRSN),
- ERRNAME(OPS_E_PROTO_BAD_SIGNATURE_VRSN),
- ERRNAME(OPS_E_PROTO_BAD_ONE_PASS_SIG_VRSN),
- ERRNAME(OPS_E_PROTO_BAD_PKSK_VRSN),
- ERRNAME(OPS_E_PROTO_DECRYPTED_MSG_WRONG_LEN),
- ERRNAME(OPS_E_PROTO_BAD_SK_CHECKSUM),
-
- {0x00, NULL}, /* this is the end-of-array marker */
-};
-
-/**
- * \ingroup Core_Errors
- * \brief returns error code name
- * \param errcode
- * \return error code name or "Unknown"
- */
-const char *
-__ops_errcode(const __ops_errcode_t errcode)
-{
- return (__ops_str_from_map((int) errcode,
- (__ops_map_t *) errcode_name_map));
-}
-
-/* generic grab new storage function */
-void *
-__ops_new(size_t size)
-{
- void *vp;
-
- if ((vp = calloc(1, size)) == NULL) {
- (void) fprintf(stderr,
- "allocation failure for %" PRIsize "u bytes", size);
- }
- return vp;
-}
-
-/**
- * \ingroup Core_Errors
- * \brief Pushes the given error on the given errorstack
- * \param errstack Error stack to use
- * \param errcode Code of error to push
- * \param sys_errno System errno (used if errcode=OPS_E_SYSTEM_ERROR)
- * \param file Source filename where error occurred
- * \param line Line in source file where error occurred
- * \param fmt Comment
- *
- */
-
-void
-__ops_push_error(__ops_error_t **errstack, __ops_errcode_t errcode,
- int sys_errno, const char *file, int line, const char *fmt,...)
-{
- /* first get the varargs and generate the comment */
- __ops_error_t *err;
- unsigned maxbuf = 128;
- va_list args;
- char *comment;
-
- if ((comment = calloc(1, maxbuf + 1)) == NULL) {
- (void) fprintf(stderr, "calloc comment failure\n");
- return;
- }
-
- va_start(args, fmt);
- vsnprintf(comment, maxbuf + 1, fmt, args);
- va_end(args);
-
- /* alloc a new error and add it to the top of the stack */
-
- if ((err = calloc(1, sizeof(*err))) == NULL) {
- (void) fprintf(stderr, "calloc comment failure\n");
- return;
- }
-
- err->next = *errstack;
- *errstack = err;
-
- /* fill in the details */
- err->errcode = errcode;
- err->sys_errno = sys_errno;
- err->file = file;
- err->line = line;
-
- err->comment = comment;
-}
-
-/**
-\ingroup Core_Errors
-\brief print this error
-\param err Error to print
-*/
-void
-__ops_print_error(__ops_error_t *err)
-{
- printf("%s:%d: ", err->file, err->line);
- if (err->errcode == OPS_E_SYSTEM_ERROR) {
- printf("system error %d returned from %s()\n", err->sys_errno,
- err->comment);
- } else {
- printf("%s, %s\n", __ops_errcode(err->errcode), err->comment);
- }
-}
-
-/**
-\ingroup Core_Errors
-\brief Print all errors on stack
-\param errstack Error stack to print
-*/
-void
-__ops_print_errors(__ops_error_t *errstack)
-{
- __ops_error_t *err;
-
- for (err = errstack; err != NULL; err = err->next) {
- __ops_print_error(err);
- }
-}
-
-/**
-\ingroup Core_Errors
-\brief Return 1 if given error is present anywhere on stack
-\param errstack Error stack to check
-\param errcode Error code to look for
-\return 1 if found; else 0
-*/
-int
-__ops_has_error(__ops_error_t *errstack, __ops_errcode_t errcode)
-{
- __ops_error_t *err;
-
- for (err = errstack; err != NULL; err = err->next) {
- if (err->errcode == errcode) {
- return 1;
- }
- }
- return 0;
-}
-
-/**
-\ingroup Core_Errors
-\brief Frees all errors on stack
-\param errstack Error stack to free
-*/
-void
-__ops_free_errors(__ops_error_t *errstack)
-{
- __ops_error_t *next;
-
- while (errstack != NULL) {
- next = errstack->next;
- free(errstack->comment);
- free(errstack);
- errstack = next;
- }
-}
-
-/* hash a 32-bit integer */
-static int
-hash_uint32(__ops_hash_t *hash, uint32_t n)
-{
- uint8_t ibuf[4];
-
- ibuf[0] = (uint8_t)(n >> 24) & 0xff;
- ibuf[1] = (uint8_t)(n >> 16) & 0xff;
- ibuf[2] = (uint8_t)(n >> 8) & 0xff;
- ibuf[3] = (uint8_t)n & 0xff;
- (*hash->add)(hash, (const uint8_t *)(void *)ibuf, (unsigned)sizeof(ibuf));
- return sizeof(ibuf);
-}
-
-/* hash a string - first length, then string itself */
-static int
-hash_string(__ops_hash_t *hash, const uint8_t *buf, uint32_t len)
-{
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "hash_string", buf, len);
- }
- hash_uint32(hash, len);
- (*hash->add)(hash, buf, len);
- return (int)(sizeof(len) + len);
-}
-
-/* hash a bignum, possibly padded - first length, then string itself */
-static int
-hash_bignum(__ops_hash_t *hash, BIGNUM *bignum)
-{
- uint8_t *bn;
- size_t len;
- int padbyte;
-
- if (BN_is_zero(bignum)) {
- hash_uint32(hash, 0);
- return sizeof(len);
- }
- if ((len = (size_t) BN_num_bytes(bignum)) < 1) {
- (void) fprintf(stderr, "hash_bignum: bad size\n");
- return 0;
- }
- if ((bn = calloc(1, len + 1)) == NULL) {
- (void) fprintf(stderr, "hash_bignum: bad bn alloc\n");
- return 0;
- }
- BN_bn2bin(bignum, bn + 1);
- bn[0] = 0x0;
- padbyte = (bn[1] & 0x80) ? 1 : 0;
- hash_string(hash, bn + 1 - padbyte, (unsigned)(len + padbyte));
- free(bn);
- return (int)(sizeof(len) + len + padbyte);
-}
-
-/** \file
- */
-
-/**
- * \ingroup Core_Keys
- * \brief Calculate a public key fingerprint.
- * \param fp Where to put the calculated fingerprint
- * \param key The key for which the fingerprint is calculated
- */
-int
-__ops_fingerprint(__ops_fingerprint_t *fp, const __ops_pubkey_t *key, __ops_hash_alg_t hashtype)
-{
- __ops_memory_t *mem;
- __ops_hash_t hash;
- const char *type;
- uint32_t len;
-
- mem = __ops_memory_new();
- if (key->version == 2 || key->version == 3) {
- if (key->alg != OPS_PKA_RSA &&
- key->alg != OPS_PKA_RSA_ENCRYPT_ONLY &&
- key->alg != OPS_PKA_RSA_SIGN_ONLY) {
- (void) fprintf(stderr,
- "__ops_fingerprint: bad algorithm\n");
- return 0;
- }
- __ops_hash_md5(&hash);
- if (!hash.init(&hash)) {
- (void) fprintf(stderr,
- "__ops_fingerprint: bad md5 alloc\n");
- return 0;
- }
- hash_bignum(&hash, key->key.rsa.n);
- hash_bignum(&hash, key->key.rsa.e);
- fp->length = hash.finish(&hash, fp->fingerprint);
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "v2/v3 fingerprint", fp->fingerprint, fp->length);
- }
- } else if (hashtype == OPS_HASH_MD5) {
- __ops_hash_md5(&hash);
- if (!hash.init(&hash)) {
- (void) fprintf(stderr,
- "__ops_fingerprint: bad md5 alloc\n");
- return 0;
- }
- type = (key->alg == OPS_PKA_RSA) ? "ssh-rsa" : "ssh-dss";
- hash_string(&hash, (const uint8_t *)(const void *)type, (unsigned)strlen(type));
- switch(key->alg) {
- case OPS_PKA_RSA:
- hash_bignum(&hash, key->key.rsa.e);
- hash_bignum(&hash, key->key.rsa.n);
- break;
- case OPS_PKA_DSA:
- hash_bignum(&hash, key->key.dsa.p);
- hash_bignum(&hash, key->key.dsa.q);
- hash_bignum(&hash, key->key.dsa.g);
- hash_bignum(&hash, key->key.dsa.y);
- break;
- default:
- break;
- }
- fp->length = hash.finish(&hash, fp->fingerprint);
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "md5 fingerprint", fp->fingerprint, fp->length);
- }
- } else {
- __ops_build_pubkey(mem, key, 0);
- __ops_hash_sha1(&hash);
- if (!hash.init(&hash)) {
- (void) fprintf(stderr,
- "__ops_fingerprint: bad sha1 alloc\n");
- return 0;
- }
- len = (unsigned)__ops_mem_len(mem);
- __ops_hash_add_int(&hash, 0x99, 1);
- __ops_hash_add_int(&hash, len, 2);
- hash.add(&hash, __ops_mem_data(mem), len);
- fp->length = hash.finish(&hash, fp->fingerprint);
- __ops_memory_free(mem);
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "sha1 fingerprint", fp->fingerprint, fp->length);
- }
- }
- return 1;
-}
-
-/**
- * \ingroup Core_Keys
- * \brief Calculate the Key ID from the public key.
- * \param keyid Space for the calculated ID to be stored
- * \param key The key for which the ID is calculated
- */
-
-int
-__ops_keyid(uint8_t *keyid, const size_t idlen, const __ops_pubkey_t *key, __ops_hash_alg_t hashtype)
-{
- __ops_fingerprint_t finger;
-
- if (key->version == 2 || key->version == 3) {
- unsigned n;
- uint8_t bn[NETPGP_BUFSIZ];
-
- n = (unsigned) BN_num_bytes(key->key.rsa.n);
- if (n > sizeof(bn)) {
- (void) fprintf(stderr, "__ops_keyid: bad num bytes\n");
- return 0;
- }
- if (key->alg != OPS_PKA_RSA &&
- key->alg != OPS_PKA_RSA_ENCRYPT_ONLY &&
- key->alg != OPS_PKA_RSA_SIGN_ONLY) {
- (void) fprintf(stderr, "__ops_keyid: bad algorithm\n");
- return 0;
- }
- BN_bn2bin(key->key.rsa.n, bn);
- (void) memcpy(keyid, bn + n - idlen, idlen);
- } else {
- __ops_fingerprint(&finger, key, hashtype);
- (void) memcpy(keyid,
- finger.fingerprint + finger.length - idlen,
- idlen);
- }
- return 1;
-}
-
-/**
-\ingroup Core_Hashes
-\brief Add to the hash
-\param hash Hash to add to
-\param n Int to add
-\param length Length of int in bytes
-*/
-void
-__ops_hash_add_int(__ops_hash_t *hash, unsigned n, unsigned length)
-{
- uint8_t c;
-
- while (length--) {
- c = n >> (length * 8);
- hash->add(hash, &c, 1);
- }
-}
-
-/**
-\ingroup Core_Hashes
-\brief Setup hash for given hash algorithm
-\param hash Hash to set up
-\param alg Hash algorithm to use
-*/
-void
-__ops_hash_any(__ops_hash_t *hash, __ops_hash_alg_t alg)
-{
- switch (alg) {
- case OPS_HASH_MD5:
- __ops_hash_md5(hash);
- break;
-
- case OPS_HASH_SHA1:
- __ops_hash_sha1(hash);
- break;
-
- case OPS_HASH_SHA256:
- __ops_hash_sha256(hash);
- break;
-
- case OPS_HASH_SHA384:
- __ops_hash_sha384(hash);
- break;
-
- case OPS_HASH_SHA512:
- __ops_hash_sha512(hash);
- break;
-
- case OPS_HASH_SHA224:
- __ops_hash_sha224(hash);
- break;
-
- default:
- (void) fprintf(stderr, "__ops_hash_any: bad algorithm\n");
- }
-}
-
-/**
-\ingroup Core_Hashes
-\brief Returns size of hash for given hash algorithm
-\param alg Hash algorithm to use
-\return Size of hash algorithm in bytes
-*/
-unsigned
-__ops_hash_size(__ops_hash_alg_t alg)
-{
- switch (alg) {
- case OPS_HASH_MD5:
- return 16;
-
- case OPS_HASH_SHA1:
- return 20;
-
- case OPS_HASH_SHA256:
- return 32;
-
- case OPS_HASH_SHA224:
- return 28;
-
- case OPS_HASH_SHA512:
- return 64;
-
- case OPS_HASH_SHA384:
- return 48;
-
- default:
- (void) fprintf(stderr, "__ops_hash_size: bad algorithm\n");
- }
-
- return 0;
-}
-
-/**
-\ingroup Core_Hashes
-\brief Returns hash enum corresponding to given string
-\param hash Text name of hash algorithm i.e. "SHA1"
-\returns Corresponding enum i.e. OPS_HASH_SHA1
-*/
-__ops_hash_alg_t
-__ops_str_to_hash_alg(const char *hash)
-{
- if (hash == NULL) {
- return OPS_DEFAULT_HASH_ALGORITHM;
- }
- if (netpgp_strcasecmp(hash, "SHA1") == 0) {
- return OPS_HASH_SHA1;
- }
- if (netpgp_strcasecmp(hash, "MD5") == 0) {
- return OPS_HASH_MD5;
- }
- if (netpgp_strcasecmp(hash, "SHA256") == 0) {
- return OPS_HASH_SHA256;
- }
- /*
- if (netpgp_strcasecmp(hash,"SHA224") == 0) {
- return OPS_HASH_SHA224;
- }
- */
- if (netpgp_strcasecmp(hash, "SHA512") == 0) {
- return OPS_HASH_SHA512;
- }
- if (netpgp_strcasecmp(hash, "SHA384") == 0) {
- return OPS_HASH_SHA384;
- }
- return OPS_HASH_UNKNOWN;
-}
-
-/**
-\ingroup Core_Hashes
-\brief Hash given data
-\param out Where to write the hash
-\param alg Hash algorithm to use
-\param in Data to hash
-\param length Length of data
-\return Size of hash created
-*/
-unsigned
-__ops_hash(uint8_t *out, __ops_hash_alg_t alg, const void *in, size_t length)
-{
- __ops_hash_t hash;
-
- __ops_hash_any(&hash, alg);
- if (!hash.init(&hash)) {
- (void) fprintf(stderr, "__ops_hash: bad alloc\n");
- /* we'll just continue here - don't want to return a 0 hash */
- /* XXX - agc - no way to return failure */
- }
- hash.add(&hash, in, (unsigned)length);
- return hash.finish(&hash, out);
-}
-
-/**
-\ingroup Core_Hashes
-\brief Calculate hash for MDC packet
-\param preamble Preamble to hash
-\param sz_preamble Size of preamble
-\param plaintext Plaintext to hash
-\param sz_plaintext Size of plaintext
-\param hashed Resulting hash
-*/
-void
-__ops_calc_mdc_hash(const uint8_t *preamble,
- const size_t sz_preamble,
- const uint8_t *plaintext,
- const unsigned sz_plaintext,
- uint8_t *hashed)
-{
- __ops_hash_t hash;
- uint8_t c;
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "preamble", preamble, sz_preamble);
- hexdump(stderr, "plaintext", plaintext, sz_plaintext);
- }
- /* init */
- __ops_hash_any(&hash, OPS_HASH_SHA1);
- if (!hash.init(&hash)) {
- (void) fprintf(stderr, "__ops_calc_mdc_hash: bad alloc\n");
- /* we'll just continue here - it will die anyway */
- /* agc - XXX - no way to return failure */
- }
-
- /* preamble */
- hash.add(&hash, preamble, (unsigned)sz_preamble);
- /* plaintext */
- hash.add(&hash, plaintext, sz_plaintext);
- /* MDC packet tag */
- c = MDC_PKT_TAG;
- hash.add(&hash, &c, 1);
- /* MDC packet len */
- c = OPS_SHA1_HASH_SIZE;
- hash.add(&hash, &c, 1);
-
- /* finish */
- hash.finish(&hash, hashed);
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "hashed", hashed, OPS_SHA1_HASH_SIZE);
- }
-}
-
-/**
-\ingroup HighLevel_Supported
-\brief Is this Hash Algorithm supported?
-\param hash_alg Hash Algorithm to check
-\return 1 if supported; else 0
-*/
-unsigned
-__ops_is_hash_alg_supported(const __ops_hash_alg_t *hash_alg)
-{
- switch (*hash_alg) {
- case OPS_HASH_MD5:
- case OPS_HASH_SHA1:
- case OPS_HASH_SHA256:
- return 1;
-
- default:
- return 0;
- }
-}
-
-/* structure to map string to cipher def */
-typedef struct str2cipher_t {
- const char *s; /* cipher name */
- __ops_symm_alg_t i; /* cipher def */
-} str2cipher_t;
-
-static str2cipher_t str2cipher[] = {
- { "cast5", OPS_SA_CAST5 },
- { "idea", OPS_SA_IDEA },
- { "aes128", OPS_SA_AES_128 },
- { "aes256", OPS_SA_AES_256 },
- { "camellia128", OPS_SA_CAMELLIA_128 },
- { "camellia256", OPS_SA_CAMELLIA_256 },
- { "tripledes", OPS_SA_TRIPLEDES },
- { NULL, 0 }
-};
-
-/* convert from a string to a cipher definition */
-__ops_symm_alg_t
-__ops_str_to_cipher(const char *cipher)
-{
- str2cipher_t *sp;
-
- for (sp = str2cipher ; cipher && sp->s ; sp++) {
- if (netpgp_strcasecmp(cipher, sp->s) == 0) {
- return sp->i;
- }
- }
- return OPS_SA_DEFAULT_CIPHER;
-}
-
-void
-__ops_random(void *dest, size_t length)
-{
- RAND_bytes(dest, (int)length);
-}
-
-/**
-\ingroup HighLevel_Memory
-\brief Memory to initialise
-\param mem memory to initialise
-\param needed Size to initialise to
-*/
-void
-__ops_memory_init(__ops_memory_t *mem, size_t needed)
-{
- uint8_t *temp;
-
- mem->length = 0;
- if (mem->buf) {
- if (mem->allocated < needed) {
- if ((temp = realloc(mem->buf, needed)) == NULL) {
- (void) fprintf(stderr, "__ops_memory_init: bad alloc\n");
- } else {
- mem->buf = temp;
- mem->allocated = needed;
- }
- }
- } else {
- if ((mem->buf = calloc(1, needed)) == NULL) {
- (void) fprintf(stderr, "__ops_memory_init: bad alloc\n");
- } else {
- mem->allocated = needed;
- }
- }
-}
-
-/**
-\ingroup HighLevel_Memory
-\brief Pad memory to required length
-\param mem Memory to use
-\param length New size
-*/
-void
-__ops_memory_pad(__ops_memory_t *mem, size_t length)
-{
- uint8_t *temp;
-
- if (mem->allocated < mem->length) {
- (void) fprintf(stderr, "__ops_memory_pad: bad alloc in\n");
- return;
- }
- if (mem->allocated < mem->length + length) {
- mem->allocated = mem->allocated * 2 + length;
- temp = realloc(mem->buf, mem->allocated);
- if (temp == NULL) {
- (void) fprintf(stderr, "__ops_memory_pad: bad alloc\n");
- } else {
- mem->buf = temp;
- }
- }
- if (mem->allocated < mem->length + length) {
- (void) fprintf(stderr, "__ops_memory_pad: bad alloc out\n");
- }
-}
-
-/**
-\ingroup HighLevel_Memory
-\brief Add data to memory
-\param mem Memory to which to add
-\param src Data to add
-\param length Length of data to add
-*/
-void
-__ops_memory_add(__ops_memory_t *mem, const uint8_t *src, size_t length)
-{
- __ops_memory_pad(mem, length);
- (void) memcpy(mem->buf + mem->length, src, length);
- mem->length += length;
-}
-
-/* XXX: this could be refactored via the writer, but an awful lot of */
-/* hoops to jump through for 2 lines of code! */
-void
-__ops_memory_place_int(__ops_memory_t *mem, unsigned offset, unsigned n,
- size_t length)
-{
- if (mem->allocated < offset + length) {
- (void) fprintf(stderr,
- "__ops_memory_place_int: bad alloc\n");
- } else {
- while (length-- > 0) {
- mem->buf[offset++] = n >> (length * 8);
- }
- }
-}
-
-/**
- * \ingroup HighLevel_Memory
- * \brief Retains allocated memory and set length of stored data to zero.
- * \param mem Memory to clear
- * \sa __ops_memory_release()
- * \sa __ops_memory_free()
- */
-void
-__ops_memory_clear(__ops_memory_t *mem)
-{
- mem->length = 0;
-}
-
-/**
-\ingroup HighLevel_Memory
-\brief Free memory and associated data
-\param mem Memory to free
-\note This does not free mem itself
-\sa __ops_memory_clear()
-\sa __ops_memory_free()
-*/
-void
-__ops_memory_release(__ops_memory_t *mem)
-{
- if (mem->mmapped) {
- (void) munmap(mem->buf, mem->length);
- } else {
- free(mem->buf);
- }
- mem->buf = NULL;
- mem->length = 0;
-}
-
-void
-__ops_memory_make_packet(__ops_memory_t *out, __ops_content_enum tag)
-{
- size_t extra;
-
- extra = (out->length < 192) ? 1 : (out->length < 8192 + 192) ? 2 : 5;
- __ops_memory_pad(out, extra + 1);
- memmove(out->buf + extra + 1, out->buf, out->length);
-
- out->buf[0] = OPS_PTAG_ALWAYS_SET | OPS_PTAG_NEW_FORMAT | tag;
-
- if (out->length < 192) {
- out->buf[1] = (uint8_t)out->length;
- } else if (out->length < 8192 + 192) {
- out->buf[1] = (uint8_t)((out->length - 192) >> 8) + 192;
- out->buf[2] = (uint8_t)(out->length - 192);
- } else {
- out->buf[1] = 0xff;
- out->buf[2] = (uint8_t)(out->length >> 24);
- out->buf[3] = (uint8_t)(out->length >> 16);
- out->buf[4] = (uint8_t)(out->length >> 8);
- out->buf[5] = (uint8_t)(out->length);
- }
-
- out->length += extra + 1;
-}
-
-/**
- \ingroup HighLevel_Memory
- \brief Create a new zeroed __ops_memory_t
- \return Pointer to new __ops_memory_t
- \note Free using __ops_memory_free() after use.
- \sa __ops_memory_free()
-*/
-
-__ops_memory_t *
-__ops_memory_new(void)
-{
- return calloc(1, sizeof(__ops_memory_t));
-}
-
-/**
- \ingroup HighLevel_Memory
- \brief Free memory ptr and associated memory
- \param mem Memory to be freed
- \sa __ops_memory_release()
- \sa __ops_memory_clear()
-*/
-
-void
-__ops_memory_free(__ops_memory_t *mem)
-{
- __ops_memory_release(mem);
- free(mem);
-}
-
-/**
- \ingroup HighLevel_Memory
- \brief Get length of data stored in __ops_memory_t struct
- \return Number of bytes in data
-*/
-size_t
-__ops_mem_len(const __ops_memory_t *mem)
-{
- return mem->length;
-}
-
-/**
- \ingroup HighLevel_Memory
- \brief Get data stored in __ops_memory_t struct
- \return Pointer to data
-*/
-void *
-__ops_mem_data(__ops_memory_t *mem)
-{
- return mem->buf;
-}
-
-/* read a gile into an __ops_memory_t */
-int
-__ops_mem_readfile(__ops_memory_t *mem, const char *f)
-{
- struct stat st;
- FILE *fp;
- int cc;
-
- if ((fp = fopen(f, "rb")) == NULL) {
- (void) fprintf(stderr,
- "__ops_mem_readfile: can't open \"%s\"\n", f);
- return 0;
- }
- (void) fstat(fileno(fp), &st);
- mem->allocated = (size_t)st.st_size;
- mem->buf = mmap(NULL, mem->allocated, PROT_READ,
- MAP_PRIVATE | MAP_FILE, fileno(fp), 0);
- if (mem->buf == MAP_FAILED) {
- /* mmap failed for some reason - try to allocate memory */
- if ((mem->buf = calloc(1, mem->allocated)) == NULL) {
- (void) fprintf(stderr, "__ops_mem_readfile: calloc\n");
- (void) fclose(fp);
- return 0;
- }
- /* read into contents of mem */
- for (mem->length = 0 ;
- (cc = (int)read(fileno(fp), &mem->buf[mem->length],
- (size_t)(mem->allocated - mem->length))) > 0 ;
- mem->length += (size_t)cc) {
- }
- } else {
- mem->length = mem->allocated;
- mem->mmapped = 1;
- }
- (void) fclose(fp);
- return (mem->allocated == mem->length);
-}
-
-typedef struct {
- uint16_t sum;
-} sum16_t;
-
-
-/**
- * Searches the given map for the given type.
- * Returns a human-readable descriptive string if found,
- * returns NULL if not found
- *
- * It is the responsibility of the calling function to handle the
- * error case sensibly (i.e. don't just print out the return string.
- *
- */
-static const char *
-str_from_map_or_null(int type, __ops_map_t *map)
-{
- __ops_map_t *row;
-
- for (row = map; row->string != NULL; row++) {
- if (row->type == type) {
- return row->string;
- }
- }
- return NULL;
-}
-
-/**
- * \ingroup Core_Print
- *
- * Searches the given map for the given type.
- * Returns a readable string if found, "Unknown" if not.
- */
-
-const char *
-__ops_str_from_map(int type, __ops_map_t *map)
-{
- const char *str;
-
- str = str_from_map_or_null(type, map);
- return (str) ? str : "Unknown";
-}
-
-#define LINELEN 16
-
-/* show hexadecimal/ascii dump */
-void
-hexdump(FILE *fp, const char *header, const uint8_t *src, size_t length)
-{
- size_t i;
- char line[LINELEN + 1];
-
- (void) fprintf(fp, "%s%s", (header) ? header : "", (header) ? "\n" : "");
- (void) fprintf(fp, "[%" PRIsize "u char%s]\n", length, (length == 1) ? "" : "s");
- for (i = 0 ; i < length ; i++) {
- if (i % LINELEN == 0) {
- (void) fprintf(fp, "%.5" PRIsize "u | ", i);
- }
- (void) fprintf(fp, "%.02x ", (uint8_t)src[i]);
- line[i % LINELEN] = (isprint(src[i])) ? src[i] : '.';
- if (i % LINELEN == LINELEN - 1) {
- line[LINELEN] = 0x0;
- (void) fprintf(fp, " | %s\n", line);
- }
- }
- if (i % LINELEN != 0) {
- for ( ; i % LINELEN != 0 ; i++) {
- (void) fprintf(fp, " ");
- line[i % LINELEN] = ' ';
- }
- line[LINELEN] = 0x0;
- (void) fprintf(fp, " | %s\n", line);
- }
-}
-
-/**
- * \ingroup HighLevel_Functions
- * \brief Closes down OpenPGP::SDK.
- *
- * Close down OpenPGP:SDK, release any resources under the control of
- * the library.
- */
-
-void
-__ops_finish(void)
-{
- __ops_crypto_finish();
-}
-
-static int
-sum16_reader(void *dest_, size_t length, __ops_error_t **errors,
- __ops_reader_t *readinfo, __ops_cbdata_t *cbinfo)
-{
- const uint8_t *dest = dest_;
- sum16_t *arg = __ops_reader_get_arg(readinfo);
- int r;
- int n;
-
- r = __ops_stacked_read(dest_, length, errors, readinfo, cbinfo);
- if (r < 0) {
- return r;
- }
- for (n = 0; n < r; ++n) {
- arg->sum = (arg->sum + dest[n]) & 0xffff;
- }
- return r;
-}
-
-static void
-sum16_destroyer(__ops_reader_t *readinfo)
-{
- free(__ops_reader_get_arg(readinfo));
-}
-
-/**
- \ingroup Internal_Readers_Sum16
- \param stream Parse settings
-*/
-
-void
-__ops_reader_push_sum16(__ops_stream_t *stream)
-{
- sum16_t *arg;
-
- if ((arg = calloc(1, sizeof(*arg))) == NULL) {
- (void) fprintf(stderr, "__ops_reader_push_sum16: bad alloc\n");
- } else {
- __ops_reader_push(stream, sum16_reader, sum16_destroyer, arg);
- }
-}
-
-/**
- \ingroup Internal_Readers_Sum16
- \param stream Parse settings
- \return sum
-*/
-uint16_t
-__ops_reader_pop_sum16(__ops_stream_t *stream)
-{
- uint16_t sum;
- sum16_t *arg;
-
- arg = __ops_reader_get_arg(__ops_readinfo(stream));
- sum = arg->sum;
- __ops_reader_pop(stream);
- free(arg);
- return sum;
-}
-
-/* small useful functions for setting the file-level debugging levels */
-/* if the debugv list contains the filename in question, we're debugging it */
-
-enum {
- MAX_DEBUG_NAMES = 32
-};
-
-static int debugc;
-static char *debugv[MAX_DEBUG_NAMES];
-
-/* set the debugging level per filename */
-int
-__ops_set_debug_level(const char *f)
-{
- const char *name;
- int i;
-
- if (f == NULL) {
- f = "all";
- }
- if ((name = strrchr(f, '/')) == NULL) {
- name = f;
- } else {
- name += 1;
- }
- for (i = 0; i < debugc && i < MAX_DEBUG_NAMES; i++) {
- if (strcmp(debugv[i], name) == 0) {
- return 1;
- }
- }
- if (i == MAX_DEBUG_NAMES) {
- return 0;
- }
- debugv[debugc++] = netpgp_strdup(name);
- return 1;
-}
-
-/* get the debugging level per filename */
-int
-__ops_get_debug_level(const char *f)
-{
- const char *name;
- int i;
-
- if ((name = strrchr(f, '/')) == NULL) {
- name = f;
- } else {
- name += 1;
- }
- for (i = 0; i < debugc; i++) {
- if (strcmp(debugv[i], "all") == 0 ||
- strcmp(debugv[i], name) == 0) {
- return 1;
- }
- }
- return 0;
-}
-
-/* return the version for the library */
-const char *
-__ops_get_info(const char *type)
-{
- if (strcmp(type, "version") == 0) {
- return NETPGP_VERSION_STRING;
- }
- if (strcmp(type, "maintainer") == 0) {
- return NETPGP_MAINTAINER;
- }
- return "[unknown]";
-}
-
-/* local version of asprintf so we don't have to play autoconf games */
-int
-__ops_asprintf(char **ret, const char *fmt, ...)
-{
- va_list args;
- char buf[120 * 1024]; /* XXX - "huge" buffer on stack */
- int cc;
-
- va_start(args, fmt);
- cc = vsnprintf(buf, sizeof(buf), fmt, args);
- va_end(args);
- if ((*ret = calloc(1, (size_t)(cc + 1))) == NULL) {
- *ret = NULL;
- return -1;
- }
- (void) memcpy(*ret, buf, (size_t)cc);
- (*ret)[cc] = 0x0;
- return cc;
-}
-
-void
-netpgp_log(const char *fmt, ...)
-{
- va_list vp;
- time_t t;
- char buf[BUFSIZ * 2];
- int cc;
-
- (void) time(&t);
- cc = snprintf(buf, sizeof(buf), "%.24s: netpgp: ", ctime(&t));
- va_start(vp, fmt);
- (void) vsnprintf(&buf[cc], sizeof(buf) - (size_t)cc, fmt, vp);
- va_end(vp);
- /* do something with message */
- /* put into log buffer? */
-}
-
-/* portable replacement for strdup(3) */
-char *
-netpgp_strdup(const char *s)
-{
- size_t len;
- char *cp;
-
- len = strlen(s);
- if ((cp = calloc(1, len + 1)) != NULL) {
- (void) memcpy(cp, s, len);
- cp[len] = 0x0;
- }
- return cp;
-}
-
-/* portable replacement for strcasecmp(3) */
-int
-netpgp_strcasecmp(const char *s1, const char *s2)
-{
- int n;
-
- for (n = 0 ; *s1 && *s2 && (n = tolower(*s1) - tolower(*s2)) == 0 ; s1++, s2++) {
- }
- return n;
-}
diff --git a/enzevalos_iphone/netpgp/lib/mj.c b/enzevalos_iphone/netpgp/lib/mj.c
deleted file mode 100644
index 9679678b..00000000
--- a/enzevalos_iphone/netpgp/lib/mj.c
+++ /dev/null
@@ -1,575 +0,0 @@
-/*-
- * Copyright (c) 2010 Alistair Crooks <agc@NetBSD.org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-#include <sys/types.h>
-
-#include <inttypes.h>
-#include <regex.h>
-#include <stdarg.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <unistd.h>
-
-#include "mj.h"
-#include "defs.h"
-
-/* save 'n' chars of 's' in malloc'd memory */
-static char *
-strnsave(const char *s, int n, unsigned esc)
-{
- char *newc;
- char *cp;
- int i;
-
- if (n < 0) {
- n = (int)strlen(s);
- }
- NEWARRAY(char, cp, (n * 2) + 1, "strnsave", return NULL);
- if (esc) {
- newc = cp;
- for (i = 0 ; i < n ; i++) {
- if (*s == '\\') {
- *newc++ = *s++;
- } else if (*s == '"') {
- *newc++ = '\\';
- }
- *newc++ = *s++;
- }
- *newc = 0x0;
- } else {
- (void) memcpy(cp, s, (unsigned)n);
- cp[n] = 0x0;
- }
- return cp;
-}
-
-/* look in an object for the item */
-static int
-findentry(mj_t *atom, const char *name, const unsigned from, const unsigned incr)
-{
- unsigned i;
-
- for (i = from ; i < atom->c ; i += incr) {
- if (strcmp(name, atom->value.v[i].value.s) == 0) {
- return i;
- }
- }
- return -1;
-}
-
-/* create a real number */
-static void
-create_number(mj_t *atom, double d)
-{
- char number[128];
-
- atom->type = MJ_NUMBER;
- atom->c = snprintf(number, sizeof(number), "%g", d);
- atom->value.s = strnsave(number, (int)atom->c, 0);
-}
-
-/* create an integer */
-static void
-create_integer(mj_t *atom, int64_t i)
-{
- char number[128];
-
- atom->type = MJ_NUMBER;
- atom->c = snprintf(number, sizeof(number), "%" PRIi64, i);
- atom->value.s = strnsave(number, (int)atom->c, 0);
-}
-
-/* create a string */
-static void
-create_string(mj_t *atom, const char *s)
-{
- atom->type = MJ_STRING;
- atom->value.s = strnsave(s, -1, 1);
- atom->c = (unsigned)strlen(atom->value.s);
-}
-
-#define MJ_OPEN_BRACKET (MJ_OBJECT + 1) /* 8 */
-#define MJ_CLOSE_BRACKET (MJ_OPEN_BRACKET + 1) /* 9 */
-#define MJ_OPEN_BRACE (MJ_CLOSE_BRACKET + 1) /* 10 */
-#define MJ_CLOSE_BRACE (MJ_OPEN_BRACE + 1) /* 11 */
-#define MJ_COLON (MJ_CLOSE_BRACE + 1) /* 12 */
-#define MJ_COMMA (MJ_COLON + 1) /* 13 */
-
-/* return the token type, and start and finish locations in string */
-static int
-gettok(const char *s, int *from, int *to, int *tok)
-{
- static regex_t tokregex;
- regmatch_t matches[15];
- static int compiled;
-
- if (!compiled) {
- compiled = 1;
- (void) regcomp(&tokregex,
- "[ \t\r\n]*(([+-]?[0-9]{1,21}(\\.[0-9]*)?([eE][-+][0-9]+)?)|"
- "(\"([^\"]|\\\\.)*\")|(null)|(false)|(true)|([][{}:,]))",
- REG_EXTENDED);
- }
- if (regexec(&tokregex, &s[*from = *to], 15, matches, 0) != 0) {
- return *tok = -1;
- }
- *to = *from + (int)(matches[1].rm_eo);
- *tok = (matches[2].rm_so >= 0) ? MJ_NUMBER :
- (matches[5].rm_so >= 0) ? MJ_STRING :
- (matches[7].rm_so >= 0) ? MJ_NULL :
- (matches[8].rm_so >= 0) ? MJ_FALSE :
- (matches[9].rm_so >= 0) ? MJ_TRUE :
- (matches[10].rm_so < 0) ? -1 :
- (s[*from + (int)(matches[10].rm_so)] == '[') ? MJ_OPEN_BRACKET :
- (s[*from + (int)(matches[10].rm_so)] == ']') ? MJ_CLOSE_BRACKET :
- (s[*from + (int)(matches[10].rm_so)] == '{') ? MJ_OPEN_BRACE :
- (s[*from + (int)(matches[10].rm_so)] == '}') ? MJ_CLOSE_BRACE :
- (s[*from + (int)(matches[10].rm_so)] == ':') ? MJ_COLON :
- MJ_COMMA;
- *from += (int)(matches[1].rm_so);
- return *tok;
-}
-
-/* minor function used to indent a JSON field */
-static void
-indent(FILE *fp, unsigned depth, const char *trailer)
-{
- unsigned i;
-
- for (i = 0 ; i < depth ; i++) {
- (void) fprintf(fp, " ");
- }
- if (trailer) {
- (void) fprintf(fp, "%s", trailer);
- }
-}
-
-/***************************************************************************/
-
-/* return the number of entries in the array */
-int
-mj_arraycount(mj_t *atom)
-{
- return atom->c;
-}
-
-/* create a new JSON node */
-int
-mj_create(mj_t *atom, const char *type, ...)
-{
- va_list args;
-
- if (strcmp(type, "false") == 0) {
- atom->type = MJ_FALSE;
- atom->c = 0;
- } else if (strcmp(type, "true") == 0) {
- atom->type = MJ_TRUE;
- atom->c = 1;
- } else if (strcmp(type, "null") == 0) {
- atom->type = MJ_NULL;
- } else if (strcmp(type, "number") == 0) {
- va_start(args, type);
- create_number(atom, (double)va_arg(args, double));
- va_end(args);
- } else if (strcmp(type, "integer") == 0) {
- va_start(args, type);
- create_integer(atom, (int64_t)va_arg(args, int64_t));
- va_end(args);
- } else if (strcmp(type, "string") == 0) {
- va_start(args, type);
- create_string(atom, (char *)va_arg(args, char *));
- va_end(args);
- } else if (strcmp(type, "array") == 0) {
- atom->type = MJ_ARRAY;
- } else if (strcmp(type, "object") == 0) {
- atom->type = MJ_OBJECT;
- } else {
- (void) fprintf(stderr, "weird type '%s'\n", type);
- return 0;
- }
- return 1;
-}
-
-/* put a JSON tree into a text string */
-int
-mj_snprint(char *buf, size_t size, mj_t *atom)
-{
- unsigned i;
- int cc;
-
- switch(atom->type) {
- case MJ_NULL:
- return snprintf(buf, size, "null");
- case MJ_FALSE:
- return snprintf(buf, size, "false");
- case MJ_TRUE:
- return snprintf(buf, size, "true");
- case MJ_NUMBER:
- return snprintf(buf, size, "%s", atom->value.s);
- case MJ_STRING:
- return snprintf(buf, size, "\"%s\"", atom->value.s);
- case MJ_ARRAY:
- cc = snprintf(buf, size, "[ ");
- for (i = 0 ; i < atom->c ; i++) {
- cc += mj_snprint(&buf[cc], size - cc, &atom->value.v[i]);
- if (i < atom->c - 1) {
- cc += snprintf(&buf[cc], size - cc, ", ");
- }
- }
- return cc + snprintf(&buf[cc], size - cc, "]\n");
- case MJ_OBJECT:
- cc = snprintf(buf, size, "{ ");
- for (i = 0 ; i < atom->c ; i += 2) {
- cc += mj_snprint(&buf[cc], size - cc, &atom->value.v[i]);
- cc += snprintf(&buf[cc], size - cc, ":");
- cc += mj_snprint(&buf[cc], size - cc, &atom->value.v[i + 1]);
- if (i + 1 < atom->c - 1) {
- cc += snprintf(&buf[cc], size - cc, ", ");
- }
- }
- return cc + snprintf(&buf[cc], size - cc, "}\n");
- default:
- (void) fprintf(stderr, "mj_snprint: weird type %d\n", atom->type);
- return 0;
- }
-}
-
-/* allocate and print the atom */
-int
-mj_asprint(char **buf, mj_t *atom)
-{
- int size;
-
- size = mj_string_size(atom);
- if ((*buf = calloc(1, (unsigned)(size + 1))) == NULL) {
- return -1;
- }
- (void) mj_snprint(*buf, (unsigned)(size + 1), atom);
- return size + 1;
-}
-
-/* read into a JSON tree from a string */
-int
-mj_parse(mj_t *atom, const char *s, int *from, int *to, int *tok)
-{
- int i;
-
- switch(atom->type = *tok = gettok(s, from, to, tok)) {
- case MJ_NUMBER:
- atom->value.s = strnsave(&s[*from], *to - *from, 1);
- atom->c = atom->size = (unsigned)strlen(atom->value.s);
- return gettok(s, from, to, tok);
- case MJ_STRING:
- atom->value.s = strnsave(&s[*from + 1], *to - *from - 2, 1);
- atom->c = atom->size = (unsigned)strlen(atom->value.s);
- return gettok(s, from, to, tok);
- case MJ_NULL:
- case MJ_FALSE:
- case MJ_TRUE:
- atom->c = (unsigned)*to;
- return gettok(s, from, to, tok);
- case MJ_OPEN_BRACKET:
- mj_create(atom, "array");
- ALLOC(mj_t, atom->value.v, atom->size, atom->c, 10, 10, "mj_parse()", return 0);
- while (mj_parse(&atom->value.v[atom->c++], s, from, to, tok) >= 0 && *tok != MJ_CLOSE_BRACKET) {
- if (*tok != MJ_COMMA) {
- (void) fprintf(stderr, "1. expected comma (got %d) at '%s'\n", *tok, &s[*from]);
- break;
- }
- ALLOC(mj_t, atom->value.v, atom->size, atom->c, 10, 10, "mj_parse()", return 0);
- }
- return gettok(s, from, to, tok);
- case MJ_OPEN_BRACE:
- mj_create(atom, "object");
- ALLOC(mj_t, atom->value.v, atom->size, atom->c, 10, 10, "mj_parse()", return 0);
- for (i = 0 ; mj_parse(&atom->value.v[atom->c++], s, from, to, tok) >= 0 && *tok != MJ_CLOSE_BRACE ; i++) {
- if (((i % 2) == 0 && *tok != MJ_COLON) || ((i % 2) == 1 && *tok != MJ_COMMA)) {
- (void) fprintf(stderr, "2. expected comma (got %d) at '%s'\n", *tok, &s[*from]);
- break;
- }
- ALLOC(mj_t, atom->value.v, atom->size, atom->c, 10, 10, "mj_parse()", return 0);
- }
- return gettok(s, from, to, tok);
- default:
- return *tok;
- }
-}
-
-/* return the index of the item which corresponds to the name in the array */
-int
-mj_object_find(mj_t *atom, const char *name, const unsigned from, const unsigned incr)
-{
- return findentry(atom, name, from, incr);
-}
-
-/* find an atom in a composite mj JSON node */
-mj_t *
-mj_get_atom(mj_t *atom, ...)
-{
- unsigned i;
- va_list args;
- char *name;
- int n;
-
- switch(atom->type) {
- case MJ_ARRAY:
- va_start(args, atom);
- i = va_arg(args, int);
- va_end(args);
- return (i < atom->c) ? &atom->value.v[i] : NULL;
- case MJ_OBJECT:
- va_start(args, atom);
- name = va_arg(args, char *);
- va_end(args);
- return ((n = findentry(atom, name, 0, 2)) >= 0) ? &atom->value.v[n + 1] : NULL;
- default:
- return NULL;
- }
-}
-
-/* perform a deep copy on an mj JSON atom */
-int
-mj_deepcopy(mj_t *dst, mj_t *src)
-{
- unsigned i;
-
- switch(src->type) {
- case MJ_FALSE:
- case MJ_TRUE:
- case MJ_NULL:
- (void) memcpy(dst, src, sizeof(*dst));
- return 1;
- case MJ_STRING:
- case MJ_NUMBER:
- (void) memcpy(dst, src, sizeof(*dst));
- dst->value.s = strnsave(src->value.s, -1, 0);
- dst->c = dst->size = (unsigned)strlen(dst->value.s);
- return 1;
- case MJ_ARRAY:
- case MJ_OBJECT:
- (void) memcpy(dst, src, sizeof(*dst));
- NEWARRAY(mj_t, dst->value.v, dst->size, "mj_deepcopy()", return 0);
- for (i = 0 ; i < src->c ; i++) {
- if (!mj_deepcopy(&dst->value.v[i], &src->value.v[i])) {
- return 0;
- }
- }
- return 1;
- default:
- (void) fprintf(stderr, "weird type '%d'\n", src->type);
- return 0;
- }
-}
-
-/* do a deep delete on the object */
-void
-mj_delete(mj_t *atom)
-{
- unsigned i;
-
- switch(atom->type) {
- case MJ_STRING:
- case MJ_NUMBER:
- free(atom->value.s);
- break;
- case MJ_ARRAY:
- case MJ_OBJECT:
- for (i = 0 ; i < atom->c ; i++) {
- mj_delete(&atom->value.v[i]);
- }
- break;
- default:
- break;
- }
-}
-
-/* return the string size needed for the textual output of the JSON node */
-int
-mj_string_size(mj_t *atom)
-{
- unsigned i;
- int cc;
-
- switch(atom->type) {
- case MJ_NULL:
- case MJ_TRUE:
- return 4;
- case MJ_FALSE:
- return 5;
- case MJ_NUMBER:
- return atom->c;
- case MJ_STRING:
- return atom->c + 2;
- case MJ_ARRAY:
- for (cc = 2, i = 0 ; i < atom->c ; i++) {
- cc += mj_string_size(&atom->value.v[i]);
- if (i < atom->c - 1) {
- cc += 2;
- }
- }
- return cc + 1 + 1;
- case MJ_OBJECT:
- for (cc = 2, i = 0 ; i < atom->c ; i += 2) {
- cc += mj_string_size(&atom->value.v[i]) + 1 + mj_string_size(&atom->value.v[i + 1]);
- if (i + 1 < atom->c - 1) {
- cc += 2;
- }
- }
- return cc + 1 + 1;
- default:
- (void) fprintf(stderr, "mj_string_size: weird type %d\n", atom->type);
- return 0;
- }
-}
-
-/* create a new atom, and append it to the array or object */
-int
-mj_append(mj_t *atom, const char *type, ...)
-{
- va_list args;
-
- if (atom->type != MJ_ARRAY && atom->type != MJ_OBJECT) {
- return 0;
- }
- ALLOC(mj_t, atom->value.v, atom->size, atom->c, 10, 10, "mj_append()", return 0);
- va_start(args, type);
- if (strcmp(type, "string") == 0) {
- create_string(&atom->value.v[atom->c++], (char *)va_arg(args, char *));
- } else if (strcmp(type, "integer") == 0) {
- create_integer(&atom->value.v[atom->c++], (int64_t)va_arg(args, int64_t));
- } else if (strcmp(type, "object") == 0 || strcmp(type, "array") == 0) {
- mj_deepcopy(&atom->value.v[atom->c++], (mj_t *)va_arg(args, mj_t *));
- } else {
- (void) fprintf(stderr, "mj_append: weird type '%s'\n", type);
- }
- va_end(args);
- return 1;
-}
-
-/* append a field to an object */
-int
-mj_append_field(mj_t *atom, const char *name, const char *type, ...)
-{
- va_list args;
-
- if (atom->type != MJ_OBJECT) {
- return 0;
- }
- mj_append(atom, "string", name);
- ALLOC(mj_t, atom->value.v, atom->size, atom->c, 10, 10, "mj_append_field()", return 0);
- va_start(args, type);
- if (strcmp(type, "string") == 0) {
- create_string(&atom->value.v[atom->c++], (char *)va_arg(args, char *));
- } else if (strcmp(type, "integer") == 0) {
- create_integer(&atom->value.v[atom->c++], (int64_t)va_arg(args, int64_t));
- } else if (strcmp(type, "object") == 0 || strcmp(type, "array") == 0) {
- mj_deepcopy(&atom->value.v[atom->c++], (mj_t *)va_arg(args, mj_t *));
- } else {
- (void) fprintf(stderr, "mj_append_field: weird type '%s'\n", type);
- }
- va_end(args);
- return 1;
-}
-
-/* make sure a JSON object is politically correct */
-int
-mj_lint(mj_t *obj)
-{
- unsigned i;
- int ret;
-
- switch(obj->type) {
- case MJ_NULL:
- case MJ_FALSE:
- case MJ_TRUE:
- if (obj->value.s != NULL) {
- (void) fprintf(stderr, "null/false/true: non zero string\n");
- return 0;
- }
- return 1;
- case MJ_NUMBER:
- case MJ_STRING:
- if (obj->c > obj->size) {
- (void) fprintf(stderr, "string/number lint c (%u) > size (%u)\n", obj->c, obj->size);
- return 0;
- }
- return 1;
- case MJ_ARRAY:
- case MJ_OBJECT:
- if (obj->c > obj->size) {
- (void) fprintf(stderr, "array/object lint c (%u) > size (%u)\n", obj->c, obj->size);
- return 0;
- }
- for (ret = 1, i = 0 ; i < obj->c ; i++) {
- if (!mj_lint(&obj->value.v[i])) {
- (void) fprintf(stderr, "array/object lint found at %d of %p\n", i, obj);
- ret = 0;
- }
- }
- return ret;
- default:
- (void) fprintf(stderr, "problem type %d in %p\n", obj->type, obj);
- return 0;
- }
-}
-
-/* pretty-print a JSON struct - can be called recursively */
-int
-mj_pretty(mj_t *mj, void *vp, unsigned depth, const char *trailer)
-{
- unsigned i;
- FILE *fp;
-
- fp = (FILE *)vp;
- switch(mj->type) {
- case MJ_NUMBER:
- case MJ_TRUE:
- case MJ_FALSE:
- case MJ_NULL:
- indent(fp, depth, mj->value.s);
- break;
- case MJ_STRING:
- indent(fp, depth, NULL);
- (void) fprintf(fp, "\"%s\"", mj->value.s);
- break;
- case MJ_ARRAY:
- indent(fp, depth, "[\n");
- for (i = 0 ; i < mj->c ; i++) {
- mj_pretty(&mj->value.v[i], fp, depth + 1, (i < mj->c - 1) ? ",\n" : "\n");
- }
- indent(fp, depth, "]");
- break;
- case MJ_OBJECT:
- indent(fp, depth, "{\n");
- for (i = 0 ; i < mj->c ; i += 2) {
- mj_pretty(&mj->value.v[i], fp, depth + 1, " : ");
- mj_pretty(&mj->value.v[i + 1], fp, 0, (i < mj->c - 2) ? ",\n" : "\n");
- }
- indent(fp, depth, "}");
- break;
- }
- indent(fp, 0, trailer);
- return 1;
-}
diff --git a/enzevalos_iphone/netpgp/lib/mj.h b/enzevalos_iphone/netpgp/lib/mj.h
deleted file mode 100644
index 422236c6..00000000
--- a/enzevalos_iphone/netpgp/lib/mj.h
+++ /dev/null
@@ -1,69 +0,0 @@
-/*-
- * Copyright (c) 2010 Alistair Crooks <agc@NetBSD.org>
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
- * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-#ifndef MJ_H_
-#define MJ_H_ 20100718
-
-enum {
- MJ_NULL = 1,
- MJ_FALSE = 2,
- MJ_TRUE = 3,
- MJ_NUMBER = 4,
- MJ_STRING = 5,
- MJ_ARRAY = 6,
- MJ_OBJECT = 7
-};
-
-/* a minimalist JSON node */
-typedef struct mj_t {
- unsigned type; /* type of JSON node */
- unsigned c; /* # of chars */
- unsigned size; /* size of array */
- union {
- struct mj_t *v; /* sub-objects */
- char *s; /* string value */
- } value;
-} mj_t;
-
-/* creation and deletion */
-int mj_create(mj_t *, const char *, ...);
-int mj_parse(mj_t *, const char *, int *, int *, int *);
-int mj_append(mj_t *, const char *, ...);
-int mj_append_field(mj_t *, const char *, const char *, ...);
-int mj_deepcopy(mj_t *, mj_t *);
-void mj_delete(mj_t *);
-
-/* JSON object access */
-int mj_arraycount(mj_t *);
-int mj_object_find(mj_t *, const char *, const unsigned, const unsigned);
-mj_t *mj_get_atom(mj_t *, ...);
-int mj_lint(mj_t *);
-
-/* textual output */
-int mj_snprint(char *, size_t, mj_t *);
-int mj_asprint(char **, mj_t *);
-int mj_string_size(mj_t *);
-int mj_pretty(mj_t *, void *, unsigned, const char *);
-
-#endif
diff --git a/enzevalos_iphone/netpgp/lib/netpgp.c b/enzevalos_iphone/netpgp/lib/netpgp.c
deleted file mode 100644
index 9115b838..00000000
--- a/enzevalos_iphone/netpgp/lib/netpgp.c
+++ /dev/null
@@ -1,1972 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-#if defined(__NetBSD__)
-__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: netpgp.c,v 1.80 2010/11/04 15:38:45 agc Exp $");
-#endif
-
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/param.h>
-#include <sys/mman.h>
-
-#ifdef HAVE_SYS_RESOURCE_H
-#include <sys/resource.h>
-#endif
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#include <errno.h>
-#include <regex.h>
-#include <stdarg.h>
-#include <stdlib.h>
-#include <string.h>
-#include <time.h>
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#include <errno.h>
-
-#ifdef HAVE_LIMITS_H
-#include <limits.h>
-#endif
-
-#include "netpgp.h"
-
-#include "packet.h"
-#include "packet-parse.h"
-#include "keyring.h"
-#include "errors.h"
-#include "packet-show.h"
-#include "create.h"
-#include "netpgpsdk.h"
-#include "memory.h"
-#include "validate.h"
-#include "readerwriter.h"
-#include "netpgpdefs.h"
-#include "crypto.h"
-#include "ops-ssh.h"
-#include "defs.h"
-
-/* read any gpg config file */
-static int
-conffile(netpgp_t *netpgp, char *homedir, char *userid, size_t length)
-{
- regmatch_t matchv[10];
- regex_t keyre;
- char buf[BUFSIZ];
- FILE *fp;
-
- __OPS_USED(netpgp);
- (void) snprintf(buf, sizeof(buf), "%s/gpg.conf", homedir);
- if ((fp = fopen(buf, "r")) == NULL) {
- return 0;
- }
- (void) memset(&keyre, 0x0, sizeof(keyre));
- (void) regcomp(&keyre, "^[ \t]*default-key[ \t]+([0-9a-zA-F]+)",
- REG_EXTENDED);
- while (fgets(buf, (int)sizeof(buf), fp) != NULL) {
- if (regexec(&keyre, buf, 10, matchv, 0) == 0) {
- (void) memcpy(userid, &buf[(int)matchv[1].rm_so],
- MIN((unsigned)(matchv[1].rm_eo -
- matchv[1].rm_so), length));
- if (netpgp->passfp == NULL) {
- (void) fprintf(stderr,
- "netpgp: default key set to \"%.*s\"\n",
- (int)(matchv[1].rm_eo - matchv[1].rm_so),
- &buf[(int)matchv[1].rm_so]);
- }
- }
- }
- (void) fclose(fp);
- regfree(&keyre);
- return 1;
-}
-
-/* small function to pretty print an 8-character raw userid */
-static char *
-userid_to_id(const uint8_t *userid, char *id)
-{
- static const char *hexes = "0123456789abcdef";
- int i;
-
- for (i = 0; i < 8 ; i++) {
- id[i * 2] = hexes[(unsigned)(userid[i] & 0xf0) >> 4];
- id[(i * 2) + 1] = hexes[userid[i] & 0xf];
- }
- id[8 * 2] = 0x0;
- return id;
-}
-
-/* print out the successful signature information */
-static void
-resultp(__ops_io_t *io,
- const char *f,
- __ops_validation_t *res,
- __ops_keyring_t *ring)
-{
- const __ops_key_t *key;
- __ops_pubkey_t *sigkey;
- unsigned from;
- unsigned i;
- time_t t;
- char id[MAX_ID_LENGTH + 1];
-
- for (i = 0; i < res->validc; i++) {
- (void) fprintf(io->res,
- "Good signature for %s made %s",
- (f) ? f : "<stdin>",
- ctime(&res->valid_sigs[i].birthtime));
- if (res->duration > 0) {
- t = res->birthtime + res->duration;
- (void) fprintf(io->res, "Valid until %s", ctime(&t));
- }
- (void) fprintf(io->res,
- "using %s key %s\n",
- __ops_show_pka(res->valid_sigs[i].key_alg),
- userid_to_id(res->valid_sigs[i].signer_id, id));
- from = 0;
- key = __ops_getkeybyid(io, ring,
- (const uint8_t *) res->valid_sigs[i].signer_id,
- &from, &sigkey);
- if (sigkey == &key->enckey) {
- (void) fprintf(io->res,
- "WARNING: signature for %s made with encryption key\n",
- (f) ? f : "<stdin>");
- }
- __ops_print_keydata(io, ring, key, "signature ", &key->key.pubkey, 0);
- }
-}
-
-/* check there's enough space in the arrays */
-static int
-size_arrays(netpgp_t *netpgp, unsigned needed)
-{
- char **temp;
-
- if (netpgp->size == 0) {
- /* only get here first time around */
- netpgp->size = needed;
- if ((netpgp->name = calloc(sizeof(char *), needed)) == NULL) {
- (void) fprintf(stderr, "size_arrays: bad alloc\n");
- return 0;
- }
- if ((netpgp->value = calloc(sizeof(char *), needed)) == NULL) {
- free(netpgp->name);
- (void) fprintf(stderr, "size_arrays: bad alloc\n");
- return 0;
- }
- } else if (netpgp->c == netpgp->size) {
- /* only uses 'needed' when filled array */
- netpgp->size += needed;
- temp = realloc(netpgp->name, sizeof(char *) * needed);
- if (temp == NULL) {
- (void) fprintf(stderr, "size_arrays: bad alloc\n");
- return 0;
- }
- netpgp->name = temp;
- temp = realloc(netpgp->value, sizeof(char *) * needed);
- if (temp == NULL) {
- (void) fprintf(stderr, "size_arrays: bad alloc\n");
- return 0;
- }
- netpgp->value = temp;
- }
- return 1;
-}
-
-/* find the name in the array */
-static int
-findvar(netpgp_t *netpgp, const char *name)
-{
- unsigned i;
-
- for (i = 0 ; i < netpgp->c && strcmp(netpgp->name[i], name) != 0; i++) {
- }
- return (i == netpgp->c) ? -1 : (int)i;
-}
-
-/* read a keyring and return it */
-static void *
-readkeyring(netpgp_t *netpgp, const char *name)
-{
- __ops_keyring_t *keyring;
- const unsigned noarmor = 0;
- char f[MAXPATHLEN];
- char *filename;
- char *homedir;
-
- homedir = netpgp_getvar(netpgp, "homedir");
- if ((filename = netpgp_getvar(netpgp, name)) == NULL) {
- (void) snprintf(f, sizeof(f), "%s/%s.gpg", homedir, name);
- filename = f;
- }
- if ((keyring = calloc(1, sizeof(*keyring))) == NULL) {
- (void) fprintf(stderr, "readkeyring: bad alloc\n");
- return NULL;
- }
- if (!__ops_keyring_fileread(keyring, noarmor, filename)) {
- free(keyring);
- (void) fprintf(stderr, "Can't read %s %s\n", name, filename);
- return NULL;
- }
- netpgp_setvar(netpgp, name, filename);
- return keyring;
-}
-
-/* read keys from ssh key files */
-static int
-readsshkeys(netpgp_t *netpgp, char *homedir, const char *needseckey)
-{
- __ops_keyring_t *pubring;
- __ops_keyring_t *secring;
- struct stat st;
- unsigned hashtype;
- char *hash;
- char f[MAXPATHLEN];
- char *filename;
-
- if ((filename = netpgp_getvar(netpgp, "sshkeyfile")) == NULL) {
- /* set reasonable default for RSA key */
- (void) snprintf(f, sizeof(f), "%s/id_rsa.pub", homedir);
- filename = f;
- } else if (strcmp(&filename[strlen(filename) - 4], ".pub") != 0) {
- /* got ssh keys, check for pub file name */
- (void) snprintf(f, sizeof(f), "%s.pub", filename);
- filename = f;
- }
- /* check the pub file exists */
- if (stat(filename, &st) != 0) {
- (void) fprintf(stderr, "readsshkeys: bad pubkey filename '%s'\n", filename);
- return 0;
- }
- if ((pubring = calloc(1, sizeof(*pubring))) == NULL) {
- (void) fprintf(stderr, "readsshkeys: bad alloc\n");
- return 0;
- }
- /* openssh2 keys use md5 by default */
- hashtype = OPS_HASH_MD5;
- if ((hash = netpgp_getvar(netpgp, "hash")) != NULL) {
- /* openssh 2 hasn't really caught up to anything else yet */
- if (netpgp_strcasecmp(hash, "md5") == 0) {
- hashtype = OPS_HASH_MD5;
- } else if (netpgp_strcasecmp(hash, "sha1") == 0) {
- hashtype = OPS_HASH_SHA1;
- } else if (netpgp_strcasecmp(hash, "sha256") == 0) {
- hashtype = OPS_HASH_SHA256;
- }
- }
- if (!__ops_ssh2_readkeys(netpgp->io, pubring, NULL, filename, NULL, hashtype)) {
- free(pubring);
- (void) fprintf(stderr, "readsshkeys: can't read %s\n",
- filename);
- return 0;
- }
- if (netpgp->pubring == NULL) {
- netpgp->pubring = pubring;
- } else {
- __ops_append_keyring(netpgp->pubring, pubring);
- }
- if (needseckey) {
- netpgp_setvar(netpgp, "sshpubfile", filename);
- /* try to take the ".pub" off the end */
- if (filename == f) {
- f[strlen(f) - 4] = 0x0;
- } else {
- (void) snprintf(f, sizeof(f), "%.*s",
- (int)strlen(filename) - 4, filename);
- filename = f;
- }
- if ((secring = calloc(1, sizeof(*secring))) == NULL) {
- (void) fprintf(stderr, "readsshkeys: bad alloc\n");
- return 0;
- }
- if (!__ops_ssh2_readkeys(netpgp->io, pubring, secring, NULL, filename, hashtype)) {
- (void) fprintf(stderr, "readsshkeys: can't read sec %s\n", filename);
- return 0;
- }
- netpgp->secring = secring;
- netpgp_setvar(netpgp, "sshsecfile", filename);
- }
- return 1;
-}
-
-/* set ssh uid to first one in pubring */
-static void
-set_first_pubring(__ops_keyring_t *pubring, char *id, size_t len, int last)
-{
- uint8_t *src;
- int i;
- int n;
-
- (void) memset(id, 0x0, len);
- src = pubring->keys[(last) ? pubring->keyc - 1 : 0].sigid;
- for (i = 0, n = 0 ; i < OPS_KEY_ID_SIZE ; i += 2) {
- n += snprintf(&id[n], len - n, "%02x%02x", src[i], src[i + 1]);
- }
- id[n] = 0x0;
-}
-
-/* find the time - in a specific %Y-%m-%d format - using a regexp */
-static int
-grabdate(char *s, int64_t *t)
-{
- static regex_t r;
- static int compiled;
- regmatch_t matches[10];
- struct tm tm;
-
- if (!compiled) {
- compiled = 1;
- (void) regcomp(&r, "([0-9][0-9][0-9][0-9])[-/]([0-9][0-9])[-/]([0-9][0-9])", REG_EXTENDED);
- }
- if (regexec(&r, s, 10, matches, 0) == 0) {
- (void) memset(&tm, 0x0, sizeof(tm));
- tm.tm_year = (int)strtol(&s[(int)matches[1].rm_so], NULL, 10);
- tm.tm_mon = (int)strtol(&s[(int)matches[2].rm_so], NULL, 10) - 1;
- tm.tm_mday = (int)strtol(&s[(int)matches[3].rm_so], NULL, 10);
- *t = mktime(&tm);
- return 1;
- }
- return 0;
-}
-
-/* get expiration in seconds */
-static uint64_t
-get_duration(char *s)
-{
- uint64_t now;
- int64_t t;
- char *mult;
-
- if (s == NULL) {
- return 0;
- }
- now = (uint64_t)strtoull(s, NULL, 10);
- if ((mult = strchr("hdwmy", s[strlen(s) - 1])) != NULL) {
- switch(*mult) {
- case 'h':
- return now * 60 * 60;
- case 'd':
- return now * 60 * 60 * 24;
- case 'w':
- return now * 60 * 60 * 24 * 7;
- case 'm':
- return now * 60 * 60 * 24 * 31;
- case 'y':
- return now * 60 * 60 * 24 * 365;
- }
- }
- if (grabdate(s, &t)) {
- return t;
- }
- return (uint64_t)strtoll(s, NULL, 10);
-}
-
-/* get birthtime in seconds */
-static int64_t
-get_birthtime(char *s)
-{
- int64_t t;
-
- if (s == NULL) {
- return time(NULL);
- }
- if (grabdate(s, &t)) {
- return t;
- }
- return (uint64_t)strtoll(s, NULL, 10);
-}
-
-/* resolve the userid */
-static const __ops_key_t *
-resolve_userid(netpgp_t *netpgp, const __ops_keyring_t *keyring, const char *userid)
-{
- const __ops_key_t *key;
- __ops_io_t *io;
-
- if (userid == NULL) {
- userid = netpgp_getvar(netpgp, "userid");
- if (userid == NULL)
- return NULL;
- } else if (userid[0] == '0' && userid[1] == 'x') {
- userid += 2;
- }
- io = netpgp->io;
- if ((key = __ops_getkeybyname(io, keyring, userid)) == NULL) {
- (void) fprintf(io->errs, "Can't find key '%s'\n", userid);
- }
- return key;
-}
-
-/* append a key to a keyring */
-static int
-appendkey(__ops_io_t *io, __ops_key_t *key, char *ringfile)
-{
- __ops_output_t *create;
- const unsigned noarmor = 0;
- int fd;
-
- if ((fd = __ops_setup_file_append(&create, ringfile)) < 0) {
- fd = __ops_setup_file_write(&create, ringfile, 0);
- }
- if (fd < 0) {
- (void) fprintf(io->errs, "can't open pubring '%s'\n", ringfile);
- return 0;
- }
- if (!__ops_write_xfer_pubkey(create, key, noarmor)) {
- (void) fprintf(io->errs, "Cannot write pubkey\n");
- return 0;
- }
- __ops_teardown_file_write(create, fd);
- return 1;
-}
-
-/* return 1 if the file contains ascii-armoured text */
-static unsigned
-isarmoured(__ops_io_t *io, const char *f, const void *memory, const char *text)
-{
- unsigned armoured;
- FILE *fp;
- char buf[BUFSIZ];
-
- armoured = 0;
- if (f) {
- if ((fp = fopen(f, "r")) == NULL) {
- (void) fprintf(io->errs, "isarmoured: can't open '%s'\n", f);
- return 0;
- }
- if (fgets(buf, (int)sizeof(buf), fp) != NULL) {
- armoured = (strncmp(buf, text, strlen(text)) == 0);
- }
- (void) fclose(fp);
- } else {
- armoured = (strncmp(memory, text, strlen(text)) == 0);
- }
- return armoured;
-}
-
-/* vararg print function */
-static void
-p(FILE *fp, const char *s, ...)
-{
- va_list args;
-
- va_start(args, s);
- while (s != NULL) {
- (void) fprintf(fp, "%s", s);
- s = va_arg(args, char *);
- }
- va_end(args);
-}
-
-/* print a JSON object to the FILE stream */
-static void
-pobj(FILE *fp, mj_t *obj, int depth)
-{
- unsigned i;
-
- if (obj == NULL) {
- (void) fprintf(stderr, "No object found\n");
- return;
- }
- for (i = 0 ; i < (unsigned)depth ; i++) {
- p(fp, " ", NULL);
- }
- switch(obj->type) {
- case MJ_NULL:
- case MJ_FALSE:
- case MJ_TRUE:
- p(fp, (obj->type == MJ_NULL) ? "null" : (obj->type == MJ_FALSE) ? "false" : "true", NULL);
- break;
- case MJ_NUMBER:
- p(fp, obj->value.s, NULL);
- break;
- case MJ_STRING:
- (void) fprintf(fp, "%.*s", (int)(obj->c), obj->value.s);
- break;
- case MJ_ARRAY:
- for (i = 0 ; i < obj->c ; i++) {
- pobj(fp, &obj->value.v[i], depth + 1);
- if (i < obj->c - 1) {
- (void) fprintf(fp, ", ");
- }
- }
- (void) fprintf(fp, "\n");
- break;
- case MJ_OBJECT:
- for (i = 0 ; i < obj->c ; i += 2) {
- pobj(fp, &obj->value.v[i], depth + 1);
- p(fp, ": ", NULL);
- pobj(fp, &obj->value.v[i + 1], 0);
- if (i < obj->c - 1) {
- p(fp, ", ", NULL);
- }
- }
- p(fp, "\n", NULL);
- break;
- default:
- break;
- }
-}
-
-/* return the time as a string */
-static char *
-ptimestr(char *dest, size_t size, time_t t)
-{
- struct tm *tm;
-
- tm = gmtime(&t);
- (void) snprintf(dest, size, "%04d-%02d-%02d",
- tm->tm_year + 1900,
- tm->tm_mon + 1,
- tm->tm_mday);
- return dest;
-}
-
-/* format a JSON object */
-static void
-format_json_key(FILE *fp, mj_t *obj, const int psigs)
-{
- int64_t birthtime;
- int64_t duration;
- time_t now;
- char tbuf[32];
- char *s;
- mj_t *sub;
- int i;
-
- if (__ops_get_debug_level(__FILE__)) {
- mj_asprint(&s, obj);
- (void) fprintf(stderr, "formatobj: json is '%s'\n", s);
- free(s);
- }
- if (obj->c == 2 && obj->value.v[1].type == MJ_STRING &&
- strcmp(obj->value.v[1].value.s, "[REVOKED]") == 0) {
- /* whole key has been rovoked - just return */
- return;
- }
- pobj(fp, &obj->value.v[mj_object_find(obj, "header", 0, 2) + 1], 0);
- p(fp, " ", NULL);
- pobj(fp, &obj->value.v[mj_object_find(obj, "key bits", 0, 2) + 1], 0);
- p(fp, "/", NULL);
- pobj(fp, &obj->value.v[mj_object_find(obj, "pka", 0, 2) + 1], 0);
- p(fp, " ", NULL);
- pobj(fp, &obj->value.v[mj_object_find(obj, "key id", 0, 2) + 1], 0);
- birthtime = strtoll(obj->value.v[mj_object_find(obj, "birthtime", 0, 2) + 1].value.s, NULL, 10);
- p(fp, " ", ptimestr(tbuf, sizeof(tbuf), birthtime), NULL);
- duration = strtoll(obj->value.v[mj_object_find(obj, "duration", 0, 2) + 1].value.s, NULL, 10);
- if (duration > 0) {
- now = time(NULL);
- p(fp, " ", (birthtime + duration < now) ? "[EXPIRED " : "[EXPIRES ",
- ptimestr(tbuf, sizeof(tbuf), birthtime + duration), "]", NULL);
- }
- p(fp, "\n", "Key fingerprint: ", NULL);
- pobj(fp, &obj->value.v[mj_object_find(obj, "fingerprint", 0, 2) + 1], 0);
- p(fp, "\n", NULL);
- /* go to field after \"duration\" */
- for (i = mj_object_find(obj, "duration", 0, 2) + 2; i < mj_arraycount(obj) ; i += 2) {
- if (strcmp(obj->value.v[i].value.s, "uid") == 0) {
- sub = &obj->value.v[i + 1];
- p(fp, "uid", NULL);
- pobj(fp, &sub->value.v[0], (psigs) ? 4 : 14); /* human name */
- pobj(fp, &sub->value.v[1], 1); /* any revocation */
- p(fp, "\n", NULL);
- } else if (strcmp(obj->value.v[i].value.s, "encryption") == 0) {
- sub = &obj->value.v[i + 1];
- p(fp, "encryption", NULL);
- pobj(fp, &sub->value.v[0], 1); /* size */
- p(fp, "/", NULL);
- pobj(fp, &sub->value.v[1], 0); /* alg */
- p(fp, " ", NULL);
- pobj(fp, &sub->value.v[2], 0); /* id */
- p(fp, " ", ptimestr(tbuf, sizeof(tbuf), strtoll(sub->value.v[3].value.s, NULL, 10)),
- "\n", NULL);
- } else if (strcmp(obj->value.v[i].value.s, "sig") == 0) {
- sub = &obj->value.v[i + 1];
- p(fp, "sig", NULL);
- pobj(fp, &sub->value.v[0], 8); /* size */
- p(fp, " ", ptimestr(tbuf, sizeof(tbuf), strtoll(sub->value.v[1].value.s, NULL, 10)),
- " ", NULL); /* time */
- pobj(fp, &sub->value.v[2], 0); /* human name */
- p(fp, "\n", NULL);
- } else {
- fprintf(stderr, "weird '%s'\n", obj->value.v[i].value.s);
- pobj(fp, &obj->value.v[i], 0); /* human name */
- }
- }
- p(fp, "\n", NULL);
-}
-
-/* save a pgp pubkey to a temp file */
-static int
-savepubkey(char *res, char *f, size_t size)
-{
- size_t len;
- int cc;
- int wc;
- int fd;
-
- (void) snprintf(f, size, "/tmp/pgp2ssh.XXXXXXX");
- if ((fd = mkstemp(f)) < 0) {
- (void) fprintf(stderr, "can't create temp file '%s'\n", f);
- return 0;
- }
- len = strlen(res);
- for (cc = 0 ; (wc = (int)MIN(write(fd, &res[cc], len - cc),INT_MAX)) > 0 ; cc += wc) {
- }
- (void) close(fd);
- return 1;
-}
-
-/* format a uint32_t */
-static int
-formatu32(uint8_t *buffer, uint32_t value)
-{
- buffer[0] = (uint8_t)(value >> 24) & 0xff;
- buffer[1] = (uint8_t)(value >> 16) & 0xff;
- buffer[2] = (uint8_t)(value >> 8) & 0xff;
- buffer[3] = (uint8_t)value & 0xff;
- return sizeof(uint32_t);
-}
-
-/* format a string as (len, string) */
-static int
-formatstring(char *buffer, const uint8_t *s, size_t len)
-{
- int cc;
-
- cc = formatu32((uint8_t *)buffer, (int)MIN(len,INT_MAX));
- (void) memcpy(&buffer[cc], s, len);
- return cc + (int)MIN(len,INT_MAX);
-}
-
-/* format a bignum, checking for "interesting" high bit values */
-static int
-formatbignum(char *buffer, BIGNUM *bn)
-{
- size_t len;
- uint8_t *cp;
- int cc;
-
- len = (size_t) BN_num_bytes(bn);
- if ((cp = calloc(1, len + 1)) == NULL) {
- (void) fprintf(stderr, "calloc failure in formatbignum\n");
- return 0;
- }
- (void) BN_bn2bin(bn, cp + 1);
- cp[0] = 0x0;
- cc = (cp[1] & 0x80) ? formatstring(buffer, cp, len + 1) : formatstring(buffer, &cp[1], len);
- free(cp);
- return cc;
-}
-
-/***************************************************************************/
-/* exported functions start here */
-/***************************************************************************/
-
-/* initialise a netpgp_t structure */
-int
-netpgp_init(netpgp_t *netpgp)
-{
- __ops_io_t *io;
- char id[MAX_ID_LENGTH];
- char *homedir;
- char *userid;
- char *stream;
- char *passfd;
- char *results;
- int coredumps;
- int last;
-
-#ifdef HAVE_SYS_RESOURCE_H
- struct rlimit limit;
-
- coredumps = netpgp_getvar(netpgp, "coredumps") != NULL;
- if (!coredumps) {
- (void) memset(&limit, 0x0, sizeof(limit));
- if (setrlimit(RLIMIT_CORE, &limit) != 0) {
- (void) fprintf(stderr,
- "netpgp: warning - can't turn off core dumps\n");
- coredumps = 1;
- }
- }
-#else
- coredumps = 1;
-#endif
- if ((io = calloc(1, sizeof(*io))) == NULL) {
- (void) fprintf(stderr, "netpgp_init: bad alloc\n");
- return 0;
- }
- io->outs = stdout;
- if ((stream = netpgp_getvar(netpgp, "outs")) != NULL &&
- strcmp(stream, "<stderr>") == 0) {
- io->outs = stderr;
- }
- io->errs = stderr;
- if ((stream = netpgp_getvar(netpgp, "errs")) != NULL &&
- strcmp(stream, "<stdout>") == 0) {
- io->errs = stdout;
- }
- if ((results = netpgp_getvar(netpgp, "res")) == NULL) {
- io->res = io->errs;
- } else if (strcmp(results, "<stdout>") == 0) {
- io->res = stdout;
- } else if (strcmp(results, "<stderr>") == 0) {
- io->res = stderr;
- } else {
- if ((io->res = fopen(results, "w")) == NULL) {
- (void) fprintf(io->errs, "Can't open results %s for writing\n",
- results);
- free(io);
- return 0;
- }
- }
- netpgp->io = io;
- if ((passfd = netpgp_getvar(netpgp, "pass-fd")) != NULL &&
- (netpgp->passfp = fdopen(atoi(passfd), "r")) == NULL) {
- (void) fprintf(io->errs, "Can't open fd %s for reading\n",
- passfd);
- return 0;
- }
- if (coredumps) {
- (void) fprintf(io->errs,
- "netpgp: warning: core dumps enabled\n");
- }
- if ((homedir = netpgp_getvar(netpgp, "homedir")) == NULL) {
- (void) fprintf(io->errs, "netpgp: bad homedir\n");
- return 0;
- }
- /* read from either gpg files or ssh keys */
- if (netpgp_getvar(netpgp, "ssh keys") == NULL) {
- if ((userid = netpgp_getvar(netpgp, "userid")) == NULL) {
- (void) memset(id, 0x0, sizeof(id));
- (void) conffile(netpgp, homedir, id, sizeof(id));
- if (id[0] != 0x0) {
- netpgp_setvar(netpgp, "userid", userid = id);
- }
- }
- if (userid == NULL) {
- if (netpgp_getvar(netpgp, "need userid") != NULL) {
- (void) fprintf(io->errs,
- "Cannot find user id\n");
- return 0;
- }
- } else {
- (void) netpgp_setvar(netpgp, "userid", userid);
- }
- netpgp->pubring = readkeyring(netpgp, "pubring");
- if (netpgp->pubring == NULL) {
- (void) fprintf(io->errs, "Can't read pub keyring\n");
- return 0;
- }
- netpgp->secring = readkeyring(netpgp, "secring");
- if (netpgp->secring == NULL) {
- (void) fprintf(io->errs, "Can't read sec keyring\n");
- return 0;
- }
- } else {
- last = (netpgp->pubring != NULL);
- if (!readsshkeys(netpgp, homedir, netpgp_getvar(netpgp, "need seckey"))) {
- (void) fprintf(io->errs, "Can't read ssh keys\n");
- return 0;
- }
- if ((userid = netpgp_getvar(netpgp, "userid")) == NULL) {
- set_first_pubring(netpgp->pubring, id, sizeof(id), last);
- netpgp_setvar(netpgp, "userid", userid = id);
- }
- if (userid == NULL) {
- if (netpgp_getvar(netpgp, "need userid") != NULL) {
- (void) fprintf(io->errs,
- "Cannot find user id\n");
- return 0;
- }
- } else {
- (void) netpgp_setvar(netpgp, "userid", userid);
- }
- }
- return 1;
-}
-
-/* finish off with the netpgp_t struct */
-int
-netpgp_end(netpgp_t *netpgp)
-{
- unsigned i;
-
- for (i = 0 ; i < netpgp->c ; i++) {
- if (netpgp->name[i] != NULL) {
- free(netpgp->name[i]);
- }
- if (netpgp->value[i] != NULL) {
- free(netpgp->value[i]);
- }
- }
- if (netpgp->name != NULL) {
- free(netpgp->name);
- }
- if (netpgp->value != NULL) {
- free(netpgp->value);
- }
- if (netpgp->pubring != NULL) {
- __ops_keyring_free(netpgp->pubring);
- }
- if (netpgp->secring != NULL) {
- __ops_keyring_free(netpgp->secring);
- }
- free(netpgp->io);
- return 1;
-}
-
-/* list the keys in a keyring */
-int
-netpgp_list_keys(netpgp_t *netpgp, const int psigs)
-{
- if (netpgp->pubring == NULL) {
- (void) fprintf(stderr, "No keyring\n");
- return 0;
- }
- return __ops_keyring_list(netpgp->io, netpgp->pubring, psigs);
-}
-
-/* list the keys in a keyring, returning a JSON string */
-int
-netpgp_list_keys_json(netpgp_t *netpgp, char **json, const int psigs)
-{
- mj_t obj;
- int ret;
-
- if (netpgp->pubring == NULL) {
- (void) fprintf(stderr, "No keyring\n");
- return 0;
- }
- (void) memset(&obj, 0x0, sizeof(obj));
- if (!__ops_keyring_json(netpgp->io, netpgp->pubring, &obj, psigs)) {
- (void) fprintf(stderr, "No keys in keyring\n");
- return 0;
- }
- ret = mj_asprint(json, &obj);
- mj_delete(&obj);
- return ret;
-}
-
-DEFINE_ARRAY(strings_t, char *);
-
-#ifndef HKP_VERSION
-#define HKP_VERSION 1
-#endif
-
-/* find and list some keys in a keyring */
-int
-netpgp_match_keys(netpgp_t *netpgp, char *name, const char *fmt, void *vp, const int psigs)
-{
- const __ops_key_t *key;
- unsigned k;
- strings_t pubs;
- FILE *fp = (FILE *)vp;
-
- if (name[0] == '0' && name[1] == 'x') {
- name += 2;
- }
- (void) memset(&pubs, 0x0, sizeof(pubs));
- k = 0;
- do {
- key = __ops_getnextkeybyname(netpgp->io, netpgp->pubring,
- name, &k);
- if (key != NULL) {
- ALLOC(char *, pubs.v, pubs.size, pubs.c, 10, 10,
- "netpgp_match_keys", return 0);
- if (strcmp(fmt, "mr") == 0) {
- __ops_hkp_sprint_keydata(netpgp->io, netpgp->pubring,
- key, &pubs.v[pubs.c],
- &key->key.pubkey, psigs);
- } else {
- __ops_sprint_keydata(netpgp->io, netpgp->pubring,
- key, &pubs.v[pubs.c],
- "signature ",
- &key->key.pubkey, psigs);
- }
- if (pubs.v[pubs.c] != NULL) {
- pubs.c += 1;
- }
- k += 1;
- }
- } while (key != NULL);
- if (strcmp(fmt, "mr") == 0) {
- (void) fprintf(fp, "info:%d:%d\n", HKP_VERSION, pubs.c);
- } else {
- (void) fprintf(fp, "%d key%s found\n", pubs.c,
- (pubs.c == 1) ? "" : "s");
- }
- for (k = 0 ; k < pubs.c ; k++) {
- (void) fprintf(fp, "%s%s", pubs.v[k], (k < pubs.c - 1) ? "\n" : "");
- free(pubs.v[k]);
- }
- free(pubs.v);
- return pubs.c;
-}
-
-/* find and list some keys in a keyring - return JSON string */
-int
-netpgp_match_keys_json(netpgp_t *netpgp, char **json, char *name, const char *fmt, const int psigs)
-{
- const __ops_key_t *key;
- unsigned k;
- mj_t id_array;
- int ret;
-
- if (name[0] == '0' && name[1] == 'x') {
- name += 2;
- }
- (void) memset(&id_array, 0x0, sizeof(id_array));
- k = 0;
- *json = NULL;
- mj_create(&id_array, "array");
- do {
- key = __ops_getnextkeybyname(netpgp->io, netpgp->pubring,
- name, &k);
- if (key != NULL) {
- if (strcmp(fmt, "mr") == 0) {
-#if 0
- __ops_hkp_sprint_keydata(netpgp->io, netpgp->pubring,
- key, &pubs.v[pubs.c],
- &key->key.pubkey, psigs);
-#endif
- } else {
- ALLOC(mj_t, id_array.value.v, id_array.size,
- id_array.c, 10, 10, "netpgp_match_keys_json", return 0);
- __ops_sprint_mj(netpgp->io, netpgp->pubring,
- key, &id_array.value.v[id_array.c++],
- "signature ",
- &key->key.pubkey, psigs);
- }
- k += 1;
- }
- } while (key != NULL);
- ret = mj_asprint(json, &id_array);
- mj_delete(&id_array);
- return ret;
-}
-
-/* find and list some public keys in a keyring */
-int
-netpgp_match_pubkeys(netpgp_t *netpgp, char *name, void *vp)
-{
- const __ops_key_t *key;
- unsigned k;
- strings_t pubs;
- FILE *fp = (FILE *)vp;
-
- (void) memset(&pubs, 0x0, sizeof(pubs));
- do {
- key = __ops_getnextkeybyname(netpgp->io, netpgp->pubring,
- name, &k);
- if (key != NULL) {
- char out[1024 * 64];
-
- ALLOC(char *, pubs.v, pubs.size, pubs.c, 10, 10,
- "netpgp_match_pubkeys", return 0);
- (void) __ops_sprint_pubkey(key, out, sizeof(out));
- pubs.v[pubs.c++] = netpgp_strdup(out);
- k += 1;
- }
- } while (key != NULL);
- (void) fprintf(fp, "info:%d:%d\n", HKP_VERSION, pubs.c);
- for (k = 0 ; k < pubs.c ; k++) {
- (void) fprintf(fp, "%s", pubs.v[k]);
- free(pubs.v[k]);
- }
- free(pubs.v);
- return pubs.c;
-}
-
-/* find a key in a keyring */
-int
-netpgp_find_key(netpgp_t *netpgp, char *id)
-{
- __ops_io_t *io;
-
- io = netpgp->io;
- if (id == NULL) {
- (void) fprintf(io->errs, "NULL id to search for\n");
- return 0;
- }
- return __ops_getkeybyname(netpgp->io, netpgp->pubring, id) != NULL;
-}
-
-/* get a key in a keyring */
-char *
-netpgp_get_key(netpgp_t *netpgp, const char *name, const char *fmt)
-{
- const __ops_key_t *key;
- char *newkey;
-
- if ((key = resolve_userid(netpgp, netpgp->pubring, name)) == NULL) {
- return NULL;
- }
- if (strcmp(fmt, "mr") == 0) {
- return (__ops_hkp_sprint_keydata(netpgp->io, netpgp->pubring,
- key, &newkey,
- &key->key.pubkey,
- netpgp_getvar(netpgp, "subkey sigs") != NULL) > 0) ? newkey : NULL;
- }
- return (__ops_sprint_keydata(netpgp->io, netpgp->pubring,
- key, &newkey, "signature",
- &key->key.pubkey,
- netpgp_getvar(netpgp, "subkey sigs") != NULL) > 0) ? newkey : NULL;
-}
-
-/* export a given key */
-char *
-netpgp_export_key(netpgp_t *netpgp, char *name)
-{
- const __ops_key_t *key;
- __ops_io_t *io;
-
- io = netpgp->io;
- if ((key = resolve_userid(netpgp, netpgp->pubring, name)) == NULL) {
- return NULL;
- }
-
- char pass[MAX_PASSPHRASE_LENGTH];
- __ops_forget(pass, (unsigned)sizeof(pass)); //clear pass array
- if (netpgp->passfp) {
- __ops_getpassphrase(netpgp->passfp, pass, sizeof(pass));
- }
-
- char *result = __ops_export_key(io, key, (strlen(pass) > 0) ? (uint8_t *)pass : NULL);
- __ops_forget(pass, (unsigned)sizeof(pass));
-
- return result;
-}
-
-#define IMPORT_ARMOR_HEAD "-----BEGIN PGP PUBLIC KEY BLOCK-----"
-
-/* import a key into our keyring */
-int
-netpgp_import_key(netpgp_t *netpgp, char *f)
-{
- __ops_io_t *io;
- unsigned realarmor;
- int done;
-
- io = netpgp->io;
- realarmor = isarmoured(io, f, NULL, IMPORT_ARMOR_HEAD);
- done = __ops_keyring_fileread(netpgp->pubring, realarmor, f);
- if (!done) {
- (void) fprintf(io->errs, "Cannot import key from file %s\n", f);
- return 0;
- }
- return __ops_keyring_list(io, netpgp->pubring, 0);
-}
-
-/* import a key into our keyring */
-int
-netpgp_import_public_key(netpgp_t *netpgp, char *f)
-{
- __ops_keyring_t *keyring; // read keyring
- __ops_io_t *io;
- unsigned realarmor;
- int done;
- __ops_key_t *key;
- unsigned n = 0;
-
-
- io = netpgp->io;
- realarmor = isarmoured(io, f, NULL, IMPORT_ARMOR_HEAD);
-
-// keyring = readkeyring(netpgp, f);
- if ((keyring = calloc(1, sizeof(*keyring))) == NULL) {
- (void) fprintf(stderr, "readkeyring: bad alloc\n");
- return 0;
- }
-
- done = __ops_keyring_fileread(keyring, realarmor, f);
- if (!done) {
- (void) fprintf(io->errs, "Cannot import key from file %s\n", f);
- return 0;
- }
-
- char *ringfile = netpgp_getvar(netpgp, "pubring");
- for (n = 0, key = keyring->keys; n < keyring->keyc; ++n, ++key) {
- if (!__ops_is_key_secret(key)) {
- if (key->type == OPS_PTAG_CT_PUBLIC_KEY) {
- if (!appendkey(io, key, ringfile)) {
- (void) fprintf(io->errs, "Cannot write pubkey to '%s'\n", ringfile);
- return 0;
- }
- }
- }
- }
-
-
- // append to netpgp keyring (I could load again but don't have to)
- done = __ops_append_keyring(netpgp->pubring, keyring);
-
- if (keyring != NULL) {
- __ops_keyring_free(keyring);
- free(keyring);
- }
-
- return done;
-}
-
-///* import a key into our keyring */
-//int
-//netpgp_import_secure_key(netpgp_t *netpgp, char *f)
-//{
-// __ops_io_t *io;
-// unsigned realarmor;
-// int done;
-//
-// io = netpgp->io;
-// realarmor = isarmoured(io, f, NULL, IMPORT_ARMOR_HEAD);
-// done = __ops_keyring_fileread(netpgp->secring, realarmor, f);
-// if (!done) {
-// (void) fprintf(io->errs, "Cannot import key from file %s\n", f);
-// return 0;
-// }
-//
-// /* import secret key */
-// __ops_keyring_t *keyring = netpgp->secring;
-// __ops_key_t *key;
-// unsigned n = 0;
-//
-// for (n = 0, key = keyring->keys; n < keyring->keyc; ++n, ++key) {
-// if (!__ops_is_key_secret(key)) {
-// char *ringfile = netpgp_getvar(netpgp, "pubring");
-// if (!appendkey(io, key, ringfile)) {
-// (void) fprintf(io->errs, "Cannot write pubkey to '%s'\n", ringfile);
-// return 0;
-// }
-// }
-// (void) fputc('\n', io->res);
-// }
-//
-//// for (n = 0, key = keyring->keys; n < keyring->keyc; ++n, ++key) {
-//// if (__ops_is_key_secret(key)) {
-//// const unsigned noarmor = 1;
-//// __ops_output_t *create;
-//// int fd;
-////
-//// char *ringfile = netpgp_getvar(netpgp, "secring");
-//// if ((fd = __ops_setup_file_append(&create, ringfile)) < 0) {
-//// fd = __ops_setup_file_write(&create, ringfile, 0);
-//// }
-//// if (fd < 0) {
-//// (void) fprintf(io->errs, "can't append secring '%s'\n", ringfile);
-//// return 0;
-//// }
-//// if (!__ops_write_xfer_seckey(create, key, NULL, 0, noarmor)) {
-//// (void) fprintf(io->errs, "Cannot write seckey\n");
-//// return 0;
-//// }
-//// __ops_teardown_file_write(create, fd);
-//// }
-//// }
-//
-// return __ops_keyring_list(io, netpgp->pubring, 0);
-//}
-
-
-/* generate a new key */
-/* output directory have to exists */
-int
-netpgp_generate_key_rich(netpgp_t *netpgp, char *id, int numbits, char *output_directory, int save_to_default_keyring)
-{
- __ops_output_t *create;
- const unsigned noarmor = 0;
- __ops_key_t *key;
- __ops_io_t *io;
- uint8_t *uid;
- char newid[1024];
- char filename[MAXPATHLEN];
- char dir[MAXPATHLEN];
- char *cp;
- char *ringfile;
- int fd;
-
- uid = NULL;
- io = netpgp->io;
- /* generate a new key */
- if (id) {
- (void) snprintf(newid, sizeof(newid), "%s", id);
- } else {
- (void) snprintf(newid, sizeof(newid),
- "RSA %d-bit key <%s@localhost>", numbits, getenv("LOGNAME"));
- }
- uid = (uint8_t *)newid;
- key = __ops_rsa_new_selfsign_key(numbits, 65537UL, uid,
- netpgp_getvar(netpgp, "hash"),
- netpgp_getvar(netpgp, "cipher"));
- if (key == NULL) {
- (void) fprintf(io->errs, "Cannot generate key\n");
- return 0;
- }
-
-
- cp = NULL;
- __ops_sprint_keydata(netpgp->io, NULL, key, &cp, "signature ", &key->key.seckey.pubkey, 0);
- (void) fprintf(stdout, "%s", cp);
- /* write public key */
- if (output_directory) {
- (void) snprintf(dir, sizeof(dir), "%s", output_directory);
- (void) fprintf(io->errs, "netpgp: generated keys in directory %s\n", dir);
- (void) snprintf(ringfile = filename, sizeof(filename), "%s/pubring.gpg", dir);
- if (!appendkey(io, key, ringfile)) {
- (void) fprintf(io->errs, "Cannot write pubkey to '%s'\n", ringfile);
- return 0;
- }
- }
-
- /* write to default keyring */
- if (save_to_default_keyring) {
- ringfile = netpgp_getvar(netpgp, "pubring");
- if (!appendkey(io, key, ringfile)) {
- (void) fprintf(io->errs, "Cannot write pubkey to '%s'\n", ringfile);
- return 0;
- }
- }
-
- if (netpgp->pubring != NULL) {
- __ops_keyring_free(netpgp->pubring);
- }
-
- char pass[MAX_PASSPHRASE_LENGTH];
- __ops_forget(pass, (unsigned)sizeof(pass)); //clear pass array
- if (netpgp->passfp) {
- __ops_getpassphrase(netpgp->passfp, pass, sizeof(pass));
- }
-
- /* write secret key */
- if (output_directory) {
- (void) snprintf(ringfile = filename, sizeof(filename), "%s/secring.gpg", dir);
- if ((fd = __ops_setup_file_append(&create, ringfile)) < 0) {
- fd = __ops_setup_file_write(&create, ringfile, 0);
- }
- if (fd < 0) {
- (void) fprintf(io->errs, "can't append secring '%s'\n", ringfile);
- return 0;
- }
- if (!__ops_write_xfer_seckey(create, key, (strlen(pass) > 0) ? (uint8_t *)pass : NULL, strlen(pass), noarmor)) {
- (void) fprintf(io->errs, "Cannot write seckey\n");
- return 0;
- }
- __ops_teardown_file_write(create, fd);
- }
-
- /* write to default keyring */
- if (save_to_default_keyring) {
- ringfile = netpgp_getvar(netpgp, "secring");
- if ((fd = __ops_setup_file_append(&create, ringfile)) < 0) {
- fd = __ops_setup_file_write(&create, ringfile, 0);
- }
- if (fd < 0) {
- (void) fprintf(io->errs, "can't append secring '%s'\n", ringfile);
- return 0;
- }
- if (!__ops_write_xfer_seckey(create, key, (strlen(pass) > 0) ? (uint8_t *)pass : NULL, strlen(pass), noarmor)) {
- (void) fprintf(io->errs, "Cannot write seckey\n");
- return 0;
- }
- __ops_teardown_file_write(create, fd);
- }
- if (netpgp->secring != NULL) {
- __ops_keyring_free(netpgp->secring);
- }
-
- __ops_forget(pass, (unsigned)sizeof(pass));
- __ops_keydata_free(key);
- free(cp);
- return 1;
-}
-
-/* generate a new key */
-int
-netpgp_generate_key(netpgp_t *netpgp, char *id, int numbits)
-{
- return netpgp_generate_key_rich(netpgp, id, numbits, NULL, 1);
-}
-
-/* encrypt a file */
-int
-netpgp_encrypt_file(netpgp_t *netpgp,
- const char *userid,
- const char *f,
- char *out,
- int armored)
-{
- const __ops_key_t *key;
- const unsigned overwrite = 1;
- const char *suffix;
- __ops_io_t *io;
- char outname[MAXPATHLEN];
-
- io = netpgp->io;
- if (f == NULL) {
- (void) fprintf(io->errs,
- "netpgp_encrypt_file: no filename specified\n");
- return 0;
- }
- suffix = (armored) ? ".asc" : ".gpg";
- /* get key with which to sign */
- if ((key = resolve_userid(netpgp, netpgp->pubring, userid)) == NULL) {
- return 0;
- }
- if (out == NULL) {
- (void) snprintf(outname, sizeof(outname), "%s%s", f, suffix);
- out = outname;
- }
- return (int)__ops_encrypt_file(io, f, out, key, (unsigned)armored,
- overwrite, netpgp_getvar(netpgp, "cipher"), netpgp_getvar(netpgp, "dont use subkey to encrypt") != NULL ? 1 : 0);
-}
-
-#define ARMOR_HEAD "-----BEGIN PGP MESSAGE-----"
-
-/* decrypt a file */
-int
-netpgp_decrypt_file(netpgp_t *netpgp, const char *f, char *out, int armored)
-{
- const unsigned overwrite = 1;
- __ops_io_t *io;
- unsigned realarmor;
- unsigned sshkeys;
-
- __OPS_USED(armored);
- io = netpgp->io;
- if (f == NULL) {
- (void) fprintf(io->errs,
- "netpgp_decrypt_file: no filename specified\n");
- return 0;
- }
- realarmor = isarmoured(io, f, NULL, ARMOR_HEAD);
- sshkeys = (unsigned)(netpgp_getvar(netpgp, "ssh keys") != NULL);
- return __ops_decrypt_file(netpgp->io, f, out, netpgp->secring,
- netpgp->pubring,
- realarmor, overwrite, sshkeys,
- netpgp->passfp, get_passphrase_cb);
-}
-
-/* sign a file */
-int
-netpgp_sign_file(netpgp_t *netpgp,
- const char *userid,
- const char *f,
- char *out,
- int armored,
- int cleartext,
- int detached)
-{
- const __ops_key_t *keypair;
- const __ops_key_t *pubkey;
- __ops_seckey_t *seckey;
- const unsigned overwrite = 1;
- __ops_io_t *io;
- const char *hashalg;
- int ret;
-
- io = netpgp->io;
- if (f == NULL) {
- (void) fprintf(io->errs,
- "netpgp_sign_file: no filename specified\n");
- return 0;
- }
- /* get key with which to sign */
- if ((keypair = resolve_userid(netpgp, netpgp->secring, userid)) == NULL) {
- return 0;
- }
- ret = 1;
- do {
- if (netpgp->passfp == NULL) {
- /* print out the user id */
- pubkey = __ops_getkeybyname(io, netpgp->pubring, userid);
- if (pubkey == NULL) {
- (void) fprintf(io->errs,
- "netpgp: warning - using pubkey from secring\n");
- __ops_print_keydata(io, netpgp->pubring, keypair, "signature ",
- &keypair->key.seckey.pubkey, 0);
- } else {
- __ops_print_keydata(io, netpgp->pubring, pubkey, "signature ",
- &pubkey->key.pubkey, 0);
- }
- }
- if (netpgp_getvar(netpgp, "ssh keys") == NULL) {
- /* now decrypt key */
- seckey = __ops_decrypt_seckey(keypair, netpgp->passfp);
- if (seckey == NULL) {
- (void) fprintf(io->errs, "Bad passphrase\n");
- }
- } else {
- __ops_keyring_t *secring;
-
- secring = netpgp->secring;
- seckey = &secring->keys[0].key.seckey;
- }
- } while (seckey == NULL);
- /* sign file */
- hashalg = netpgp_getvar(netpgp, "hash");
- if (seckey->pubkey.alg == OPS_PKA_DSA) {
- hashalg = "sha1";
- }
- if (detached) {
- ret = __ops_sign_detached(io, f, out, seckey, hashalg,
- get_birthtime(netpgp_getvar(netpgp, "birthtime")),
- get_duration(netpgp_getvar(netpgp, "duration")),
- (unsigned)armored,
- overwrite);
- } else {
- ret = __ops_sign_file(io, f, out, seckey, hashalg,
- get_birthtime(netpgp_getvar(netpgp, "birthtime")),
- get_duration(netpgp_getvar(netpgp, "duration")),
- (unsigned)armored, (unsigned)cleartext,
- overwrite);
- }
- __ops_forget(seckey, (unsigned)sizeof(*seckey));
- return ret;
-}
-
-#define ARMOR_SIG_HEAD "-----BEGIN PGP SIGNATURE-----\r\n"
-
-/* verify a file */
-int
-netpgp_verify_file(netpgp_t *netpgp, const char *in, const char *out, int armored)
-{
- __ops_validation_t result;
- __ops_io_t *io;
- unsigned realarmor;
-
- __OPS_USED(armored);
- (void) memset(&result, 0x0, sizeof(result));
- io = netpgp->io;
- if (in == NULL) {
- (void) fprintf(io->errs,
- "netpgp_verify_file: no filename specified\n");
- return 0;
- }
- realarmor = isarmoured(io, in, NULL, ARMOR_SIG_HEAD);
- if (__ops_validate_file(io, &result, in, out, (const int)realarmor, netpgp->pubring)) {
- resultp(io, in, &result, netpgp->pubring);
- return 1;
- }
- if (result.validc + result.invalidc + result.unknownc == 0) {
- (void) fprintf(io->errs,
- "\"%s\": No signatures found - is this a signed file?\n",
- in);
- } else if (result.invalidc == 0 && result.unknownc == 0) {
- (void) fprintf(io->errs,
- "\"%s\": file verification failure: invalid signature time\n", in);
- } else {
- (void) fprintf(io->errs,
-"\"%s\": verification failure: %u invalid signatures, %u unknown signatures\n",
- in, result.invalidc, result.unknownc);
- }
- return 0;
-}
-
-/* sign some memory */
-int
-netpgp_sign_memory(netpgp_t *netpgp,
- const char *userid,
- char *mem,
- size_t size,
- char *out,
- size_t outsize,
- const unsigned armored,
- const unsigned cleartext)
-{
- const __ops_key_t *keypair;
- const __ops_key_t *pubkey;
- __ops_seckey_t *seckey;
- __ops_memory_t *signedmem;
- __ops_io_t *io;
- const char *hashalg;
- int ret;
-
- io = netpgp->io;
- if (mem == NULL) {
- (void) fprintf(io->errs,
- "netpgp_sign_memory: no memory to sign\n");
- return 0;
- }
- if ((keypair = resolve_userid(netpgp, netpgp->secring, userid)) == NULL) {
- return 0;
- }
- ret = 1;
- do {
- if (netpgp->passfp == NULL) {
- /* print out the user id */
- pubkey = __ops_getkeybyname(io, netpgp->pubring, userid);
- if (pubkey == NULL) {
- (void) fprintf(io->errs,
- "netpgp: warning - using pubkey from secring\n");
- __ops_print_keydata(io, netpgp->pubring, keypair, "signature ",
- &keypair->key.seckey.pubkey, 0);
- } else {
- __ops_print_keydata(io, netpgp->pubring, pubkey, "signature ",
- &pubkey->key.pubkey, 0);
- }
- }
- /* now decrypt key */
- seckey = __ops_decrypt_seckey(keypair, netpgp->passfp);
- if (seckey == NULL) {
- (void) fprintf(io->errs, "Bad passphrase\n");
- }
- } while (seckey == NULL);
- /* sign file */
- (void) memset(out, 0x0, outsize);
- hashalg = netpgp_getvar(netpgp, "hash");
- if (seckey->pubkey.alg == OPS_PKA_DSA) {
- hashalg = "sha1";
- }
- signedmem = __ops_sign_buf(io, mem, size, seckey,
- get_birthtime(netpgp_getvar(netpgp, "birthtime")),
- get_duration(netpgp_getvar(netpgp, "duration")),
- hashalg, armored, cleartext);
- if (signedmem) {
- size_t m;
-
- m = MIN(__ops_mem_len(signedmem), outsize);
- (void) memcpy(out, __ops_mem_data(signedmem), m);
- __ops_memory_free(signedmem);
- ret = (int)m;
- } else {
- ret = 0;
- }
- __ops_forget(seckey, (unsigned)sizeof(*seckey));
- return ret;
-}
-
-/* verify memory */
-int
-netpgp_verify_memory(netpgp_t *netpgp, const void *in, const size_t size,
- void *out, size_t outsize, const int armored)
-{
- __ops_validation_t result;
- __ops_memory_t *signedmem;
- __ops_memory_t *cat;
- __ops_io_t *io;
- size_t m;
- int ret;
-
- (void) memset(&result, 0x0, sizeof(result));
- io = netpgp->io;
- if (in == NULL) {
- (void) fprintf(io->errs,
- "netpgp_verify_memory: no memory to verify\n");
- return 0;
- }
- signedmem = __ops_memory_new();
- __ops_memory_add(signedmem, in, size);
- if (out) {
- cat = __ops_memory_new();
- }
- ret = __ops_validate_mem(io, &result, signedmem,
- (out) ? &cat : NULL,
- armored, netpgp->pubring);
- /* signedmem is freed from pgp_validate_mem */
- if (ret) {
- resultp(io, "<stdin>", &result, netpgp->pubring);
- if (out) {
- m = MIN(__ops_mem_len(cat), outsize);
- (void) memcpy(out, __ops_mem_data(cat), m);
- __ops_memory_free(cat);
- } else {
- m = 1;
- }
- return (int)m;
- }
- if (result.validc + result.invalidc + result.unknownc == 0) {
- (void) fprintf(io->errs,
- "No signatures found - is this memory signed?\n");
- } else if (result.invalidc == 0 && result.unknownc == 0) {
- (void) fprintf(io->errs,
- "memory verification failure: invalid signature time\n");
- } else {
- (void) fprintf(io->errs,
-"memory verification failure: %u invalid signatures, %u unknown signatures\n",
- result.invalidc, result.unknownc);
- }
- return 0;
-}
-
-/* encrypt some memory */
-int
-netpgp_encrypt_memory(netpgp_t *netpgp,
- const char *userid,
- void *in,
- const size_t insize,
- char *out,
- size_t outsize,
- int armored)
-{
- const __ops_key_t *keypair;
- __ops_memory_t *enc;
- __ops_io_t *io;
- size_t m;
-
- io = netpgp->io;
- if (in == NULL) {
- (void) fprintf(io->errs,
- "netpgp_encrypt_buf: no memory to encrypt\n");
- return 0;
- }
- if ((keypair = resolve_userid(netpgp, netpgp->pubring, userid)) == NULL) {
- return 0;
- }
- if (in == out) {
- (void) fprintf(io->errs,
- "netpgp_encrypt_buf: input and output bufs need to be different\n");
- return 0;
- }
- if (outsize < insize) {
- (void) fprintf(io->errs,
- "netpgp_encrypt_buf: input size is larger than output size\n");
- return 0;
- }
- enc = __ops_encrypt_buf(io, in, insize, keypair, (unsigned)armored,
- netpgp_getvar(netpgp, "cipher"), netpgp_getvar(netpgp, "dont use subkey to encrypt") != NULL ? 1 : 0);
- m = MIN(__ops_mem_len(enc), outsize);
- (void) memcpy(out, __ops_mem_data(enc), m);
- __ops_memory_free(enc);
- return (int)m;
-}
-
-/* decrypt a chunk of memory */
-int
-netpgp_decrypt_memory(netpgp_t *netpgp, const void *input, const size_t insize,
- char *out, size_t outsize, const int armored)
-{
- __ops_memory_t *mem;
- __ops_io_t *io;
- unsigned realarmour;
- unsigned sshkeys;
- size_t m;
-
- __OPS_USED(armored);
- io = netpgp->io;
- if (input == NULL) {
- (void) fprintf(io->errs,
- "netpgp_decrypt_memory: no memory\n");
- return 0;
- }
- realarmour = isarmoured(io, NULL, input, ARMOR_HEAD);
- sshkeys = (unsigned)(netpgp_getvar(netpgp, "ssh keys") != NULL);
- mem = __ops_decrypt_buf(netpgp->io, input, insize, netpgp->secring,
- netpgp->pubring,
- realarmour, sshkeys,
- netpgp->passfp,
- get_passphrase_cb);
- m = MIN(__ops_mem_len(mem), outsize);
- (void) memcpy(out, __ops_mem_data(mem), m);
- __ops_memory_free(mem);
- return (int)m;
-}
-
-/* wrappers for the ops_debug_level functions we added to openpgpsdk */
-
-/* set the debugging level per filename */
-int
-netpgp_set_debug(const char *f)
-{
- return __ops_set_debug_level(f);
-}
-
-/* get the debugging level per filename */
-int
-netpgp_get_debug(const char *f)
-{
- return __ops_get_debug_level(f);
-}
-
-/* return the version for the library */
-const char *
-netpgp_get_info(const char *type)
-{
- return __ops_get_info(type);
-}
-
-/* list all the packets in a file */
-int
-netpgp_list_packets(netpgp_t *netpgp, char *f, int armor, char *pubringname)
-{
- __ops_keyring_t *keyring;
- const unsigned noarmor = 0;
- struct stat st;
- __ops_io_t *io;
- char ringname[MAXPATHLEN];
- char *homedir;
- int ret;
-
- io = netpgp->io;
- if (f == NULL) {
- (void) fprintf(io->errs, "No file containing packets\n");
- return 0;
- }
- if (stat(f, &st) < 0) {
- (void) fprintf(io->errs, "No such file '%s'\n", f);
- return 0;
- }
- homedir = netpgp_getvar(netpgp, "homedir");
- if (pubringname == NULL) {
- (void) snprintf(ringname, sizeof(ringname),
- "%s/pubring.gpg", homedir);
- pubringname = ringname;
- }
- if ((keyring = calloc(1, sizeof(*keyring))) == NULL) {
- (void) fprintf(io->errs, "netpgp_list_packets: bad alloc\n");
- return 0;
- }
- if (!__ops_keyring_fileread(keyring, noarmor, pubringname)) {
- free(keyring);
- (void) fprintf(io->errs, "Cannot read pub keyring %s\n",
- pubringname);
- return 0;
- }
- netpgp->pubring = keyring;
- netpgp_setvar(netpgp, "pubring", pubringname);
- ret = __ops_list_packets(io, f, (unsigned)armor,
- netpgp->secring,
- netpgp->pubring,
- netpgp->passfp,
- get_passphrase_cb);
- free(keyring);
- return ret;
-}
-
-/* set a variable */
-int
-netpgp_setvar(netpgp_t *netpgp, const char *name, const char *value)
-{
- char *newval;
- int i;
-
- /* protect against the case where 'value' is netpgp->value[i] */
- newval = netpgp_strdup(value);
- if ((i = findvar(netpgp, name)) < 0) {
- /* add the element to the array */
- if (size_arrays(netpgp, netpgp->size + 15)) {
- netpgp->name[i = netpgp->c++] = netpgp_strdup(name);
- }
- } else {
- /* replace the element in the array */
- if (netpgp->value[i]) {
- free(netpgp->value[i]);
- netpgp->value[i] = NULL;
- }
- }
- /* sanity checks for range of values */
- if (strcmp(name, "hash") == 0 || strcmp(name, "algorithm") == 0) {
- if (__ops_str_to_hash_alg(newval) == OPS_HASH_UNKNOWN) {
- free(newval);
- return 0;
- }
- }
- netpgp->value[i] = newval;
- return 1;
-}
-
-/* unset a variable */
-int
-netpgp_unsetvar(netpgp_t *netpgp, const char *name)
-{
- int i;
-
- if ((i = findvar(netpgp, name)) >= 0) {
- if (netpgp->value[i]) {
- free(netpgp->value[i]);
- netpgp->value[i] = NULL;
- }
- netpgp->value[i] = NULL;
- return 1;
- }
- return 0;
-}
-
-/* get a variable's value (NULL if not set) */
-char *
-netpgp_getvar(netpgp_t *netpgp, const char *name)
-{
- int i;
-
- return ((i = findvar(netpgp, name)) < 0) ? NULL : netpgp->value[i];
-}
-
-/* increment a value */
-int
-netpgp_incvar(netpgp_t *netpgp, const char *name, const int delta)
-{
- char *cp;
- char num[16];
- int val;
-
- val = 0;
- if ((cp = netpgp_getvar(netpgp, name)) != NULL) {
- val = atoi(cp);
- }
- (void) snprintf(num, sizeof(num), "%d", val + delta);
- netpgp_setvar(netpgp, name, num);
- return 1;
-}
-
-/* set the home directory value to "home/subdir" */
-int
-netpgp_set_homedir(netpgp_t *netpgp, char *home, const char *subdir, const int quiet)
-{
- struct stat st;
- char d[MAXPATHLEN];
-
- if (home == NULL) {
- if (!quiet) {
- (void) fprintf(stderr, "NULL HOME directory\n");
- }
- return 0;
- }
- (void) snprintf(d, sizeof(d), "%s%s", home, (subdir) ? subdir : "");
- if (stat(d, &st) == 0) {
- if ((st.st_mode & S_IFMT) == S_IFDIR) {
- netpgp_setvar(netpgp, "homedir", d);
- return 1;
- }
- (void) fprintf(stderr, "netpgp: homedir \"%s\" is not a dir\n",
- d);
- return 0;
- }
- if (!quiet) {
- (void) fprintf(stderr,
- "netpgp: warning homedir \"%s\" not found\n", d);
- }
- netpgp_setvar(netpgp, "homedir", d);
- return 1;
-}
-
-/* validate all sigs in the pub keyring */
-int
-netpgp_validate_sigs(netpgp_t *netpgp)
-{
- __ops_validation_t result;
-
- return (int)__ops_validate_all_sigs(&result, netpgp->pubring, NULL);
-}
-
-/* print the json out on 'fp' */
-int
-netpgp_format_json(void *vp, const char *json, const int psigs)
-{
- mj_t ids;
- FILE *fp;
- int from;
- int idc;
- int tok;
- int to;
- int i;
-
- if ((fp = (FILE *)vp) == NULL || json == NULL) {
- return 0;
- }
- /* ids is an array of strings, each containing 1 entry */
- (void) memset(&ids, 0x0, sizeof(ids));
- from = to = tok = 0;
- /* convert from string into an mj structure */
- (void) mj_parse(&ids, json, &from, &to, &tok);
- if ((idc = mj_arraycount(&ids)) == 1 && strchr(json, '{') == NULL) {
- idc = 0;
- }
- (void) fprintf(fp, "%d key%s found\n", idc, (idc == 1) ? "" : "s");
- for (i = 0 ; i < idc ; i++) {
- format_json_key(fp, &ids.value.v[i], psigs);
- }
- /* clean up */
- mj_delete(&ids);
- return idc;
-}
-
-/* find a key in keyring, and write it in ssh format */
-int
-netpgp_write_sshkey(netpgp_t *netpgp, char *s, const char *userid, char *out, size_t size)
-{
- const __ops_key_t *key;
- __ops_keyring_t *keyring;
- __ops_io_t *io;
- unsigned k;
- size_t cc;
- char f[MAXPATHLEN];
-
- if ((io = calloc(1, sizeof(__ops_io_t))) == NULL) {
- (void) fprintf(stderr, "netpgp_save_sshpub: bad alloc 1\n");
- return 0;
- }
- io->outs = stdout;
- io->errs = stderr;
- io->res = stderr;
- netpgp->io = io;
- /* write new to temp file */
- savepubkey(s, f, sizeof(f));
- if ((keyring = calloc(1, sizeof(*keyring))) == NULL) {
- (void) fprintf(stderr, "netpgp_save_sshpub: bad alloc 2\n");
- return 0;
- }
- if (!__ops_keyring_fileread(netpgp->pubring = keyring, 1, f)) {
- (void) fprintf(stderr, "can't import key\n");
- return 0;
- }
- /* get rsa key */
- k = 0;
- key = __ops_getnextkeybyname(netpgp->io, netpgp->pubring, userid, &k);
- if (key == NULL) {
- (void) fprintf(stderr, "no key found for '%s'\n", userid);
- return 0;
- }
- if (key->key.pubkey.alg != OPS_PKA_RSA) {
- /* we're not interested in supporting DSA either :-) */
- (void) fprintf(stderr, "key not RSA '%s'\n", userid);
- return 0;
- }
- /* XXX - check trust sigs */
- /* XXX - check expiry */
- /* XXX - check start */
- /* XXX - check not weak key */
- /* get rsa e and n */
- (void) memset(out, 0x0, size);
- cc = formatstring((char *)out, (const uint8_t *)"ssh-rsa", 7);
- cc += formatbignum((char *)&out[cc], key->key.pubkey.key.rsa.e);
- cc += formatbignum((char *)&out[cc], key->key.pubkey.key.rsa.n);
- free(io);
- free(keyring);
- return (int)MIN(cc,INT_MAX);
-}
diff --git a/enzevalos_iphone/netpgp/lib/netpgp.h b/enzevalos_iphone/netpgp/lib/netpgp.h
deleted file mode 100644
index f0ffb86a..00000000
--- a/enzevalos_iphone/netpgp/lib/netpgp.h
+++ /dev/null
@@ -1,113 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@netbsd.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-#ifndef NETPGP_H_
-#define NETPGP_H_
-
-#ifndef __BEGIN_DECLS
-# if defined(__cplusplus)
-# define __BEGIN_DECLS extern "C" {
-# define __END_DECLS }
-# else
-# define __BEGIN_DECLS
-# define __END_DECLS
-# endif
-#endif
-
-__BEGIN_DECLS
-
-/* structure used to hold (key,value) pair information */
-typedef struct netpgp_t {
- unsigned c; /* # of elements used */
- unsigned size; /* size of array */
- char **name; /* key names */
- char **value; /* value information */
- void *pubring; /* public key ring */
- void *secring; /* s3kr1t key ring */
- void *io; /* the io struct for results/errs */
- void *passfp; /* file pointer for password input */
-} netpgp_t;
-
-/* begin and end */
-int netpgp_init(netpgp_t *);
-int netpgp_end(netpgp_t *);
-
-/* debugging, reflection and information */
-int netpgp_set_debug(const char *);
-int netpgp_get_debug(const char *);
-const char *netpgp_get_info(const char *);
-int netpgp_list_packets(netpgp_t *, char *, int, char *);
-
-/* variables */
-int netpgp_setvar(netpgp_t *, const char *, const char *);
-char *netpgp_getvar(netpgp_t *, const char *);
-int netpgp_incvar(netpgp_t *, const char *, const int);
-int netpgp_unsetvar(netpgp_t *, const char *);
-
-/* set home directory information */
-int netpgp_set_homedir(netpgp_t *, char *, const char *, const int);
-
-/* key management */
-int netpgp_list_keys(netpgp_t *, const int);
-int netpgp_list_keys_json(netpgp_t *, char **, const int);
-int netpgp_find_key(netpgp_t *, char *);
-char *netpgp_get_key(netpgp_t *, const char *, const char *);
-char *netpgp_export_key(netpgp_t *, char *);
-int netpgp_import_key(netpgp_t *netpgp, char *f);
-int netpgp_import_public_key(netpgp_t *netpgp, char *f);
-//int netpgp_import_secure_key(netpgp_t *netpgp, char *f);
-int netpgp_generate_key(netpgp_t *, char *, int);
-int netpgp_generate_key_rich(netpgp_t *netpgp, char *id, int numbits, char *output_directory, int save_to_default_keyring);
-
-/* file management */
-int netpgp_encrypt_file(netpgp_t *, const char *, const char *, char *, int);
-int netpgp_decrypt_file(netpgp_t *, const char *, char *, int);
-int netpgp_sign_file(netpgp_t *, const char *, const char *, char *, int, int, int);
-int netpgp_verify_file(netpgp_t *, const char *, const char *, int);
-
-/* memory signing and encryption */
-int netpgp_sign_memory(netpgp_t *, const char *, char *, size_t, char *, size_t, const unsigned, const unsigned);
-int netpgp_verify_memory(netpgp_t *, const void *, const size_t, void *, size_t, const int);
-int netpgp_encrypt_memory(netpgp_t *, const char *, void *, const size_t, char *, size_t, int);
-int netpgp_decrypt_memory(netpgp_t *, const void *, const size_t, char *, size_t, const int);
-
-/* match and hkp-related functions */
-int netpgp_match_keys_json(netpgp_t *, char **, char *, const char *, const int);
-int netpgp_match_keys(netpgp_t *, char *, const char *, void *, const int);
-int netpgp_match_pubkeys(netpgp_t *, char *, void *);
-int netpgp_format_json(void *, const char *, const int);
-
-int netpgp_validate_sigs(netpgp_t *);
-
-/* save pgp key in ssh format */
-int netpgp_write_sshkey(netpgp_t *, char *, const char *, char *, size_t);
-
-
-__END_DECLS
-
-#endif /* !NETPGP_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/netpgpdefs.h b/enzevalos_iphone/netpgp/lib/netpgpdefs.h
deleted file mode 100644
index 755b2b4e..00000000
--- a/enzevalos_iphone/netpgp/lib/netpgpdefs.h
+++ /dev/null
@@ -1,68 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@netbsd.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-#ifndef NETPGPDEFS_H_
-#define NETPGPDEFS_H_ 1
-
-#define PRItime "ll"
-
-#ifdef WIN32
-#define PRIsize "I"
-#else
-#define PRIsize "z"
-#endif
-
-/* for silencing unused parameter warnings */
-#define __OPS_USED(x) /*LINTED*/(void)&(x)
-
-#ifndef __UNCONST
-#define __UNCONST(a) ((void *)(unsigned long)(const void *)(a))
-#endif
-
-/* number of elements in an array */
-#define OPS_ARRAY_SIZE(a) (sizeof(a)/sizeof(*(a)))
-
-void hexdump(FILE *, const char *, const uint8_t *, size_t);
-
-const char *__ops_str_from_map(int, __ops_map_t *);
-
-int __ops_set_debug_level(const char *);
-int __ops_get_debug_level(const char *);
-
-void *__ops_new(size_t);
-
-#define NETPGP_BUFSIZ 8192
-
-#define CALLBACK(t, cbinfo, pkt) do { \
- (pkt)->tag = (t); \
- if (__ops_callback(pkt, cbinfo) == OPS_RELEASE_MEMORY) { \
- __ops_parser_content_free(pkt); \
- } \
-} while(/* CONSTCOND */0)
-
-#endif /* !NETPGPDEFS_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/netpgpdigest.h b/enzevalos_iphone/netpgp/lib/netpgpdigest.h
deleted file mode 100644
index 2bd151f4..00000000
--- a/enzevalos_iphone/netpgp/lib/netpgpdigest.h
+++ /dev/null
@@ -1,55 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@netbsd.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-#ifndef NETPGPDIGEST_H_
-#define NETPGPDIGEST_H_
-
-/* header file to define the sizes for various digest arrays */
-
-#ifdef HAVE_OPENSSL_MD5_H
-#include <openssl/md5.h>
-#endif
-
-#ifdef HAVE_OPENSSL_SHA_H
-#include <openssl/sha.h>
-#endif
-
-/* Apple */
-#ifdef HAVE_COMMONCRYPTO_COMMONDIGEST_H
-#undef MD5_DIGEST_LENGTH
-#undef SHA_DIGEST_LENGTH
-#define COMMON_DIGEST_FOR_OPENSSL 1
-#include <CommonCrypto/CommonDigest.h>
-#endif
-
-/* SHA1 Hash Size */
-#define OPS_SHA1_HASH_SIZE SHA_DIGEST_LENGTH
-#define OPS_SHA256_HASH_SIZE SHA256_DIGEST_LENGTH
-#define OPS_CHECKHASH_SIZE OPS_SHA1_HASH_SIZE
-
-#endif /* NETPGPDIGEST_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/netpgpsdk.h b/enzevalos_iphone/netpgp/lib/netpgpsdk.h
deleted file mode 100644
index 2acd693b..00000000
--- a/enzevalos_iphone/netpgp/lib/netpgpsdk.h
+++ /dev/null
@@ -1,74 +0,0 @@
-/*-
- * Copyright (c) 2009,2010 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-#ifndef NETPGPSDK_H_
-#define NETPGPSDK_H_
-
-#include "keyring.h"
-#include "crypto.h"
-#include "signature.h"
-#include "packet-show.h"
-
-typedef struct __ops_validation_t {
- unsigned validc;
- __ops_sig_info_t *valid_sigs;
- unsigned invalidc;
- __ops_sig_info_t *invalid_sigs;
- unsigned unknownc;
- __ops_sig_info_t *unknown_sigs;
- time_t birthtime;
- time_t duration;
-} __ops_validation_t;
-
-void __ops_validate_result_free(__ops_validation_t *);
-
-unsigned
-__ops_validate_key_sigs(__ops_validation_t *,
- const __ops_key_t *,
- const __ops_keyring_t *,
- __ops_cb_ret_t cb(const __ops_packet_t *, __ops_cbdata_t *));
-
-unsigned
-__ops_validate_all_sigs(__ops_validation_t *,
- const __ops_keyring_t *,
- __ops_cb_ret_t cb(const __ops_packet_t *, __ops_cbdata_t *));
-
-unsigned __ops_check_sig(const uint8_t *,
- unsigned, const __ops_sig_t *, const __ops_pubkey_t *);
-
-const char *__ops_get_info(const char *type);
-
-int __ops_asprintf(char **, const char *, ...);
-
-void netpgp_log(const char *, ...);
-
-int netpgp_strcasecmp(const char *, const char *);
-char *netpgp_strdup(const char *);
-
-
-#endif
diff --git a/enzevalos_iphone/netpgp/lib/openssl_crypto.c b/enzevalos_iphone/netpgp/lib/openssl_crypto.c
deleted file mode 100644
index 94a1cb50..00000000
--- a/enzevalos_iphone/netpgp/lib/openssl_crypto.c
+++ /dev/null
@@ -1,1050 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-#if defined(__NetBSD__)
-__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: openssl_crypto.c,v 1.32 2010/11/07 06:56:52 agc Exp $");
-#endif
-
-#ifdef HAVE_OPENSSL_DSA_H
-#include <openssl/dsa.h>
-#endif
-
-#ifdef HAVE_OPENSSL_RSA_H
-#include <openssl/rsa.h>
-#endif
-
-#ifdef HAVE_OPENSSL_ERR_H
-#include <openssl/err.h>
-#endif
-
-#include <openssl/pem.h>
-#include <openssl/evp.h>
-
-#include <stdlib.h>
-#include <string.h>
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#include "crypto.h"
-#include "keyring.h"
-#include "readerwriter.h"
-#include "netpgpdefs.h"
-#include "netpgpdigest.h"
-#include "packet.h"
-
-
-static void
-test_seckey(const __ops_seckey_t *seckey)
-{
- RSA *test = RSA_new();
-
- test->n = BN_dup(seckey->pubkey.key.rsa.n);
- test->e = BN_dup(seckey->pubkey.key.rsa.e);
-
- test->d = BN_dup(seckey->key.rsa.d);
- test->p = BN_dup(seckey->key.rsa.p);
- test->q = BN_dup(seckey->key.rsa.q);
-
- if (RSA_check_key(test) != 1) {
- (void) fprintf(stderr,
- "test_seckey: RSA_check_key failed\n");
- }
- RSA_free(test);
-}
-
-static int
-md5_init(__ops_hash_t *hash)
-{
- if (hash->data) {
- (void) fprintf(stderr, "md5_init: hash data non-null\n");
- }
- if ((hash->data = calloc(1, sizeof(MD5_CTX))) == NULL) {
- (void) fprintf(stderr, "md5_init: bad alloc\n");
- return 0;
- }
- MD5_Init(hash->data);
- return 1;
-}
-
-static void
-md5_add(__ops_hash_t *hash, const uint8_t *data, unsigned length)
-{
- MD5_Update(hash->data, data, length);
-}
-
-static unsigned
-md5_finish(__ops_hash_t *hash, uint8_t *out)
-{
- MD5_Final(out, hash->data);
- free(hash->data);
- hash->data = NULL;
- return 16;
-}
-
-static const __ops_hash_t md5 = {
- OPS_HASH_MD5,
- MD5_DIGEST_LENGTH,
- "MD5",
- md5_init,
- md5_add,
- md5_finish,
- NULL
-};
-
-/**
- \ingroup Core_Crypto
- \brief Initialise to MD5
- \param hash Hash to initialise
-*/
-void
-__ops_hash_md5(__ops_hash_t *hash)
-{
- *hash = md5;
-}
-
-static int
-sha1_init(__ops_hash_t *hash)
-{
- if (hash->data) {
- (void) fprintf(stderr, "sha1_init: hash data non-null\n");
- }
- if ((hash->data = calloc(1, sizeof(SHA_CTX))) == NULL) {
- (void) fprintf(stderr, "sha1_init: bad alloc\n");
- return 0;
- }
- SHA1_Init(hash->data);
- return 1;
-}
-
-static void
-sha1_add(__ops_hash_t *hash, const uint8_t *data, unsigned length)
-{
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "sha1_add", data, length);
- }
- SHA1_Update(hash->data, data, length);
-}
-
-static unsigned
-sha1_finish(__ops_hash_t *hash, uint8_t *out)
-{
- SHA1_Final(out, hash->data);
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "sha1_finish", out, OPS_SHA1_HASH_SIZE);
- }
- free(hash->data);
- hash->data = NULL;
- return OPS_SHA1_HASH_SIZE;
-}
-
-static const __ops_hash_t sha1 = {
- OPS_HASH_SHA1,
- OPS_SHA1_HASH_SIZE,
- "SHA1",
- sha1_init,
- sha1_add,
- sha1_finish,
- NULL
-};
-
-/**
- \ingroup Core_Crypto
- \brief Initialise to SHA1
- \param hash Hash to initialise
-*/
-void
-__ops_hash_sha1(__ops_hash_t *hash)
-{
- *hash = sha1;
-}
-
-static int
-sha256_init(__ops_hash_t *hash)
-{
- if (hash->data) {
- (void) fprintf(stderr, "sha256_init: hash data non-null\n");
- }
- if ((hash->data = calloc(1, sizeof(SHA256_CTX))) == NULL) {
- (void) fprintf(stderr, "sha256_init: bad alloc\n");
- return 0;
- }
- SHA256_Init(hash->data);
- return 1;
-}
-
-static void
-sha256_add(__ops_hash_t *hash, const uint8_t *data, unsigned length)
-{
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "sha256_add", data, length);
- }
- SHA256_Update(hash->data, data, length);
-}
-
-static unsigned
-sha256_finish(__ops_hash_t *hash, uint8_t *out)
-{
- SHA256_Final(out, hash->data);
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "sha1_finish", out, SHA256_DIGEST_LENGTH);
- }
- free(hash->data);
- hash->data = NULL;
- return SHA256_DIGEST_LENGTH;
-}
-
-static const __ops_hash_t sha256 = {
- OPS_HASH_SHA256,
- SHA256_DIGEST_LENGTH,
- "SHA256",
- sha256_init,
- sha256_add,
- sha256_finish,
- NULL
-};
-
-void
-__ops_hash_sha256(__ops_hash_t *hash)
-{
- *hash = sha256;
-}
-
-/*
- * SHA384
- */
-static int
-sha384_init(__ops_hash_t *hash)
-{
- if (hash->data) {
- (void) fprintf(stderr, "sha384_init: hash data non-null\n");
- }
- if ((hash->data = calloc(1, sizeof(SHA512_CTX))) == NULL) {
- (void) fprintf(stderr, "sha384_init: bad alloc\n");
- return 0;
- }
- SHA384_Init(hash->data);
- return 1;
-}
-
-static void
-sha384_add(__ops_hash_t *hash, const uint8_t *data, unsigned length)
-{
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "sha384_add", data, length);
- }
- SHA384_Update(hash->data, data, length);
-}
-
-static unsigned
-sha384_finish(__ops_hash_t *hash, uint8_t *out)
-{
- SHA384_Final(out, hash->data);
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "sha384_finish", out, SHA384_DIGEST_LENGTH);
- }
- free(hash->data);
- hash->data = NULL;
- return SHA384_DIGEST_LENGTH;
-}
-
-static const __ops_hash_t sha384 = {
- OPS_HASH_SHA384,
- SHA384_DIGEST_LENGTH,
- "SHA384",
- sha384_init,
- sha384_add,
- sha384_finish,
- NULL
-};
-
-void
-__ops_hash_sha384(__ops_hash_t *hash)
-{
- *hash = sha384;
-}
-
-/*
- * SHA512
- */
-static int
-sha512_init(__ops_hash_t *hash)
-{
- if (hash->data) {
- (void) fprintf(stderr, "sha512_init: hash data non-null\n");
- }
- if ((hash->data = calloc(1, sizeof(SHA512_CTX))) == NULL) {
- (void) fprintf(stderr, "sha512_init: bad alloc\n");
- return 0;
- }
- SHA512_Init(hash->data);
- return 1;
-}
-
-static void
-sha512_add(__ops_hash_t *hash, const uint8_t *data, unsigned length)
-{
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "sha512_add", data, length);
- }
- SHA512_Update(hash->data, data, length);
-}
-
-static unsigned
-sha512_finish(__ops_hash_t *hash, uint8_t *out)
-{
- SHA512_Final(out, hash->data);
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "sha512_finish", out, SHA512_DIGEST_LENGTH);
- }
- free(hash->data);
- hash->data = NULL;
- return SHA512_DIGEST_LENGTH;
-}
-
-static const __ops_hash_t sha512 = {
- OPS_HASH_SHA512,
- SHA512_DIGEST_LENGTH,
- "SHA512",
- sha512_init,
- sha512_add,
- sha512_finish,
- NULL
-};
-
-void
-__ops_hash_sha512(__ops_hash_t *hash)
-{
- *hash = sha512;
-}
-
-/*
- * SHA224
- */
-
-static int
-sha224_init(__ops_hash_t *hash)
-{
- if (hash->data) {
- (void) fprintf(stderr, "sha224_init: hash data non-null\n");
- }
- if ((hash->data = calloc(1, sizeof(SHA256_CTX))) == NULL) {
- (void) fprintf(stderr, "sha256_init: bad alloc\n");
- return 0;
- }
- SHA224_Init(hash->data);
- return 1;
-}
-
-static void
-sha224_add(__ops_hash_t *hash, const uint8_t *data, unsigned length)
-{
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "sha224_add", data, length);
- }
- SHA224_Update(hash->data, data, length);
-}
-
-static unsigned
-sha224_finish(__ops_hash_t *hash, uint8_t *out)
-{
- SHA224_Final(out, hash->data);
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "sha224_finish", out, SHA224_DIGEST_LENGTH);
- }
- free(hash->data);
- hash->data = NULL;
- return SHA224_DIGEST_LENGTH;
-}
-
-static const __ops_hash_t sha224 = {
- OPS_HASH_SHA224,
- SHA224_DIGEST_LENGTH,
- "SHA224",
- sha224_init,
- sha224_add,
- sha224_finish,
- NULL
-};
-
-void
-__ops_hash_sha224(__ops_hash_t *hash)
-{
- *hash = sha224;
-}
-
-unsigned
-__ops_dsa_verify(const uint8_t *hash, size_t hash_length,
- const __ops_dsa_sig_t *sig,
- const __ops_dsa_pubkey_t *dsa)
-{
- unsigned qlen;
- DSA_SIG *osig;
- DSA *odsa;
- int ret;
-
- osig = DSA_SIG_new();
- osig->r = sig->r;
- osig->s = sig->s;
-
- odsa = DSA_new();
- odsa->p = dsa->p;
- odsa->q = dsa->q;
- odsa->g = dsa->g;
- odsa->pub_key = dsa->y;
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "input hash", hash, hash_length);
- (void) fprintf(stderr, "Q=%d\n", BN_num_bytes(odsa->q));
- }
- if ((qlen = (unsigned)BN_num_bytes(odsa->q)) < hash_length) {
- hash_length = qlen;
- }
- ret = DSA_do_verify(hash, (int)hash_length, osig, odsa);
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr, "ret=%d\n", ret);
- }
- if (ret < 0) {
- (void) fprintf(stderr, "__ops_dsa_verify: DSA verification\n");
- return 0;
- }
-
- odsa->p = odsa->q = odsa->g = odsa->pub_key = NULL;
- DSA_free(odsa);
-
- osig->r = osig->s = NULL;
- DSA_SIG_free(osig);
-
- return (unsigned)ret;
-}
-
-/**
- \ingroup Core_Crypto
- \brief Recovers message digest from the signature
- \param out Where to write decrypted data to
- \param in Encrypted data
- \param length Length of encrypted data
- \param pubkey RSA public key
- \return size of recovered message digest
-*/
-int
-__ops_rsa_public_decrypt(uint8_t *out,
- const uint8_t *in,
- size_t length,
- const __ops_rsa_pubkey_t *pubkey)
-{
- RSA *orsa;
- int n;
-
- orsa = RSA_new();
- orsa->n = pubkey->n;
- orsa->e = pubkey->e;
-
- n = RSA_public_decrypt((int)length, in, out, orsa, RSA_NO_PADDING);
-
- orsa->n = orsa->e = NULL;
- RSA_free(orsa);
-
- return n;
-}
-
-/**
- \ingroup Core_Crypto
- \brief Signs data with RSA
- \param out Where to write signature
- \param in Data to sign
- \param length Length of data
- \param seckey RSA secret key
- \param pubkey RSA public key
- \return number of bytes decrypted
-*/
-int
-__ops_rsa_private_encrypt(uint8_t *out,
- const uint8_t *in,
- size_t length,
- const __ops_rsa_seckey_t *seckey,
- const __ops_rsa_pubkey_t *pubkey)
-{
- RSA *orsa;
- int n;
-
- orsa = RSA_new();
- orsa->n = BN_dup(pubkey->n);
- orsa->d = seckey->d;
- orsa->p = seckey->q; /* p and q are round the other way in openssl */
- orsa->q = seckey->p;
-
- /* debug */
- orsa->e = BN_dup(pubkey->e);
- /* If this isn't set, it's very likely that the programmer hasn't */
- /* decrypted the secret key. RSA_check_key segfaults in that case. */
- /* Use __ops_decrypt_seckey() to do that. */
- if (orsa->d == NULL) {
- (void) fprintf(stderr, "orsa is not set\n");
- return 0;
- }
- if (RSA_check_key(orsa) != 1) {
- (void) fprintf(stderr, "RSA_check_key is not set\n");
- return 0;
- }
- /* end debug */
-
- n = RSA_private_encrypt((int)length, in, out, orsa, RSA_NO_PADDING);
-
- orsa->n = orsa->d = orsa->p = orsa->q = NULL;
- RSA_free(orsa);
-
- return n;
-}
-
-/**
-\ingroup Core_Crypto
-\brief Decrypts RSA-encrypted data
-\param out Where to write the plaintext
-\param in Encrypted data
-\param length Length of encrypted data
-\param seckey RSA secret key
-\param pubkey RSA public key
-\return size of recovered plaintext
-*/
-int
-__ops_rsa_private_decrypt(uint8_t *out,
- const uint8_t *in,
- size_t length,
- const __ops_rsa_seckey_t *seckey,
- const __ops_rsa_pubkey_t *pubkey)
-{
- RSA *keypair;
- int n;
- char errbuf[1024];
-
- keypair = RSA_new();
- keypair->n = pubkey->n; /* XXX: do we need n? */
- keypair->d = seckey->d;
- keypair->p = seckey->q;
- keypair->q = seckey->p;
-
- /* debug */
- keypair->e = pubkey->e;
- if (RSA_check_key(keypair) != 1) {
- (void) fprintf(stderr, "RSA_check_key is not set\n");
- return 0;
- }
- /* end debug */
-
- n = RSA_private_decrypt((int)length, in, out, keypair, RSA_NO_PADDING);
-
- if (__ops_get_debug_level(__FILE__)) {
- printf("__ops_rsa_private_decrypt: n=%d\n",n);
- }
-
- errbuf[0] = '\0';
- if (n == -1) {
- unsigned long err = ERR_get_error();
-
- ERR_error_string(err, &errbuf[0]);
- (void) fprintf(stderr, "openssl error : %s\n", errbuf);
- }
- keypair->n = keypair->d = keypair->p = keypair->q = NULL;
- RSA_free(keypair);
-
- return n;
-}
-
-/**
- \ingroup Core_Crypto
- \brief RSA-encrypts data
- \param out Where to write the encrypted data
- \param in Plaintext
- \param length Size of plaintext
- \param pubkey RSA Public Key
-*/
-int
-__ops_rsa_public_encrypt(uint8_t *out,
- const uint8_t *in,
- size_t length,
- const __ops_rsa_pubkey_t *pubkey)
-{
- RSA *orsa;
- int n;
-
- /* printf("__ops_rsa_public_encrypt: length=%ld\n", length); */
-
- orsa = RSA_new();
- orsa->n = pubkey->n;
- orsa->e = pubkey->e;
-
- /* printf("len: %ld\n", length); */
- /* __ops_print_bn("n: ", orsa->n); */
- /* __ops_print_bn("e: ", orsa->e); */
- n = RSA_public_encrypt((int)length, in, out, orsa, RSA_NO_PADDING);
-
- if (n == -1) {
- BIO *fd_out;
-
- fd_out = BIO_new_fd(fileno(stderr), BIO_NOCLOSE);
- ERR_print_errors(fd_out);
- }
- orsa->n = orsa->e = NULL;
- RSA_free(orsa);
-
- return n;
-}
-
-/**
- \ingroup Core_Crypto
- \brief Finalise openssl
- \note Would usually call __ops_finish() instead
- \sa __ops_finish()
-*/
-void
-__ops_crypto_finish(void)
-{
- CRYPTO_cleanup_all_ex_data();
- ERR_remove_state((unsigned long)0);
-}
-
-/**
- \ingroup Core_Hashes
- \brief Get Hash name
- \param hash Hash struct
- \return Hash name
-*/
-const char *
-__ops_text_from_hash(__ops_hash_t *hash)
-{
- return hash->name;
-}
-
-/**
- \ingroup HighLevel_KeyGenerate
- \brief Generates an RSA keypair
- \param numbits Modulus size
- \param e Public Exponent
- \param keydata Pointer to keydata struct to hold new key
- \return 1 if key generated successfully; otherwise 0
- \note It is the caller's responsibility to call __ops_keydata_free(keydata)
-*/
-static unsigned
-rsa_generate_keypair(__ops_key_t *keydata,
- const int numbits,
- const unsigned long e,
- const char *hashalg,
- const char *cipher)
-{
- __ops_seckey_t *seckey;
- RSA *rsa;
- BN_CTX *ctx;
- __ops_output_t *output;
- __ops_memory_t *mem;
-
- ctx = BN_CTX_new();
- __ops_keydata_init(keydata, OPS_PTAG_CT_SECRET_KEY);
- seckey = __ops_get_writable_seckey(keydata);
-
- /* generate the key pair */
-
- rsa = RSA_generate_key(numbits, e, NULL, NULL);
-
- /* populate __ops key from ssl key */
-
- seckey->pubkey.version = OPS_V4;
- seckey->pubkey.birthtime = time(NULL);
- seckey->pubkey.days_valid = 0;
- seckey->pubkey.alg = OPS_PKA_RSA;
-
- seckey->pubkey.key.rsa.n = BN_dup(rsa->n);
- seckey->pubkey.key.rsa.e = BN_dup(rsa->e);
-
- seckey->s2k_usage = OPS_S2KU_ENCRYPTED_AND_HASHED;
- seckey->s2k_specifier = OPS_S2KS_SALTED;
- /* seckey->s2k_specifier=OPS_S2KS_SIMPLE; */
- if ((seckey->hash_alg = __ops_str_to_hash_alg(hashalg)) == OPS_HASH_UNKNOWN) {
- seckey->hash_alg = OPS_HASH_SHA1;
- }
- seckey->alg = __ops_str_to_cipher(cipher);
- seckey->octetc = 0;
- seckey->checksum = 0;
-
- seckey->key.rsa.d = BN_dup(rsa->d);
- seckey->key.rsa.p = BN_dup(rsa->p);
- seckey->key.rsa.q = BN_dup(rsa->q);
- seckey->key.rsa.u = BN_mod_inverse(NULL, rsa->p, rsa->q, ctx);
- if (seckey->key.rsa.u == NULL) {
- (void) fprintf(stderr, "seckey->key.rsa.u is NULL\n");
- return 0;
- }
- BN_CTX_free(ctx);
-
- RSA_free(rsa);
-
- __ops_keyid(keydata->sigid, OPS_KEY_ID_SIZE, &keydata->key.seckey.pubkey, seckey->hash_alg);
- __ops_fingerprint(&keydata->sigfingerprint, &keydata->key.seckey.pubkey, seckey->hash_alg);
-
- /* Generate checksum */
-
- output = NULL;
- mem = NULL;
-
- __ops_setup_memory_write(&output, &mem, 128);
-
- __ops_push_checksum_writer(output, seckey);
-
- switch (seckey->pubkey.alg) {
- case OPS_PKA_DSA:
- return __ops_write_mpi(output, seckey->key.dsa.x);
- case OPS_PKA_RSA:
- case OPS_PKA_RSA_ENCRYPT_ONLY:
- case OPS_PKA_RSA_SIGN_ONLY:
- if (!__ops_write_mpi(output, seckey->key.rsa.d) ||
- !__ops_write_mpi(output, seckey->key.rsa.p) ||
- !__ops_write_mpi(output, seckey->key.rsa.q) ||
- !__ops_write_mpi(output, seckey->key.rsa.u)) {
- return 0;
- }
- break;
- case OPS_PKA_ELGAMAL:
- return __ops_write_mpi(output, seckey->key.elgamal.x);
-
- default:
- (void) fprintf(stderr, "Bad seckey->pubkey.alg\n");
- return 0;
- }
-
- /* close rather than pop, since its the only one on the stack */
- __ops_writer_close(output);
- __ops_teardown_memory_write(output, mem);
-
- /* should now have checksum in seckey struct */
-
- /* test */
- if (__ops_get_debug_level(__FILE__)) {
- test_seckey(seckey);
- }
-
- return 1;
-}
-
-/**
- \ingroup HighLevel_KeyGenerate
- \brief Creates a self-signed RSA keypair
- \param numbits Modulus size
- \param e Public Exponent
- \param userid User ID
- \return The new keypair or NULL
-
- \note It is the caller's responsibility to call __ops_keydata_free(keydata)
- \sa rsa_generate_keypair()
- \sa __ops_keydata_free()
-*/
-__ops_key_t *
-__ops_rsa_new_selfsign_key(const int numbits,
- const unsigned long e,
- uint8_t *userid,
- const char *hashalg,
- const char *cipher)
-{
- __ops_key_t *keydata;
-
- keydata = __ops_keydata_new();
- if (!rsa_generate_keypair(keydata, numbits, e, hashalg, cipher) ||
- !__ops_add_selfsigned_userid(keydata, userid)) {
- __ops_keydata_free(keydata);
- return NULL;
- }
- return keydata;
-}
-
-DSA_SIG *
-__ops_dsa_sign(uint8_t *hashbuf,
- unsigned hashsize,
- const __ops_dsa_seckey_t *secdsa,
- const __ops_dsa_pubkey_t *pubdsa)
-{
- DSA_SIG *dsasig;
- DSA *odsa;
-
- odsa = DSA_new();
- odsa->p = pubdsa->p;
- odsa->q = pubdsa->q;
- odsa->g = pubdsa->g;
- odsa->pub_key = pubdsa->y;
- odsa->priv_key = secdsa->x;
-
- dsasig = DSA_do_sign(hashbuf, (int)hashsize, odsa);
-
- odsa->p = odsa->q = odsa->g = odsa->pub_key = odsa->priv_key = NULL;
- DSA_free(odsa);
-
- return dsasig;
-}
-
-int
-openssl_read_pem_seckey(const char *f, __ops_key_t *key, const char *type, int verbose)
-{
- FILE *fp;
- char prompt[BUFSIZ];
- char *pass;
- DSA *dsa;
- RSA *rsa;
- int ok;
-
- OpenSSL_add_all_algorithms();
- if ((fp = fopen(f, "r")) == NULL) {
- if (verbose) {
- (void) fprintf(stderr, "can't open '%s'\n", f);
- }
- return 0;
- }
- ok = 1;
- if (strcmp(type, "ssh-rsa") == 0) {
- if ((rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL)) == NULL) {
- (void) snprintf(prompt, sizeof(prompt), "netpgp PEM %s passphrase: ", f);
- do {
- pass = getpass(prompt);
- rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, pass);
- } while (rsa == NULL);
- }
- key->key.seckey.key.rsa.d = rsa->d;
- key->key.seckey.key.rsa.p = rsa->p;
- key->key.seckey.key.rsa.q = rsa->q;
- key->key.seckey.key.rsa.d = rsa->d;
- } else if (strcmp(type, "ssh-dss") == 0) {
- if ((dsa = PEM_read_DSAPrivateKey(fp, NULL, NULL, NULL)) == NULL) {
- ok = 0;
- } else {
- key->key.seckey.key.dsa.x = dsa->priv_key;
- }
- } else {
- ok = 0;
- }
- (void) fclose(fp);
- return ok;
-}
-
-/*
- * Decide the number of bits in the random componont k
- *
- * It should be in the same range as p for signing (which
- * is deprecated), but can be much smaller for encrypting.
- *
- * Until I research it further, I just mimic gpg behaviour.
- * It has a special mapping table, for values <= 5120,
- * above that it uses 'arbitrary high number'. Following
- * algorihm hovers 10-70 bits above gpg values. And for
- * larger p, it uses gpg's algorihm.
- *
- * The point is - if k gets large, encryption will be
- * really slow. It does not matter for decryption.
- */
-static int
-decide_k_bits(int p_bits)
-{
- return (p_bits <= 5120) ? p_bits / 10 + 160 : (p_bits / 8 + 200) * 3 / 2;
-}
-
-int
-__ops_elgamal_public_encrypt(uint8_t *g_to_k, uint8_t *encm,
- const uint8_t *in,
- size_t size,
- const __ops_elgamal_pubkey_t *pubkey)
-{
- int ret = 0;
- int k_bits;
- BIGNUM *m;
- BIGNUM *p;
- BIGNUM *g;
- BIGNUM *y;
- BIGNUM *k;
- BIGNUM *yk;
- BIGNUM *c1;
- BIGNUM *c2;
- BN_CTX *tmp;
-
- m = BN_bin2bn(in, (int)size, NULL);
- p = pubkey->p;
- g = pubkey->g;
- y = pubkey->y;
- k = BN_new();
- yk = BN_new();
- c1 = BN_new();
- c2 = BN_new();
- tmp = BN_CTX_new();
- if (!m || !p || !g || !y || !k || !yk || !c1 || !c2 || !tmp) {
- goto done;
- }
- /*
- * generate k
- */
- k_bits = decide_k_bits(BN_num_bits(p));
- if (!BN_rand(k, k_bits, 0, 0)) {
- goto done;
- }
- /*
- * c1 = g^k c2 = m * y^k
- */
- if (!BN_mod_exp(c1, g, k, p, tmp)) {
- goto done;
- }
- if (!BN_mod_exp(yk, y, k, p, tmp)) {
- goto done;
- }
- if (!BN_mod_mul(c2, m, yk, p, tmp)) {
- goto done;
- }
- /* result */
- BN_bn2bin(c1, g_to_k);
- ret = BN_num_bytes(c1); /* c1 = g^k */
- BN_bn2bin(c2, encm);
- ret += BN_num_bytes(c2); /* c2 = m * y^k */
-done:
- if (tmp) {
- BN_CTX_free(tmp);
- }
- if (c2) {
- BN_clear_free(c2);
- }
- if (c1) {
- BN_clear_free(c1);
- }
- if (yk) {
- BN_clear_free(yk);
- }
- if (k) {
- BN_clear_free(k);
- }
- if (g) {
- BN_clear_free(g);
- }
- return ret;
-}
-
-int
-__ops_elgamal_private_decrypt(uint8_t *out,
- const uint8_t *g_to_k,
- const uint8_t *in,
- size_t length,
- const __ops_elgamal_seckey_t *seckey,
- const __ops_elgamal_pubkey_t *pubkey)
-{
- BIGNUM *bndiv;
- BIGNUM *c1x;
- BN_CTX *tmp;
- BIGNUM *c1;
- BIGNUM *c2;
- BIGNUM *p;
- BIGNUM *x;
- BIGNUM *m;
- int ret;
-
- ret = 0;
- /* c1 and c2 are in g_to_k and in, respectively*/
- c1 = BN_bin2bn(g_to_k, (int)length, NULL);
- c2 = BN_bin2bn(in, (int)length, NULL);
- /* other bits */
- p = pubkey->p;
- x = seckey->x;
- c1x = BN_new();
- bndiv = BN_new();
- m = BN_new();
- tmp = BN_CTX_new();
- if (!c1 || !c2 || !p || !x || !c1x || !bndiv || !m || !tmp) {
- goto done;
- }
- /*
- * m = c2 / (c1^x)
- */
- if (!BN_mod_exp(c1x, c1, x, p, tmp)) {
- goto done;
- }
- if (!BN_mod_inverse(bndiv, c1x, p, tmp)) {
- goto done;
- }
- if (!BN_mod_mul(m, c2, bndiv, p, tmp)) {
- goto done;
- }
- /* result */
- ret = BN_bn2bin(m, out);
-done:
- if (tmp) {
- BN_CTX_free(tmp);
- }
- if (m) {
- BN_clear_free(m);
- }
- if (bndiv) {
- BN_clear_free(bndiv);
- }
- if (c1x) {
- BN_clear_free(c1x);
- }
- if (x) {
- BN_clear_free(x);
- }
- if (p) {
- BN_clear_free(p);
- }
- if (c1) {
- BN_clear_free(c1);
- }
- if (c2) {
- BN_clear_free(c2);
- }
- return ret;
-}
diff --git a/enzevalos_iphone/netpgp/lib/ops-ssh.h b/enzevalos_iphone/netpgp/lib/ops-ssh.h
deleted file mode 100644
index c73f1156..00000000
--- a/enzevalos_iphone/netpgp/lib/ops-ssh.h
+++ /dev/null
@@ -1,41 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-#ifndef OPS_SSH_H_
-#define OPS_SSH_H_
-
-#include "keyring.h"
-#include "types.h"
-
-int __ops_ssh2pubkey(__ops_io_t *, const char *, __ops_key_t *, __ops_hash_alg_t);
-int __ops_ssh2seckey(__ops_io_t *, const char *, __ops_key_t *, __ops_pubkey_t *, __ops_hash_alg_t);
-
-int __ops_ssh2_readkeys(__ops_io_t *, __ops_keyring_t *, __ops_keyring_t *,
- const char *, const char *, unsigned);
-
-#endif
diff --git a/enzevalos_iphone/netpgp/lib/packet-parse.c b/enzevalos_iphone/netpgp/lib/packet-parse.c
deleted file mode 100644
index 4b001bc3..00000000
--- a/enzevalos_iphone/netpgp/lib/packet-parse.c
+++ /dev/null
@@ -1,3494 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- * \brief Parser for OpenPGP packets
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-#if defined(__NetBSD__)
-__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: packet-parse.c,v 1.44 2010/11/07 06:56:52 agc Exp $");
-#endif
-
-#ifdef HAVE_OPENSSL_CAST_H
-#include <openssl/cast.h>
-#endif
-
-#include <stdarg.h>
-#include <stdlib.h>
-#include <string.h>
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_LIMITS_H
-#include <limits.h>
-#endif
-
-#include "packet.h"
-#include "packet-parse.h"
-#include "keyring.h"
-#include "errors.h"
-#include "packet-show.h"
-#include "create.h"
-#include "readerwriter.h"
-#include "netpgpdefs.h"
-#include "crypto.h"
-#include "netpgpdigest.h"
-
-#define ERRP(cbinfo, cont, err) do { \
- cont.u.error = err; \
- CALLBACK(OPS_PARSER_ERROR, cbinfo, &cont); \
- return 0; \
- /*NOTREACHED*/ \
-} while(/*CONSTCOND*/0)
-
-/**
- * limread_data reads the specified amount of the subregion's data
- * into a data_t structure
- *
- * \param data Empty structure which will be filled with data
- * \param len Number of octets to read
- * \param subregion
- * \param stream How to parse
- *
- * \return 1 on success, 0 on failure
- */
-static int
-limread_data(__ops_data_t *data, unsigned len,
- __ops_region_t *subregion, __ops_stream_t *stream)
-{
- data->len = len;
-
- if (subregion->length - subregion->readc < len) {
- (void) fprintf(stderr, "limread_data: bad length\n");
- return 0;
- }
-
- data->contents = calloc(1, data->len);
- if (!data->contents) {
- return 0;
- }
-
- return __ops_limited_read(data->contents, data->len, subregion,
- &stream->errors, &stream->readinfo, &stream->cbinfo);
-}
-
-/**
- * read_data reads the remainder of the subregion's data
- * into a data_t structure
- *
- * \param data
- * \param subregion
- * \param stream
- *
- * \return 1 on success, 0 on failure
- */
-static int
-read_data(__ops_data_t *data, __ops_region_t *region, __ops_stream_t *stream)
-{
- int cc;
-
- cc = region->length - region->readc;
- return (cc >= 0) ? limread_data(data, (unsigned)cc, region, stream) : 0;
-}
-
-/**
- * Reads the remainder of the subregion as a string.
- * It is the user's responsibility to free the memory allocated here.
- */
-
-static int
-read_unsig_str(uint8_t **str, __ops_region_t *subregion,
- __ops_stream_t *stream)
-{
- size_t len;
-
- len = subregion->length - subregion->readc;
- if ((*str = calloc(1, len + 1)) == NULL) {
- return 0;
- }
- if (len &&
- !__ops_limited_read(*str, len, subregion, &stream->errors,
- &stream->readinfo, &stream->cbinfo)) {
- return 0;
- }
- (*str)[len] = '\0';
- return 1;
-}
-
-static int
-read_string(char **str, __ops_region_t *subregion, __ops_stream_t *stream)
-{
- return read_unsig_str((uint8_t **) str, subregion, stream);
-}
-
-void
-__ops_init_subregion(__ops_region_t *subregion, __ops_region_t *region)
-{
- (void) memset(subregion, 0x0, sizeof(*subregion));
- subregion->parent = region;
-}
-
-/*
- * XXX: replace __ops_ptag_t with something more appropriate for limiting reads
- */
-
-/**
- * low-level function to read data from reader function
- *
- * Use this function, rather than calling the reader directly.
- *
- * If the accumulate flag is set in *stream, the function
- * adds the read data to the accumulated data, and updates
- * the accumulated length. This is useful if, for example,
- * the application wants access to the raw data as well as the
- * parsed data.
- *
- * This function will also try to read the entire amount asked for, but not
- * if it is over INT_MAX. Obviously many callers will know that they
- * never ask for that much and so can avoid the extra complexity of
- * dealing with return codes and filled-in lengths.
- *
- * \param *dest
- * \param *plength
- * \param flags
- * \param *stream
- *
- * \return OPS_R_OK
- * \return OPS_R_PARTIAL_READ
- * \return OPS_R_EOF
- * \return OPS_R_EARLY_EOF
- *
- * \sa #__ops_reader_ret_t for details of return codes
- */
-
-static int
-sub_base_read(void *dest, size_t length, __ops_error_t **errors,
- __ops_reader_t *readinfo, __ops_cbdata_t *cbinfo)
-{
- size_t n;
-
- /* reading more than this would look like an error */
- if (length > INT_MAX)
- length = INT_MAX;
-
- for (n = 0; n < length;) {
- int r;
-
- r = readinfo->reader((char *) dest + n, length - n, errors,
- readinfo, cbinfo);
- if (r > (int)(length - n)) {
- (void) fprintf(stderr, "sub_base_read: bad read\n");
- return 0;
- }
- if (r < 0) {
- return r;
- }
- if (r == 0) {
- break;
- }
- n += (unsigned)r;
- }
-
- if (n == 0) {
- return 0;
- }
- if (readinfo->accumulate) {
- if (readinfo->asize < readinfo->alength) {
- (void) fprintf(stderr, "sub_base_read: bad size\n");
- return 0;
- }
- if (readinfo->alength + n > readinfo->asize) {
- uint8_t *temp;
-
- readinfo->asize = (readinfo->asize * 2) + (unsigned)n;
- temp = realloc(readinfo->accumulated, readinfo->asize);
- if (temp == NULL) {
- (void) fprintf(stderr,
- "sub_base_read: bad alloc\n");
- return 0;
- }
- readinfo->accumulated = temp;
- }
- if (readinfo->asize < readinfo->alength + n) {
- (void) fprintf(stderr, "sub_base_read: bad realloc\n");
- return 0;
- }
- (void) memcpy(readinfo->accumulated + readinfo->alength, dest,
- n);
- }
- /* we track length anyway, because it is used for packet offsets */
- readinfo->alength += (unsigned)n;
- /* and also the position */
- readinfo->position += (unsigned)n;
-
- return (int)n;
-}
-
-int
-__ops_stacked_read(void *dest, size_t length, __ops_error_t **errors,
- __ops_reader_t *readinfo, __ops_cbdata_t *cbinfo)
-{
- return sub_base_read(dest, length, errors, readinfo->next, cbinfo);
-}
-
-/* This will do a full read so long as length < MAX_INT */
-static int
-base_read(uint8_t *dest, size_t length, __ops_stream_t *stream)
-{
- return sub_base_read(dest, length, &stream->errors, &stream->readinfo,
- &stream->cbinfo);
-}
-
-/*
- * Read a full size_t's worth. If the return is < than length, then
- * *last_read tells you why - < 0 for an error, == 0 for EOF
- */
-
-static size_t
-full_read(uint8_t *dest,
- size_t length,
- int *last_read,
- __ops_error_t **errors,
- __ops_reader_t *readinfo,
- __ops_cbdata_t *cbinfo)
-{
- size_t t;
- int r = 0; /* preset in case some loon calls with length
- * == 0 */
-
- for (t = 0; t < length;) {
- r = sub_base_read(dest + t, length - t, errors, readinfo,
- cbinfo);
- if (r <= 0) {
- *last_read = r;
- return t;
- }
- t += (size_t)r;
- }
-
- *last_read = r;
-
- return t;
-}
-
-
-
-/** Read a scalar value of selected length from reader.
- *
- * Read an unsigned scalar value from reader in Big Endian representation.
- *
- * This function does not know or care about packet boundaries. It
- * also assumes that an EOF is an error.
- *
- * \param *result The scalar value is stored here
- * \param *reader Our reader
- * \param length How many bytes to read
- * \return 1 on success, 0 on failure
- */
-static unsigned
-_read_scalar(unsigned *result, unsigned length,
- __ops_stream_t *stream)
-{
- unsigned t = 0;
-
- if (length > sizeof(*result)) {
- (void) fprintf(stderr, "_read_scalar: bad length\n");
- return 0;
- }
-
- while (length--) {
- uint8_t c;
- int r;
-
- r = base_read(&c, 1, stream);
- if (r != 1)
- return 0;
- t = (t << 8) + c;
- }
-
- *result = t;
- return 1;
-}
-
-/**
- * \ingroup Core_ReadPackets
- * \brief Read bytes from a region within the packet.
- *
- * Read length bytes into the buffer pointed to by *dest.
- * Make sure we do not read over the packet boundary.
- * Updates the Packet Tag's __ops_ptag_t::readc.
- *
- * If length would make us read over the packet boundary, or if
- * reading fails, we call the callback with an error.
- *
- * Note that if the region is indeterminate, this can return a short
- * read - check region->last_read for the length. EOF is indicated by
- * a success return and region->last_read == 0 in this case (for a
- * region of known length, EOF is an error).
- *
- * This function makes sure to respect packet boundaries.
- *
- * \param dest The destination buffer
- * \param length How many bytes to read
- * \param region Pointer to packet region
- * \param errors Error stack
- * \param readinfo Reader info
- * \param cbinfo Callback info
- * \return 1 on success, 0 on error
- */
-unsigned
-__ops_limited_read(uint8_t *dest,
- size_t length,
- __ops_region_t *region,
- __ops_error_t **errors,
- __ops_reader_t *readinfo,
- __ops_cbdata_t *cbinfo)
-{
- size_t r;
- int lr;
-
- if (!region->indeterminate &&
- region->readc + length > region->length) {
- OPS_ERROR(errors, OPS_E_P_NOT_ENOUGH_DATA, "Not enough data");
- return 0;
- }
- r = full_read(dest, length, &lr, errors, readinfo, cbinfo);
- if (lr < 0) {
- OPS_ERROR(errors, OPS_E_R_READ_FAILED, "Read failed");
- return 0;
- }
- if (!region->indeterminate && r != length) {
- OPS_ERROR(errors, OPS_E_R_READ_FAILED, "Read failed");
- return 0;
- }
- region->last_read = (unsigned)r;
- do {
- region->readc += (unsigned)r;
- if (region->parent && region->length > region->parent->length) {
- (void) fprintf(stderr,
- "ops_limited_read: bad length\n");
- return 0;
- }
- } while ((region = region->parent) != NULL);
- return 1;
-}
-
-/**
- \ingroup Core_ReadPackets
- \brief Call __ops_limited_read on next in stack
-*/
-unsigned
-__ops_stacked_limited_read(uint8_t *dest, unsigned length,
- __ops_region_t *region,
- __ops_error_t **errors,
- __ops_reader_t *readinfo,
- __ops_cbdata_t *cbinfo)
-{
- return __ops_limited_read(dest, length, region, errors,
- readinfo->next, cbinfo);
-}
-
-static unsigned
-limread(uint8_t *dest, unsigned length,
- __ops_region_t *region, __ops_stream_t *info)
-{
- return __ops_limited_read(dest, length, region, &info->errors,
- &info->readinfo, &info->cbinfo);
-}
-
-static unsigned
-exact_limread(uint8_t *dest, unsigned len,
- __ops_region_t *region,
- __ops_stream_t *stream)
-{
- unsigned ret;
-
- stream->exact_read = 1;
- ret = limread(dest, len, region, stream);
- stream->exact_read = 0;
- return ret;
-}
-
-/** Skip over length bytes of this packet.
- *
- * Calls limread() to skip over some data.
- *
- * This function makes sure to respect packet boundaries.
- *
- * \param length How many bytes to skip
- * \param *region Pointer to packet region
- * \param *stream How to parse
- * \return 1 on success, 0 on error (calls the cb with OPS_PARSER_ERROR in limread()).
- */
-static int
-limskip(unsigned length, __ops_region_t *region, __ops_stream_t *stream)
-{
- uint8_t buf[NETPGP_BUFSIZ];
-
- while (length > 0) {
- unsigned n = length % NETPGP_BUFSIZ;
-
- if (!limread(buf, n, region, stream)) {
- return 0;
- }
- length -= n;
- }
- return 1;
-}
-
-/** Read a scalar.
- *
- * Read a big-endian scalar of length bytes, respecting packet
- * boundaries (by calling limread() to read the raw data).
- *
- * This function makes sure to respect packet boundaries.
- *
- * \param *dest The scalar value is stored here
- * \param length How many bytes make up this scalar (at most 4)
- * \param *region Pointer to current packet region
- * \param *stream How to parse
- * \param *cb The callback
- * \return 1 on success, 0 on error (calls the cb with OPS_PARSER_ERROR in limread()).
- *
- * \see RFC4880 3.1
- */
-static int
-limread_scalar(unsigned *dest,
- unsigned len,
- __ops_region_t *region,
- __ops_stream_t *stream)
-{
- uint8_t c[4] = "";
- unsigned t;
- unsigned n;
-
- if (len > 4) {
- (void) fprintf(stderr, "limread_scalar: bad length\n");
- return 0;
- }
- /*LINTED*/
- if (/*CONSTCOND*/sizeof(*dest) < 4) {
- (void) fprintf(stderr, "limread_scalar: bad dest\n");
- return 0;
- }
- if (!limread(c, len, region, stream)) {
- return 0;
- }
- for (t = 0, n = 0; n < len; ++n) {
- t = (t << 8) + c[n];
- }
- *dest = t;
- return 1;
-}
-
-/** Read a scalar.
- *
- * Read a big-endian scalar of length bytes, respecting packet
- * boundaries (by calling limread() to read the raw data).
- *
- * The value read is stored in a size_t, which is a different size
- * from an unsigned on some platforms.
- *
- * This function makes sure to respect packet boundaries.
- *
- * \param *dest The scalar value is stored here
- * \param length How many bytes make up this scalar (at most 4)
- * \param *region Pointer to current packet region
- * \param *stream How to parse
- * \param *cb The callback
- * \return 1 on success, 0 on error (calls the cb with OPS_PARSER_ERROR in limread()).
- *
- * \see RFC4880 3.1
- */
-static int
-limread_size_t(size_t *dest,
- unsigned length,
- __ops_region_t *region,
- __ops_stream_t *stream)
-{
- unsigned tmp;
-
- /*
- * Note that because the scalar is at most 4 bytes, we don't care if
- * size_t is bigger than usigned
- */
- if (!limread_scalar(&tmp, length, region, stream))
- return 0;
-
- *dest = tmp;
- return 1;
-}
-
-/** Read a timestamp.
- *
- * Timestamps in OpenPGP are unix time, i.e. seconds since The Epoch (1.1.1970). They are stored in an unsigned scalar
- * of 4 bytes.
- *
- * This function reads the timestamp using limread_scalar().
- *
- * This function makes sure to respect packet boundaries.
- *
- * \param *dest The timestamp is stored here
- * \param *ptag Pointer to current packet's Packet Tag.
- * \param *reader Our reader
- * \param *cb The callback
- * \return see limread_scalar()
- *
- * \see RFC4880 3.5
- */
-static int
-limited_read_time(time_t *dest, __ops_region_t *region,
- __ops_stream_t *stream)
-{
- uint8_t c;
- time_t mytime = 0;
- int i;
-
- /*
- * Cannot assume that time_t is 4 octets long -
- * SunOS 5.10 and NetBSD both have 64-bit time_ts.
- */
- if (/* CONSTCOND */sizeof(time_t) == 4) {
- return limread_scalar((unsigned *)(void *)dest, 4, region, stream);
- }
- for (i = 0; i < 4; i++) {
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- mytime = (mytime << 8) + c;
- }
- *dest = mytime;
- return 1;
-}
-
-/**
- * \ingroup Core_MPI
- * Read a multiprecision integer.
- *
- * Large numbers (multiprecision integers, MPI) are stored in OpenPGP in two parts. First there is a 2 byte scalar
- * indicating the length of the following MPI in Bits. Then follow the bits that make up the actual number, most
- * significant bits first (Big Endian). The most significant bit in the MPI is supposed to be 1 (unless the MPI is
- * encrypted - then it may be different as the bit count refers to the plain text but the bits are encrypted).
- *
- * Unused bits (i.e. those filling up the most significant byte from the left to the first bits that counts) are
- * supposed to be cleared - I guess. XXX - does anything actually say so?
- *
- * This function makes sure to respect packet boundaries.
- *
- * \param **pgn return the integer there - the BIGNUM is created by BN_bin2bn() and probably needs to be freed
- * by the caller XXX right ben?
- * \param *ptag Pointer to current packet's Packet Tag.
- * \param *reader Our reader
- * \param *cb The callback
- * \return 1 on success, 0 on error (by limread_scalar() or limread() or if the MPI is not properly formed (XXX
- * see comment below - the callback is called with a OPS_PARSER_ERROR in case of an error)
- *
- * \see RFC4880 3.2
- */
-static int
-limread_mpi(BIGNUM **pbn, __ops_region_t *region, __ops_stream_t *stream)
-{
- uint8_t buf[NETPGP_BUFSIZ] = "";
- /* an MPI has a 2 byte length part.
- * Length is given in bits, so the
- * largest we should ever need for
- * the buffer is NETPGP_BUFSIZ bytes. */
- unsigned length;
- unsigned nonzero;
- unsigned ret;
-
- stream->reading_mpi_len = 1;
- ret = (unsigned)limread_scalar(&length, 2, region, stream);
-
- stream->reading_mpi_len = 0;
- if (!ret)
- return 0;
-
- nonzero = length & 7; /* there should be this many zero bits in the
- * MS byte */
- if (!nonzero)
- nonzero = 8;
- length = (length + 7) / 8;
-
- if (length == 0) {
- /* if we try to read a length of 0, then fail */
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr, "limread_mpi: 0 length\n");
- }
- return 0;
- }
- if (length > NETPGP_BUFSIZ) {
- (void) fprintf(stderr, "limread_mpi: bad length\n");
- return 0;
- }
- if (!limread(buf, length, region, stream)) {
- return 0;
- }
- if (((unsigned)buf[0] >> nonzero) != 0 ||
- !((unsigned)buf[0] & (1U << (nonzero - 1U)))) {
- OPS_ERROR(&stream->errors, OPS_E_P_MPI_FORMAT_ERROR, "MPI Format error");
- /* XXX: Ben, one part of
- * this constraint does
- * not apply to
- * encrypted MPIs the
- * draft says. -- peter */
- return 0;
- }
- *pbn = BN_bin2bn(buf, (int)length, NULL);
- return 1;
-}
-
-/** Read some data with a New-Format length from reader.
- *
- * \sa Internet-Draft RFC4880.txt Section 4.2.2
- *
- * \param *length Where the decoded length will be put
- * \param *stream How to parse
- * \return 1 if OK, else 0
- *
- */
-
-static unsigned
-read_new_length(unsigned *length, unsigned* indeterminate, __ops_stream_t *stream)
-{
- uint8_t c;
- *indeterminate = 0;
- if (base_read(&c, 1, stream) != 1)
- return 0;
- if (c < 192) {
- /* 1. One-octet packet */
- *length = c;
- return 1;
- } else if (c >= 192 && c <= 223) {
- /* 2. Two-octet packet */
- unsigned t = (c - 192) << 8;
-
- if (base_read(&c, 1, stream) != 1)
- return 0;
- *length = t + c + 192;
- return 1;
- } else if (c == 255) {
- /* 3. Five-Octet packet */
- return _read_scalar(length, 4, stream);
- } else if (c >= 224 && c < 255) {
- /* 4. Partial Body Length */
- *indeterminate = 1;
- *length = 1 << (c & 0x1F);
- return 1;
- }
- return 0;
-}
-
-/** Read the length information for a new format Packet Tag.
- *
- * New style Packet Tags encode the length in one to five octets. This function reads the right amount of bytes and
- * decodes it to the proper length information.
- *
- * This function makes sure to respect packet boundaries.
- *
- * \param *length return the length here
- * \param *ptag Pointer to current packet's Packet Tag.
- * \param *reader Our reader
- * \param *cb The callback
- * \return 1 on success, 0 on error (by limread_scalar() or limread() or if the MPI is not properly formed (XXX
- * see comment below)
- *
- * \see RFC4880 4.2.2
- * \see __ops_ptag_t
- */
-static int
-limited_read_new_length(unsigned *length, unsigned* indeterminate,
- __ops_region_t *region, __ops_stream_t *stream)
-{
- uint8_t c;
- *indeterminate = 0;
- if (limread(&c, 1, region, stream) != 1)
- return 0;
- if (c < 192) {
- /* 1. One-octet packet */
- *length = c;
- return 1;
- } else if (c >= 192 && c <= 223) {
- /* 2. Two-octet packet */
- unsigned t = (c - 192) << 8;
-
- if (limread(&c, 1, region, stream) != 1)
- return 0;
- *length = t + c + 192;
- return 1;
- } else if (c == 255) {
- /* 3. Five-Octet packet */
- return limread_scalar(length, 4, region, stream);
- } else if (c >= 224 && c < 255) {
- /* 4. Partial Body Length */
- *indeterminate = 1;
- *length = 1 << (c & 0x1F);
- return 1;
- }
- return 0;
-}
-
-/**
-\ingroup Core_Create
-\brief Free allocated memory
-*/
-void
-__ops_data_free(__ops_data_t *data)
-{
- free(data->contents);
- data->contents = NULL;
- data->len = 0;
-}
-
-/**
-\ingroup Core_Create
-\brief Free allocated memory
-*/
-static void
-string_free(char **str)
-{
- free(*str);
- *str = NULL;
-}
-
-/**
-\ingroup Core_Create
-\brief Free allocated memory
-*/
-/* ! Free packet memory, set pointer to NULL */
-void
-__ops_subpacket_free(__ops_subpacket_t *packet)
-{
- free(packet->raw);
- packet->raw = NULL;
-}
-
-/**
-\ingroup Core_Create
-\brief Free allocated memory
-*/
-static void
-__ops_headers_free(__ops_headers_t *headers)
-{
- unsigned n;
-
- for (n = 0; n < headers->headerc; ++n) {
- free(headers->headers[n].key);
- free(headers->headers[n].value);
- }
- free(headers->headers);
- headers->headers = NULL;
-}
-
-/**
-\ingroup Core_Create
-\brief Free allocated memory
-*/
-static void
-cleartext_trailer_free(struct _ops_hash_t **trailer)
-{
- free(*trailer);
- *trailer = NULL;
-}
-
-/**
-\ingroup Core_Create
-\brief Free allocated memory
-*/
-static void
-__ops_cmd_get_passphrase_free(__ops_seckey_passphrase_t *skp)
-{
- if (skp->passphrase && *skp->passphrase) {
- free(*skp->passphrase);
- *skp->passphrase = NULL;
- }
-}
-
-/**
-\ingroup Core_Create
-\brief Free allocated memory
-*/
-static void
-free_BN(BIGNUM **pp)
-{
- BN_free(*pp);
- *pp = NULL;
-}
-
-/**
- * \ingroup Core_Create
- * \brief Free the memory used when parsing a signature
- * \param sig
- */
-static void
-sig_free(__ops_sig_t *sig)
-{
- switch (sig->info.key_alg) {
- case OPS_PKA_RSA:
- case OPS_PKA_RSA_SIGN_ONLY:
- free_BN(&sig->info.sig.rsa.sig);
- break;
-
- case OPS_PKA_DSA:
- free_BN(&sig->info.sig.dsa.r);
- free_BN(&sig->info.sig.dsa.s);
- break;
-
- case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
- free_BN(&sig->info.sig.elgamal.r);
- free_BN(&sig->info.sig.elgamal.s);
- break;
-
- case OPS_PKA_PRIVATE00:
- case OPS_PKA_PRIVATE01:
- case OPS_PKA_PRIVATE02:
- case OPS_PKA_PRIVATE03:
- case OPS_PKA_PRIVATE04:
- case OPS_PKA_PRIVATE05:
- case OPS_PKA_PRIVATE06:
- case OPS_PKA_PRIVATE07:
- case OPS_PKA_PRIVATE08:
- case OPS_PKA_PRIVATE09:
- case OPS_PKA_PRIVATE10:
- __ops_data_free(&sig->info.sig.unknown);
- break;
-
- default:
- (void) fprintf(stderr, "sig_free: bad sig type\n");
- }
-}
-
-/**
-\ingroup Core_Create
-\brief Free allocated memory
-*/
-/* ! Free any memory allocated when parsing the packet content */
-void
-__ops_parser_content_free(__ops_packet_t *c)
-{
- switch (c->tag) {
- case OPS_PARSER_PTAG:
- case OPS_PTAG_CT_COMPRESSED:
- case OPS_PTAG_SS_CREATION_TIME:
- case OPS_PTAG_SS_EXPIRATION_TIME:
- case OPS_PTAG_SS_KEY_EXPIRY:
- case OPS_PTAG_SS_TRUST:
- case OPS_PTAG_SS_ISSUER_KEY_ID:
- case OPS_PTAG_CT_1_PASS_SIG:
- case OPS_PTAG_SS_PRIMARY_USER_ID:
- case OPS_PTAG_SS_REVOCABLE:
- case OPS_PTAG_SS_REVOCATION_KEY:
- case OPS_PTAG_CT_LITDATA_HEADER:
- case OPS_PTAG_CT_LITDATA_BODY:
- case OPS_PTAG_CT_SIGNED_CLEARTEXT_BODY:
- case OPS_PTAG_CT_UNARMOURED_TEXT:
- case OPS_PTAG_CT_ARMOUR_TRAILER:
- case OPS_PTAG_CT_SIGNATURE_HEADER:
- case OPS_PTAG_CT_SE_DATA_HEADER:
- case OPS_PTAG_CT_SE_IP_DATA_HEADER:
- case OPS_PTAG_CT_SE_IP_DATA_BODY:
- case OPS_PTAG_CT_MDC:
- case OPS_GET_SECKEY:
- break;
-
- case OPS_PTAG_CT_SIGNED_CLEARTEXT_HEADER:
- __ops_headers_free(&c->u.cleartext_head);
- break;
-
- case OPS_PTAG_CT_ARMOUR_HEADER:
- __ops_headers_free(&c->u.armour_header.headers);
- break;
-
- case OPS_PTAG_CT_SIGNED_CLEARTEXT_TRAILER:
- cleartext_trailer_free(&c->u.cleartext_trailer);
- break;
-
- case OPS_PTAG_CT_TRUST:
- __ops_data_free(&c->u.trust);
- break;
-
- case OPS_PTAG_CT_SIGNATURE:
- case OPS_PTAG_CT_SIGNATURE_FOOTER:
- sig_free(&c->u.sig);
- break;
-
- case OPS_PTAG_CT_PUBLIC_KEY:
- case OPS_PTAG_CT_PUBLIC_SUBKEY:
- __ops_pubkey_free(&c->u.pubkey);
- break;
-
- case OPS_PTAG_CT_USER_ID:
- __ops_userid_free(&c->u.userid);
- break;
-
- case OPS_PTAG_SS_SIGNERS_USER_ID:
- __ops_userid_free(&c->u.ss_signer);
- break;
-
- case OPS_PTAG_CT_USER_ATTR:
- __ops_data_free(&c->u.userattr);
- break;
-
- case OPS_PTAG_SS_PREFERRED_SKA:
- __ops_data_free(&c->u.ss_skapref);
- break;
-
- case OPS_PTAG_SS_PREFERRED_HASH:
- __ops_data_free(&c->u.ss_hashpref);
- break;
-
- case OPS_PTAG_SS_PREF_COMPRESS:
- __ops_data_free(&c->u.ss_zpref);
- break;
-
- case OPS_PTAG_SS_KEY_FLAGS:
- __ops_data_free(&c->u.ss_key_flags);
- break;
-
- case OPS_PTAG_SS_KEYSERV_PREFS:
- __ops_data_free(&c->u.ss_key_server_prefs);
- break;
-
- case OPS_PTAG_SS_FEATURES:
- __ops_data_free(&c->u.ss_features);
- break;
-
- case OPS_PTAG_SS_NOTATION_DATA:
- __ops_data_free(&c->u.ss_notation.name);
- __ops_data_free(&c->u.ss_notation.value);
- break;
-
- case OPS_PTAG_SS_REGEXP:
- string_free(&c->u.ss_regexp);
- break;
-
- case OPS_PTAG_SS_POLICY_URI:
- string_free(&c->u.ss_policy);
- break;
-
- case OPS_PTAG_SS_PREF_KEYSERV:
- string_free(&c->u.ss_keyserv);
- break;
-
- case OPS_PTAG_SS_USERDEFINED00:
- case OPS_PTAG_SS_USERDEFINED01:
- case OPS_PTAG_SS_USERDEFINED02:
- case OPS_PTAG_SS_USERDEFINED03:
- case OPS_PTAG_SS_USERDEFINED04:
- case OPS_PTAG_SS_USERDEFINED05:
- case OPS_PTAG_SS_USERDEFINED06:
- case OPS_PTAG_SS_USERDEFINED07:
- case OPS_PTAG_SS_USERDEFINED08:
- case OPS_PTAG_SS_USERDEFINED09:
- case OPS_PTAG_SS_USERDEFINED10:
- __ops_data_free(&c->u.ss_userdef);
- break;
-
- case OPS_PTAG_SS_RESERVED:
- __ops_data_free(&c->u.ss_unknown);
- break;
-
- case OPS_PTAG_SS_REVOCATION_REASON:
- string_free(&c->u.ss_revocation.reason);
- break;
-
- case OPS_PTAG_SS_EMBEDDED_SIGNATURE:
- __ops_data_free(&c->u.ss_embedded_sig);
- break;
-
- case OPS_PARSER_PACKET_END:
- __ops_subpacket_free(&c->u.packet);
- break;
-
- case OPS_PARSER_ERROR:
- case OPS_PARSER_ERRCODE:
- break;
-
- case OPS_PTAG_CT_SECRET_KEY:
- case OPS_PTAG_CT_ENCRYPTED_SECRET_KEY:
- __ops_seckey_free(&c->u.seckey);
- break;
-
- case OPS_PTAG_CT_PK_SESSION_KEY:
- case OPS_PTAG_CT_ENCRYPTED_PK_SESSION_KEY:
- __ops_pk_sesskey_free(&c->u.pk_sesskey);
- break;
-
- case OPS_GET_PASSPHRASE:
- __ops_cmd_get_passphrase_free(&c->u.skey_passphrase);
- break;
-
- default:
- fprintf(stderr, "Can't free %d (0x%x)\n", c->tag, c->tag);
- }
-}
-
-/**
-\ingroup Core_Create
-\brief Free allocated memory
-*/
-void
-__ops_pk_sesskey_free(__ops_pk_sesskey_t *sk)
-{
- switch (sk->alg) {
- case OPS_PKA_RSA:
- free_BN(&sk->params.rsa.encrypted_m);
- break;
-
- case OPS_PKA_ELGAMAL:
- free_BN(&sk->params.elgamal.g_to_k);
- free_BN(&sk->params.elgamal.encrypted_m);
- break;
-
- default:
- (void) fprintf(stderr, "__ops_pk_sesskey_free: bad alg\n");
- break;
- }
-}
-
-/**
-\ingroup Core_Create
-\brief Free allocated memory
-*/
-/* ! Free the memory used when parsing a public key */
-void
-__ops_pubkey_free(__ops_pubkey_t *p)
-{
- switch (p->alg) {
- case OPS_PKA_RSA:
- case OPS_PKA_RSA_ENCRYPT_ONLY:
- case OPS_PKA_RSA_SIGN_ONLY:
- free_BN(&p->key.rsa.n);
- free_BN(&p->key.rsa.e);
- break;
-
- case OPS_PKA_DSA:
- free_BN(&p->key.dsa.p);
- free_BN(&p->key.dsa.q);
- free_BN(&p->key.dsa.g);
- free_BN(&p->key.dsa.y);
- break;
-
- case OPS_PKA_ELGAMAL:
- case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
- free_BN(&p->key.elgamal.p);
- free_BN(&p->key.elgamal.g);
- free_BN(&p->key.elgamal.y);
- break;
-
- case OPS_PKA_NOTHING:
- /* nothing to free */
- break;
-
- default:
- (void) fprintf(stderr, "__ops_pubkey_free: bad alg\n");
- }
-}
-
-/**
- \ingroup Core_ReadPackets
-*/
-static int
-parse_pubkey_data(__ops_pubkey_t *key, __ops_region_t *region,
- __ops_stream_t *stream)
-{
- uint8_t c = 0x0;
-
- if (region->readc != 0) {
- /* We should not have read anything so far */
- (void) fprintf(stderr, "parse_pubkey_data: bad length\n");
- return 0;
- }
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- key->version = (__ops_version_t)c;
- switch (key->version) {
- case OPS_V2:
- case OPS_V3:
- case OPS_V4:
- break;
- default:
- OPS_ERROR_1(&stream->errors, OPS_E_PROTO_BAD_PUBLIC_KEY_VRSN,
- "Bad public key version (0x%02x)", key->version);
- return 0;
- }
- if (!limited_read_time(&key->birthtime, region, stream)) {
- return 0;
- }
-
- key->days_valid = 0;
- if ((key->version == 2 || key->version == 3) &&
- !limread_scalar(&key->days_valid, 2, region, stream)) {
- return 0;
- }
-
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- key->alg = c;
-
- switch (key->alg) {
- case OPS_PKA_DSA:
- if (!limread_mpi(&key->key.dsa.p, region, stream) ||
- !limread_mpi(&key->key.dsa.q, region, stream) ||
- !limread_mpi(&key->key.dsa.g, region, stream) ||
- !limread_mpi(&key->key.dsa.y, region, stream)) {
- return 0;
- }
- break;
-
- case OPS_PKA_RSA:
- case OPS_PKA_RSA_ENCRYPT_ONLY:
- case OPS_PKA_RSA_SIGN_ONLY:
- if (!limread_mpi(&key->key.rsa.n, region, stream) ||
- !limread_mpi(&key->key.rsa.e, region, stream)) {
- return 0;
- }
- break;
-
- case OPS_PKA_ELGAMAL:
- case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
- if (!limread_mpi(&key->key.elgamal.p, region, stream) ||
- !limread_mpi(&key->key.elgamal.g, region, stream) ||
- !limread_mpi(&key->key.elgamal.y, region, stream)) {
- return 0;
- }
- break;
-
- default:
- OPS_ERROR_1(&stream->errors,
- OPS_E_ALG_UNSUPPORTED_PUBLIC_KEY_ALG,
- "Unsupported Public Key algorithm (%s)",
- __ops_show_pka(key->alg));
- return 0;
- }
-
- return 1;
-}
-
-
-/**
- * \ingroup Core_ReadPackets
- * \brief Parse a public key packet.
- *
- * This function parses an entire v3 (== v2) or v4 public key packet for RSA, ElGamal, and DSA keys.
- *
- * Once the key has been parsed successfully, it is passed to the callback.
- *
- * \param *ptag Pointer to the current Packet Tag. This function should consume the entire packet.
- * \param *reader Our reader
- * \param *cb The callback
- * \return 1 on success, 0 on error
- *
- * \see RFC4880 5.5.2
- */
-static int
-parse_pubkey(__ops_content_enum tag, __ops_region_t *region,
- __ops_stream_t *stream)
-{
- __ops_packet_t pkt;
-
- if (!parse_pubkey_data(&pkt.u.pubkey, region, stream)) {
- (void) fprintf(stderr, "parse_pubkey: parse_pubkey_data failed\n");
- return 0;
- }
-
- /* XXX: this test should be done for all packets, surely? */
- if (region->readc != region->length) {
- OPS_ERROR_1(&stream->errors, OPS_E_R_UNCONSUMED_DATA,
- "Unconsumed data (%d)", region->length - region->readc);
- return 0;
- }
- CALLBACK(tag, &stream->cbinfo, &pkt);
-
- return 1;
-}
-
-/**
- * \ingroup Core_ReadPackets
- * \brief Parse one user attribute packet.
- *
- * User attribute packets contain one or more attribute subpackets.
- * For now, handle the whole packet as raw data.
- */
-
-static int
-parse_userattr(__ops_region_t *region, __ops_stream_t *stream)
-{
-
- __ops_packet_t pkt;
-
- /*
- * xxx- treat as raw data for now. Could break down further into
- * attribute sub-packets later - rachel
- */
- if (region->readc != 0) {
- /* We should not have read anything so far */
- (void) fprintf(stderr, "parse_userattr: bad length\n");
- return 0;
- }
- if (!read_data(&pkt.u.userattr, region, stream)) {
- return 0;
- }
- CALLBACK(OPS_PTAG_CT_USER_ATTR, &stream->cbinfo, &pkt);
- return 1;
-}
-
-/**
-\ingroup Core_Create
-\brief Free allocated memory
-*/
-/* ! Free the memory used when parsing this packet type */
-void
-__ops_userid_free(uint8_t **id)
-{
- free(*id);
- *id = NULL;
-}
-
-/**
- * \ingroup Core_ReadPackets
- * \brief Parse a user id.
- *
- * This function parses an user id packet, which is basically just a char array the size of the packet.
- *
- * The char array is to be treated as an UTF-8 string.
- *
- * The userid gets null terminated by this function. Freeing it is the responsibility of the caller.
- *
- * Once the userid has been parsed successfully, it is passed to the callback.
- *
- * \param *ptag Pointer to the Packet Tag. This function should consume the entire packet.
- * \param *reader Our reader
- * \param *cb The callback
- * \return 1 on success, 0 on error
- *
- * \see RFC4880 5.11
- */
-static int
-parse_userid(__ops_region_t *region, __ops_stream_t *stream)
-{
- __ops_packet_t pkt;
-
- if (region->readc != 0) {
- /* We should not have read anything so far */
- (void) fprintf(stderr, "parse_userid: bad length\n");
- return 0;
- }
-
- if ((pkt.u.userid = calloc(1, region->length + 1)) == NULL) {
- (void) fprintf(stderr, "parse_userid: bad alloc\n");
- return 0;
- }
-
- if (region->length &&
- !limread(pkt.u.userid, region->length, region,
- stream)) {
- return 0;
- }
- pkt.u.userid[region->length] = 0x0;
- CALLBACK(OPS_PTAG_CT_USER_ID, &stream->cbinfo, &pkt);
- return 1;
-}
-
-static __ops_hash_t *
-parse_hash_find(__ops_stream_t *stream, const uint8_t *keyid)
-{
- __ops_hashtype_t *hp;
- size_t n;
-
- for (n = 0, hp = stream->hashes; n < stream->hashc; n++, hp++) {
- if (memcmp(hp->keyid, keyid, OPS_KEY_ID_SIZE) == 0) {
- return &hp->hash;
- }
- }
- return NULL;
-}
-
-/**
- * \ingroup Core_Parse
- * \brief Parse a version 3 signature.
- *
- * This function parses an version 3 signature packet, handling RSA and DSA signatures.
- *
- * Once the signature has been parsed successfully, it is passed to the callback.
- *
- * \param *ptag Pointer to the Packet Tag. This function should consume the entire packet.
- * \param *reader Our reader
- * \param *cb The callback
- * \return 1 on success, 0 on error
- *
- * \see RFC4880 5.2.2
- */
-static int
-parse_v3_sig(__ops_region_t *region,
- __ops_stream_t *stream)
-{
- __ops_packet_t pkt;
- uint8_t c = 0x0;
-
- /* clear signature */
- (void) memset(&pkt.u.sig, 0x0, sizeof(pkt.u.sig));
-
- pkt.u.sig.info.version = OPS_V3;
-
- /* hash info length */
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- if (c != 5) {
- ERRP(&stream->cbinfo, pkt, "bad hash info length");
- }
-
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.sig.info.type = (__ops_sig_type_t)c;
- /* XXX: check signature type */
-
- if (!limited_read_time(&pkt.u.sig.info.birthtime, region, stream)) {
- return 0;
- }
- pkt.u.sig.info.birthtime_set = 1;
-
- if (!limread(pkt.u.sig.info.signer_id, OPS_KEY_ID_SIZE, region,
- stream)) {
- return 0;
- }
- pkt.u.sig.info.signer_id_set = 1;
-
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.sig.info.key_alg = (__ops_pubkey_alg_t)c;
- /* XXX: check algorithm */
-
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.sig.info.hash_alg = (__ops_hash_alg_t)c;
- /* XXX: check algorithm */
-
- if (!limread(pkt.u.sig.hash2, 2, region, stream)) {
- return 0;
- }
-
- switch (pkt.u.sig.info.key_alg) {
- case OPS_PKA_RSA:
- case OPS_PKA_RSA_SIGN_ONLY:
- if (!limread_mpi(&pkt.u.sig.info.sig.rsa.sig, region, stream)) {
- return 0;
- }
- break;
-
- case OPS_PKA_DSA:
- if (!limread_mpi(&pkt.u.sig.info.sig.dsa.r, region, stream) ||
- !limread_mpi(&pkt.u.sig.info.sig.dsa.s, region, stream)) {
- return 0;
- }
- break;
-
- case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
- if (!limread_mpi(&pkt.u.sig.info.sig.elgamal.r, region,
- stream) ||
- !limread_mpi(&pkt.u.sig.info.sig.elgamal.s, region,
- stream)) {
- return 0;
- }
- break;
-
- default:
- OPS_ERROR_1(&stream->errors,
- OPS_E_ALG_UNSUPPORTED_SIGNATURE_ALG,
- "Unsupported signature key algorithm (%s)",
- __ops_show_pka(pkt.u.sig.info.key_alg));
- return 0;
- }
-
- if (region->readc != region->length) {
- OPS_ERROR_1(&stream->errors, OPS_E_R_UNCONSUMED_DATA,
- "Unconsumed data (%d)",
- region->length - region->readc);
- return 0;
- }
- if (pkt.u.sig.info.signer_id_set) {
- pkt.u.sig.hash = parse_hash_find(stream,
- pkt.u.sig.info.signer_id);
- }
- CALLBACK(OPS_PTAG_CT_SIGNATURE, &stream->cbinfo, &pkt);
- return 1;
-}
-
-/**
- * \ingroup Core_ReadPackets
- * \brief Parse one signature sub-packet.
- *
- * Version 4 signatures can have an arbitrary amount of (hashed and
- * unhashed) subpackets. Subpackets are used to hold optional
- * attributes of subpackets.
- *
- * This function parses one such signature subpacket.
- *
- * Once the subpacket has been parsed successfully, it is passed to the callback.
- *
- * \param *ptag Pointer to the Packet Tag. This function should consume the entire subpacket.
- * \param *reader Our reader
- * \param *cb The callback
- * \return 1 on success, 0 on error
- *
- * \see RFC4880 5.2.3
- */
-static int
-parse_one_sig_subpacket(__ops_sig_t *sig,
- __ops_region_t *region,
- __ops_stream_t *stream)
-{
- __ops_region_t subregion;
- __ops_packet_t pkt;
- uint8_t bools = 0x0;
- uint8_t c = 0x0;
- unsigned doread = 1;
- unsigned t8;
- unsigned t7;
- unsigned indeterminate;
-
- __ops_init_subregion(&subregion, region);
- if (!limited_read_new_length(&subregion.length, &indeterminate, region, stream)) {
- return 0;
- }
-
- if (subregion.length > region->length) {
- ERRP(&stream->cbinfo, pkt, "Subpacket too long");
- }
-
- if (!limread(&c, 1, &subregion, stream)) {
- return 0;
- }
-
- t8 = (c & 0x7f) / 8;
- t7 = 1 << (c & 7);
-
- pkt.critical = (unsigned)c >> 7;
- pkt.tag = (__ops_content_enum)(OPS_PTAG_SIG_SUBPKT_BASE + (c & 0x7f));
-
- /* Application wants it delivered raw */
- if (stream->ss_raw[t8] & t7) {
- pkt.u.ss_raw.tag = pkt.tag;
- pkt.u.ss_raw.length = subregion.length - 1;
- pkt.u.ss_raw.raw = calloc(1, pkt.u.ss_raw.length);
- if (pkt.u.ss_raw.raw == NULL) {
- (void) fprintf(stderr, "parse_one_sig_subpacket: bad alloc\n");
- return 0;
- }
- if (!limread(pkt.u.ss_raw.raw, (unsigned)pkt.u.ss_raw.length,
- &subregion, stream)) {
- return 0;
- }
- CALLBACK(OPS_PTAG_RAW_SS, &stream->cbinfo, &pkt);
- return 1;
- }
- switch (pkt.tag) {
- case OPS_PTAG_SS_CREATION_TIME:
- case OPS_PTAG_SS_EXPIRATION_TIME:
- case OPS_PTAG_SS_KEY_EXPIRY:
- if (!limited_read_time(&pkt.u.ss_time, &subregion, stream))
- return 0;
- if (pkt.tag == OPS_PTAG_SS_CREATION_TIME) {
- sig->info.birthtime = pkt.u.ss_time;
- sig->info.birthtime_set = 1;
- }
- if (pkt.tag == OPS_PTAG_SS_EXPIRATION_TIME) {
- sig->info.duration = pkt.u.ss_time;
- sig->info.duration_set = 1;
- }
- break;
-
- case OPS_PTAG_SS_TRUST:
- if (!limread(&pkt.u.ss_trust.level, 1, &subregion, stream) ||
- !limread(&pkt.u.ss_trust.amount, 1, &subregion, stream)) {
- return 0;
- }
- break;
-
- case OPS_PTAG_SS_REVOCABLE:
- if (!limread(&bools, 1, &subregion, stream)) {
- return 0;
- }
- pkt.u.ss_revocable = !!bools;
- break;
-
- case OPS_PTAG_SS_ISSUER_KEY_ID:
- if (!limread(pkt.u.ss_issuer, OPS_KEY_ID_SIZE, &subregion, stream)) {
- return 0;
- }
- (void) memcpy(sig->info.signer_id, pkt.u.ss_issuer, OPS_KEY_ID_SIZE);
- sig->info.signer_id_set = 1;
- break;
-
- case OPS_PTAG_SS_PREFERRED_SKA:
- if (!read_data(&pkt.u.ss_skapref, &subregion, stream)) {
- return 0;
- }
- break;
-
- case OPS_PTAG_SS_PREFERRED_HASH:
- if (!read_data(&pkt.u.ss_hashpref, &subregion, stream)) {
- return 0;
- }
- break;
-
- case OPS_PTAG_SS_PREF_COMPRESS:
- if (!read_data(&pkt.u.ss_zpref, &subregion, stream)) {
- return 0;
- }
- break;
-
- case OPS_PTAG_SS_PRIMARY_USER_ID:
- if (!limread(&bools, 1, &subregion, stream)) {
- return 0;
- }
- pkt.u.ss_primary_userid = !!bools;
- break;
-
- case OPS_PTAG_SS_KEY_FLAGS:
- if (!read_data(&pkt.u.ss_key_flags, &subregion, stream)) {
- return 0;
- }
- break;
-
- case OPS_PTAG_SS_KEYSERV_PREFS:
- if (!read_data(&pkt.u.ss_key_server_prefs, &subregion, stream)) {
- return 0;
- }
- break;
-
- case OPS_PTAG_SS_FEATURES:
- if (!read_data(&pkt.u.ss_features, &subregion, stream)) {
- return 0;
- }
- break;
-
- case OPS_PTAG_SS_SIGNERS_USER_ID:
- if (!read_unsig_str(&pkt.u.ss_signer, &subregion, stream)) {
- return 0;
- }
- break;
-
- case OPS_PTAG_SS_EMBEDDED_SIGNATURE:
- /* \todo should do something with this sig? */
- if (!read_data(&pkt.u.ss_embedded_sig, &subregion, stream)) {
- return 0;
- }
- break;
-
- case OPS_PTAG_SS_NOTATION_DATA:
- if (!limread_data(&pkt.u.ss_notation.flags, 4,
- &subregion, stream)) {
- return 0;
- }
- if (!limread_size_t(&pkt.u.ss_notation.name.len, 2,
- &subregion, stream)) {
- return 0;
- }
- if (!limread_size_t(&pkt.u.ss_notation.value.len, 2,
- &subregion, stream)) {
- return 0;
- }
- if (!limread_data(&pkt.u.ss_notation.name,
- (unsigned)pkt.u.ss_notation.name.len,
- &subregion, stream)) {
- return 0;
- }
- if (!limread_data(&pkt.u.ss_notation.value,
- (unsigned)pkt.u.ss_notation.value.len,
- &subregion, stream)) {
- return 0;
- }
- break;
-
- case OPS_PTAG_SS_POLICY_URI:
- if (!read_string(&pkt.u.ss_policy, &subregion, stream)) {
- return 0;
- }
- break;
-
- case OPS_PTAG_SS_REGEXP:
- if (!read_string(&pkt.u.ss_regexp, &subregion, stream)) {
- return 0;
- }
- break;
-
- case OPS_PTAG_SS_PREF_KEYSERV:
- if (!read_string(&pkt.u.ss_keyserv, &subregion, stream)) {
- return 0;
- }
- break;
-
- case OPS_PTAG_SS_USERDEFINED00:
- case OPS_PTAG_SS_USERDEFINED01:
- case OPS_PTAG_SS_USERDEFINED02:
- case OPS_PTAG_SS_USERDEFINED03:
- case OPS_PTAG_SS_USERDEFINED04:
- case OPS_PTAG_SS_USERDEFINED05:
- case OPS_PTAG_SS_USERDEFINED06:
- case OPS_PTAG_SS_USERDEFINED07:
- case OPS_PTAG_SS_USERDEFINED08:
- case OPS_PTAG_SS_USERDEFINED09:
- case OPS_PTAG_SS_USERDEFINED10:
- if (!read_data(&pkt.u.ss_userdef, &subregion, stream)) {
- return 0;
- }
- break;
-
- case OPS_PTAG_SS_RESERVED:
- if (!read_data(&pkt.u.ss_unknown, &subregion, stream)) {
- return 0;
- }
- break;
-
- case OPS_PTAG_SS_REVOCATION_REASON:
- /* first byte is the machine-readable code */
- if (!limread(&pkt.u.ss_revocation.code, 1, &subregion, stream)) {
- return 0;
- }
- /* the rest is a human-readable UTF-8 string */
- if (!read_string(&pkt.u.ss_revocation.reason, &subregion,
- stream)) {
- return 0;
- }
- break;
-
- case OPS_PTAG_SS_REVOCATION_KEY:
- /* octet 0 = class. Bit 0x80 must be set */
- if (!limread(&pkt.u.ss_revocation_key.class, 1,
- &subregion, stream)) {
- return 0;
- }
- if (!(pkt.u.ss_revocation_key.class & 0x80)) {
- printf("Warning: OPS_PTAG_SS_REVOCATION_KEY class: "
- "Bit 0x80 should be set\n");
- return 0;
- }
- /* octet 1 = algid */
- if (!limread(&pkt.u.ss_revocation_key.algid, 1,
- &subregion, stream)) {
- return 0;
- }
- /* octets 2-21 = fingerprint */
- if (!limread(&pkt.u.ss_revocation_key.fingerprint[0],
- OPS_FINGERPRINT_SIZE, &subregion, stream)) {
- return 0;
- }
- break;
-
- default:
- if (stream->ss_parsed[t8] & t7) {
- OPS_ERROR_1(&stream->errors, OPS_E_PROTO_UNKNOWN_SS,
- "Unknown signature subpacket type (%d)",
- c & 0x7f);
- }
- doread = 0;
- break;
- }
-
- /* Application doesn't want it delivered parsed */
- if (!(stream->ss_parsed[t8] & t7)) {
- if (pkt.critical) {
- OPS_ERROR_1(&stream->errors,
- OPS_E_PROTO_CRITICAL_SS_IGNORED,
- "Critical signature subpacket ignored (%d)",
- c & 0x7f);
- }
- if (!doread &&
- !limskip(subregion.length - 1, &subregion, stream)) {
- return 0;
- }
- if (doread) {
- __ops_parser_content_free(&pkt);
- }
- return 1;
- }
- if (doread && subregion.readc != subregion.length) {
- OPS_ERROR_1(&stream->errors, OPS_E_R_UNCONSUMED_DATA,
- "Unconsumed data (%d)",
- subregion.length - subregion.readc);
- return 0;
- }
- CALLBACK(pkt.tag, &stream->cbinfo, &pkt);
- return 1;
-}
-
-/**
- * \ingroup Core_ReadPackets
- * \brief Parse several signature subpackets.
- *
- * Hashed and unhashed subpacket sets are preceded by an octet count that specifies the length of the complete set.
- * This function parses this length and then calls parse_one_sig_subpacket() for each subpacket until the
- * entire set is consumed.
- *
- * This function does not call the callback directly, parse_one_sig_subpacket() does for each subpacket.
- *
- * \param *ptag Pointer to the Packet Tag.
- * \param *reader Our reader
- * \param *cb The callback
- * \return 1 on success, 0 on error
- *
- * \see RFC4880 5.2.3
- */
-static int
-parse_sig_subpkts(__ops_sig_t *sig,
- __ops_region_t *region,
- __ops_stream_t *stream)
-{
- __ops_region_t subregion;
- __ops_packet_t pkt;
-
- __ops_init_subregion(&subregion, region);
- if (!limread_scalar(&subregion.length, 2, region, stream)) {
- return 0;
- }
-
- if (subregion.length > region->length) {
- ERRP(&stream->cbinfo, pkt, "Subpacket set too long");
- }
-
- while (subregion.readc < subregion.length) {
- if (!parse_one_sig_subpacket(sig, &subregion, stream)) {
- return 0;
- }
- }
-
- if (subregion.readc != subregion.length) {
- if (!limskip(subregion.length - subregion.readc,
- &subregion, stream)) {
- ERRP(&stream->cbinfo, pkt,
-"parse_sig_subpkts: subpacket length read mismatch");
- }
- ERRP(&stream->cbinfo, pkt, "Subpacket length mismatch");
- }
- return 1;
-}
-
-/**
- * \ingroup Core_ReadPackets
- * \brief Parse a version 4 signature.
- *
- * This function parses a version 4 signature including all its hashed and unhashed subpackets.
- *
- * Once the signature packet has been parsed successfully, it is passed to the callback.
- *
- * \param *ptag Pointer to the Packet Tag.
- * \param *reader Our reader
- * \param *cb The callback
- * \return 1 on success, 0 on error
- *
- * \see RFC4880 5.2.3
- */
-static int
-parse_v4_sig(__ops_region_t *region, __ops_stream_t *stream)
-{
- __ops_packet_t pkt;
- uint8_t c = 0x0;
-
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(stderr, "\nparse_v4_sig\n");
- }
- /* clear signature */
- (void) memset(&pkt.u.sig, 0x0, sizeof(pkt.u.sig));
-
- /*
- * We need to hash the packet data from version through the hashed
- * subpacket data
- */
-
- pkt.u.sig.v4_hashstart = stream->readinfo.alength - 1;
-
- /* Set version,type,algorithms */
-
- pkt.u.sig.info.version = OPS_V4;
-
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.sig.info.type = (__ops_sig_type_t)c;
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(stderr, "signature type=%d (%s)\n",
- pkt.u.sig.info.type,
- __ops_show_sig_type(pkt.u.sig.info.type));
- }
- /* XXX: check signature type */
-
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.sig.info.key_alg = (__ops_pubkey_alg_t)c;
- /* XXX: check key algorithm */
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr, "key_alg=%d (%s)\n",
- pkt.u.sig.info.key_alg,
- __ops_show_pka(pkt.u.sig.info.key_alg));
- }
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.sig.info.hash_alg = (__ops_hash_alg_t)c;
- /* XXX: check hash algorithm */
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(stderr, "hash_alg=%d %s\n",
- pkt.u.sig.info.hash_alg,
- __ops_show_hash_alg(pkt.u.sig.info.hash_alg));
- }
- CALLBACK(OPS_PTAG_CT_SIGNATURE_HEADER, &stream->cbinfo, &pkt);
-
- if (!parse_sig_subpkts(&pkt.u.sig, region, stream)) {
- return 0;
- }
-
- pkt.u.sig.info.v4_hashlen = stream->readinfo.alength
- - pkt.u.sig.v4_hashstart;
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(stderr, "v4_hashlen=%zd\n", pkt.u.sig.info.v4_hashlen);
- }
-
- /* copy hashed subpackets */
- if (pkt.u.sig.info.v4_hashed) {
- free(pkt.u.sig.info.v4_hashed);
- }
- pkt.u.sig.info.v4_hashed = calloc(1, pkt.u.sig.info.v4_hashlen);
- if (pkt.u.sig.info.v4_hashed == NULL) {
- (void) fprintf(stderr, "parse_v4_sig: bad alloc\n");
- return 0;
- }
-
- if (!stream->readinfo.accumulate) {
- /* We must accumulate, else we can't check the signature */
- fprintf(stderr, "*** ERROR: must set accumulate to 1\n");
- return 0;
- }
- (void) memcpy(pkt.u.sig.info.v4_hashed,
- stream->readinfo.accumulated + pkt.u.sig.v4_hashstart,
- pkt.u.sig.info.v4_hashlen);
-
- if (!parse_sig_subpkts(&pkt.u.sig, region, stream)) {
- return 0;
- }
-
- if (!limread(pkt.u.sig.hash2, 2, region, stream)) {
- return 0;
- }
-
- switch (pkt.u.sig.info.key_alg) {
- case OPS_PKA_RSA:
- if (!limread_mpi(&pkt.u.sig.info.sig.rsa.sig, region, stream)) {
- return 0;
- }
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr, "parse_v4_sig: RSA: sig is\n");
- BN_print_fp(stderr, pkt.u.sig.info.sig.rsa.sig);
- (void) fprintf(stderr, "\n");
- }
- break;
-
- case OPS_PKA_DSA:
- if (!limread_mpi(&pkt.u.sig.info.sig.dsa.r, region, stream)) {
- /*
- * usually if this fails, it just means we've reached
- * the end of the keyring
- */
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr,
- "Error reading DSA r field in signature");
- }
- return 0;
- }
- if (!limread_mpi(&pkt.u.sig.info.sig.dsa.s, region, stream)) {
- ERRP(&stream->cbinfo, pkt,
- "Error reading DSA s field in signature");
- }
- break;
-
- case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
- if (!limread_mpi(&pkt.u.sig.info.sig.elgamal.r, region,
- stream) ||
- !limread_mpi(&pkt.u.sig.info.sig.elgamal.s, region,
- stream)) {
- return 0;
- }
- break;
-
- case OPS_PKA_PRIVATE00:
- case OPS_PKA_PRIVATE01:
- case OPS_PKA_PRIVATE02:
- case OPS_PKA_PRIVATE03:
- case OPS_PKA_PRIVATE04:
- case OPS_PKA_PRIVATE05:
- case OPS_PKA_PRIVATE06:
- case OPS_PKA_PRIVATE07:
- case OPS_PKA_PRIVATE08:
- case OPS_PKA_PRIVATE09:
- case OPS_PKA_PRIVATE10:
- if (!read_data(&pkt.u.sig.info.sig.unknown, region, stream)) {
- return 0;
- }
- break;
-
- default:
- OPS_ERROR_1(&stream->errors, OPS_E_ALG_UNSUPPORTED_SIGNATURE_ALG,
- "Bad v4 signature key algorithm (%s)",
- __ops_show_pka(pkt.u.sig.info.key_alg));
- return 0;
- }
- if (region->readc != region->length) {
- OPS_ERROR_1(&stream->errors, OPS_E_R_UNCONSUMED_DATA,
- "Unconsumed data (%d)",
- region->length - region->readc);
- return 0;
- }
- CALLBACK(OPS_PTAG_CT_SIGNATURE_FOOTER, &stream->cbinfo, &pkt);
- return 1;
-}
-
-/**
- * \ingroup Core_ReadPackets
- * \brief Parse a signature subpacket.
- *
- * This function calls the appropriate function to handle v3 or v4 signatures.
- *
- * Once the signature packet has been parsed successfully, it is passed to the callback.
- *
- * \param *ptag Pointer to the Packet Tag.
- * \param *reader Our reader
- * \param *cb The callback
- * \return 1 on success, 0 on error
- */
-static int
-parse_sig(__ops_region_t *region, __ops_stream_t *stream)
-{
- __ops_packet_t pkt;
- uint8_t c = 0x0;
-
- if (region->readc != 0) {
- /* We should not have read anything so far */
- (void) fprintf(stderr, "parse_sig: bad length\n");
- return 0;
- }
-
- (void) memset(&pkt, 0x0, sizeof(pkt));
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- if (c == 2 || c == 3) {
- return parse_v3_sig(region, stream);
- }
- if (c == 4) {
- return parse_v4_sig(region, stream);
- }
- OPS_ERROR_1(&stream->errors, OPS_E_PROTO_BAD_SIGNATURE_VRSN,
- "Bad signature version (%d)", c);
- return 0;
-}
-
-/**
- \ingroup Core_ReadPackets
- \brief Parse Compressed packet
-*/
-static int
-parse_compressed(__ops_region_t *region, __ops_stream_t *stream)
-{
- __ops_packet_t pkt;
- uint8_t c = 0x0;
-
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
-
- pkt.u.compressed = (__ops_compression_type_t)c;
-
- CALLBACK(OPS_PTAG_CT_COMPRESSED, &stream->cbinfo, &pkt);
-
- /*
- * The content of a compressed data packet is more OpenPGP packets
- * once decompressed, so recursively handle them
- */
-
- return __ops_decompress(region, stream, pkt.u.compressed);
-}
-
-/* XXX: this could be improved by sharing all hashes that are the */
-/* same, then duping them just before checking the signature. */
-static void
-parse_hash_init(__ops_stream_t *stream, __ops_hash_alg_t type,
- const uint8_t *keyid)
-{
- __ops_hashtype_t *hash;
-
- hash = realloc(stream->hashes,
- (stream->hashc + 1) * sizeof(*stream->hashes));
- if (hash == NULL) {
- (void) fprintf(stderr, "parse_hash_init: bad alloc 0\n");
- /* just continue and die here */
- /* XXX - agc - no way to return failure */
- } else {
- stream->hashes = hash;
- }
- hash = &stream->hashes[stream->hashc++];
-
- __ops_hash_any(&hash->hash, type);
- if (!hash->hash.init(&hash->hash)) {
- (void) fprintf(stderr, "parse_hash_init: bad alloc\n");
- /* just continue and die here */
- /* XXX - agc - no way to return failure */
- }
- (void) memcpy(hash->keyid, keyid, sizeof(hash->keyid));
-}
-
-/**
- \ingroup Core_ReadPackets
- \brief Parse a One Pass Signature packet
-*/
-static int
-parse_one_pass(__ops_region_t * region, __ops_stream_t * stream)
-{
- __ops_packet_t pkt;
- uint8_t c = 0x0;
-
- if (!limread(&pkt.u.one_pass_sig.version, 1, region, stream)) {
- return 0;
- }
- if (pkt.u.one_pass_sig.version != 3) {
- OPS_ERROR_1(&stream->errors, OPS_E_PROTO_BAD_ONE_PASS_SIG_VRSN,
- "Bad one-pass signature version (%d)",
- pkt.u.one_pass_sig.version);
- return 0;
- }
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.one_pass_sig.sig_type = (__ops_sig_type_t)c;
-
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.one_pass_sig.hash_alg = (__ops_hash_alg_t)c;
-
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.one_pass_sig.key_alg = (__ops_pubkey_alg_t)c;
-
- if (!limread(pkt.u.one_pass_sig.keyid,
- (unsigned)sizeof(pkt.u.one_pass_sig.keyid),
- region, stream)) {
- return 0;
- }
-
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.one_pass_sig.nested = !!c;
- CALLBACK(OPS_PTAG_CT_1_PASS_SIG, &stream->cbinfo, &pkt);
- /* XXX: we should, perhaps, let the app choose whether to hash or not */
- parse_hash_init(stream, pkt.u.one_pass_sig.hash_alg,
- pkt.u.one_pass_sig.keyid);
- return 1;
-}
-
-/**
- \ingroup Core_ReadPackets
- \brief Parse a Trust packet
-*/
-static int
-parse_trust(__ops_region_t *region, __ops_stream_t *stream)
-{
- __ops_packet_t pkt;
-
- if (!read_data(&pkt.u.trust, region, stream)) {
- return 0;
- }
- CALLBACK(OPS_PTAG_CT_TRUST, &stream->cbinfo, &pkt);
- return 1;
-}
-
-static void
-parse_hash_data(__ops_stream_t *stream, const void *data,
- size_t length)
-{
- size_t n;
-
- for (n = 0; n < stream->hashc; ++n) {
- stream->hashes[n].hash.add(&stream->hashes[n].hash, data, (unsigned)length);
- }
-}
-
-/**
- \ingroup Core_ReadPackets
- \brief Parse a Literal Data packet
-*/
-static int
-parse_litdata(__ops_region_t *region, __ops_stream_t *stream)
-{
- __ops_memory_t *mem;
- __ops_packet_t pkt;
- uint8_t c = 0x0;
-
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.litdata_header.format = (__ops_litdata_enum)c;
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- if (!limread((uint8_t *)pkt.u.litdata_header.filename,
- (unsigned)c, region, stream)) {
- return 0;
- }
- pkt.u.litdata_header.filename[c] = '\0';
- if (!limited_read_time(&pkt.u.litdata_header.mtime, region, stream)) {
- return 0;
- }
- CALLBACK(OPS_PTAG_CT_LITDATA_HEADER, &stream->cbinfo, &pkt);
- mem = pkt.u.litdata_body.mem = __ops_memory_new();
- __ops_memory_init(pkt.u.litdata_body.mem,
- (unsigned)((region->length * 101) / 100) + 12);
- pkt.u.litdata_body.data = mem->buf;
-
- while (region->readc < region->length) {
- unsigned readc = region->length - region->readc;
-
- if (!limread(mem->buf, readc, region, stream)) {
- return 0;
- }
- pkt.u.litdata_body.length = readc;
- parse_hash_data(stream, pkt.u.litdata_body.data, region->length);
- CALLBACK(OPS_PTAG_CT_LITDATA_BODY, &stream->cbinfo, &pkt);
- }
-
- /* XXX - get rid of mem here? */
-
- return 1;
-}
-
-/**
- * \ingroup Core_Create
- *
- * __ops_seckey_free() frees the memory associated with "key". Note that
- * the key itself is not freed.
- *
- * \param key
- */
-
-void
-__ops_seckey_free(__ops_seckey_t *key)
-{
- switch (key->pubkey.alg) {
- case OPS_PKA_RSA:
- case OPS_PKA_RSA_ENCRYPT_ONLY:
- case OPS_PKA_RSA_SIGN_ONLY:
- free_BN(&key->key.rsa.d);
- free_BN(&key->key.rsa.p);
- free_BN(&key->key.rsa.q);
- free_BN(&key->key.rsa.u);
- break;
-
- case OPS_PKA_DSA:
- free_BN(&key->key.dsa.x);
- break;
-
- default:
- (void) fprintf(stderr,
- "__ops_seckey_free: Unknown algorithm: %d (%s)\n",
- key->pubkey.alg,
- __ops_show_pka(key->pubkey.alg));
- }
- free(key->checkhash);
-}
-
-static int
-consume_packet(__ops_region_t *region, __ops_stream_t *stream, unsigned warn)
-{
- __ops_packet_t pkt;
- __ops_data_t remainder;
-
- if (region->indeterminate) {
- ERRP(&stream->cbinfo, pkt,
- "Can't consume indeterminate packets");
- }
-
- if (read_data(&remainder, region, stream)) {
- /* now throw it away */
- __ops_data_free(&remainder);
- if (warn) {
- OPS_ERROR(&stream->errors, OPS_E_P_PACKET_CONSUMED,
- "Warning: packet consumer");
- }
- return 1;
- }
- OPS_ERROR(&stream->errors, OPS_E_P_PACKET_NOT_CONSUMED,
- (warn) ? "Warning: Packet was not consumed" :
- "Packet was not consumed");
- return warn;
-}
-
-/**
- * \ingroup Core_ReadPackets
- * \brief Parse a secret key
- */
-static int
-parse_seckey(__ops_region_t *region, __ops_stream_t *stream)
-{
- __ops_packet_t pkt;
- __ops_region_t encregion;
- __ops_region_t *saved_region = NULL;
- __ops_crypt_t decrypt;
- __ops_hash_t checkhash;
- unsigned blocksize;
- unsigned crypted;
- uint8_t c = 0x0;
- int ret = 1;
-
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(stderr, "\n---------\nparse_seckey:\n");
- fprintf(stderr,
- "region length=%u, readc=%u, remainder=%u\n",
- region->length, region->readc,
- region->length - region->readc);
- }
- (void) memset(&pkt, 0x0, sizeof(pkt));
- if (!parse_pubkey_data(&pkt.u.seckey.pubkey, region, stream)) {
- return 0;
- }
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(stderr, "parse_seckey: public key parsed\n");
- __ops_print_pubkey(&pkt.u.seckey.pubkey);
- }
- stream->reading_v3_secret = (pkt.u.seckey.pubkey.version != OPS_V4);
-
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.seckey.s2k_usage = (__ops_s2k_usage_t)c;
-
- if (pkt.u.seckey.s2k_usage == OPS_S2KU_ENCRYPTED ||
- pkt.u.seckey.s2k_usage == OPS_S2KU_ENCRYPTED_AND_HASHED) {
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.seckey.alg = (__ops_symm_alg_t)c;
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.seckey.s2k_specifier = (__ops_s2k_specifier_t)c;
- switch (pkt.u.seckey.s2k_specifier) {
- case OPS_S2KS_SIMPLE:
- case OPS_S2KS_SALTED:
- case OPS_S2KS_ITERATED_AND_SALTED:
- break;
- default:
- (void) fprintf(stderr,
- "parse_seckey: bad seckey\n");
- return 0;
- }
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.seckey.hash_alg = (__ops_hash_alg_t)c;
- if (pkt.u.seckey.s2k_specifier != OPS_S2KS_SIMPLE &&
- !limread(pkt.u.seckey.salt, 8, region, stream)) {
- return 0;
- }
- if (pkt.u.seckey.s2k_specifier ==
- OPS_S2KS_ITERATED_AND_SALTED) {
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.seckey.octetc =
- (16 + ((unsigned)c & 15)) <<
- (((unsigned)c >> 4) + 6);
- }
- } else if (pkt.u.seckey.s2k_usage != OPS_S2KU_NONE) {
- /* this is V3 style, looks just like a V4 simple hash */
- pkt.u.seckey.alg = (__ops_symm_alg_t)c;
- pkt.u.seckey.s2k_usage = OPS_S2KU_ENCRYPTED;
- pkt.u.seckey.s2k_specifier = OPS_S2KS_SIMPLE;
- pkt.u.seckey.hash_alg = OPS_HASH_MD5;
- }
- crypted = pkt.u.seckey.s2k_usage == OPS_S2KU_ENCRYPTED ||
- pkt.u.seckey.s2k_usage == OPS_S2KU_ENCRYPTED_AND_HASHED;
-
- if (crypted) {
- __ops_packet_t seckey;
- __ops_hash_t hashes[(OPS_MAX_KEY_SIZE + OPS_MIN_HASH_SIZE - 1) / OPS_MIN_HASH_SIZE];
- unsigned passlen;
- uint8_t key[OPS_MAX_KEY_SIZE + OPS_MAX_HASH_SIZE];
- char *passphrase;
- int hashsize;
- int keysize;
- int n;
-
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr, "crypted seckey\n");
- }
- blocksize = __ops_block_size(pkt.u.seckey.alg);
- if (blocksize == 0 || blocksize > OPS_MAX_BLOCK_SIZE) {
- (void) fprintf(stderr,
- "parse_seckey: bad blocksize\n");
- return 0;
- }
-
- if (!limread(pkt.u.seckey.iv, blocksize, region, stream)) {
- return 0;
- }
- (void) memset(&seckey, 0x0, sizeof(seckey));
- passphrase = NULL;
- seckey.u.skey_passphrase.passphrase = &passphrase;
- seckey.u.skey_passphrase.seckey = &pkt.u.seckey;
- CALLBACK(OPS_GET_PASSPHRASE, &stream->cbinfo, &seckey);
- if (!passphrase) {
- if (__ops_get_debug_level(__FILE__)) {
- /* \todo make into proper error */
- (void) fprintf(stderr,
- "parse_seckey: can't get passphrase\n");
- }
- if (!consume_packet(region, stream, 0)) {
- return 0;
- }
-
- CALLBACK(OPS_PTAG_CT_ENCRYPTED_SECRET_KEY,
- &stream->cbinfo, &pkt);
-
- return 1;
- }
- keysize = __ops_key_size(pkt.u.seckey.alg);
- if (keysize == 0 || keysize > OPS_MAX_KEY_SIZE) {
- (void) fprintf(stderr,
- "parse_seckey: bad keysize\n");
- return 0;
- }
-
- hashsize = __ops_hash_size(pkt.u.seckey.hash_alg);
- if (hashsize == 0 || hashsize > OPS_MAX_HASH_SIZE) {
- (void) fprintf(stderr,
- "parse_seckey: bad hashsize\n");
- return 0;
- }
-
- for (n = 0; n * hashsize < keysize; ++n) {
- int i;
-
- __ops_hash_any(&hashes[n],
- pkt.u.seckey.hash_alg);
- if (!hashes[n].init(&hashes[n])) {
- (void) fprintf(stderr,
- "parse_seckey: bad alloc\n");
- return 0;
- }
- /* preload hashes with zeroes... */
- for (i = 0; i < n; ++i) {
- hashes[n].add(&hashes[n],
- (const uint8_t *) "", 1);
- }
- }
- passlen = (unsigned)strlen(passphrase);
- for (n = 0; n * hashsize < keysize; ++n) {
- unsigned i;
-
- switch (pkt.u.seckey.s2k_specifier) {
- case OPS_S2KS_SALTED:
- hashes[n].add(&hashes[n],
- pkt.u.seckey.salt,
- OPS_SALT_SIZE);
- /* FALLTHROUGH */
- case OPS_S2KS_SIMPLE:
- hashes[n].add(&hashes[n],
- (uint8_t *)passphrase, (unsigned)passlen);
- break;
-
- case OPS_S2KS_ITERATED_AND_SALTED:
- for (i = 0; i < pkt.u.seckey.octetc;
- i += passlen + OPS_SALT_SIZE) {
- unsigned j;
-
- j = passlen + OPS_SALT_SIZE;
- if (i + j > pkt.u.seckey.octetc && i != 0) {
- j = pkt.u.seckey.octetc - i;
- }
- hashes[n].add(&hashes[n],
- pkt.u.seckey.salt,
- (unsigned)(j > OPS_SALT_SIZE) ?
- OPS_SALT_SIZE : j);
- if (j > OPS_SALT_SIZE) {
- hashes[n].add(&hashes[n],
- (uint8_t *) passphrase,
- j - OPS_SALT_SIZE);
- }
- }
- break;
- default:
- break;
- }
- }
-
- for (n = 0; n * hashsize < keysize; ++n) {
- int r;
-
- r = hashes[n].finish(&hashes[n], key + n * hashsize);
- if (r != hashsize) {
- (void) fprintf(stderr,
- "parse_seckey: bad r\n");
- return 0;
- }
- }
-
- __ops_forget(passphrase, passlen);
-
- __ops_crypt_any(&decrypt, pkt.u.seckey.alg);
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "input iv", pkt.u.seckey.iv, __ops_block_size(pkt.u.seckey.alg));
- hexdump(stderr, "key", key, CAST_KEY_LENGTH);
- }
- decrypt.set_iv(&decrypt, pkt.u.seckey.iv);
- decrypt.set_crypt_key(&decrypt, key);
-
- /* now read encrypted data */
-
- __ops_reader_push_decrypt(stream, &decrypt, region);
-
- /*
- * Since all known encryption for PGP doesn't compress, we
- * can limit to the same length as the current region (for
- * now).
- */
- __ops_init_subregion(&encregion, NULL);
- encregion.length = region->length - region->readc;
- if (pkt.u.seckey.pubkey.version != OPS_V4) {
- encregion.length -= 2;
- }
- saved_region = region;
- region = &encregion;
- }
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(stderr, "parse_seckey: end of crypted passphrase\n");
- }
- if (pkt.u.seckey.s2k_usage == OPS_S2KU_ENCRYPTED_AND_HASHED) {
- pkt.u.seckey.checkhash = calloc(1, OPS_CHECKHASH_SIZE);
- if (pkt.u.seckey.checkhash == NULL) {
- (void) fprintf(stderr, "parse_seckey: bad alloc\n");
- return 0;
- }
- __ops_hash_sha1(&checkhash);
- __ops_reader_push_hash(stream, &checkhash);
- } else {
- __ops_reader_push_sum16(stream);
- }
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(stderr, "parse_seckey: checkhash, reading MPIs\n");
- }
- switch (pkt.u.seckey.pubkey.alg) {
- case OPS_PKA_RSA:
- case OPS_PKA_RSA_ENCRYPT_ONLY:
- case OPS_PKA_RSA_SIGN_ONLY:
- if (!limread_mpi(&pkt.u.seckey.key.rsa.d, region, stream) ||
- !limread_mpi(&pkt.u.seckey.key.rsa.p, region, stream) ||
- !limread_mpi(&pkt.u.seckey.key.rsa.q, region, stream) ||
- !limread_mpi(&pkt.u.seckey.key.rsa.u, region, stream)) {
- ret = 0;
- }
- break;
-
- case OPS_PKA_DSA:
- if (!limread_mpi(&pkt.u.seckey.key.dsa.x, region, stream)) {
- ret = 0;
- }
- break;
-
- case OPS_PKA_ELGAMAL:
- if (!limread_mpi(&pkt.u.seckey.key.elgamal.x, region, stream)) {
- ret = 0;
- }
- break;
-
- default:
- OPS_ERROR_2(&stream->errors,
- OPS_E_ALG_UNSUPPORTED_PUBLIC_KEY_ALG,
- "Unsupported Public Key algorithm %d (%s)",
- pkt.u.seckey.pubkey.alg,
- __ops_show_pka(pkt.u.seckey.pubkey.alg));
- ret = 0;
- }
-
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr, "4 MPIs read\n");
- }
- stream->reading_v3_secret = 0;
-
- if (pkt.u.seckey.s2k_usage == OPS_S2KU_ENCRYPTED_AND_HASHED) {
- uint8_t hash[OPS_CHECKHASH_SIZE];
-
- __ops_reader_pop_hash(stream);
- checkhash.finish(&checkhash, hash);
-
- if (crypted &&
- pkt.u.seckey.pubkey.version != OPS_V4) {
- __ops_reader_pop_decrypt(stream);
- region = saved_region;
- }
- if (ret) {
- if (!limread(pkt.u.seckey.checkhash,
- OPS_CHECKHASH_SIZE, region, stream)) {
- return 0;
- }
-
- if (memcmp(hash, pkt.u.seckey.checkhash,
- OPS_CHECKHASH_SIZE) != 0) {
- ERRP(&stream->cbinfo, pkt,
- "Hash mismatch in secret key");
- }
- }
- } else {
- uint16_t sum;
-
- sum = __ops_reader_pop_sum16(stream);
- if (crypted &&
- pkt.u.seckey.pubkey.version != OPS_V4) {
- __ops_reader_pop_decrypt(stream);
- region = saved_region;
- }
- if (ret) {
- if (!limread_scalar(&pkt.u.seckey.checksum, 2,
- region, stream))
- return 0;
-
- if (sum != pkt.u.seckey.checksum) {
- ERRP(&stream->cbinfo, pkt,
- "Checksum mismatch in secret key");
- }
- }
- }
-
- if (crypted && pkt.u.seckey.pubkey.version == OPS_V4) {
- __ops_reader_pop_decrypt(stream);
- }
- if (region == NULL) {
- (void) fprintf(stderr, "parse_seckey: NULL region\n");
- return 0;
- }
- if (ret && region->readc != region->length) {
- (void) fprintf(stderr, "parse_seckey: bad length\n");
- return 0;
- }
- if (!ret) {
- return 0;
- }
- CALLBACK(OPS_PTAG_CT_SECRET_KEY, &stream->cbinfo, &pkt);
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr, "--- end of parse_seckey\n\n");
- }
- return 1;
-}
-
-/**
- \ingroup Core_ReadPackets
- \brief Parse a Public Key Session Key packet
-*/
-static int
-parse_pk_sesskey(__ops_region_t *region,
- __ops_stream_t *stream)
-{
- const __ops_seckey_t *secret;
- __ops_packet_t sesskey;
- __ops_packet_t pkt;
- uint8_t *iv;
- uint8_t c = 0x0;
- uint8_t cs[2];
- unsigned k;
- BIGNUM *g_to_k;
- BIGNUM *enc_m;
- int n;
- uint8_t unencoded_m_buf[1024];
-
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.pk_sesskey.version = c;
- if (pkt.u.pk_sesskey.version != 3) {
- OPS_ERROR_1(&stream->errors, OPS_E_PROTO_BAD_PKSK_VRSN,
- "Bad public-key encrypted session key version (%d)",
- pkt.u.pk_sesskey.version);
- return 0;
- }
- if (!limread(pkt.u.pk_sesskey.key_id,
- (unsigned)sizeof(pkt.u.pk_sesskey.key_id), region, stream)) {
- return 0;
- }
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "sesskey: pubkey id", pkt.u.pk_sesskey.key_id, sizeof(pkt.u.pk_sesskey.key_id));
- }
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.pk_sesskey.alg = (__ops_pubkey_alg_t)c;
- switch (pkt.u.pk_sesskey.alg) {
- case OPS_PKA_RSA:
- if (!limread_mpi(&pkt.u.pk_sesskey.params.rsa.encrypted_m,
- region, stream)) {
- return 0;
- }
- enc_m = pkt.u.pk_sesskey.params.rsa.encrypted_m;
- g_to_k = NULL;
- break;
-
- case OPS_PKA_DSA:
- case OPS_PKA_ELGAMAL:
- if (!limread_mpi(&pkt.u.pk_sesskey.params.elgamal.g_to_k,
- region, stream) ||
- !limread_mpi(
- &pkt.u.pk_sesskey.params.elgamal.encrypted_m,
- region, stream)) {
- return 0;
- }
- g_to_k = pkt.u.pk_sesskey.params.elgamal.g_to_k;
- enc_m = pkt.u.pk_sesskey.params.elgamal.encrypted_m;
- break;
-
- default:
- OPS_ERROR_1(&stream->errors,
- OPS_E_ALG_UNSUPPORTED_PUBLIC_KEY_ALG,
- "Unknown public key algorithm in session key (%s)",
- __ops_show_pka(pkt.u.pk_sesskey.alg));
- return 0;
- }
-
- (void) memset(&sesskey, 0x0, sizeof(sesskey));
- secret = NULL;
- sesskey.u.get_seckey.seckey = &secret;
- sesskey.u.get_seckey.pk_sesskey = &pkt.u.pk_sesskey;
-
- CALLBACK(OPS_GET_SECKEY, &stream->cbinfo, &sesskey);
-
- if (!secret) {
- CALLBACK(OPS_PTAG_CT_ENCRYPTED_PK_SESSION_KEY, &stream->cbinfo,
- &pkt);
- return 1;
- }
- n = __ops_decrypt_decode_mpi(unencoded_m_buf,
- (unsigned)sizeof(unencoded_m_buf), g_to_k, enc_m, secret);
-
- if (n < 1) {
- ERRP(&stream->cbinfo, pkt, "decrypted message too short");
- return 0;
- }
-
- /* PKA */
- pkt.u.pk_sesskey.symm_alg = (__ops_symm_alg_t)unencoded_m_buf[0];
-
- if (!__ops_is_sa_supported(pkt.u.pk_sesskey.symm_alg)) {
- /* ERR1P */
- OPS_ERROR_1(&stream->errors, OPS_E_ALG_UNSUPPORTED_SYMMETRIC_ALG,
- "Symmetric algorithm %s not supported",
- __ops_show_symm_alg(
- pkt.u.pk_sesskey.symm_alg));
- return 0;
- }
- k = __ops_key_size(pkt.u.pk_sesskey.symm_alg);
-
- if ((unsigned) n != k + 3) {
- OPS_ERROR_2(&stream->errors, OPS_E_PROTO_DECRYPTED_MSG_WRONG_LEN,
- "decrypted message wrong length (got %d expected %d)",
- n, k + 3);
- return 0;
- }
- if (k > sizeof(pkt.u.pk_sesskey.key)) {
- (void) fprintf(stderr, "parse_pk_sesskey: bad keylength\n");
- return 0;
- }
-
- (void) memcpy(pkt.u.pk_sesskey.key, unencoded_m_buf + 1, k);
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "recovered sesskey", pkt.u.pk_sesskey.key, k);
- }
- pkt.u.pk_sesskey.checksum = unencoded_m_buf[k + 1] +
- (unencoded_m_buf[k + 2] << 8);
- if (__ops_get_debug_level(__FILE__)) {
- printf("session key checksum: %2x %2x\n",
- unencoded_m_buf[k + 1], unencoded_m_buf[k + 2]);
- }
-
- /* Check checksum */
- __ops_calc_sesskey_checksum(&pkt.u.pk_sesskey, &cs[0]);
- if (unencoded_m_buf[k + 1] != cs[0] ||
- unencoded_m_buf[k + 2] != cs[1]) {
- OPS_ERROR_4(&stream->errors, OPS_E_PROTO_BAD_SK_CHECKSUM,
- "Session key checksum wrong: expected %2x %2x, got %2x %2x",
- cs[0], cs[1], unencoded_m_buf[k + 1],
- unencoded_m_buf[k + 2]);
- return 0;
- }
- /* all is well */
- CALLBACK(OPS_PTAG_CT_PK_SESSION_KEY, &stream->cbinfo, &pkt);
-
- __ops_crypt_any(&stream->decrypt, pkt.u.pk_sesskey.symm_alg);
- iv = calloc(1, stream->decrypt.blocksize);
- if (iv == NULL) {
- (void) fprintf(stderr, "parse_pk_sesskey: bad alloc\n");
- return 0;
- }
- stream->decrypt.set_iv(&stream->decrypt, iv);
- stream->decrypt.set_crypt_key(&stream->decrypt, pkt.u.pk_sesskey.key);
- __ops_encrypt_init(&stream->decrypt);
- free(iv);
- return 1;
-}
-
-static int
-__ops_decrypt_se_data(__ops_content_enum tag, __ops_region_t *region,
- __ops_stream_t *stream)
-{
- __ops_crypt_t *decrypt;
- const int printerrors = 1;
- int r = 1;
-
- decrypt = __ops_get_decrypt(stream);
- if (decrypt) {
- __ops_region_t encregion;
- unsigned b = (unsigned)decrypt->blocksize;
- uint8_t buf[OPS_MAX_BLOCK_SIZE + 2] = "";
-
- __ops_reader_push_decrypt(stream, decrypt, region);
-
- __ops_init_subregion(&encregion, NULL);
- encregion.length = b + 2;
-
- if (!exact_limread(buf, b + 2, &encregion, stream)) {
- return 0;
- }
- if (buf[b - 2] != buf[b] || buf[b - 1] != buf[b + 1]) {
- __ops_reader_pop_decrypt(stream);
- OPS_ERROR_4(&stream->errors,
- OPS_E_PROTO_BAD_SYMMETRIC_DECRYPT,
- "Bad symmetric decrypt (%02x%02x vs %02x%02x)",
- buf[b - 2], buf[b - 1], buf[b], buf[b + 1]);
- return 0;
- }
- if (tag == OPS_PTAG_CT_SE_DATA_BODY) {
- decrypt->decrypt_resync(decrypt);
- decrypt->block_encrypt(decrypt, decrypt->civ,
- decrypt->civ);
- }
- r = __ops_parse(stream, !printerrors);
-
- __ops_reader_pop_decrypt(stream);
- } else {
- __ops_packet_t pkt;
-
- while (region->readc < region->length) {
- unsigned len;
-
- len = region->length - region->readc;
- if (len > sizeof(pkt.u.se_data_body.data))
- len = sizeof(pkt.u.se_data_body.data);
-
- if (!limread(pkt.u.se_data_body.data, len,
- region, stream)) {
- return 0;
- }
- pkt.u.se_data_body.length = len;
- CALLBACK(tag, &stream->cbinfo, &pkt);
- }
- }
-
- return r;
-}
-
-static int
-__ops_decrypt_se_ip_data(__ops_content_enum tag, __ops_region_t *region,
- __ops_stream_t *stream)
-{
- __ops_crypt_t *decrypt;
- const int printerrors = 1;
- int r = 1;
-
- decrypt = __ops_get_decrypt(stream);
- if (decrypt) {
- __ops_reader_push_decrypt(stream, decrypt, region);
- __ops_reader_push_se_ip_data(stream, decrypt, region);
-
- r = __ops_parse(stream, !printerrors);
-
- __ops_reader_pop_se_ip_data(stream);
- __ops_reader_pop_decrypt(stream);
- } else {
- __ops_packet_t pkt;
-
- while (region->readc < region->length) {
- unsigned len;
-
- len = region->length - region->readc;
- if (len > sizeof(pkt.u.se_data_body.data)) {
- len = sizeof(pkt.u.se_data_body.data);
- }
-
- if (!limread(pkt.u.se_data_body.data,
- len, region, stream)) {
- return 0;
- }
-
- pkt.u.se_data_body.length = len;
-
- CALLBACK(tag, &stream->cbinfo, &pkt);
- }
- }
-
- return r;
-}
-
-/**
- \ingroup Core_ReadPackets
- \brief Read a Symmetrically Encrypted packet
-*/
-static int
-parse_se_data(__ops_region_t *region, __ops_stream_t *stream)
-{
- __ops_packet_t pkt;
-
- /* there's no info to go with this, so just announce it */
- CALLBACK(OPS_PTAG_CT_SE_DATA_HEADER, &stream->cbinfo, &pkt);
-
- /*
- * The content of an encrypted data packet is more OpenPGP packets
- * once decrypted, so recursively handle them
- */
- return __ops_decrypt_se_data(OPS_PTAG_CT_SE_DATA_BODY, region, stream);
-}
-
-/**
- \ingroup Core_ReadPackets
- \brief Read a Symmetrically Encrypted Integrity Protected packet
-*/
-static int
-parse_se_ip_data(__ops_region_t *region, __ops_stream_t *stream)
-{
- __ops_packet_t pkt;
- uint8_t c = 0x0;
-
- if (!limread(&c, 1, region, stream)) {
- return 0;
- }
- pkt.u.se_ip_data_header = c;
-
- if (pkt.u.se_ip_data_header != OPS_SE_IP_DATA_VERSION) {
- (void) fprintf(stderr, "parse_se_ip_data: bad version\n");
- return 0;
- }
-
- /*
- * The content of an encrypted data packet is more OpenPGP packets
- * once decrypted, so recursively handle them
- */
- return __ops_decrypt_se_ip_data(OPS_PTAG_CT_SE_IP_DATA_BODY, region,
- stream);
-}
-
-/**
- \ingroup Core_ReadPackets
- \brief Read a MDC packet
-*/
-static int
-parse_mdc(__ops_region_t *region, __ops_stream_t *stream)
-{
- __ops_packet_t pkt;
-
- pkt.u.mdc.length = OPS_SHA1_HASH_SIZE;
- if ((pkt.u.mdc.data = calloc(1, OPS_SHA1_HASH_SIZE)) == NULL) {
- (void) fprintf(stderr, "parse_mdc: bad alloc\n");
- return 0;
- }
- if (!limread(pkt.u.mdc.data, OPS_SHA1_HASH_SIZE, region, stream)) {
- return 0;
- }
- CALLBACK(OPS_PTAG_CT_MDC, &stream->cbinfo, &pkt);
- free(pkt.u.mdc.data);
- return 1;
-}
-
-/**
- Data relating to indeterminate-length blocks.
-*/
-struct _ops_indeterminate_t {
- __ops_region_t* region;
- unsigned char* cdata;
- unsigned readc;
- unsigned length;
-};
-typedef struct _ops_indeterminate_t __ops_indeterminate_t;
-
-/* initialise an indeterminate parser */
-static int
-init_indeterminate(unsigned initial_length, __ops_stream_t* stream, __ops_indeterminate_t* data)
-{
- unsigned length = initial_length;
- unsigned indeterminate_flag = 1;
- int r;
- unsigned total_length = 0;
-
- data->readc = 0;
- data->cdata = 0;
-
- while(1) {
- if(!data->cdata) {
- data->cdata = (unsigned char*)calloc(1, length);
- if(!data->cdata) {
- fprintf(stderr, "init_indeterminate: can't alloc %u bytes\n", length);
- return 0;
- }
- }
- else {
- data->cdata = (unsigned char*)realloc(data->cdata, total_length+length);
- if(!data->cdata) {
- fprintf(stderr, "init_indeterminate: can't realloc %u bytes\n", total_length+length);
- return 0;
- }
- }
-
- r = base_read(data->cdata+total_length, length, stream);
- if(!r) {
- fprintf(stderr, "init_indeterminate: out of data\n");
- return 0;
- }
- total_length += length;
-
- if(!indeterminate_flag)
- break;
-
- r = read_new_length(&length, &indeterminate_flag, stream);
- if(!r) {
- fprintf(stderr, "init_indeterminate: could not read length header\n");
- return 0;
- }
- }
- data->length = data->region->length = total_length;
- data->region->indeterminate = 0;
- return 1;
-}
-
-void
-dealloc_indeterminate(__ops_indeterminate_t* data)
-{
- if(data->cdata) {
- free(data->cdata);
- data->cdata = 0;
- }
-}
-
-/* read from a new-style indeterminate length block */
-static int
-indeterminate_reader(void *dest, size_t length, __ops_error_t **errors,
- __ops_reader_t *readinfo, __ops_cbdata_t *cbinfo)
-{
- __ops_indeterminate_t *indeterminate = __ops_reader_get_arg(readinfo);
-
- memcpy(dest, indeterminate->cdata + indeterminate->readc, length);
- indeterminate->readc += length;
-
- return length;
-}
-
-/* push indeterminate data reader to stack */
-void
-__ops_reader_push_indeterminate(__ops_stream_t *stream,
- __ops_indeterminate_t *indeterminate)
-{
- __ops_reader_push(stream, indeterminate_reader, NULL, indeterminate);
-}
-
-/* pop indeterminate data reader from stack */
-void
-__ops_reader_pop_indeterminate(__ops_stream_t *stream)
-{
- __ops_reader_pop(stream);
-}
-
-/**
- * \ingroup Core_ReadPackets
- * \brief Parse one packet.
- *
- * This function parses the packet tag. It computes the value of the
- * content tag and then calls the appropriate function to handle the
- * content.
- *
- * \param *stream How to parse
- * \param *pktlen On return, will contain number of bytes in packet
- * \return 1 on success, 0 on error, -1 on EOF */
-static int
-__ops_parse_packet(__ops_stream_t *stream, uint32_t *pktlen)
-{
- __ops_packet_t pkt;
- __ops_region_t region;
- __ops_indeterminate_t idata;
- uint8_t ptag;
- unsigned indeterminate = 0;
- int ret;
-
- pkt.u.ptag.position = stream->readinfo.position;
-
- ret = base_read(&ptag, 1, stream);
-
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr,
- "__ops_parse_packet: base_read returned %d\n",
- ret);
- }
-
- /* errors in the base read are effectively EOF. */
- if (ret <= 0) {
- return -1;
- }
-
- *pktlen = 0;
-
- if (!(ptag & OPS_PTAG_ALWAYS_SET)) {
- pkt.u.error = "Format error (ptag bit not set)";
- CALLBACK(OPS_PARSER_ERROR, &stream->cbinfo, &pkt);
- return 0;
- }
- pkt.u.ptag.new_format = !!(ptag & OPS_PTAG_NEW_FORMAT);
- if (pkt.u.ptag.new_format) {
- pkt.u.ptag.type = (ptag & OPS_PTAG_NF_CONTENT_TAG_MASK);
- pkt.u.ptag.length_type = 0;
- if (!read_new_length(&pkt.u.ptag.length, &indeterminate, stream)) {
- return 0;
- }
- } else {
- unsigned rb;
-
- rb = 0;
- pkt.u.ptag.type = ((unsigned)ptag &
- OPS_PTAG_OF_CONTENT_TAG_MASK)
- >> OPS_PTAG_OF_CONTENT_TAG_SHIFT;
- pkt.u.ptag.length_type = ptag & OPS_PTAG_OF_LENGTH_TYPE_MASK;
- switch (pkt.u.ptag.length_type) {
- case OPS_PTAG_OLD_LEN_1:
- rb = _read_scalar(&pkt.u.ptag.length, 1, stream);
- break;
-
- case OPS_PTAG_OLD_LEN_2:
- rb = _read_scalar(&pkt.u.ptag.length, 2, stream);
- break;
-
- case OPS_PTAG_OLD_LEN_4:
- rb = _read_scalar(&pkt.u.ptag.length, 4, stream);
- break;
-
- case OPS_PTAG_OLD_LEN_INDETERMINATE:
- pkt.u.ptag.length = 0;
- indeterminate = 1;
- rb = 1;
- break;
- }
- if (!rb) {
- return 0;
- }
- }
-
- CALLBACK(OPS_PARSER_PTAG, &stream->cbinfo, &pkt);
-
- __ops_init_subregion(®ion, NULL);
- region.length = pkt.u.ptag.length;
- region.indeterminate = indeterminate;
-
- if(indeterminate && pkt.u.ptag.length > 0) {
- idata.region = ®ion;
- if(!init_indeterminate(pkt.u.ptag.length, stream, &idata)) {
- return 0;
- }
- __ops_reader_push_indeterminate(stream, &idata);
- }
-
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr, "__ops_parse_packet: type %u\n",
- pkt.u.ptag.type);
- }
- switch (pkt.u.ptag.type) {
- case OPS_PTAG_CT_SIGNATURE:
- ret = parse_sig(®ion, stream);
- break;
-
- case OPS_PTAG_CT_PUBLIC_KEY:
- case OPS_PTAG_CT_PUBLIC_SUBKEY:
- ret = parse_pubkey((__ops_content_enum)pkt.u.ptag.type, ®ion, stream);
- break;
-
- case OPS_PTAG_CT_TRUST:
- ret = parse_trust(®ion, stream);
- break;
-
- case OPS_PTAG_CT_USER_ID:
- ret = parse_userid(®ion, stream);
- break;
-
- case OPS_PTAG_CT_COMPRESSED:
- ret = parse_compressed(®ion, stream);
- break;
-
- case OPS_PTAG_CT_1_PASS_SIG:
- ret = parse_one_pass(®ion, stream);
- break;
-
- case OPS_PTAG_CT_LITDATA:
- ret = parse_litdata(®ion, stream);
- break;
-
- case OPS_PTAG_CT_USER_ATTR:
- ret = parse_userattr(®ion, stream);
- break;
-
- case OPS_PTAG_CT_SECRET_KEY:
- ret = parse_seckey(®ion, stream);
- break;
-
- case OPS_PTAG_CT_SECRET_SUBKEY:
- ret = parse_seckey(®ion, stream);
- break;
-
- case OPS_PTAG_CT_PK_SESSION_KEY:
- ret = parse_pk_sesskey(®ion, stream);
- break;
-
- case OPS_PTAG_CT_SE_DATA:
- ret = parse_se_data(®ion, stream);
- break;
-
- case OPS_PTAG_CT_SE_IP_DATA:
- ret = parse_se_ip_data(®ion, stream);
- break;
-
- case OPS_PTAG_CT_MDC:
- ret = parse_mdc(®ion, stream);
- break;
-
- default:
- OPS_ERROR_1(&stream->errors, OPS_E_P_UNKNOWN_TAG,
- "Unknown content tag 0x%x",
- pkt.u.ptag.type);
- ret = 0;
- }
-
- if(indeterminate && pkt.u.ptag.length > 0) {
- __ops_reader_pop_indeterminate(stream);
- dealloc_indeterminate(&idata);
- }
-
- /* Ensure that the entire packet has been consumed */
-
- if (region.length != region.readc && !region.indeterminate) {
- if (!consume_packet(®ion, stream, 0)) {
- ret = -1;
- }
- }
-
- /* also consume it if there's been an error? */
- /* \todo decide what to do about an error on an */
- /* indeterminate packet */
- if (ret == 0) {
- if (!consume_packet(®ion, stream, 0)) {
- ret = -1;
- }
- }
- /* set pktlen */
-
- *pktlen = stream->readinfo.alength;
-
- /* do callback on entire packet, if desired and there was no error */
-
- if (ret > 0 && stream->readinfo.accumulate) {
- pkt.u.packet.length = stream->readinfo.alength;
- pkt.u.packet.raw = stream->readinfo.accumulated;
- stream->readinfo.accumulated = NULL;
- stream->readinfo.asize = 0;
- CALLBACK(OPS_PARSER_PACKET_END, &stream->cbinfo, &pkt);
- }
- stream->readinfo.alength = 0;
-
- return (ret < 0) ? -1 : (ret) ? 1 : 0;
-}
-
-/**
- * \ingroup Core_ReadPackets
- *
- * \brief Parse packets from an input stream until EOF or error.
- *
- * \details Setup the necessary parsing configuration in "stream"
- * before calling __ops_parse().
- *
- * That information includes :
- *
- * - a "reader" function to be used to get the data to be parsed
- *
- * - a "callback" function to be called when this library has identified
- * a parseable object within the data
- *
- * - whether the calling function wants the signature subpackets
- * returned raw, parsed or not at all.
- *
- * After returning, stream->errors holds any errors encountered while parsing.
- *
- * \param stream Parsing configuration
- * \return 1 on success in all packets, 0 on error in any packet
- *
- * \sa CoreAPI Overview
- *
- * \sa __ops_print_errors()
- *
- */
-
-int
-__ops_parse(__ops_stream_t *stream, const int perrors)
-{
- uint32_t pktlen;
- int r;
-
- do {
- r = __ops_parse_packet(stream, &pktlen);
- } while (r != -1);
- if (perrors) {
- __ops_print_errors(stream->errors);
- }
- return (stream->errors == NULL);
-}
-
-/**
- * \ingroup Core_ReadPackets
- *
- * \brief Specifies whether one or more signature
- * subpacket types should be returned parsed; or raw; or ignored.
- *
- * \param stream Pointer to previously allocated structure
- * \param tag Packet tag. OPS_PTAG_SS_ALL for all SS tags; or one individual signature subpacket tag
- * \param type Parse type
- * \todo Make all packet types optional, not just subpackets */
-void
-__ops_parse_options(__ops_stream_t *stream,
- __ops_content_enum tag,
- __ops_parse_type_t type)
-{
- unsigned t7;
- unsigned t8;
-
- if (tag == OPS_PTAG_SS_ALL) {
- int n;
-
- for (n = 0; n < 256; ++n) {
- __ops_parse_options(stream,
- OPS_PTAG_SIG_SUBPKT_BASE + n,
- type);
- }
- return;
- }
- if (tag < OPS_PTAG_SIG_SUBPKT_BASE ||
- tag > OPS_PTAG_SIG_SUBPKT_BASE + NTAGS - 1) {
- (void) fprintf(stderr, "__ops_parse_options: bad tag\n");
- return;
- }
- t8 = (tag - OPS_PTAG_SIG_SUBPKT_BASE) / 8;
- t7 = 1 << ((tag - OPS_PTAG_SIG_SUBPKT_BASE) & 7);
- switch (type) {
- case OPS_PARSE_RAW:
- stream->ss_raw[t8] |= t7;
- stream->ss_parsed[t8] &= ~t7;
- break;
-
- case OPS_PARSE_PARSED:
- stream->ss_raw[t8] &= ~t7;
- stream->ss_parsed[t8] |= t7;
- break;
-
- case OPS_PARSE_IGNORE:
- stream->ss_raw[t8] &= ~t7;
- stream->ss_parsed[t8] &= ~t7;
- break;
- }
-}
-
-/**
-\ingroup Core_ReadPackets
-\brief Free __ops_stream_t struct and its contents
-*/
-void
-__ops_stream_delete(__ops_stream_t *stream)
-{
- __ops_cbdata_t *cbinfo;
- __ops_cbdata_t *next;
-
- for (cbinfo = stream->cbinfo.next; cbinfo; cbinfo = next) {
- next = cbinfo->next;
- free(cbinfo);
- }
- if (stream->readinfo.destroyer) {
- stream->readinfo.destroyer(&stream->readinfo);
- }
- __ops_free_errors(stream->errors);
- if (stream->readinfo.accumulated) {
- free(stream->readinfo.accumulated);
- }
- free(stream);
-}
-
-/**
-\ingroup Core_ReadPackets
-\brief Returns the parse_info's reader_info
-\return Pointer to the reader_info inside the parse_info
-*/
-__ops_reader_t *
-__ops_readinfo(__ops_stream_t *stream)
-{
- return &stream->readinfo;
-}
-
-/**
-\ingroup Core_ReadPackets
-\brief Sets the parse_info's callback
-This is used when adding the first callback in a stack of callbacks.
-\sa __ops_callback_push()
-*/
-
-void
-__ops_set_callback(__ops_stream_t *stream, __ops_cbfunc_t *cb, void *arg)
-{
- stream->cbinfo.cbfunc = cb;
- stream->cbinfo.arg = arg;
- stream->cbinfo.errors = &stream->errors;
-}
-
-/**
-\ingroup Core_ReadPackets
-\brief Adds a further callback to a stack of callbacks
-\sa __ops_set_callback()
-*/
-void
-__ops_callback_push(__ops_stream_t *stream, __ops_cbfunc_t *cb, void *arg)
-{
- __ops_cbdata_t *cbinfo;
-
- if ((cbinfo = calloc(1, sizeof(*cbinfo))) == NULL) {
- (void) fprintf(stderr, "__ops_callback_push: bad alloc\n");
- return;
- }
- (void) memcpy(cbinfo, &stream->cbinfo, sizeof(*cbinfo));
- cbinfo->io = stream->io;
- stream->cbinfo.next = cbinfo;
- __ops_set_callback(stream, cb, arg);
-}
-
-/**
-\ingroup Core_ReadPackets
-\brief Returns callback's arg
-*/
-void *
-__ops_callback_arg(__ops_cbdata_t *cbinfo)
-{
- return cbinfo->arg;
-}
-
-/**
-\ingroup Core_ReadPackets
-\brief Returns callback's errors
-*/
-void *
-__ops_callback_errors(__ops_cbdata_t *cbinfo)
-{
- return cbinfo->errors;
-}
-
-/**
-\ingroup Core_ReadPackets
-\brief Calls the parse_cb_info's callback if present
-\return Return value from callback, if present; else OPS_FINISHED
-*/
-__ops_cb_ret_t
-__ops_callback(const __ops_packet_t *pkt, __ops_cbdata_t *cbinfo)
-{
- return (cbinfo->cbfunc) ? cbinfo->cbfunc(pkt, cbinfo) : OPS_FINISHED;
-}
-
-/**
-\ingroup Core_ReadPackets
-\brief Calls the next callback in the stack
-\return Return value from callback
-*/
-__ops_cb_ret_t
-__ops_stacked_callback(const __ops_packet_t *pkt, __ops_cbdata_t *cbinfo)
-{
- return __ops_callback(pkt, cbinfo->next);
-}
-
-/**
-\ingroup Core_ReadPackets
-\brief Returns the parse_info's errors
-\return parse_info's errors
-*/
-__ops_error_t *
-__ops_stream_get_errors(__ops_stream_t *stream)
-{
- return stream->errors;
-}
-
-__ops_crypt_t *
-__ops_get_decrypt(__ops_stream_t *stream)
-{
- return (stream->decrypt.alg) ? &stream->decrypt : NULL;
-}
\ No newline at end of file
diff --git a/enzevalos_iphone/netpgp/lib/packet-parse.h b/enzevalos_iphone/netpgp/lib/packet-parse.h
deleted file mode 100644
index 9c37cf8f..00000000
--- a/enzevalos_iphone/netpgp/lib/packet-parse.h
+++ /dev/null
@@ -1,169 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- * Parser for OpenPGP packets - headers.
- */
-
-#ifndef PACKET_PARSE_H_
-#define PACKET_PARSE_H_
-
-#include "types.h"
-#include "packet.h"
-
-/** __ops_region_t */
-typedef struct __ops_region_t {
- struct __ops_region_t *parent;
- unsigned length;
- unsigned readc; /* length read */
- unsigned last_read;
- /* length of last read, only valid in deepest child */
- unsigned indeterminate:1;
-} __ops_region_t;
-
-void __ops_init_subregion(__ops_region_t *, __ops_region_t *);
-
-/** __ops_cb_ret_t */
-typedef enum {
- OPS_RELEASE_MEMORY,
- OPS_KEEP_MEMORY,
- OPS_FINISHED
-} __ops_cb_ret_t;
-
-typedef struct __ops_cbdata_t __ops_cbdata_t;
-
-typedef __ops_cb_ret_t __ops_cbfunc_t(const __ops_packet_t *,
- __ops_cbdata_t *);
-
-__ops_cb_ret_t
-get_passphrase_cb(const __ops_packet_t *, __ops_cbdata_t *);
-
-typedef struct __ops_stream_t __ops_stream_t;
-typedef struct __ops_reader_t __ops_reader_t;
-typedef struct __ops_cryptinfo_t __ops_cryptinfo_t;
-
-/*
- A reader MUST read at least one byte if it can, and should read up
- to the number asked for. Whether it reads more for efficiency is
- its own decision, but if it is a stacked reader it should never
- read more than the length of the region it operates in (which it
- would have to be given when it is stacked).
-
- If a read is short because of EOF, then it should return the short
- read (obviously this will be zero on the second attempt, if not the
- first). Because a reader is not obliged to do a full read, only a
- zero return can be taken as an indication of EOF.
-
- If there is an error, then the callback should be notified, the
- error stacked, and -1 should be returned.
-
- Note that although length is a size_t, a reader will never be asked
- to read more than INT_MAX in one go.
-
- */
-typedef int __ops_reader_func_t(void *, size_t, __ops_error_t **,
- __ops_reader_t *, __ops_cbdata_t *);
-
-typedef void __ops_reader_destroyer_t(__ops_reader_t *);
-
-void __ops_stream_delete(__ops_stream_t *);
-__ops_error_t *__ops_stream_get_errors(__ops_stream_t *);
-__ops_crypt_t *__ops_get_decrypt(__ops_stream_t *);
-
-void __ops_set_callback(__ops_stream_t *, __ops_cbfunc_t *, void *);
-void __ops_callback_push(__ops_stream_t *, __ops_cbfunc_t *, void *);
-void *__ops_callback_arg(__ops_cbdata_t *);
-void *__ops_callback_errors(__ops_cbdata_t *);
-void __ops_reader_set(__ops_stream_t *, __ops_reader_func_t *,
- __ops_reader_destroyer_t *, void *);
-void __ops_reader_push(__ops_stream_t *, __ops_reader_func_t *,
- __ops_reader_destroyer_t *, void *);
-void __ops_reader_pop(__ops_stream_t *);
-
-void *__ops_reader_get_arg(__ops_reader_t *);
-
-__ops_cb_ret_t __ops_callback(const __ops_packet_t *,
- __ops_cbdata_t *);
-__ops_cb_ret_t __ops_stacked_callback(const __ops_packet_t *,
- __ops_cbdata_t *);
-__ops_reader_t *__ops_readinfo(__ops_stream_t *);
-
-int __ops_parse(__ops_stream_t *, const int);
-
-/** Used to specify whether subpackets should be returned raw, parsed
-* or ignored. */
-typedef enum {
- OPS_PARSE_RAW, /* Callback Raw */
- OPS_PARSE_PARSED, /* Callback Parsed */
- OPS_PARSE_IGNORE /* Don't callback */
-} __ops_parse_type_t;
-
-void __ops_parse_options(__ops_stream_t *, __ops_content_enum,
- __ops_parse_type_t);
-
-unsigned __ops_limited_read(uint8_t *, size_t, __ops_region_t *,
- __ops_error_t **, __ops_reader_t *,
- __ops_cbdata_t *);
-unsigned __ops_stacked_limited_read(uint8_t *, unsigned,
- __ops_region_t *, __ops_error_t **,
- __ops_reader_t *, __ops_cbdata_t *);
-void __ops_parse_hash_init(__ops_stream_t *, __ops_hash_alg_t,
- const uint8_t *);
-void __ops_parse_hash_data(__ops_stream_t *, const void *, size_t);
-void __ops_parse_hash_finish(__ops_stream_t *);
-__ops_hash_t *__ops_parse_hash_find(__ops_stream_t *, const uint8_t *);
-
-__ops_reader_func_t __ops_stacked_read;
-
-int __ops_decompress(__ops_region_t *, __ops_stream_t *,
- __ops_compression_type_t);
-unsigned __ops_writez(__ops_output_t *, const uint8_t *,
- const unsigned);
-
-#endif /* PACKET_PARSE_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/packet-print.c b/enzevalos_iphone/netpgp/lib/packet-print.c
deleted file mode 100644
index cbce4eae..00000000
--- a/enzevalos_iphone/netpgp/lib/packet-print.c
+++ /dev/null
@@ -1,1455 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/*
- * ! \file \brief Standard API print functions
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-#if defined(__NetBSD__)
-__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: packet-print.c,v 1.38 2010/11/03 02:27:56 agc Exp $");
-#endif
-
-#include <string.h>
-#include <stdio.h>
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#include "crypto.h"
-#include "keyring.h"
-#include "packet-show.h"
-#include "signature.h"
-#include "readerwriter.h"
-#include "netpgpdefs.h"
-#include "netpgpsdk.h"
-#include "packet.h"
-#include "netpgpdigest.h"
-#include "mj.h"
-
-/* static functions */
-
-static void
-print_indent(int indent)
-{
- int i;
-
- for (i = 0; i < indent; i++) {
- printf(" ");
- }
-}
-
-static void
-print_name(int indent, const char *name)
-{
- print_indent(indent);
- if (name) {
- printf("%s: ", name);
- }
-}
-
-static void
-print_hexdump(int indent, const char *name, const uint8_t *data, unsigned len)
-{
- print_name(indent, name);
- hexdump(stdout, NULL, data, len);
-}
-
-static void
-hexdump_data(int indent, const char *name, const uint8_t *data, unsigned len)
-{
- print_name(indent, name);
- hexdump(stdout, NULL, data, len);
-}
-
-static void
-print_uint(int indent, const char *name, unsigned val)
-{
- print_name(indent, name);
- printf("%u\n", val);
-}
-
-static void
-showtime(const char *name, time_t t)
-{
- printf("%s=%" PRItime "d (%.24s)", name, (long long) t, ctime(&t));
-}
-
-static void
-print_time(int indent, const char *name, time_t t)
-{
- print_indent(indent);
- printf("%s: ", name);
- showtime("time", t);
- printf("\n");
-}
-
-static void
-print_string_and_value(int indent, const char *name, const char *str, uint8_t value)
-{
- print_name(indent, name);
- printf("%s (0x%x)\n", str, value);
-}
-
-static void
-print_tagname(int indent, const char *str)
-{
- print_indent(indent);
- printf("%s packet\n", str);
-}
-
-static void
-print_data(int indent, const char *name, const __ops_data_t *data)
-{
- print_hexdump(indent, name, data->contents, (unsigned)data->len);
-}
-
-static void
-print_bn(int indent, const char *name, const BIGNUM *bn)
-{
- print_indent(indent);
- printf("%s=", name);
- if (bn) {
- BN_print_fp(stdout, bn);
- putchar('\n');
- } else {
- puts("(unset)");
- }
-}
-
-static void
-print_packet_hex(const __ops_subpacket_t *pkt)
-{
- hexdump(stdout, "packet contents:", pkt->raw, pkt->length);
-}
-
-static void
-print_escaped(const uint8_t *data, size_t length)
-{
- while (length-- > 0) {
- if ((*data >= 0x20 && *data < 0x7f && *data != '%') ||
- *data == '\n') {
- putchar(*data);
- } else {
- printf("%%%02x", *data);
- }
- ++data;
- }
-}
-
-static void
-print_string(int indent, const char *name, const char *str)
-{
- print_name(indent, name);
- print_escaped((const uint8_t *) str, strlen(str));
- putchar('\n');
-}
-
-static void
-print_utf8_string(int indent, const char *name, const uint8_t *str)
-{
- /* \todo Do this better for non-English character sets */
- print_string(indent, name, (const char *) str);
-}
-
-static void
-print_duration(int indent, const char *name, time_t t)
-{
- int mins, hours, days, years;
-
- print_indent(indent);
- printf("%s: ", name);
- printf("duration %" PRItime "d seconds", (long long) t);
-
- mins = (int)(t / 60);
- hours = mins / 60;
- days = hours / 24;
- years = days / 365;
-
- printf(" (approx. ");
- if (years) {
- printf("%d %s", years, years == 1 ? "year" : "years");
- } else if (days) {
- printf("%d %s", days, days == 1 ? "day" : "days");
- } else if (hours) {
- printf("%d %s", hours, hours == 1 ? "hour" : "hours");
- }
- printf(")\n");
-}
-
-static void
-print_boolean(int indent, const char *name, uint8_t boolval)
-{
- print_name(indent, name);
- printf("%s\n", (boolval) ? "Yes" : "No");
-}
-
-static void
-print_text_breakdown(int indent, __ops_text_t *text)
-{
- const char *prefix = ".. ";
- unsigned i;
-
- /* these were recognised */
- for (i = 0; i < text->known.used; i++) {
- print_indent(indent);
- printf("%s", prefix);
- printf("%s\n", text->known.strings[i]);
- }
- /*
- * these were not recognised. the strings will contain the hex value
- * of the unrecognised value in string format - see
- * process_octet_str()
- */
- if (text->unknown.used) {
- printf("\n");
- print_indent(indent);
- printf("Not Recognised: ");
- }
- for (i = 0; i < text->unknown.used; i++) {
- print_indent(indent);
- printf("%s", prefix);
- printf("%s\n", text->unknown.strings[i]);
- }
-}
-
-static void
-print_headers(const __ops_headers_t *h)
-{
- unsigned i;
-
- for (i = 0; i < h->headerc; ++i) {
- printf("%s=%s\n", h->headers[i].key, h->headers[i].value);
- }
-}
-
-static void
-print_block(int indent, const char *name, const uint8_t *str, size_t length)
-{
- int o = (int)length;
-
- print_indent(indent);
- printf(">>>>> %s >>>>>\n", name);
-
- print_indent(indent);
- for (; length > 0; --length) {
- if (*str >= 0x20 && *str < 0x7f && *str != '%') {
- putchar(*str);
- } else if (*str == '\n') {
- putchar(*str);
- print_indent(indent);
- } else {
- printf("%%%02x", *str);
- }
- ++str;
- }
- if (o && str[-1] != '\n') {
- putchar('\n');
- print_indent(indent);
- fputs("[no newline]", stdout);
- } else {
- print_indent(indent);
- }
- printf("<<<<< %s <<<<<\n", name);
-}
-
-/* return the number of bits in the public key */
-static int
-numkeybits(const __ops_pubkey_t *pubkey)
-{
- switch(pubkey->alg) {
- case OPS_PKA_RSA:
- case OPS_PKA_RSA_ENCRYPT_ONLY:
- case OPS_PKA_RSA_SIGN_ONLY:
- return BN_num_bytes(pubkey->key.rsa.n) * 8;
- case OPS_PKA_DSA:
- switch(BN_num_bytes(pubkey->key.dsa.q)) {
- case 20:
- return 1024;
- case 28:
- return 2048;
- case 32:
- return 3072;
- default:
- return 0;
- }
- case OPS_PKA_ELGAMAL:
- return BN_num_bytes(pubkey->key.elgamal.y) * 8;
- default:
- return -1;
- }
-}
-
-/* return the hexdump as a string */
-static char *
-strhexdump(char *dest, const uint8_t *src, size_t length, const char *sep)
-{
- unsigned i;
- int n;
-
- for (n = 0, i = 0 ; i < length ; i += 2) {
- n += snprintf(&dest[n], 3, "%02x", *src++);
- n += snprintf(&dest[n], 10, "%02x%s", *src++, sep);
- }
- return dest;
-}
-
-/* return the time as a string */
-static char *
-ptimestr(char *dest, size_t size, time_t t)
-{
- struct tm *tm;
-
- tm = gmtime(&t);
- (void) snprintf(dest, size, "%04d-%02d-%02d",
- tm->tm_year + 1900,
- tm->tm_mon + 1,
- tm->tm_mday);
- return dest;
-}
-
-/* print the sub key binding signature info */
-static int
-psubkeybinding(char *buf, size_t size, const __ops_key_t *key, const char *expired)
-{
- char keyid[512];
- char t[32];
-
- return snprintf(buf, size, "encryption %d/%s %s %s %s\n",
- numkeybits(&key->enckey),
- __ops_show_pka(key->enckey.alg),
- strhexdump(keyid, key->encid, OPS_KEY_ID_SIZE, ""),
- ptimestr(t, sizeof(t), key->enckey.birthtime),
- expired);
-}
-
-static int
-isrevoked(const __ops_key_t *key, unsigned uid)
-{
- unsigned r;
-
- for (r = 0 ; r < key->revokec ; r++) {
- if (key->revokes[r].uid == uid) {
- return r;
- }
- }
- return -1;
-}
-
-#ifndef KB
-#define KB(x) ((x) * 1024)
-#endif
-
-/* print into a string (malloc'ed) the pubkeydata */
-int
-__ops_sprint_keydata(__ops_io_t *io, const __ops_keyring_t *keyring,
- const __ops_key_t *key, char **buf, const char *header,
- const __ops_pubkey_t *pubkey, const int psigs)
-{
- const __ops_key_t *trustkey;
- unsigned from;
- unsigned i;
- unsigned j;
- time_t now;
- char uidbuf[KB(128)];
- char keyid[OPS_KEY_ID_SIZE * 3];
- char fp[(OPS_FINGERPRINT_SIZE * 3) + 1];
- char expired[128];
- char t[32];
- int cc;
- int n;
- int r;
-
- if (key == NULL || key->revoked) {
- return -1;
- }
- now = time(NULL);
- if (pubkey->duration > 0) {
- cc = snprintf(expired, sizeof(expired),
- (pubkey->birthtime + pubkey->duration < now) ?
- "[EXPIRED " : "[EXPIRES ");
- ptimestr(&expired[cc], sizeof(expired) - cc,
- pubkey->birthtime + pubkey->duration);
- cc += 10;
- cc += snprintf(&expired[cc], sizeof(expired) - cc, "]");
- } else {
- expired[0] = 0x0;
- }
- for (i = 0, n = 0; i < key->uidc; i++) {
- if ((r = isrevoked(key, i)) >= 0 &&
- key->revokes[r].code == OPS_REVOCATION_COMPROMISED) {
- continue;
- }
- n += snprintf(&uidbuf[n], sizeof(uidbuf) - n, "uid%s%s%s\n",
- (psigs) ? " " : " ",
- key->uids[i],
- (isrevoked(key, i) >= 0) ? " [REVOKED]" : "");
- for (j = 0 ; j < key->subsigc ; j++) {
- if (psigs) {
- if (key->subsigs[j].uid != i) {
- continue;
- }
- } else {
- if (!(key->subsigs[j].sig.info.version == 4 &&
- key->subsigs[j].sig.info.type == OPS_SIG_SUBKEY &&
- i == key->uidc - 1)) {
- continue;
- }
- }
- from = 0;
- trustkey = __ops_getkeybyid(io, keyring, key->subsigs[j].sig.info.signer_id, &from, NULL);
- if (key->subsigs[j].sig.info.version == 4 &&
- key->subsigs[j].sig.info.type == OPS_SIG_SUBKEY) {
- psubkeybinding(&uidbuf[n], sizeof(uidbuf) - n, key, expired);
- } else {
- n += snprintf(&uidbuf[n], sizeof(uidbuf) - n,
- "sig %s %s %s\n",
- strhexdump(keyid, key->subsigs[j].sig.info.signer_id, OPS_KEY_ID_SIZE, ""),
- ptimestr(t, sizeof(t), key->subsigs[j].sig.info.birthtime),
- (trustkey) ? (char *)trustkey->uids[trustkey->uid0] : "[unknown]");
- }
- }
- }
- return __ops_asprintf(buf, "%s %d/%s %s %s %s\nKey fingerprint: %s\n%s",
- header,
- numkeybits(pubkey),
- __ops_show_pka(pubkey->alg),
- strhexdump(keyid, key->sigid, OPS_KEY_ID_SIZE, ""),
- ptimestr(t, sizeof(t), pubkey->birthtime),
- expired,
- strhexdump(fp, key->sigfingerprint.fingerprint, key->sigfingerprint.length, " "),
- uidbuf);
-}
-
-/* return the key info as a JSON encoded string */
-int
-__ops_sprint_mj(__ops_io_t *io, const __ops_keyring_t *keyring,
- const __ops_key_t *key, mj_t *keyjson, const char *header,
- const __ops_pubkey_t *pubkey, const int psigs)
-{
- const __ops_key_t *trustkey;
- unsigned from;
- unsigned i;
- unsigned j;
- mj_t sub_obj;
- char keyid[OPS_KEY_ID_SIZE * 3];
- char fp[(OPS_FINGERPRINT_SIZE * 3) + 1];
- int r;
-
- if (key == NULL || key->revoked) {
- return -1;
- }
- (void) memset(keyjson, 0x0, sizeof(*keyjson));
- mj_create(keyjson, "object");
- mj_append_field(keyjson, "header", "string", header);
- mj_append_field(keyjson, "key bits", "integer", (int64_t) numkeybits(pubkey));
- mj_append_field(keyjson, "pka", "string", __ops_show_pka(pubkey->alg));
- mj_append_field(keyjson, "key id", "string", strhexdump(keyid, key->sigid, OPS_KEY_ID_SIZE, ""));
- mj_append_field(keyjson, "fingerprint", "string",
- strhexdump(fp, key->sigfingerprint.fingerprint, key->sigfingerprint.length, " "));
- mj_append_field(keyjson, "birthtime", "integer", pubkey->birthtime);
- mj_append_field(keyjson, "duration", "integer", pubkey->duration);
- for (i = 0; i < key->uidc; i++) {
- if ((r = isrevoked(key, i)) >= 0 &&
- key->revokes[r].code == OPS_REVOCATION_COMPROMISED) {
- continue;
- }
- (void) memset(&sub_obj, 0x0, sizeof(sub_obj));
- mj_create(&sub_obj, "array");
- mj_append(&sub_obj, "string", key->uids[i]);
- mj_append(&sub_obj, "string", (r >= 0) ? "[REVOKED]" : "");
- mj_append_field(keyjson, "uid", "array", &sub_obj);
- mj_delete(&sub_obj);
- for (j = 0 ; j < key->subsigc ; j++) {
- if (psigs) {
- if (key->subsigs[j].uid != i) {
- continue;
- }
- } else {
- if (!(key->subsigs[j].sig.info.version == 4 &&
- key->subsigs[j].sig.info.type == OPS_SIG_SUBKEY &&
- i == key->uidc - 1)) {
- continue;
- }
- }
- (void) memset(&sub_obj, 0x0, sizeof(sub_obj));
- mj_create(&sub_obj, "array");
- if (key->subsigs[j].sig.info.version == 4 &&
- key->subsigs[j].sig.info.type == OPS_SIG_SUBKEY) {
- mj_append(&sub_obj, "integer", (int64_t)numkeybits(&key->enckey));
- mj_append(&sub_obj, "string",
- (const char *)__ops_show_pka(key->enckey.alg));
- mj_append(&sub_obj, "string",
- strhexdump(keyid, key->encid, OPS_KEY_ID_SIZE, ""));
- mj_append(&sub_obj, "integer", (int64_t)key->enckey.birthtime);
- mj_append_field(keyjson, "encryption", "array", &sub_obj);
- mj_delete(&sub_obj);
- } else {
- mj_append(&sub_obj, "string",
- strhexdump(keyid, key->subsigs[j].sig.info.signer_id, OPS_KEY_ID_SIZE, ""));
- mj_append(&sub_obj, "integer",
- (int64_t)(key->subsigs[j].sig.info.birthtime));
- from = 0;
- trustkey = __ops_getkeybyid(io, keyring, key->subsigs[j].sig.info.signer_id, &from, NULL);
- mj_append(&sub_obj, "string",
- (trustkey) ? (char *)trustkey->uids[trustkey->uid0] : "[unknown]");
- mj_append_field(keyjson, "sig", "array", &sub_obj);
- mj_delete(&sub_obj);
- }
- }
- }
- if (__ops_get_debug_level(__FILE__)) {
- char *buf;
-
- mj_asprint(&buf, keyjson);
- (void) fprintf(stderr, "__ops_sprint_mj: '%s'\n", buf);
- free(buf);
- }
- return 1;
-}
-
-int
-__ops_hkp_sprint_keydata(__ops_io_t *io, const __ops_keyring_t *keyring,
- const __ops_key_t *key, char **buf,
- const __ops_pubkey_t *pubkey, const int psigs)
-{
- const __ops_key_t *trustkey;
- unsigned from;
- unsigned i;
- unsigned j;
- char keyid[OPS_KEY_ID_SIZE * 3];
- char uidbuf[KB(128)];
- char fp[(OPS_FINGERPRINT_SIZE * 3) + 1];
- int n;
-
- if (key->revoked) {
- return -1;
- }
- for (i = 0, n = 0; i < key->uidc; i++) {
- n += snprintf(&uidbuf[n], sizeof(uidbuf) - n,
- "uid:%lld:%lld:%s\n",
- (long long)pubkey->birthtime,
- (long long)pubkey->duration,
- key->uids[i]);
- for (j = 0 ; j < key->subsigc ; j++) {
- if (psigs) {
- if (key->subsigs[j].uid != i) {
- continue;
- }
- } else {
- if (!(key->subsigs[j].sig.info.version == 4 &&
- key->subsigs[j].sig.info.type == OPS_SIG_SUBKEY &&
- i == key->uidc - 1)) {
- continue;
- }
- }
- from = 0;
- trustkey = __ops_getkeybyid(io, keyring, key->subsigs[j].sig.info.signer_id, &from, NULL);
- if (key->subsigs[j].sig.info.version == 4 &&
- key->subsigs[j].sig.info.type == OPS_SIG_SUBKEY) {
- n += snprintf(&uidbuf[n], sizeof(uidbuf) - n, "sub:%d:%d:%s:%lld:%lld\n",
- numkeybits(pubkey),
- key->subsigs[j].sig.info.key_alg,
- strhexdump(keyid, key->subsigs[j].sig.info.signer_id, OPS_KEY_ID_SIZE, ""),
- (long long)(key->subsigs[j].sig.info.birthtime),
- (long long)pubkey->duration);
- } else {
- n += snprintf(&uidbuf[n], sizeof(uidbuf) - n,
- "sig:%s:%lld:%s\n",
- strhexdump(keyid, key->subsigs[j].sig.info.signer_id, OPS_KEY_ID_SIZE, ""),
- (long long)key->subsigs[j].sig.info.birthtime,
- (trustkey) ? (char *)trustkey->uids[trustkey->uid0] : "");
- }
- }
- }
- return __ops_asprintf(buf, "pub:%s:%d:%d:%lld:%lld\n%s",
- strhexdump(fp, key->sigfingerprint.fingerprint, OPS_FINGERPRINT_SIZE, ""),
- pubkey->alg,
- numkeybits(pubkey),
- (long long)pubkey->birthtime,
- (long long)pubkey->duration,
- uidbuf);
-}
-
-/* print the key data for a pub or sec key */
-void
-__ops_print_keydata(__ops_io_t *io, const __ops_keyring_t *keyring,
- const __ops_key_t *key, const char *header,
- const __ops_pubkey_t *pubkey, const int psigs)
-{
- char *cp;
-
- if (__ops_sprint_keydata(io, keyring, key, &cp, header, pubkey, psigs) >= 0) {
- (void) fprintf(io->res, "%s", cp);
- free(cp);
- }
-}
-
-/**
-\ingroup Core_Print
-\param pubkey
-*/
-void
-__ops_print_pubkey(const __ops_pubkey_t *pubkey)
-{
- printf("------- PUBLIC KEY ------\n");
- print_uint(0, "Version", (unsigned)pubkey->version);
- print_time(0, "Creation Time", pubkey->birthtime);
- if (pubkey->version == OPS_V3) {
- print_uint(0, "Days Valid", pubkey->days_valid);
- }
- print_string_and_value(0, "Algorithm", __ops_show_pka(pubkey->alg),
- pubkey->alg);
- switch (pubkey->alg) {
- case OPS_PKA_DSA:
- print_bn(0, "p", pubkey->key.dsa.p);
- print_bn(0, "q", pubkey->key.dsa.q);
- print_bn(0, "g", pubkey->key.dsa.g);
- print_bn(0, "y", pubkey->key.dsa.y);
- break;
-
- case OPS_PKA_RSA:
- case OPS_PKA_RSA_ENCRYPT_ONLY:
- case OPS_PKA_RSA_SIGN_ONLY:
- print_bn(0, "n", pubkey->key.rsa.n);
- print_bn(0, "e", pubkey->key.rsa.e);
- break;
-
- case OPS_PKA_ELGAMAL:
- case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
- print_bn(0, "p", pubkey->key.elgamal.p);
- print_bn(0, "g", pubkey->key.elgamal.g);
- print_bn(0, "y", pubkey->key.elgamal.y);
- break;
-
- default:
- (void) fprintf(stderr,
- "__ops_print_pubkey: Unusual algorithm\n");
- }
-
- printf("------- end of PUBLIC KEY ------\n");
-}
-
-int
-__ops_sprint_pubkey(const __ops_key_t *key, char *out, size_t outsize)
-{
- char fp[(OPS_FINGERPRINT_SIZE * 3) + 1];
- int cc;
-
- cc = snprintf(out, outsize, "key:%s:%d:%lld:%lld:%d:\n",
- strhexdump(fp, key->sigfingerprint.fingerprint, OPS_FINGERPRINT_SIZE, ""),
- key->key.pubkey.version,
- (long long)key->key.pubkey.birthtime,
- (long long)key->key.pubkey.days_valid,
- key->key.pubkey.alg);
- switch (key->key.pubkey.alg) {
- case OPS_PKA_DSA:
- cc += snprintf(&out[cc], outsize - cc,
- "pubkey:p=%s:q=%s:g=%s:y=%s\n",
- BN_bn2hex(key->key.pubkey.key.dsa.p),
- BN_bn2hex(key->key.pubkey.key.dsa.q),
- BN_bn2hex(key->key.pubkey.key.dsa.g),
- BN_bn2hex(key->key.pubkey.key.dsa.y));
- break;
- case OPS_PKA_RSA:
- case OPS_PKA_RSA_ENCRYPT_ONLY:
- case OPS_PKA_RSA_SIGN_ONLY:
- cc += snprintf(&out[cc], outsize - cc,
- "pubkey:n=%s:e=%s\n",
- BN_bn2hex(key->key.pubkey.key.rsa.n),
- BN_bn2hex(key->key.pubkey.key.rsa.e));
- break;
- case OPS_PKA_ELGAMAL:
- case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
- cc += snprintf(&out[cc], outsize - cc,
- "pubkey:p=%s:g=%s:y=%s\n",
- BN_bn2hex(key->key.pubkey.key.elgamal.p),
- BN_bn2hex(key->key.pubkey.key.elgamal.g),
- BN_bn2hex(key->key.pubkey.key.elgamal.y));
- break;
- default:
- (void) fprintf(stderr,
- "__ops_print_pubkey: Unusual algorithm\n");
- }
- return cc;
-}
-
-/**
-\ingroup Core_Print
-\param type
-\param seckey
-*/
-static void
-__ops_print_seckey_verbose(const __ops_content_enum type,
- const __ops_seckey_t *seckey)
-{
- printf("------- SECRET KEY or ENCRYPTED SECRET KEY ------\n");
- print_tagname(0, (type == OPS_PTAG_CT_SECRET_KEY) ?
- "SECRET_KEY" :
- "ENCRYPTED_SECRET_KEY");
- /* __ops_print_pubkey(key); */
- printf("S2K Usage: %d\n", seckey->s2k_usage);
- if (seckey->s2k_usage != OPS_S2KU_NONE) {
- printf("S2K Specifier: %d\n", seckey->s2k_specifier);
- printf("Symmetric algorithm: %d (%s)\n", seckey->alg,
- __ops_show_symm_alg(seckey->alg));
- printf("Hash algorithm: %d (%s)\n", seckey->hash_alg,
- __ops_show_hash_alg((uint8_t)seckey->hash_alg));
- if (seckey->s2k_specifier != OPS_S2KS_SIMPLE) {
- print_hexdump(0, "Salt", seckey->salt,
- (unsigned)sizeof(seckey->salt));
- }
- if (seckey->s2k_specifier == OPS_S2KS_ITERATED_AND_SALTED) {
- printf("Octet count: %u\n", seckey->octetc);
- }
- print_hexdump(0, "IV", seckey->iv, __ops_block_size(seckey->alg));
- }
- /* no more set if encrypted */
- if (type == OPS_PTAG_CT_ENCRYPTED_SECRET_KEY) {
- return;
- }
- switch (seckey->pubkey.alg) {
- case OPS_PKA_RSA:
- print_bn(0, "d", seckey->key.rsa.d);
- print_bn(0, "p", seckey->key.rsa.p);
- print_bn(0, "q", seckey->key.rsa.q);
- print_bn(0, "u", seckey->key.rsa.u);
- break;
-
- case OPS_PKA_DSA:
- print_bn(0, "x", seckey->key.dsa.x);
- break;
-
- default:
- (void) fprintf(stderr,
- "__ops_print_seckey_verbose: unusual algorithm\n");
- }
- if (seckey->s2k_usage == OPS_S2KU_ENCRYPTED_AND_HASHED) {
- print_hexdump(0, "Checkhash", seckey->checkhash,
- OPS_CHECKHASH_SIZE);
- } else {
- printf("Checksum: %04x\n", seckey->checksum);
- }
- printf("------- end of SECRET KEY or ENCRYPTED SECRET KEY ------\n");
-}
-
-
-/**
-\ingroup Core_Print
-\param tag
-\param key
-*/
-static void
-__ops_print_pk_sesskey(__ops_content_enum tag,
- const __ops_pk_sesskey_t * key)
-{
- print_tagname(0, (tag == OPS_PTAG_CT_PK_SESSION_KEY) ?
- "PUBLIC KEY SESSION KEY" :
- "ENCRYPTED PUBLIC KEY SESSION KEY");
- printf("Version: %d\n", key->version);
- print_hexdump(0, "Key ID", key->key_id, (unsigned)sizeof(key->key_id));
- printf("Algorithm: %d (%s)\n", key->alg,
- __ops_show_pka(key->alg));
- switch (key->alg) {
- case OPS_PKA_RSA:
- print_bn(0, "encrypted_m", key->params.rsa.encrypted_m);
- break;
-
- case OPS_PKA_ELGAMAL:
- print_bn(0, "g_to_k", key->params.elgamal.g_to_k);
- print_bn(0, "encrypted_m", key->params.elgamal.encrypted_m);
- break;
-
- default:
- (void) fprintf(stderr,
- "__ops_print_pk_sesskey: unusual algorithm\n");
- }
- if (tag == OPS_PTAG_CT_PK_SESSION_KEY) {
- printf("Symmetric algorithm: %d (%s)\n", key->symm_alg,
- __ops_show_symm_alg(key->symm_alg));
- print_hexdump(0, "Key", key->key, __ops_key_size(key->symm_alg));
- printf("Checksum: %04x\n", key->checksum);
- }
-}
-
-static void
-start_subpacket(int *indent, int type)
-{
- *indent += 1;
- print_indent(*indent);
- printf("-- %s (type 0x%02x)\n",
- __ops_show_ss_type((__ops_content_enum)type),
- type - OPS_PTAG_SIG_SUBPKT_BASE);
-}
-
-static void
-end_subpacket(int *indent)
-{
- *indent -= 1;
-}
-
-/**
-\ingroup Core_Print
-\param contents
-*/
-int
-__ops_print_packet(__ops_printstate_t *print, const __ops_packet_t *pkt)
-{
- const __ops_contents_t *content = &pkt->u;
- __ops_text_t *text;
- const char *str;
-
- if (print->unarmoured && pkt->tag != OPS_PTAG_CT_UNARMOURED_TEXT) {
- print->unarmoured = 0;
- puts("UNARMOURED TEXT ends");
- }
- if (pkt->tag == OPS_PARSER_PTAG) {
- printf("=> OPS_PARSER_PTAG: %s\n",
- __ops_show_packet_tag((__ops_content_enum)content->ptag.type));
- } else {
- printf("=> %s\n", __ops_show_packet_tag(pkt->tag));
- }
-
- switch (pkt->tag) {
- case OPS_PARSER_ERROR:
- printf("parse error: %s\n", content->error);
- break;
-
- case OPS_PARSER_ERRCODE:
- printf("parse error: %s\n",
- __ops_errcode(content->errcode.errcode));
- break;
-
- case OPS_PARSER_PACKET_END:
- print_packet_hex(&content->packet);
- break;
-
- case OPS_PARSER_PTAG:
- if (content->ptag.type == OPS_PTAG_CT_PUBLIC_KEY) {
- print->indent = 0;
- printf("\n*** NEXT KEY ***\n");
- }
- printf("\n");
- print_indent(print->indent);
- printf("==== ptag new_format=%u type=%u length_type=%d"
- " length=0x%x (%u) position=0x%x (%u)\n",
- content->ptag.new_format,
- content->ptag.type, content->ptag.length_type,
- content->ptag.length, content->ptag.length,
- content->ptag.position, content->ptag.position);
- print_tagname(print->indent, __ops_show_packet_tag((__ops_content_enum)content->ptag.type));
- break;
-
- case OPS_PTAG_CT_SE_DATA_HEADER:
- print_tagname(print->indent, "SYMMETRIC ENCRYPTED DATA");
- break;
-
- case OPS_PTAG_CT_SE_IP_DATA_HEADER:
- print_tagname(print->indent,
- "SYMMETRIC ENCRYPTED INTEGRITY PROTECTED DATA HEADER");
- printf("Version: %d\n", content->se_ip_data_header);
- break;
-
- case OPS_PTAG_CT_SE_IP_DATA_BODY:
- print_tagname(print->indent,
- "SYMMETRIC ENCRYPTED INTEGRITY PROTECTED DATA BODY");
- hexdump(stdout, "data", content->se_data_body.data,
- content->se_data_body.length);
- break;
-
- case OPS_PTAG_CT_PUBLIC_KEY:
- case OPS_PTAG_CT_PUBLIC_SUBKEY:
- print_tagname(print->indent, (pkt->tag == OPS_PTAG_CT_PUBLIC_KEY) ?
- "PUBLIC KEY" :
- "PUBLIC SUBKEY");
- __ops_print_pubkey(&content->pubkey);
- break;
-
- case OPS_PTAG_CT_TRUST:
- print_tagname(print->indent, "TRUST");
- print_data(print->indent, "Trust", &content->trust);
- break;
-
- case OPS_PTAG_CT_USER_ID:
- print_tagname(print->indent, "USER ID");
- print_utf8_string(print->indent, "userid", content->userid);
- break;
-
- case OPS_PTAG_CT_SIGNATURE:
- print_tagname(print->indent, "SIGNATURE");
- print_indent(print->indent);
- print_uint(print->indent, "Signature Version",
- (unsigned)content->sig.info.version);
- if (content->sig.info.birthtime_set) {
- print_time(print->indent, "Signature Creation Time",
- content->sig.info.birthtime);
- }
- if (content->sig.info.duration_set) {
- print_uint(print->indent, "Signature Duration",
- (unsigned)content->sig.info.duration);
- }
-
- print_string_and_value(print->indent, "Signature Type",
- __ops_show_sig_type(content->sig.info.type),
- content->sig.info.type);
-
- if (content->sig.info.signer_id_set) {
- hexdump_data(print->indent, "Signer ID",
- content->sig.info.signer_id,
- (unsigned)sizeof(content->sig.info.signer_id));
- }
-
- print_string_and_value(print->indent, "Public Key Algorithm",
- __ops_show_pka(content->sig.info.key_alg),
- content->sig.info.key_alg);
- print_string_and_value(print->indent, "Hash Algorithm",
- __ops_show_hash_alg((uint8_t)
- content->sig.info.hash_alg),
- (uint8_t)content->sig.info.hash_alg);
- print_uint(print->indent, "Hashed data len",
- (unsigned)content->sig.info.v4_hashlen);
- print_indent(print->indent);
- hexdump_data(print->indent, "hash2", &content->sig.hash2[0], 2);
- switch (content->sig.info.key_alg) {
- case OPS_PKA_RSA:
- case OPS_PKA_RSA_SIGN_ONLY:
- print_bn(print->indent, "sig", content->sig.info.sig.rsa.sig);
- break;
-
- case OPS_PKA_DSA:
- print_bn(print->indent, "r", content->sig.info.sig.dsa.r);
- print_bn(print->indent, "s", content->sig.info.sig.dsa.s);
- break;
-
- case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
- print_bn(print->indent, "r", content->sig.info.sig.elgamal.r);
- print_bn(print->indent, "s", content->sig.info.sig.elgamal.s);
- break;
-
- default:
- (void) fprintf(stderr,
- "__ops_print_packet: Unusual algorithm\n");
- return 0;
- }
-
- if (content->sig.hash)
- printf("data hash is set\n");
-
- break;
-
- case OPS_PTAG_CT_COMPRESSED:
- print_tagname(print->indent, "COMPRESSED");
- print_uint(print->indent, "Compressed Data Type",
- (unsigned)content->compressed);
- break;
-
- case OPS_PTAG_CT_1_PASS_SIG:
- print_tagname(print->indent, "ONE PASS SIGNATURE");
-
- print_uint(print->indent, "Version", (unsigned)content->one_pass_sig.version);
- print_string_and_value(print->indent, "Signature Type",
- __ops_show_sig_type(content->one_pass_sig.sig_type),
- content->one_pass_sig.sig_type);
- print_string_and_value(print->indent, "Hash Algorithm",
- __ops_show_hash_alg((uint8_t)content->one_pass_sig.hash_alg),
- (uint8_t)content->one_pass_sig.hash_alg);
- print_string_and_value(print->indent, "Public Key Algorithm",
- __ops_show_pka(content->one_pass_sig.key_alg),
- content->one_pass_sig.key_alg);
- hexdump_data(print->indent, "Signer ID",
- content->one_pass_sig.keyid,
- (unsigned)sizeof(content->one_pass_sig.keyid));
- print_uint(print->indent, "Nested", content->one_pass_sig.nested);
- break;
-
- case OPS_PTAG_CT_USER_ATTR:
- print_tagname(print->indent, "USER ATTRIBUTE");
- print_hexdump(print->indent, "User Attribute",
- content->userattr.contents,
- (unsigned)content->userattr.len);
- break;
-
- case OPS_PTAG_RAW_SS:
- if (pkt->critical) {
- (void) fprintf(stderr, "contents are critical\n");
- return 0;
- }
- start_subpacket(&print->indent, pkt->tag);
- print_uint(print->indent, "Raw Signature Subpacket: tag",
- (unsigned)(content->ss_raw.tag -
- (unsigned)OPS_PTAG_SIG_SUBPKT_BASE));
- print_hexdump(print->indent, "Raw Data",
- content->ss_raw.raw,
- (unsigned)content->ss_raw.length);
- break;
-
- case OPS_PTAG_SS_CREATION_TIME:
- start_subpacket(&print->indent, pkt->tag);
- print_time(print->indent, "Signature Creation Time", content->ss_time);
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_EXPIRATION_TIME:
- start_subpacket(&print->indent, pkt->tag);
- print_duration(print->indent, "Signature Expiration Time",
- content->ss_time);
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_KEY_EXPIRY:
- start_subpacket(&print->indent, pkt->tag);
- print_duration(print->indent, "Key Expiration Time", content->ss_time);
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_TRUST:
- start_subpacket(&print->indent, pkt->tag);
- print_string(print->indent, "Trust Signature", "");
- print_uint(print->indent, "Level", (unsigned)content->ss_trust.level);
- print_uint(print->indent, "Amount", (unsigned)content->ss_trust.amount);
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_REVOCABLE:
- start_subpacket(&print->indent, pkt->tag);
- print_boolean(print->indent, "Revocable", content->ss_revocable);
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_REVOCATION_KEY:
- start_subpacket(&print->indent, pkt->tag);
- /* not yet tested */
- printf(" revocation key: class=0x%x",
- content->ss_revocation_key.class);
- if (content->ss_revocation_key.class & 0x40) {
- printf(" (sensitive)");
- }
- printf(", algid=0x%x", content->ss_revocation_key.algid);
- hexdump(stdout, "fingerprint", content->ss_revocation_key.fingerprint,
- OPS_FINGERPRINT_SIZE);
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_ISSUER_KEY_ID:
- start_subpacket(&print->indent, pkt->tag);
- print_hexdump(print->indent, "Issuer Key Id",
- content->ss_issuer, (unsigned)sizeof(content->ss_issuer));
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_PREFERRED_SKA:
- start_subpacket(&print->indent, pkt->tag);
- print_data(print->indent, "Preferred Symmetric Algorithms",
- &content->ss_skapref);
- text = __ops_showall_ss_skapref(&content->ss_skapref);
- print_text_breakdown(print->indent, text);
- __ops_text_free(text);
-
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_PRIMARY_USER_ID:
- start_subpacket(&print->indent, pkt->tag);
- print_boolean(print->indent, "Primary User ID",
- content->ss_primary_userid);
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_PREFERRED_HASH:
- start_subpacket(&print->indent, pkt->tag);
- print_data(print->indent, "Preferred Hash Algorithms",
- &content->ss_hashpref);
- text = __ops_showall_ss_hashpref(&content->ss_hashpref);
- print_text_breakdown(print->indent, text);
- __ops_text_free(text);
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_PREF_COMPRESS:
- start_subpacket(&print->indent, pkt->tag);
- print_data(print->indent, "Preferred Compression Algorithms",
- &content->ss_zpref);
- text = __ops_showall_ss_zpref(&content->ss_zpref);
- print_text_breakdown(print->indent, text);
- __ops_text_free(text);
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_KEY_FLAGS:
- start_subpacket(&print->indent, pkt->tag);
- print_data(print->indent, "Key Flags", &content->ss_key_flags);
-
- text = __ops_showall_ss_key_flags(&content->ss_key_flags);
- print_text_breakdown(print->indent, text);
- __ops_text_free(text);
-
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_KEYSERV_PREFS:
- start_subpacket(&print->indent, pkt->tag);
- print_data(print->indent, "Key Server Preferences",
- &content->ss_key_server_prefs);
- text = __ops_show_keyserv_prefs(&content->ss_key_server_prefs);
- print_text_breakdown(print->indent, text);
- __ops_text_free(text);
-
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_FEATURES:
- start_subpacket(&print->indent, pkt->tag);
- print_data(print->indent, "Features", &content->ss_features);
- text = __ops_showall_ss_features(content->ss_features);
- print_text_breakdown(print->indent, text);
- __ops_text_free(text);
-
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_NOTATION_DATA:
- start_subpacket(&print->indent, pkt->tag);
- print_indent(print->indent);
- printf("Notation Data:\n");
-
- print->indent++;
- print_data(print->indent, "Flags", &content->ss_notation.flags);
- text = __ops_showall_notation(content->ss_notation);
- print_text_breakdown(print->indent, text);
- __ops_text_free(text);
-
- print_data(print->indent, "Name", &content->ss_notation.name);
-
- print_data(print->indent, "Value", &content->ss_notation.value);
-
- print->indent--;
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_REGEXP:
- start_subpacket(&print->indent, pkt->tag);
- print_hexdump(print->indent, "Regular Expression",
- (uint8_t *) content->ss_regexp,
- (unsigned)strlen(content->ss_regexp));
- print_string(print->indent, NULL, content->ss_regexp);
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_POLICY_URI:
- start_subpacket(&print->indent, pkt->tag);
- print_string(print->indent, "Policy URL", content->ss_policy);
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_SIGNERS_USER_ID:
- start_subpacket(&print->indent, pkt->tag);
- print_utf8_string(print->indent, "Signer's User ID", content->ss_signer);
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_PREF_KEYSERV:
- start_subpacket(&print->indent, pkt->tag);
- print_string(print->indent, "Preferred Key Server", content->ss_keyserv);
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_EMBEDDED_SIGNATURE:
- start_subpacket(&print->indent, pkt->tag);
- end_subpacket(&print->indent);/* \todo print out contents? */
- break;
-
- case OPS_PTAG_SS_USERDEFINED00:
- case OPS_PTAG_SS_USERDEFINED01:
- case OPS_PTAG_SS_USERDEFINED02:
- case OPS_PTAG_SS_USERDEFINED03:
- case OPS_PTAG_SS_USERDEFINED04:
- case OPS_PTAG_SS_USERDEFINED05:
- case OPS_PTAG_SS_USERDEFINED06:
- case OPS_PTAG_SS_USERDEFINED07:
- case OPS_PTAG_SS_USERDEFINED08:
- case OPS_PTAG_SS_USERDEFINED09:
- case OPS_PTAG_SS_USERDEFINED10:
- start_subpacket(&print->indent, pkt->tag);
- print_hexdump(print->indent, "Internal or user-defined",
- content->ss_userdef.contents,
- (unsigned)content->ss_userdef.len);
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_RESERVED:
- start_subpacket(&print->indent, pkt->tag);
- print_hexdump(print->indent, "Reserved",
- content->ss_userdef.contents,
- (unsigned)content->ss_userdef.len);
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_SS_REVOCATION_REASON:
- start_subpacket(&print->indent, pkt->tag);
- print_hexdump(print->indent, "Revocation Reason",
- &content->ss_revocation.code,
- 1);
- str = __ops_show_ss_rr_code(content->ss_revocation.code);
- print_string(print->indent, NULL, str);
- end_subpacket(&print->indent);
- break;
-
- case OPS_PTAG_CT_LITDATA_HEADER:
- print_tagname(print->indent, "LITERAL DATA HEADER");
- printf(" literal data header format=%c filename='%s'\n",
- content->litdata_header.format,
- content->litdata_header.filename);
- showtime(" modification time",
- content->litdata_header.mtime);
- printf("\n");
- break;
-
- case OPS_PTAG_CT_LITDATA_BODY:
- print_tagname(print->indent, "LITERAL DATA BODY");
- printf(" literal data body length=%u\n",
- content->litdata_body.length);
- printf(" data=");
- print_escaped(content->litdata_body.data,
- content->litdata_body.length);
- printf("\n");
- break;
-
- case OPS_PTAG_CT_SIGNATURE_HEADER:
- print_tagname(print->indent, "SIGNATURE");
- print_indent(print->indent);
- print_uint(print->indent, "Signature Version",
- (unsigned)content->sig.info.version);
- if (content->sig.info.birthtime_set) {
- print_time(print->indent, "Signature Creation Time",
- content->sig.info.birthtime);
- }
- if (content->sig.info.duration_set) {
- print_uint(print->indent, "Signature Duration",
- (unsigned)content->sig.info.duration);
- }
- print_string_and_value(print->indent, "Signature Type",
- __ops_show_sig_type(content->sig.info.type),
- content->sig.info.type);
- if (content->sig.info.signer_id_set) {
- hexdump_data(print->indent, "Signer ID",
- content->sig.info.signer_id,
- (unsigned)sizeof(content->sig.info.signer_id));
- }
- print_string_and_value(print->indent, "Public Key Algorithm",
- __ops_show_pka(content->sig.info.key_alg),
- content->sig.info.key_alg);
- print_string_and_value(print->indent, "Hash Algorithm",
- __ops_show_hash_alg((uint8_t)content->sig.info.hash_alg),
- (uint8_t)content->sig.info.hash_alg);
- print_uint(print->indent, "Hashed data len",
- (unsigned)content->sig.info.v4_hashlen);
-
- break;
-
- case OPS_PTAG_CT_SIGNATURE_FOOTER:
- print_indent(print->indent);
- hexdump_data(print->indent, "hash2", &content->sig.hash2[0], 2);
-
- switch (content->sig.info.key_alg) {
- case OPS_PKA_RSA:
- print_bn(print->indent, "sig", content->sig.info.sig.rsa.sig);
- break;
-
- case OPS_PKA_DSA:
- print_bn(print->indent, "r", content->sig.info.sig.dsa.r);
- print_bn(print->indent, "s", content->sig.info.sig.dsa.s);
- break;
-
- case OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN:
- print_bn(print->indent, "r", content->sig.info.sig.elgamal.r);
- print_bn(print->indent, "s", content->sig.info.sig.elgamal.s);
- break;
-
- case OPS_PKA_PRIVATE00:
- case OPS_PKA_PRIVATE01:
- case OPS_PKA_PRIVATE02:
- case OPS_PKA_PRIVATE03:
- case OPS_PKA_PRIVATE04:
- case OPS_PKA_PRIVATE05:
- case OPS_PKA_PRIVATE06:
- case OPS_PKA_PRIVATE07:
- case OPS_PKA_PRIVATE08:
- case OPS_PKA_PRIVATE09:
- case OPS_PKA_PRIVATE10:
- print_data(print->indent, "Private/Experimental",
- &content->sig.info.sig.unknown);
- break;
-
- default:
- (void) fprintf(stderr,
- "__ops_print_packet: Unusual key algorithm\n");
- return 0;
- }
- break;
-
- case OPS_GET_PASSPHRASE:
- print_tagname(print->indent, "OPS_GET_PASSPHRASE");
- break;
-
- case OPS_PTAG_CT_SECRET_KEY:
- print_tagname(print->indent, "OPS_PTAG_CT_SECRET_KEY");
- __ops_print_seckey_verbose(pkt->tag, &content->seckey);
- break;
-
- case OPS_PTAG_CT_ENCRYPTED_SECRET_KEY:
- print_tagname(print->indent, "OPS_PTAG_CT_ENCRYPTED_SECRET_KEY");
- __ops_print_seckey_verbose(pkt->tag, &content->seckey);
- break;
-
- case OPS_PTAG_CT_ARMOUR_HEADER:
- print_tagname(print->indent, "ARMOUR HEADER");
- print_string(print->indent, "type", content->armour_header.type);
- break;
-
- case OPS_PTAG_CT_SIGNED_CLEARTEXT_HEADER:
- print_tagname(print->indent, "SIGNED CLEARTEXT HEADER");
- print_headers(&content->cleartext_head);
- break;
-
- case OPS_PTAG_CT_SIGNED_CLEARTEXT_BODY:
- print_tagname(print->indent, "SIGNED CLEARTEXT BODY");
- print_block(print->indent, "signed cleartext", content->cleartext_body.data,
- content->cleartext_body.length);
- break;
-
- case OPS_PTAG_CT_SIGNED_CLEARTEXT_TRAILER:
- print_tagname(print->indent, "SIGNED CLEARTEXT TRAILER");
- printf("hash algorithm: %d\n",
- content->cleartext_trailer->alg);
- printf("\n");
- break;
-
- case OPS_PTAG_CT_UNARMOURED_TEXT:
- if (!print->unarmoured) {
- print_tagname(print->indent, "UNARMOURED TEXT");
- print->unarmoured = 1;
- }
- putchar('[');
- print_escaped(content->unarmoured_text.data,
- content->unarmoured_text.length);
- putchar(']');
- break;
-
- case OPS_PTAG_CT_ARMOUR_TRAILER:
- print_tagname(print->indent, "ARMOUR TRAILER");
- print_string(print->indent, "type", content->armour_header.type);
- break;
-
- case OPS_PTAG_CT_PK_SESSION_KEY:
- case OPS_PTAG_CT_ENCRYPTED_PK_SESSION_KEY:
- __ops_print_pk_sesskey(pkt->tag, &content->pk_sesskey);
- break;
-
- case OPS_GET_SECKEY:
- __ops_print_pk_sesskey(OPS_PTAG_CT_ENCRYPTED_PK_SESSION_KEY,
- content->get_seckey.pk_sesskey);
- break;
-
- default:
- print_tagname(print->indent, "UNKNOWN PACKET TYPE");
- fprintf(stderr, "__ops_print_packet: unknown tag=%d (0x%x)\n",
- pkt->tag, pkt->tag);
- return 0;
- }
- return 1;
-}
-
-static __ops_cb_ret_t
-cb_list_packets(const __ops_packet_t *pkt, __ops_cbdata_t *cbinfo)
-{
- __ops_print_packet(&cbinfo->printstate, pkt);
- return OPS_RELEASE_MEMORY;
-}
-
-/**
-\ingroup Core_Print
-\param filename
-\param armour
-\param keyring
-\param cb_get_passphrase
-*/
-int
-__ops_list_packets(__ops_io_t *io,
- char *filename,
- unsigned armour,
- __ops_keyring_t *secring,
- __ops_keyring_t *pubring,
- void *passfp,
- __ops_cbfunc_t *cb_get_passphrase)
-{
- __ops_stream_t *stream = NULL;
- const unsigned accumulate = 1;
- const int printerrors = 1;
- int fd;
-
- fd = __ops_setup_file_read(io, &stream, filename, NULL, cb_list_packets,
- accumulate);
- __ops_parse_options(stream, OPS_PTAG_SS_ALL, OPS_PARSE_PARSED);
- stream->cryptinfo.secring = secring;
- stream->cryptinfo.pubring = pubring;
- stream->cbinfo.passfp = passfp;
- stream->cryptinfo.getpassphrase = cb_get_passphrase;
- if (armour) {
- __ops_reader_push_dearmour(stream);
- }
- __ops_parse(stream, printerrors);
- __ops_teardown_file_read(stream, fd);
- return 1;
-}
diff --git a/enzevalos_iphone/netpgp/lib/packet-show.c b/enzevalos_iphone/netpgp/lib/packet-show.c
deleted file mode 100644
index bdb0a655..00000000
--- a/enzevalos_iphone/netpgp/lib/packet-show.c
+++ /dev/null
@@ -1,918 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- *
- * Creates printable text strings from packet contents
- *
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-#if defined(__NetBSD__)
-__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: packet-show.c,v 1.18 2010/11/04 06:45:28 agc Exp $");
-#endif
-
-#include <stdlib.h>
-#include <string.h>
-
-#include "packet-show.h"
-
-#include "netpgpsdk.h"
-#include "netpgpdefs.h"
-
-
-/*
- * Arrays of value->text maps
- */
-
-static __ops_map_t packet_tag_map[] =
-{
- {OPS_PTAG_CT_RESERVED, "Reserved"},
- {OPS_PTAG_CT_PK_SESSION_KEY, "Public-Key Encrypted Session Key"},
- {OPS_PTAG_CT_SIGNATURE, "Signature"},
- {OPS_PTAG_CT_SK_SESSION_KEY, "Symmetric-Key Encrypted Session Key"},
- {OPS_PTAG_CT_1_PASS_SIG, "One-Pass Signature"},
- {OPS_PTAG_CT_SECRET_KEY, "Secret Key"},
- {OPS_PTAG_CT_PUBLIC_KEY, "Public Key"},
- {OPS_PTAG_CT_SECRET_SUBKEY, "Secret Subkey"},
- {OPS_PTAG_CT_COMPRESSED, "Compressed Data"},
- {OPS_PTAG_CT_SE_DATA, "Symmetrically Encrypted Data"},
- {OPS_PTAG_CT_MARKER, "Marker"},
- {OPS_PTAG_CT_LITDATA, "Literal Data"},
- {OPS_PTAG_CT_TRUST, "Trust"},
- {OPS_PTAG_CT_USER_ID, "User ID"},
- {OPS_PTAG_CT_PUBLIC_SUBKEY, "Public Subkey"},
- {OPS_PTAG_CT_RESERVED2, "reserved2"},
- {OPS_PTAG_CT_RESERVED3, "reserved3"},
- {OPS_PTAG_CT_USER_ATTR, "User Attribute"},
- {OPS_PTAG_CT_SE_IP_DATA,
- "Symmetric Encrypted and Integrity Protected Data"},
- {OPS_PTAG_CT_MDC, "Modification Detection Code"},
- {OPS_PARSER_PTAG, "OPS_PARSER_PTAG"},
- {OPS_PTAG_RAW_SS, "OPS_PTAG_RAW_SS"},
- {OPS_PTAG_SS_ALL, "OPS_PTAG_SS_ALL"},
- {OPS_PARSER_PACKET_END, "OPS_PARSER_PACKET_END"},
- {OPS_PTAG_SIG_SUBPKT_BASE, "OPS_PTAG_SIG_SUBPKT_BASE"},
- {OPS_PTAG_SS_CREATION_TIME, "SS: Signature Creation Time"},
- {OPS_PTAG_SS_EXPIRATION_TIME, "SS: Signature Expiration Time"},
- {OPS_PTAG_SS_EXPORT_CERT, "SS: Exportable Certification"},
- {OPS_PTAG_SS_TRUST, "SS: Trust Signature"},
- {OPS_PTAG_SS_REGEXP, "SS: Regular Expression"},
- {OPS_PTAG_SS_REVOCABLE, "SS: Revocable"},
- {OPS_PTAG_SS_KEY_EXPIRY, "SS: Key Expiration Time"},
- {OPS_PTAG_SS_RESERVED, "SS: Reserved"},
- {OPS_PTAG_SS_PREFERRED_SKA, "SS: Preferred Secret Key Algorithm"},
- {OPS_PTAG_SS_REVOCATION_KEY, "SS: Revocation Key"},
- {OPS_PTAG_SS_ISSUER_KEY_ID, "SS: Issuer Key Id"},
- {OPS_PTAG_SS_NOTATION_DATA, "SS: Notation Data"},
- {OPS_PTAG_SS_PREFERRED_HASH, "SS: Preferred Hash Algorithm"},
- {OPS_PTAG_SS_PREF_COMPRESS, "SS: Preferred Compression Algorithm"},
- {OPS_PTAG_SS_KEYSERV_PREFS, "SS: Key Server Preferences"},
- {OPS_PTAG_SS_PREF_KEYSERV, "SS: Preferred Key Server"},
- {OPS_PTAG_SS_PRIMARY_USER_ID, "SS: Primary User ID"},
- {OPS_PTAG_SS_POLICY_URI, "SS: Policy URI"},
- {OPS_PTAG_SS_KEY_FLAGS, "SS: Key Flags"},
- {OPS_PTAG_SS_SIGNERS_USER_ID, "SS: Signer's User ID"},
- {OPS_PTAG_SS_REVOCATION_REASON, "SS: Reason for Revocation"},
- {OPS_PTAG_SS_FEATURES, "SS: Features"},
- {OPS_PTAG_SS_SIGNATURE_TARGET, "SS: Signature Target"},
- {OPS_PTAG_SS_EMBEDDED_SIGNATURE, "SS: Embedded Signature"},
-
- {OPS_PTAG_CT_LITDATA_HEADER, "CT: Literal Data Header"},
- {OPS_PTAG_CT_LITDATA_BODY, "CT: Literal Data Body"},
- {OPS_PTAG_CT_SIGNATURE_HEADER, "CT: Signature Header"},
- {OPS_PTAG_CT_SIGNATURE_FOOTER, "CT: Signature Footer"},
- {OPS_PTAG_CT_ARMOUR_HEADER, "CT: Armour Header"},
- {OPS_PTAG_CT_ARMOUR_TRAILER, "CT: Armour Trailer"},
- {OPS_PTAG_CT_SIGNED_CLEARTEXT_HEADER, "CT: Signed Cleartext Header"},
- {OPS_PTAG_CT_SIGNED_CLEARTEXT_BODY, "CT: Signed Cleartext Body"},
- {OPS_PTAG_CT_SIGNED_CLEARTEXT_TRAILER, "CT: Signed Cleartext Trailer"},
- {OPS_PTAG_CT_UNARMOURED_TEXT, "CT: Unarmoured Text"},
- {OPS_PTAG_CT_ENCRYPTED_SECRET_KEY, "CT: Encrypted Secret Key"},
- {OPS_PTAG_CT_SE_DATA_HEADER, "CT: Sym Encrypted Data Header"},
- {OPS_PTAG_CT_SE_DATA_BODY, "CT: Sym Encrypted Data Body"},
- {OPS_PTAG_CT_SE_IP_DATA_HEADER, "CT: Sym Encrypted IP Data Header"},
- {OPS_PTAG_CT_SE_IP_DATA_BODY, "CT: Sym Encrypted IP Data Body"},
- {OPS_PTAG_CT_ENCRYPTED_PK_SESSION_KEY, "CT: Encrypted PK Session Key"},
- {OPS_GET_PASSPHRASE, "CMD: Get Secret Key Passphrase"},
- {OPS_GET_SECKEY, "CMD: Get Secret Key"},
- {OPS_PARSER_ERROR, "OPS_PARSER_ERROR"},
- {OPS_PARSER_ERRCODE, "OPS_PARSER_ERRCODE"},
-
- {0x00, NULL}, /* this is the end-of-array marker */
-};
-
-static __ops_map_t ss_type_map[] =
-{
- {OPS_PTAG_SS_CREATION_TIME, "Signature Creation Time"},
- {OPS_PTAG_SS_EXPIRATION_TIME, "Signature Expiration Time"},
- {OPS_PTAG_SS_TRUST, "Trust Signature"},
- {OPS_PTAG_SS_REGEXP, "Regular Expression"},
- {OPS_PTAG_SS_REVOCABLE, "Revocable"},
- {OPS_PTAG_SS_KEY_EXPIRY, "Key Expiration Time"},
- {OPS_PTAG_SS_PREFERRED_SKA, "Preferred Symmetric Algorithms"},
- {OPS_PTAG_SS_REVOCATION_KEY, "Revocation Key"},
- {OPS_PTAG_SS_ISSUER_KEY_ID, "Issuer key ID"},
- {OPS_PTAG_SS_NOTATION_DATA, "Notation Data"},
- {OPS_PTAG_SS_PREFERRED_HASH, "Preferred Hash Algorithms"},
- {OPS_PTAG_SS_PREF_COMPRESS, "Preferred Compression Algorithms"},
- {OPS_PTAG_SS_KEYSERV_PREFS, "Key Server Preferences"},
- {OPS_PTAG_SS_PREF_KEYSERV, "Preferred Key Server"},
- {OPS_PTAG_SS_PRIMARY_USER_ID, "Primary User ID"},
- {OPS_PTAG_SS_POLICY_URI, "Policy URI"},
- {OPS_PTAG_SS_KEY_FLAGS, "Key Flags"},
- {OPS_PTAG_SS_REVOCATION_REASON, "Reason for Revocation"},
- {OPS_PTAG_SS_FEATURES, "Features"},
- {0x00, NULL}, /* this is the end-of-array marker */
-};
-
-
-static __ops_map_t ss_rr_code_map[] =
-{
- {0x00, "No reason specified"},
- {0x01, "Key is superseded"},
- {0x02, "Key material has been compromised"},
- {0x03, "Key is retired and no longer used"},
- {0x20, "User ID information is no longer valid"},
- {0x00, NULL}, /* this is the end-of-array marker */
-};
-
-static __ops_map_t sig_type_map[] =
-{
- {OPS_SIG_BINARY, "Signature of a binary document"},
- {OPS_SIG_TEXT, "Signature of a canonical text document"},
- {OPS_SIG_STANDALONE, "Standalone signature"},
- {OPS_CERT_GENERIC, "Generic certification of a User ID and Public Key packet"},
- {OPS_CERT_PERSONA, "Personal certification of a User ID and Public Key packet"},
- {OPS_CERT_CASUAL, "Casual certification of a User ID and Public Key packet"},
- {OPS_CERT_POSITIVE, "Positive certification of a User ID and Public Key packet"},
- {OPS_SIG_SUBKEY, "Subkey Binding Signature"},
- {OPS_SIG_PRIMARY, "Primary Key Binding Signature"},
- {OPS_SIG_DIRECT, "Signature directly on a key"},
- {OPS_SIG_REV_KEY, "Key revocation signature"},
- {OPS_SIG_REV_SUBKEY, "Subkey revocation signature"},
- {OPS_SIG_REV_CERT, "Certification revocation signature"},
- {OPS_SIG_TIMESTAMP, "Timestamp signature"},
- {OPS_SIG_3RD_PARTY, "Third-Party Confirmation signature"},
- {0x00, NULL}, /* this is the end-of-array marker */
-};
-
-static __ops_map_t pubkey_alg_map[] =
-{
- {OPS_PKA_RSA, "RSA (Encrypt or Sign)"},
- {OPS_PKA_RSA_ENCRYPT_ONLY, "RSA Encrypt-Only"},
- {OPS_PKA_RSA_SIGN_ONLY, "RSA Sign-Only"},
- {OPS_PKA_ELGAMAL, "Elgamal (Encrypt-Only)"},
- {OPS_PKA_DSA, "DSA"},
- {OPS_PKA_RESERVED_ELLIPTIC_CURVE, "Reserved for Elliptic Curve"},
- {OPS_PKA_RESERVED_ECDSA, "Reserved for ECDSA"},
- {OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN, "Reserved (formerly Elgamal Encrypt or Sign"},
- {OPS_PKA_RESERVED_DH, "Reserved for Diffie-Hellman (X9.42)"},
- {OPS_PKA_PRIVATE00, "Private/Experimental"},
- {OPS_PKA_PRIVATE01, "Private/Experimental"},
- {OPS_PKA_PRIVATE02, "Private/Experimental"},
- {OPS_PKA_PRIVATE03, "Private/Experimental"},
- {OPS_PKA_PRIVATE04, "Private/Experimental"},
- {OPS_PKA_PRIVATE05, "Private/Experimental"},
- {OPS_PKA_PRIVATE06, "Private/Experimental"},
- {OPS_PKA_PRIVATE07, "Private/Experimental"},
- {OPS_PKA_PRIVATE08, "Private/Experimental"},
- {OPS_PKA_PRIVATE09, "Private/Experimental"},
- {OPS_PKA_PRIVATE10, "Private/Experimental"},
- {0x00, NULL}, /* this is the end-of-array marker */
-};
-
-static __ops_map_t symm_alg_map[] =
-{
- {OPS_SA_PLAINTEXT, "Plaintext or unencrypted data"},
- {OPS_SA_IDEA, "IDEA"},
- {OPS_SA_TRIPLEDES, "TripleDES"},
- {OPS_SA_CAST5, "CAST5"},
- {OPS_SA_BLOWFISH, "Blowfish"},
- {OPS_SA_AES_128, "AES (128-bit key)"},
- {OPS_SA_AES_192, "AES (192-bit key)"},
- {OPS_SA_AES_256, "AES (256-bit key)"},
- {OPS_SA_TWOFISH, "Twofish(256-bit key)"},
- {OPS_SA_CAMELLIA_128, "Camellia (128-bit key)"},
- {OPS_SA_CAMELLIA_192, "Camellia (192-bit key)"},
- {OPS_SA_CAMELLIA_256, "Camellia (256-bit key)"},
- {0x00, NULL}, /* this is the end-of-array marker */
-};
-
-static __ops_map_t hash_alg_map[] =
-{
- {OPS_HASH_MD5, "MD5"},
- {OPS_HASH_SHA1, "SHA1"},
- {OPS_HASH_RIPEMD, "RIPEMD160"},
- {OPS_HASH_SHA256, "SHA256"},
- {OPS_HASH_SHA384, "SHA384"},
- {OPS_HASH_SHA512, "SHA512"},
- {OPS_HASH_SHA224, "SHA224"},
- {0x00, NULL}, /* this is the end-of-array marker */
-};
-
-static __ops_map_t compression_alg_map[] =
-{
- {OPS_C_NONE, "Uncompressed"},
- {OPS_C_ZIP, "ZIP(RFC1951)"},
- {OPS_C_ZLIB, "ZLIB(RFC1950)"},
- {OPS_C_BZIP2, "Bzip2(BZ2)"},
- {0x00, NULL}, /* this is the end-of-array marker */
-};
-
-static __ops_bit_map_t ss_notation_map_byte0[] =
-{
- {0x80, "Human-readable"},
- {0x00, NULL},
-};
-
-static __ops_bit_map_t *ss_notation_map[] =
-{
- ss_notation_map_byte0,
-};
-
-static __ops_bit_map_t ss_feature_map_byte0[] =
-{
- {0x01, "Modification Detection"},
- {0x00, NULL},
-};
-
-static __ops_bit_map_t *ss_feature_map[] =
-{
- ss_feature_map_byte0,
-};
-
-static __ops_bit_map_t ss_key_flags_map[] =
-{
- {0x01, "May be used to certify other keys"},
- {0x02, "May be used to sign data"},
- {0x04, "May be used to encrypt communications"},
- {0x08, "May be used to encrypt storage"},
- {0x10, "Private component may have been split by a secret-sharing mechanism"},
- {0x80, "Private component may be in possession of more than one person"},
- {0x00, NULL},
-};
-
-static __ops_bit_map_t ss_key_server_prefs_map[] =
-{
- {0x80, "Key holder requests that this key only be modified or updated by the key holder or an administrator of the key server"},
- {0x00, NULL},
-};
-
-/*
- * Private functions
- */
-
-static void
-list_init(__ops_list_t *list)
-{
- list->size = 0;
- list->used = 0;
- list->strings = NULL;
-}
-
-static void
-list_free_strings(__ops_list_t *list)
-{
- unsigned i;
-
- for (i = 0; i < list->used; i++) {
- free(list->strings[i]);
- list->strings[i] = NULL;
- }
-}
-
-static void
-list_free(__ops_list_t *list)
-{
- if (list->strings)
- free(list->strings);
- list_init(list);
-}
-
-static unsigned
-list_resize(__ops_list_t *list)
-{
- /*
- * We only resize in one direction - upwards. Algorithm used : double
- * the current size then add 1
- */
- char **newstrings;
- int newsize;
-
- newsize = (list->size * 2) + 1;
- newstrings = realloc(list->strings, newsize * sizeof(char *));
- if (newstrings) {
- list->strings = newstrings;
- list->size = newsize;
- return 1;
- }
- (void) fprintf(stderr, "list_resize - bad alloc\n");
- return 0;
-}
-
-static unsigned
-add_str(__ops_list_t *list, const char *str)
-{
- if (list->size == list->used && !list_resize(list)) {
- return 0;
- }
- list->strings[list->used++] = __UNCONST(str);
- return 1;
-}
-
-/* find a bitfield in a map - serial search */
-static const char *
-find_bitfield(__ops_bit_map_t *map, uint8_t octet)
-{
- __ops_bit_map_t *row;
-
- for (row = map; row->string != NULL && row->mask != octet ; row++) {
- }
- return (row->string) ? row->string : "Unknown";
-}
-
-/* ! generic function to initialise __ops_text_t structure */
-void
-__ops_text_init(__ops_text_t *text)
-{
- list_init(&text->known);
- list_init(&text->unknown);
-}
-
-/**
- * \ingroup Core_Print
- *
- * __ops_text_free() frees the memory used by an __ops_text_t structure
- *
- * \param text Pointer to a previously allocated structure. This structure and its contents will be freed.
- */
-void
-__ops_text_free(__ops_text_t *text)
-{
- /* Strings in "known" array will be constants, so don't free them */
- list_free(&text->known);
-
- /*
- * Strings in "unknown" array will be dynamically allocated, so do
- * free them
- */
- list_free_strings(&text->unknown);
- list_free(&text->unknown);
-
- free(text);
-}
-
-/* XXX: should this (and many others) be unsigned? */
-/* ! generic function which adds text derived from single octet map to text */
-static unsigned
-add_str_from_octet_map(__ops_text_t *map, char *str, uint8_t octet)
-{
- if (str && !add_str(&map->known, str)) {
- /*
- * value recognised, but there was a problem adding it to the
- * list
- */
- /* XXX - should print out error msg here, Ben? - rachel */
- return 0;
- } else if (!str) {
- /*
- * value not recognised and there was a problem adding it to
- * the unknown list
- */
- unsigned len = 2 + 2 + 1; /* 2 for "0x", 2 for
- * single octet in hex
- * format, 1 for NUL */
- if ((str = calloc(1, len)) == NULL) {
- (void) fprintf(stderr, "add_str_from_octet_map: bad alloc\n");
- return 0;
- }
- (void) snprintf(str, len, "0x%x", octet);
- if (!add_str(&map->unknown, str)) {
- return 0;
- }
- free(str);
- }
- return 1;
-}
-
-/* ! generic function which adds text derived from single bit map to text */
-static unsigned
-add_bitmap_entry(__ops_text_t *map, const char *str, uint8_t bit)
-{
- const char *fmt_unknown = "Unknown bit(0x%x)";
-
- if (str && !add_str(&map->known, str)) {
- /*
- * value recognised, but there was a problem adding it to the
- * list
- */
- /* XXX - should print out error msg here, Ben? - rachel */
- return 0;
- } else if (!str) {
- /*
- * value not recognised and there was a problem adding it to
- * the unknown list
- * 2 chars of the string are the format definition, this will
- * be replaced in the output by 2 chars of hex, so the length
- * will be correct
- */
- unsigned len = (unsigned)(strlen(fmt_unknown) + 1);
- char *newstr;
-
- if ((newstr = calloc(1, len)) == NULL) {
- (void) fprintf(stderr, "add_bitmap_entry: bad alloc\n");
- return 0;
- }
- (void) snprintf(newstr, len, fmt_unknown, bit);
- if (!add_str(&map->unknown, newstr)) {
- return 0;
- }
- free(newstr);
- }
- return 1;
-}
-
-/**
- * Produce a structure containing human-readable textstrings
- * representing the recognised and unrecognised contents
- * of this byte array. text_fn() will be called on each octet in turn.
- * Each octet will generate one string representing the whole byte.
- *
- */
-
-static __ops_text_t *
-text_from_bytemapped_octets(const __ops_data_t *data,
- const char *(*text_fn)(uint8_t octet))
-{
- __ops_text_t *text;
- const char *str;
- unsigned i;
-
- /*
- * ! allocate and initialise __ops_text_t structure to store derived
- * strings
- */
- if ((text = calloc(1, sizeof(*text))) == NULL) {
- return NULL;
- }
-
- __ops_text_init(text);
-
- /* ! for each octet in field ... */
- for (i = 0; i < data->len; i++) {
- /* ! derive string from octet */
- str = (*text_fn) (data->contents[i]);
-
- /* ! and add to text */
- if (!add_str_from_octet_map(text, netpgp_strdup(str),
- data->contents[i])) {
- __ops_text_free(text);
- return NULL;
- }
- }
- /*
- * ! All values have been added to either the known or the unknown
- * list
- */
- return text;
-}
-
-/**
- * Produce a structure containing human-readable textstrings
- * representing the recognised and unrecognised contents
- * of this byte array, derived from each bit of each octet.
- *
- */
-static __ops_text_t *
-showall_octets_bits(__ops_data_t *data, __ops_bit_map_t **map, size_t nmap)
-{
- __ops_text_t *text;
- const char *str;
- unsigned i;
- uint8_t mask, bit;
- int j = 0;
-
- /*
- * ! allocate and initialise __ops_text_t structure to store derived
- * strings
- */
- if ((text = calloc(1, sizeof(__ops_text_t))) == NULL) {
- return NULL;
- }
-
- __ops_text_init(text);
-
- /* ! for each octet in field ... */
- for (i = 0; i < data->len; i++) {
- /* ! for each bit in octet ... */
- mask = 0x80;
- for (j = 0; j < 8; j++, mask = (unsigned)mask >> 1) {
- bit = data->contents[i] & mask;
- if (bit) {
- str = (i >= nmap) ? "Unknown" :
- find_bitfield(map[i], bit);
- if (!add_bitmap_entry(text, str, bit)) {
- __ops_text_free(text);
- return NULL;
- }
- }
- }
- }
- return text;
-}
-
-/*
- * Public Functions
- */
-
-/**
- * \ingroup Core_Print
- * returns description of the Packet Tag
- * \param packet_tag
- * \return string or "Unknown"
-*/
-const char *
-__ops_show_packet_tag(__ops_content_enum packet_tag)
-{
- const char *ret;
-
- ret = __ops_str_from_map(packet_tag, packet_tag_map);
- if (!ret) {
- ret = "Unknown Tag";
- }
- return ret;
-}
-
-/**
- * \ingroup Core_Print
- *
- * returns description of the Signature Sub-Packet type
- * \param ss_type Signature Sub-Packet type
- * \return string or "Unknown"
- */
-const char *
-__ops_show_ss_type(__ops_content_enum ss_type)
-{
- return __ops_str_from_map(ss_type, ss_type_map);
-}
-
-/**
- * \ingroup Core_Print
- *
- * returns description of the Revocation Reason code
- * \param ss_rr_code Revocation Reason code
- * \return string or "Unknown"
- */
-const char *
-__ops_show_ss_rr_code(__ops_ss_rr_code_t ss_rr_code)
-{
- return __ops_str_from_map(ss_rr_code, ss_rr_code_map);
-}
-
-/**
- * \ingroup Core_Print
- *
- * returns description of the given Signature type
- * \param sig_type Signature type
- * \return string or "Unknown"
- */
-const char *
-__ops_show_sig_type(__ops_sig_type_t sig_type)
-{
- return __ops_str_from_map(sig_type, sig_type_map);
-}
-
-/**
- * \ingroup Core_Print
- *
- * returns description of the given Public Key Algorithm
- * \param pka Public Key Algorithm type
- * \return string or "Unknown"
- */
-const char *
-__ops_show_pka(__ops_pubkey_alg_t pka)
-{
- return __ops_str_from_map(pka, pubkey_alg_map);
-}
-
-/**
- * \ingroup Core_Print
- * returns description of the Preferred Compression
- * \param octet Preferred Compression
- * \return string or "Unknown"
-*/
-const char *
-__ops_show_ss_zpref(uint8_t octet)
-{
- return __ops_str_from_map(octet, compression_alg_map);
-}
-
-/**
- * \ingroup Core_Print
- *
- * returns set of descriptions of the given Preferred Compression Algorithms
- * \param ss_zpref Array of Preferred Compression Algorithms
- * \return NULL if cannot allocate memory or other error
- * \return pointer to structure, if no error
- */
-__ops_text_t *
-__ops_showall_ss_zpref(const __ops_data_t *ss_zpref)
-{
- return text_from_bytemapped_octets(ss_zpref,
- &__ops_show_ss_zpref);
-}
-
-
-/**
- * \ingroup Core_Print
- *
- * returns description of the Hash Algorithm type
- * \param hash Hash Algorithm type
- * \return string or "Unknown"
- */
-const char *
-__ops_show_hash_alg(uint8_t hash)
-{
- return __ops_str_from_map(hash, hash_alg_map);
-}
-
-/**
- * \ingroup Core_Print
- *
- * returns set of descriptions of the given Preferred Hash Algorithms
- * \param ss_hashpref Array of Preferred Hash Algorithms
- * \return NULL if cannot allocate memory or other error
- * \return pointer to structure, if no error
- */
-__ops_text_t *
-__ops_showall_ss_hashpref(const __ops_data_t *ss_hashpref)
-{
- return text_from_bytemapped_octets(ss_hashpref,
- &__ops_show_hash_alg);
-}
-
-const char *
-__ops_show_symm_alg(uint8_t hash)
-{
- return __ops_str_from_map(hash, symm_alg_map);
-}
-
-/**
- * \ingroup Core_Print
- * returns description of the given Preferred Symmetric Key Algorithm
- * \param octet
- * \return string or "Unknown"
-*/
-const char *
-__ops_show_ss_skapref(uint8_t octet)
-{
- return __ops_str_from_map(octet, symm_alg_map);
-}
-
-/**
- * \ingroup Core_Print
- *
- * returns set of descriptions of the given Preferred Symmetric Key Algorithms
- * \param ss_skapref Array of Preferred Symmetric Key Algorithms
- * \return NULL if cannot allocate memory or other error
- * \return pointer to structure, if no error
- */
-__ops_text_t *
-__ops_showall_ss_skapref(const __ops_data_t *ss_skapref)
-{
- return text_from_bytemapped_octets(ss_skapref,
- &__ops_show_ss_skapref);
-}
-
-/**
- * \ingroup Core_Print
- * returns description of one SS Feature
- * \param octet
- * \return string or "Unknown"
-*/
-static const char *
-__ops_show_ss_feature(uint8_t octet, unsigned offset)
-{
- if (offset >= OPS_ARRAY_SIZE(ss_feature_map)) {
- return "Unknown";
- }
- return find_bitfield(ss_feature_map[offset], octet);
-}
-
-/**
- * \ingroup Core_Print
- *
- * returns set of descriptions of the given SS Features
- * \param ss_features Signature Sub-Packet Features
- * \return NULL if cannot allocate memory or other error
- * \return pointer to structure, if no error
- */
-/* XXX: shouldn't this use show_all_octets_bits? */
-__ops_text_t *
-__ops_showall_ss_features(__ops_data_t ss_features)
-{
- __ops_text_t *text;
- const char *str;
- unsigned i;
- uint8_t mask, bit;
- int j;
-
- if ((text = calloc(1, sizeof(*text))) == NULL) {
- return NULL;
- }
-
- __ops_text_init(text);
-
- for (i = 0; i < ss_features.len; i++) {
- mask = 0x80;
- for (j = 0; j < 8; j++, mask = (unsigned)mask >> 1) {
- bit = ss_features.contents[i] & mask;
- if (bit) {
- str = __ops_show_ss_feature(bit, i);
- if (!add_bitmap_entry(text, str, bit)) {
- __ops_text_free(text);
- return NULL;
- }
- }
- }
- }
- return text;
-}
-
-/**
- * \ingroup Core_Print
- * returns description of SS Key Flag
- * \param octet
- * \param map
- * \return
-*/
-const char *
-__ops_show_ss_key_flag(uint8_t octet, __ops_bit_map_t *map)
-{
- return find_bitfield(map, octet);
-}
-
-/**
- * \ingroup Core_Print
- *
- * returns set of descriptions of the given Preferred Key Flags
- * \param ss_key_flags Array of Key Flags
- * \return NULL if cannot allocate memory or other error
- * \return pointer to structure, if no error
- */
-__ops_text_t *
-__ops_showall_ss_key_flags(const __ops_data_t *ss_key_flags)
-{
- __ops_text_t *text;
- const char *str;
- uint8_t mask, bit;
- int i;
-
- if ((text = calloc(1, sizeof(*text))) == NULL) {
- return NULL;
- }
-
- __ops_text_init(text);
-
- /* xxx - TBD: extend to handle multiple octets of bits - rachel */
- for (i = 0, mask = 0x80; i < 8; i++, mask = (unsigned)mask >> 1) {
- bit = ss_key_flags->contents[0] & mask;
- if (bit) {
- str = __ops_show_ss_key_flag(bit, ss_key_flags_map);
- if (!add_bitmap_entry(text, netpgp_strdup(str), bit)) {
- __ops_text_free(text);
- return NULL;
- }
- }
- }
- /*
- * xxx - must add error text if more than one octet. Only one
- * currently specified -- rachel
- */
- return text;
-}
-
-/**
- * \ingroup Core_Print
- *
- * returns description of one given Key Server Preference
- *
- * \param prefs Byte containing bitfield of preferences
- * \param map
- * \return string or "Unknown"
- */
-const char *
-__ops_show_keyserv_pref(uint8_t prefs, __ops_bit_map_t *map)
-{
- return find_bitfield(map, prefs);
-}
-
-/**
- * \ingroup Core_Print
- * returns set of descriptions of given Key Server Preferences
- * \param ss_key_server_prefs
- * \return NULL if cannot allocate memory or other error
- * \return pointer to structure, if no error
- *
-*/
-__ops_text_t *
-__ops_show_keyserv_prefs(const __ops_data_t *prefs)
-{
- __ops_text_t *text;
- const char *str;
- uint8_t mask, bit;
- int i = 0;
-
- if ((text = calloc(1, sizeof(*text))) == NULL) {
- return NULL;
- }
-
- __ops_text_init(text);
-
- /* xxx - TBD: extend to handle multiple octets of bits - rachel */
-
- for (i = 0, mask = 0x80; i < 8; i++, mask = (unsigned)mask >> 1) {
- bit = prefs->contents[0] & mask;
- if (bit) {
- str = __ops_show_keyserv_pref(bit,
- ss_key_server_prefs_map);
- if (!add_bitmap_entry(text, netpgp_strdup(str), bit)) {
- __ops_text_free(text);
- return NULL;
- }
- }
- }
- /*
- * xxx - must add error text if more than one octet. Only one
- * currently specified -- rachel
- */
- return text;
-}
-
-/**
- * \ingroup Core_Print
- *
- * returns set of descriptions of the given SS Notation Data Flags
- * \param ss_notation Signature Sub-Packet Notation Data
- * \return NULL if cannot allocate memory or other error
- * \return pointer to structure, if no error
- */
-__ops_text_t *
-__ops_showall_notation(__ops_ss_notation_t ss_notation)
-{
- return showall_octets_bits(&ss_notation.flags,
- ss_notation_map,
- OPS_ARRAY_SIZE(ss_notation_map));
-}
diff --git a/enzevalos_iphone/netpgp/lib/packet-show.h b/enzevalos_iphone/netpgp/lib/packet-show.h
deleted file mode 100644
index 3bc13a1a..00000000
--- a/enzevalos_iphone/netpgp/lib/packet-show.h
+++ /dev/null
@@ -1,111 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- */
-
-#ifndef PACKET_SHOW_H_
-#define PACKET_SHOW_H_
-
-#include "packet.h"
-
-/** __ops_list_t
- */
-typedef struct {
- unsigned size; /* num of array slots allocated */
- unsigned used; /* num of array slots currently used */
- char **strings;
-} __ops_list_t;
-
-/** __ops_text_t
- */
-typedef struct {
- __ops_list_t known;
- __ops_list_t unknown;
-} __ops_text_t;
-
-/** __ops_bit_map_t
- */
-typedef struct {
- uint8_t mask;
- const char *string;
-} __ops_bit_map_t;
-
-void __ops_text_init(__ops_text_t *);
-void __ops_text_free(__ops_text_t *);
-
-const char *__ops_show_packet_tag(__ops_content_enum);
-const char *__ops_show_ss_type(__ops_content_enum);
-
-const char *__ops_show_sig_type(__ops_sig_type_t);
-const char *__ops_show_pka(__ops_pubkey_alg_t);
-
-__ops_text_t *__ops_showall_ss_zpref(const __ops_data_t *);
-const char *__ops_show_ss_zpref(uint8_t);
-
-__ops_text_t *__ops_showall_ss_hashpref(const __ops_data_t *);
-const char *__ops_show_hash_alg(uint8_t);
-const char *__ops_show_symm_alg(uint8_t);
-
-__ops_text_t *__ops_showall_ss_skapref(const __ops_data_t *);
-const char *__ops_show_ss_skapref(uint8_t);
-
-const char *__ops_show_ss_rr_code(__ops_ss_rr_code_t);
-
-__ops_text_t *__ops_showall_ss_features(__ops_data_t);
-
-__ops_text_t *__ops_showall_ss_key_flags(const __ops_data_t *);
-const char *__ops_show_ss_key_flag(uint8_t, __ops_bit_map_t *);
-
-__ops_text_t *__ops_show_keyserv_prefs(const __ops_data_t *);
-const char *__ops_show_keyserv_pref(uint8_t, __ops_bit_map_t *);
-
-__ops_text_t *__ops_showall_notation(__ops_ss_notation_t);
-
-#endif /* PACKET_SHOW_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/packet.h b/enzevalos_iphone/netpgp/lib/packet.h
deleted file mode 100644
index 897e6b1c..00000000
--- a/enzevalos_iphone/netpgp/lib/packet.h
+++ /dev/null
@@ -1,982 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- * packet related headers.
- */
-
-#ifndef PACKET_H_
-#define PACKET_H_
-
-#include <time.h>
-
-#ifdef HAVE_OPENSSL_BN_H
-#include <openssl/bn.h>
-#endif
-
-#include "types.h"
-#include "errors.h"
-
-/* structure to keep track of printing state variables */
-typedef struct __ops_printstate_t {
- unsigned unarmoured;
- unsigned skipping;
- int indent;
-} __ops_printstate_t;
-
-/** General-use structure for variable-length data
- */
-
-typedef struct {
- size_t len;
- uint8_t *contents;
- uint8_t mmapped; /* contents need an munmap(2) */
-} __ops_data_t;
-
-/************************************/
-/* Packet Tags - RFC4880, 4.2 */
-/************************************/
-
-/** Packet Tag - Bit 7 Mask (this bit is always set).
- * The first byte of a packet is the "Packet Tag". It always
- * has bit 7 set. This is the mask for it.
- *
- * \see RFC4880 4.2
- */
-#define OPS_PTAG_ALWAYS_SET 0x80
-
-/** Packet Tag - New Format Flag.
- * Bit 6 of the Packet Tag is the packet format indicator.
- * If it is set, the new format is used, if cleared the
- * old format is used.
- *
- * \see RFC4880 4.2
- */
-#define OPS_PTAG_NEW_FORMAT 0x40
-
-
-/** Old Packet Format: Mask for content tag.
- * In the old packet format bits 5 to 2 (including)
- * are the content tag. This is the mask to apply
- * to the packet tag. Note that you need to
- * shift by #OPS_PTAG_OF_CONTENT_TAG_SHIFT bits.
- *
- * \see RFC4880 4.2
- */
-#define OPS_PTAG_OF_CONTENT_TAG_MASK 0x3c
-/** Old Packet Format: Offset for the content tag.
- * As described at #OPS_PTAG_OF_CONTENT_TAG_MASK the
- * content tag needs to be shifted after being masked
- * out from the Packet Tag.
- *
- * \see RFC4880 4.2
- */
-#define OPS_PTAG_OF_CONTENT_TAG_SHIFT 2
-/** Old Packet Format: Mask for length type.
- * Bits 1 and 0 of the packet tag are the length type
- * in the old packet format.
- *
- * See #__ops_ptag_of_lt_t for the meaning of the values.
- *
- * \see RFC4880 4.2
- */
-#define OPS_PTAG_OF_LENGTH_TYPE_MASK 0x03
-
-
-/** Old Packet Format Lengths.
- * Defines the meanings of the 2 bits for length type in the
- * old packet format.
- *
- * \see RFC4880 4.2.1
- */
-typedef enum {
- OPS_PTAG_OLD_LEN_1 = 0x00, /* Packet has a 1 byte length -
- * header is 2 bytes long. */
- OPS_PTAG_OLD_LEN_2 = 0x01, /* Packet has a 2 byte length -
- * header is 3 bytes long. */
- OPS_PTAG_OLD_LEN_4 = 0x02, /* Packet has a 4 byte
- * length - header is 5 bytes
- * long. */
- OPS_PTAG_OLD_LEN_INDETERMINATE = 0x03 /* Packet has a
- * indeterminate length. */
-} __ops_ptag_of_lt_t;
-
-
-/** New Packet Format: Mask for content tag.
- * In the new packet format the 6 rightmost bits
- * are the content tag. This is the mask to apply
- * to the packet tag. Note that you need to
- * shift by #OPS_PTAG_NF_CONTENT_TAG_SHIFT bits.
- *
- * \see RFC4880 4.2
- */
-#define OPS_PTAG_NF_CONTENT_TAG_MASK 0x3f
-/** New Packet Format: Offset for the content tag.
- * As described at #OPS_PTAG_NF_CONTENT_TAG_MASK the
- * content tag needs to be shifted after being masked
- * out from the Packet Tag.
- *
- * \see RFC4880 4.2
- */
-#define OPS_PTAG_NF_CONTENT_TAG_SHIFT 0
-
-/* PTag Content Tags */
-/***************************/
-
-/** Package Tags (aka Content Tags) and signature subpacket types.
- * This enumerates all rfc-defined packet tag values and the
- * signature subpacket type values that we understand.
- *
- * \see RFC4880 4.3
- * \see RFC4880 5.2.3.1
- */
-typedef enum {
- OPS_PTAG_CT_RESERVED = 0, /* Reserved - a packet tag must
- * not have this value */
- OPS_PTAG_CT_PK_SESSION_KEY = 1, /* Public-Key Encrypted Session
- * Key Packet */
- OPS_PTAG_CT_SIGNATURE = 2, /* Signature Packet */
- OPS_PTAG_CT_SK_SESSION_KEY = 3, /* Symmetric-Key Encrypted Session
- * Key Packet */
- OPS_PTAG_CT_1_PASS_SIG = 4, /* One-Pass Signature
- * Packet */
- OPS_PTAG_CT_SECRET_KEY = 5, /* Secret Key Packet */
- OPS_PTAG_CT_PUBLIC_KEY = 6, /* Public Key Packet */
- OPS_PTAG_CT_SECRET_SUBKEY = 7, /* Secret Subkey Packet */
- OPS_PTAG_CT_COMPRESSED = 8, /* Compressed Data Packet */
- OPS_PTAG_CT_SE_DATA = 9,/* Symmetrically Encrypted Data Packet */
- OPS_PTAG_CT_MARKER = 10,/* Marker Packet */
- OPS_PTAG_CT_LITDATA = 11, /* Literal Data Packet */
- OPS_PTAG_CT_TRUST = 12, /* Trust Packet */
- OPS_PTAG_CT_USER_ID = 13, /* User ID Packet */
- OPS_PTAG_CT_PUBLIC_SUBKEY = 14, /* Public Subkey Packet */
- OPS_PTAG_CT_RESERVED2 = 15, /* reserved */
- OPS_PTAG_CT_RESERVED3 = 16, /* reserved */
- OPS_PTAG_CT_USER_ATTR = 17, /* User Attribute Packet */
- OPS_PTAG_CT_SE_IP_DATA = 18, /* Sym. Encrypted and Integrity
- * Protected Data Packet */
- OPS_PTAG_CT_MDC = 19, /* Modification Detection Code Packet */
-
- OPS_PARSER_PTAG = 0x100,/* Internal Use: The packet is the "Packet
- * Tag" itself - used when callback sends
- * back the PTag. */
- OPS_PTAG_RAW_SS = 0x101,/* Internal Use: content is raw sig subtag */
- OPS_PTAG_SS_ALL = 0x102,/* Internal Use: select all subtags */
- OPS_PARSER_PACKET_END = 0x103,
-
- /* signature subpackets (0x200-2ff) (type+0x200) */
- /* only those we can parse are listed here */
- OPS_PTAG_SIG_SUBPKT_BASE = 0x200, /* Base for signature
- * subpacket types - All
- * signature type values
- * are relative to this
- * value. */
- OPS_PTAG_SS_CREATION_TIME = 0x200 + 2, /* signature creation time */
- OPS_PTAG_SS_EXPIRATION_TIME = 0x200 + 3, /* signature
- * expiration time */
-
- OPS_PTAG_SS_EXPORT_CERT = 0x200 + 4, /* exportable certification */
- OPS_PTAG_SS_TRUST = 0x200 + 5, /* trust signature */
- OPS_PTAG_SS_REGEXP = 0x200 + 6, /* regular expression */
- OPS_PTAG_SS_REVOCABLE = 0x200 + 7, /* revocable */
- OPS_PTAG_SS_KEY_EXPIRY = 0x200 + 9, /* key expiration
- * time */
- OPS_PTAG_SS_RESERVED = 0x200 + 10, /* reserved */
- OPS_PTAG_SS_PREFERRED_SKA = 0x200 + 11, /* preferred symmetric
- * algs */
- OPS_PTAG_SS_REVOCATION_KEY = 0x200 + 12, /* revocation key */
- OPS_PTAG_SS_ISSUER_KEY_ID = 0x200 + 16, /* issuer key ID */
- OPS_PTAG_SS_NOTATION_DATA = 0x200 + 20, /* notation data */
- OPS_PTAG_SS_PREFERRED_HASH = 0x200 + 21, /* preferred hash
- * algs */
- OPS_PTAG_SS_PREF_COMPRESS = 0x200 + 22, /* preferred
- * compression
- * algorithms */
- OPS_PTAG_SS_KEYSERV_PREFS = 0x200 + 23, /* key server
- * preferences */
- OPS_PTAG_SS_PREF_KEYSERV = 0x200 + 24, /* Preferred Key
- * Server */
- OPS_PTAG_SS_PRIMARY_USER_ID = 0x200 + 25, /* primary User ID */
- OPS_PTAG_SS_POLICY_URI = 0x200 + 26, /* Policy URI */
- OPS_PTAG_SS_KEY_FLAGS = 0x200 + 27, /* key flags */
- OPS_PTAG_SS_SIGNERS_USER_ID = 0x200 + 28, /* Signer's User ID */
- OPS_PTAG_SS_REVOCATION_REASON = 0x200 + 29, /* reason for
- * revocation */
- OPS_PTAG_SS_FEATURES = 0x200 + 30, /* features */
- OPS_PTAG_SS_SIGNATURE_TARGET = 0x200 + 31, /* signature target */
- OPS_PTAG_SS_EMBEDDED_SIGNATURE = 0x200 + 32, /* embedded signature */
-
- OPS_PTAG_SS_USERDEFINED00 = 0x200 + 100, /* internal or
- * user-defined */
- OPS_PTAG_SS_USERDEFINED01 = 0x200 + 101,
- OPS_PTAG_SS_USERDEFINED02 = 0x200 + 102,
- OPS_PTAG_SS_USERDEFINED03 = 0x200 + 103,
- OPS_PTAG_SS_USERDEFINED04 = 0x200 + 104,
- OPS_PTAG_SS_USERDEFINED05 = 0x200 + 105,
- OPS_PTAG_SS_USERDEFINED06 = 0x200 + 106,
- OPS_PTAG_SS_USERDEFINED07 = 0x200 + 107,
- OPS_PTAG_SS_USERDEFINED08 = 0x200 + 108,
- OPS_PTAG_SS_USERDEFINED09 = 0x200 + 109,
- OPS_PTAG_SS_USERDEFINED10 = 0x200 + 110,
-
- /* pseudo content types */
- OPS_PTAG_CT_LITDATA_HEADER = 0x300,
- OPS_PTAG_CT_LITDATA_BODY = 0x300 + 1,
- OPS_PTAG_CT_SIGNATURE_HEADER = 0x300 + 2,
- OPS_PTAG_CT_SIGNATURE_FOOTER = 0x300 + 3,
- OPS_PTAG_CT_ARMOUR_HEADER = 0x300 + 4,
- OPS_PTAG_CT_ARMOUR_TRAILER = 0x300 + 5,
- OPS_PTAG_CT_SIGNED_CLEARTEXT_HEADER = 0x300 + 6,
- OPS_PTAG_CT_SIGNED_CLEARTEXT_BODY = 0x300 + 7,
- OPS_PTAG_CT_SIGNED_CLEARTEXT_TRAILER = 0x300 + 8,
- OPS_PTAG_CT_UNARMOURED_TEXT = 0x300 + 9,
- OPS_PTAG_CT_ENCRYPTED_SECRET_KEY = 0x300 + 10, /* In this case the
- * algorithm specific
- * fields will not be
- * initialised */
- OPS_PTAG_CT_SE_DATA_HEADER = 0x300 + 11,
- OPS_PTAG_CT_SE_DATA_BODY = 0x300 + 12,
- OPS_PTAG_CT_SE_IP_DATA_HEADER = 0x300 + 13,
- OPS_PTAG_CT_SE_IP_DATA_BODY = 0x300 + 14,
- OPS_PTAG_CT_ENCRYPTED_PK_SESSION_KEY = 0x300 + 15,
-
- /* commands to the callback */
- OPS_GET_PASSPHRASE = 0x400,
- OPS_GET_SECKEY = 0x400 + 1,
-
- /* Errors */
- OPS_PARSER_ERROR = 0x500, /* Internal Use: Parser Error */
- OPS_PARSER_ERRCODE = 0x500 + 1 /* Internal Use: Parser Error
- * with errcode returned */
-} __ops_content_enum;
-
-enum {
- OPS_REVOCATION_NO_REASON = 0,
- OPS_REVOCATION_SUPERSEDED = 1,
- OPS_REVOCATION_COMPROMISED = 2,
- OPS_REVOCATION_RETIRED = 3,
- OPS_REVOCATION_NO_LONGER_VALID = 0x20
-};
-
-typedef enum {
- OPS_KEYFLAG_CERT_KEYS = 0x01,
- OPS_KEYFLAG_SIGN_DATA = 0x02,
- OPS_KEYFLAG_ENC_COMM = 0x04,
- OPS_KEYFLAG_ENC_STORAGE = 0x08,
- OPS_KEYFLAG_SPLIT = 0x10,
- OPS_KEYFLAG_AUTH = 0x20,
- OPS_KEYFLAG_GROUP = 0x80
-} ops_key_flags_t;
-
-/** Structure to hold one error code */
-typedef struct {
- __ops_errcode_t errcode;
-} __ops_parser_errcode_t;
-
-/** Structure to hold one packet tag.
- * \see RFC4880 4.2
- */
-typedef struct {
- unsigned new_format; /* Whether this packet tag is new
- * (1) or old format (0) */
- unsigned type; /* content_tag value - See
- * #__ops_content_enum for meanings */
- __ops_ptag_of_lt_t length_type; /* Length type (#__ops_ptag_of_lt_t)
- * - only if this packet tag is old
- * format. Set to 0 if new format. */
- unsigned length; /* The length of the packet. This value
- * is set when we read and compute the length
- * information, not at the same moment we
- * create the packet tag structure. Only
- * defined if #readc is set. *//* XXX: Ben, is this correct? */
- unsigned position; /* The position (within the
- * current reader) of the packet */
- unsigned size; /* number of bits */
-} __ops_ptag_t;
-
-/** Public Key Algorithm Numbers.
- * OpenPGP assigns a unique Algorithm Number to each algorithm that is part of OpenPGP.
- *
- * This lists algorithm numbers for public key algorithms.
- *
- * \see RFC4880 9.1
- */
-typedef enum {
- OPS_PKA_NOTHING = 0, /* No PKA */
- OPS_PKA_RSA = 1, /* RSA (Encrypt or Sign) */
- OPS_PKA_RSA_ENCRYPT_ONLY = 2, /* RSA Encrypt-Only (deprecated -
- * \see RFC4880 13.5) */
- OPS_PKA_RSA_SIGN_ONLY = 3, /* RSA Sign-Only (deprecated -
- * \see RFC4880 13.5) */
- OPS_PKA_ELGAMAL = 16, /* Elgamal (Encrypt-Only) */
- OPS_PKA_DSA = 17, /* DSA (Digital Signature Algorithm) */
- OPS_PKA_RESERVED_ELLIPTIC_CURVE = 18, /* Reserved for Elliptic
- * Curve */
- OPS_PKA_RESERVED_ECDSA = 19, /* Reserved for ECDSA */
- OPS_PKA_ELGAMAL_ENCRYPT_OR_SIGN = 20, /* Deprecated. */
- OPS_PKA_RESERVED_DH = 21, /* Reserved for Diffie-Hellman
- * (X9.42, as defined for
- * IETF-S/MIME) */
- OPS_PKA_PRIVATE00 = 100,/* Private/Experimental Algorithm */
- OPS_PKA_PRIVATE01 = 101,/* Private/Experimental Algorithm */
- OPS_PKA_PRIVATE02 = 102,/* Private/Experimental Algorithm */
- OPS_PKA_PRIVATE03 = 103,/* Private/Experimental Algorithm */
- OPS_PKA_PRIVATE04 = 104,/* Private/Experimental Algorithm */
- OPS_PKA_PRIVATE05 = 105,/* Private/Experimental Algorithm */
- OPS_PKA_PRIVATE06 = 106,/* Private/Experimental Algorithm */
- OPS_PKA_PRIVATE07 = 107,/* Private/Experimental Algorithm */
- OPS_PKA_PRIVATE08 = 108,/* Private/Experimental Algorithm */
- OPS_PKA_PRIVATE09 = 109,/* Private/Experimental Algorithm */
- OPS_PKA_PRIVATE10 = 110 /* Private/Experimental Algorithm */
-} __ops_pubkey_alg_t;
-
-/** Structure to hold one DSA public key params.
- *
- * \see RFC4880 5.5.2
- */
-typedef struct {
- BIGNUM *p; /* DSA prime p */
- BIGNUM *q; /* DSA group order q */
- BIGNUM *g; /* DSA group generator g */
- BIGNUM *y; /* DSA public key value y (= g^x mod p
- * with x being the secret) */
-} __ops_dsa_pubkey_t;
-
-/** Structure to hold an RSA public key.
- *
- * \see RFC4880 5.5.2
- */
-typedef struct {
- BIGNUM *n; /* RSA public modulus n */
- BIGNUM *e; /* RSA public encryption exponent e */
-} __ops_rsa_pubkey_t;
-
-/** Structure to hold an ElGamal public key params.
- *
- * \see RFC4880 5.5.2
- */
-typedef struct {
- BIGNUM *p; /* ElGamal prime p */
- BIGNUM *g; /* ElGamal group generator g */
- BIGNUM *y; /* ElGamal public key value y (= g^x mod p
- * with x being the secret) */
-} __ops_elgamal_pubkey_t;
-
-/** Version.
- * OpenPGP has two different protocol versions: version 3 and version 4.
- *
- * \see RFC4880 5.2
- */
-typedef enum {
- OPS_V2 = 2, /* Version 2 (essentially the same as v3) */
- OPS_V3 = 3, /* Version 3 */
- OPS_V4 = 4 /* Version 4 */
-} __ops_version_t;
-
-/** Structure to hold a pgp public key */
-typedef struct {
- __ops_version_t version;/* version of the key (v3, v4...) */
- time_t birthtime;
- time_t duration;
- /* validity period of the key in days since
- * creation. A value of 0 has a special meaning
- * indicating this key does not expire. Only used with
- * v3 keys. */
- unsigned days_valid; /* v4 duration */
- __ops_pubkey_alg_t alg; /* Public Key Algorithm type */
- union {
- __ops_dsa_pubkey_t dsa; /* A DSA public key */
- __ops_rsa_pubkey_t rsa; /* An RSA public key */
- __ops_elgamal_pubkey_t elgamal; /* An ElGamal public key */
- } key; /* Public Key Parameters */
-} __ops_pubkey_t;
-
-/** Structure to hold data for one RSA secret key
- */
-typedef struct {
- BIGNUM *d;
- BIGNUM *p;
- BIGNUM *q;
- BIGNUM *u;
-} __ops_rsa_seckey_t;
-
-/** __ops_dsa_seckey_t */
-typedef struct {
- BIGNUM *x;
-} __ops_dsa_seckey_t;
-
-/** __ops_elgamal_seckey_t */
-typedef struct {
- BIGNUM *x;
-} __ops_elgamal_seckey_t;
-
-/** s2k_usage_t
- */
-typedef enum {
- OPS_S2KU_NONE = 0,
- OPS_S2KU_ENCRYPTED_AND_HASHED = 254,
- OPS_S2KU_ENCRYPTED = 255
-} __ops_s2k_usage_t;
-
-/** s2k_specifier_t
- */
-typedef enum {
- OPS_S2KS_SIMPLE = 0,
- OPS_S2KS_SALTED = 1,
- OPS_S2KS_ITERATED_AND_SALTED = 3
-} __ops_s2k_specifier_t;
-
-/** Symmetric Key Algorithm Numbers.
- * OpenPGP assigns a unique Algorithm Number to each algorithm that is
- * part of OpenPGP.
- *
- * This lists algorithm numbers for symmetric key algorithms.
- *
- * \see RFC4880 9.2
- */
-typedef enum {
- OPS_SA_PLAINTEXT = 0, /* Plaintext or unencrypted data */
- OPS_SA_IDEA = 1, /* IDEA */
- OPS_SA_TRIPLEDES = 2, /* TripleDES */
- OPS_SA_CAST5 = 3, /* CAST5 */
- OPS_SA_BLOWFISH = 4, /* Blowfish */
- OPS_SA_AES_128 = 7, /* AES with 128-bit key (AES) */
- OPS_SA_AES_192 = 8, /* AES with 192-bit key */
- OPS_SA_AES_256 = 9, /* AES with 256-bit key */
- OPS_SA_TWOFISH = 10, /* Twofish with 256-bit key (TWOFISH) */
- OPS_SA_CAMELLIA_128 = 100, /* Camellia with 128-bit key (CAMELLIA) */
- OPS_SA_CAMELLIA_192 = 101, /* Camellia with 192-bit key */
- OPS_SA_CAMELLIA_256 = 102 /* Camellia with 256-bit key */
-} __ops_symm_alg_t;
-
-#define OPS_SA_DEFAULT_CIPHER OPS_SA_CAST5
-
-/** Hashing Algorithm Numbers.
- * OpenPGP assigns a unique Algorithm Number to each algorithm that is
- * part of OpenPGP.
- *
- * This lists algorithm numbers for hash algorithms.
- *
- * \see RFC4880 9.4
- */
-typedef enum {
- OPS_HASH_UNKNOWN = -1, /* used to indicate errors */
- OPS_HASH_MD5 = 1, /* MD5 */
- OPS_HASH_SHA1 = 2, /* SHA-1 */
- OPS_HASH_RIPEMD = 3, /* RIPEMD160 */
-
- OPS_HASH_SHA256 = 8, /* SHA256 */
- OPS_HASH_SHA384 = 9, /* SHA384 */
- OPS_HASH_SHA512 = 10, /* SHA512 */
- OPS_HASH_SHA224 = 11 /* SHA224 */
-} __ops_hash_alg_t;
-
-#define OPS_DEFAULT_HASH_ALGORITHM OPS_HASH_SHA256
-
-void __ops_calc_mdc_hash(const uint8_t *,
- const size_t,
- const uint8_t *,
- const unsigned,
- uint8_t *);
-unsigned __ops_is_hash_alg_supported(const __ops_hash_alg_t *);
-
-/* Maximum block size for symmetric crypto */
-#define OPS_MAX_BLOCK_SIZE 16
-
-/* Maximum key size for symmetric crypto */
-#define OPS_MAX_KEY_SIZE 32
-
-/* Salt size for hashing */
-#define OPS_SALT_SIZE 8
-
-/* Max hash size */
-#define OPS_MAX_HASH_SIZE 64
-
-/** __ops_seckey_t
- */
-typedef struct __ops_seckey_t {
- __ops_pubkey_t pubkey; /* public key */
- __ops_s2k_usage_t s2k_usage;
- __ops_s2k_specifier_t s2k_specifier;
- __ops_symm_alg_t alg; /* symmetric alg */
- __ops_hash_alg_t hash_alg; /* hash algorithm */
- uint8_t salt[OPS_SALT_SIZE];
- unsigned octetc;
- uint8_t iv[OPS_MAX_BLOCK_SIZE];
- union {
- __ops_rsa_seckey_t rsa;
- __ops_dsa_seckey_t dsa;
- __ops_elgamal_seckey_t elgamal;
- } key;
- unsigned checksum;
- uint8_t *checkhash;
-} __ops_seckey_t;
-
-/** Signature Type.
- * OpenPGP defines different signature types that allow giving
- * different meanings to signatures. Signature types include 0x10 for
- * generitc User ID certifications (used when Ben signs Weasel's key),
- * Subkey binding signatures, document signatures, key revocations,
- * etc.
- *
- * Different types are used in different places, and most make only
- * sense in their intended location (for instance a subkey binding has
- * no place on a UserID).
- *
- * \see RFC4880 5.2.1
- */
-typedef enum {
- OPS_SIG_BINARY = 0x00, /* Signature of a binary document */
- OPS_SIG_TEXT = 0x01, /* Signature of a canonical text document */
- OPS_SIG_STANDALONE = 0x02, /* Standalone signature */
-
- OPS_CERT_GENERIC = 0x10,/* Generic certification of a User ID and
- * Public Key packet */
- OPS_CERT_PERSONA = 0x11,/* Persona certification of a User ID and
- * Public Key packet */
- OPS_CERT_CASUAL = 0x12, /* Casual certification of a User ID and
- * Public Key packet */
- OPS_CERT_POSITIVE = 0x13, /* Positive certification of a
- * User ID and Public Key packet */
-
- OPS_SIG_SUBKEY = 0x18, /* Subkey Binding Signature */
- OPS_SIG_PRIMARY = 0x19, /* Primary Key Binding Signature */
- OPS_SIG_DIRECT = 0x1f, /* Signature directly on a key */
-
- OPS_SIG_REV_KEY = 0x20, /* Key revocation signature */
- OPS_SIG_REV_SUBKEY = 0x28, /* Subkey revocation signature */
- OPS_SIG_REV_CERT = 0x30,/* Certification revocation signature */
-
- OPS_SIG_TIMESTAMP = 0x40, /* Timestamp signature */
-
- OPS_SIG_3RD_PARTY = 0x50/* Third-Party Confirmation signature */
-} __ops_sig_type_t;
-
-/** Struct to hold params of an RSA signature */
-typedef struct __ops_rsa_sig_t {
- BIGNUM *sig; /* the signature value (m^d % n) */
-} __ops_rsa_sig_t;
-
-/** Struct to hold params of a DSA signature */
-typedef struct __ops_dsa_sig_t {
- BIGNUM *r; /* DSA value r */
- BIGNUM *s; /* DSA value s */
-} __ops_dsa_sig_t;
-
-/** __ops_elgamal_signature_t */
-typedef struct __ops_elgamal_sig_t {
- BIGNUM *r;
- BIGNUM *s;
-} __ops_elgamal_sig_t;
-
-#define OPS_KEY_ID_SIZE 8
-#define OPS_FINGERPRINT_SIZE 20
-
-/** Struct to hold a signature packet.
- *
- * \see RFC4880 5.2.2
- * \see RFC4880 5.2.3
- */
-typedef struct __ops_sig_info_t {
- __ops_version_t version;/* signature version number */
- __ops_sig_type_t type; /* signature type value */
- time_t birthtime; /* creation time of the signature */
- time_t duration; /* number of seconds it's valid for */
- uint8_t signer_id[OPS_KEY_ID_SIZE]; /* Eight-octet key ID
- * of signer */
- __ops_pubkey_alg_t key_alg; /* public key algorithm number */
- __ops_hash_alg_t hash_alg; /* hashing algorithm number */
- union {
- __ops_rsa_sig_t rsa; /* An RSA Signature */
- __ops_dsa_sig_t dsa; /* A DSA Signature */
- __ops_elgamal_sig_t elgamal; /* deprecated */
- __ops_data_t unknown; /* private or experimental */
- } sig; /* signature params */
- size_t v4_hashlen;
- uint8_t *v4_hashed;
- unsigned birthtime_set:1;
- unsigned signer_id_set:1;
- unsigned duration_set:1;
-} __ops_sig_info_t;
-
-/** Struct used when parsing a signature */
-typedef struct __ops_sig_t {
- __ops_sig_info_t info; /* The signature information */
- /* The following fields are only used while parsing the signature */
- uint8_t hash2[2]; /* high 2 bytes of hashed value */
- size_t v4_hashstart; /* only valid if accumulate is set */
- __ops_hash_t *hash; /* the hash filled in for the data so far */
-} __ops_sig_t;
-
-/** The raw bytes of a signature subpacket */
-
-typedef struct __ops_ss_raw_t {
- __ops_content_enum tag;
- size_t length;
- uint8_t *raw;
-} __ops_ss_raw_t;
-
-/** Signature Subpacket : Trust Level */
-
-typedef struct __ops_ss_trust_t {
- uint8_t level; /* Trust Level */
- uint8_t amount; /* Amount */
-} __ops_ss_trust_t;
-
-/** Signature Subpacket : Notation Data */
-typedef struct __ops_ss_notation_t {
- __ops_data_t flags;
- __ops_data_t name;
- __ops_data_t value;
-} __ops_ss_notation_t;
-
-/** Signature Subpacket : Signature Target */
-typedef struct __ops_ss_sig_target_t {
- __ops_pubkey_alg_t pka_alg;
- __ops_hash_alg_t hash_alg;
- __ops_data_t hash;
-} __ops_ss_sig_target_t;
-
-/** __ops_subpacket_t */
-typedef struct __ops_subpacket_t {
- size_t length;
- uint8_t *raw;
-} __ops_subpacket_t;
-
-/** Types of Compression */
-typedef enum {
- OPS_C_NONE = 0,
- OPS_C_ZIP = 1,
- OPS_C_ZLIB = 2,
- OPS_C_BZIP2 = 3
-} __ops_compression_type_t;
-
-/** __ops_one_pass_sig_t */
-typedef struct {
- uint8_t version;
- __ops_sig_type_t sig_type;
- __ops_hash_alg_t hash_alg;
- __ops_pubkey_alg_t key_alg;
- uint8_t keyid[OPS_KEY_ID_SIZE];
- unsigned nested;
-} __ops_one_pass_sig_t;
-
-/** Signature Subpacket : Revocation Key */
-typedef struct {
- uint8_t class;
- uint8_t algid;
- uint8_t fingerprint[OPS_FINGERPRINT_SIZE];
-} __ops_ss_revocation_key_t;
-
-/** Signature Subpacket : Revocation Reason */
-typedef struct {
- uint8_t code;
- char *reason;
-} __ops_ss_revocation_t;
-
-/** litdata_type_t */
-typedef enum {
- OPS_LDT_BINARY = 'b',
- OPS_LDT_TEXT = 't',
- OPS_LDT_UTF8 = 'u',
- OPS_LDT_LOCAL = 'l',
- OPS_LDT_LOCAL2 = '1'
-} __ops_litdata_enum;
-
-/** __ops_litdata_header_t */
-typedef struct {
- __ops_litdata_enum format;
- char filename[256];
- time_t mtime;
-} __ops_litdata_header_t;
-
-/** __ops_litdata_body_t */
-typedef struct {
- unsigned length;
- uint8_t *data;
- void *mem; /* __ops_memory_t pointer */
-} __ops_litdata_body_t;
-
-/** __ops_header_var_t */
-typedef struct {
- char *key;
- char *value;
-} __ops_header_var_t;
-
-/** __ops_headers_t */
-typedef struct {
- __ops_header_var_t *headers;
- unsigned headerc;
-} __ops_headers_t;
-
-/** __ops_armour_header_t */
-typedef struct {
- const char *type;
- __ops_headers_t headers;
-} __ops_armour_header_t;
-
-/** __ops_fixed_body_t */
-typedef struct __ops_fixed_body_t {
- unsigned length;
- uint8_t data[8192]; /* \todo fix hard-coded value? */
-} __ops_fixed_body_t;
-
-/** __ops_dyn_body_t */
-typedef struct __ops_dyn_body_t {
- unsigned length;
- uint8_t *data;
-} __ops_dyn_body_t;
-
-enum {
- OPS_SE_IP_DATA_VERSION = 1,
- OPS_PKSK_V3 = 3
-};
-
-/** __ops_pk_sesskey_params_rsa_t */
-typedef struct {
- BIGNUM *encrypted_m;
- BIGNUM *m;
-} __ops_pk_sesskey_params_rsa_t;
-
-/** __ops_pk_sesskey_params_elgamal_t */
-typedef struct {
- BIGNUM *g_to_k;
- BIGNUM *encrypted_m;
-} __ops_pk_sesskey_params_elgamal_t;
-
-/** __ops_pk_sesskey_params_t */
-typedef union {
- __ops_pk_sesskey_params_rsa_t rsa;
- __ops_pk_sesskey_params_elgamal_t elgamal;
-} __ops_pk_sesskey_params_t;
-
-/** __ops_pk_sesskey_t */
-typedef struct {
- unsigned version;
- uint8_t key_id[OPS_KEY_ID_SIZE];
- __ops_pubkey_alg_t alg;
- __ops_pk_sesskey_params_t params;
- __ops_symm_alg_t symm_alg;
- uint8_t key[OPS_MAX_KEY_SIZE];
- uint16_t checksum;
-} __ops_pk_sesskey_t;
-
-/** __ops_seckey_passphrase_t */
-typedef struct {
- const __ops_seckey_t *seckey;
- char **passphrase; /* point somewhere that gets filled
- * in to work around constness of
- * content */
-} __ops_seckey_passphrase_t;
-
-/** __ops_get_seckey_t */
-typedef struct {
- const __ops_seckey_t **seckey;
- const __ops_pk_sesskey_t *pk_sesskey;
-} __ops_get_seckey_t;
-
-/** __ops_parser_union_content_t */
-typedef union {
- const char *error;
- __ops_parser_errcode_t errcode;
- __ops_ptag_t ptag;
- __ops_pubkey_t pubkey;
- __ops_data_t trust;
- uint8_t *userid;
- __ops_data_t userattr;
- __ops_sig_t sig;
- __ops_ss_raw_t ss_raw;
- __ops_ss_trust_t ss_trust;
- unsigned ss_revocable;
- time_t ss_time;
- uint8_t ss_issuer[OPS_KEY_ID_SIZE];
- __ops_ss_notation_t ss_notation;
- __ops_subpacket_t packet;
- __ops_compression_type_t compressed;
- __ops_one_pass_sig_t one_pass_sig;
- __ops_data_t ss_skapref;
- __ops_data_t ss_hashpref;
- __ops_data_t ss_zpref;
- __ops_data_t ss_key_flags;
- __ops_data_t ss_key_server_prefs;
- unsigned ss_primary_userid;
- char *ss_regexp;
- char *ss_policy;
- char *ss_keyserv;
- __ops_ss_revocation_key_t ss_revocation_key;
- __ops_data_t ss_userdef;
- __ops_data_t ss_unknown;
- __ops_litdata_header_t litdata_header;
- __ops_litdata_body_t litdata_body;
- __ops_dyn_body_t mdc;
- __ops_data_t ss_features;
- __ops_ss_sig_target_t ss_sig_target;
- __ops_data_t ss_embedded_sig;
- __ops_ss_revocation_t ss_revocation;
- __ops_seckey_t seckey;
- uint8_t *ss_signer;
- __ops_armour_header_t armour_header;
- const char *armour_trailer;
- __ops_headers_t cleartext_head;
- __ops_fixed_body_t cleartext_body;
- struct _ops_hash_t *cleartext_trailer;
- __ops_dyn_body_t unarmoured_text;
- __ops_pk_sesskey_t pk_sesskey;
- __ops_seckey_passphrase_t skey_passphrase;
- unsigned se_ip_data_header;
- __ops_dyn_body_t se_ip_data_body;
- __ops_fixed_body_t se_data_body;
- __ops_get_seckey_t get_seckey;
-} __ops_contents_t;
-
-/** __ops_packet_t */
-struct __ops_packet_t {
- __ops_content_enum tag; /* type of contents */
- uint8_t critical; /* for sig subpackets */
- __ops_contents_t u; /* union for contents */
-};
-
-/** __ops_fingerprint_t */
-typedef struct {
- uint8_t fingerprint[OPS_FINGERPRINT_SIZE];
- unsigned length;
- __ops_hash_alg_t hashtype;
-} __ops_fingerprint_t;
-
-int __ops_keyid(uint8_t *, const size_t, const __ops_pubkey_t *, __ops_hash_alg_t);
-int __ops_fingerprint(__ops_fingerprint_t *, const __ops_pubkey_t *, __ops_hash_alg_t);
-
-void __ops_finish(void);
-void __ops_pubkey_free(__ops_pubkey_t *);
-void __ops_userid_free(uint8_t **);
-void __ops_data_free(__ops_data_t *);
-void __ops_sig_free(__ops_sig_t *);
-void __ops_ss_notation_free(__ops_ss_notation_t *);
-void __ops_ss_revocation_free(__ops_ss_revocation_t *);
-void __ops_ss_sig_target_free(__ops_ss_sig_target_t *);
-
-void __ops_subpacket_free(__ops_subpacket_t *);
-void __ops_parser_content_free(__ops_packet_t *);
-void __ops_seckey_free(__ops_seckey_t *);
-void __ops_pk_sesskey_free(__ops_pk_sesskey_t *);
-
-int __ops_print_packet(__ops_printstate_t *, const __ops_packet_t *);
-
-#define DYNARRAY(type, arr) \
- unsigned arr##c; unsigned arr##vsize; type *arr##s
-
-#define EXPAND_ARRAY(str, arr) do { \
- if (str->arr##c == str->arr##vsize) { \
- void *__newarr; \
- char *__newarrc; \
- unsigned __newsize; \
- __newsize = (str->arr##vsize * 2) + 10; \
- if ((__newarrc = __newarr = realloc(str->arr##s, \
- __newsize * sizeof(*str->arr##s))) == NULL) { \
- (void) fprintf(stderr, "EXPAND_ARRAY - bad realloc\n"); \
- } else { \
- (void) memset(&__newarrc[str->arr##vsize * sizeof(*str->arr##s)], \
- 0x0, (__newsize - str->arr##vsize) * sizeof(*str->arr##s)); \
- str->arr##s = __newarr; \
- str->arr##vsize = __newsize; \
- } \
- } \
-} while(/*CONSTCOND*/0)
-
-/** __ops_keydata_key_t
- */
-typedef union {
- __ops_pubkey_t pubkey;
- __ops_seckey_t seckey;
-} __ops_keydata_key_t;
-
-
-/* sigpacket_t */
-typedef struct {
- uint8_t **userid;
- __ops_subpacket_t *packet;
-} sigpacket_t;
-
-/* user revocation info */
-typedef struct __ops_revoke_t {
- uint32_t uid; /* index in uid array */
- uint8_t code; /* revocation code */
- char *reason; /* c'mon, spill the beans */
-} __ops_revoke_t;
-
-/** signature subpackets */
-typedef struct __ops_subsig_t {
- uint32_t uid; /* index in userid array in key */
- __ops_sig_t sig; /* trust signature */
- uint8_t trustlevel; /* level of trust */
- uint8_t trustamount; /* amount of trust */
-} __ops_subsig_t;
-
-/* describes a user's key */
-struct __ops_key_t {
- DYNARRAY(uint8_t *, uid); /* array of user ids */
- DYNARRAY(__ops_subpacket_t, packet); /* array of raw subpackets */
- DYNARRAY(__ops_subsig_t, subsig); /* array of signature subkeys */
- DYNARRAY(__ops_revoke_t, revoke); /* array of signature revocations */
- __ops_content_enum type; /* type of key */
- __ops_keydata_key_t key; /* pubkey/seckey data */
- __ops_pubkey_t sigkey; /* signature key */
- uint8_t sigid[OPS_KEY_ID_SIZE];
- __ops_fingerprint_t sigfingerprint; /* pgp signature fingerprint */
- __ops_pubkey_t enckey; /* encryption key */
- uint8_t encid[OPS_KEY_ID_SIZE];
- __ops_fingerprint_t encfingerprint; /* pgp encryption id fingerprint */
- uint32_t uid0; /* primary uid index in uids array */
- uint8_t revoked; /* key has been revoked */
- __ops_revoke_t revocation; /* revocation reason */
-};
-
-#define MDC_PKT_TAG 0xd3
-
-#endif /* PACKET_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/reader.c b/enzevalos_iphone/netpgp/lib/reader.c
deleted file mode 100644
index 30dd1748..00000000
--- a/enzevalos_iphone/netpgp/lib/reader.c
+++ /dev/null
@@ -1,2366 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-#if defined(__NetBSD__)
-__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: reader.c,v 1.43 2010/11/04 16:13:35 agc Exp $");
-#endif
-
-#include <sys/types.h>
-#include <sys/stat.h>
-
-#ifdef HAVE_SYS_MMAN_H
-#include <sys/mman.h>
-#endif
-
-#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_DIRECT_H
-#include <direct.h>
-#endif
-
-#ifdef HAVE_INTTYPES_H
-#include <inttypes.h>
-#endif
-
-#ifdef HAVE_OPENSSL_IDEA_H
-#include <openssl/cast.h>
-#endif
-
-#ifdef HAVE_OPENSSL_IDEA_H
-#include <openssl/idea.h>
-#endif
-
-#ifdef HAVE_OPENSSL_AES_H
-#include <openssl/aes.h>
-#endif
-
-#ifdef HAVE_OPENSSL_DES_H
-#include <openssl/des.h>
-#endif
-
-#include <string.h>
-#include <stdlib.h>
-#include <stdio.h>
-
-#ifdef HAVE_TERMIOS_H
-#include <termios.h>
-#endif
-
-#ifdef HAVE_ERRNO_H
-#include <errno.h>
-#endif
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_LIMITS_H
-#include <limits.h>
-#endif
-
-#include "errors.h"
-#include "crypto.h"
-#include "create.h"
-#include "signature.h"
-#include "packet.h"
-#include "packet-parse.h"
-#include "packet-show.h"
-#include "packet.h"
-#include "keyring.h"
-#include "readerwriter.h"
-#include "netpgpsdk.h"
-#include "netpgpdefs.h"
-#include "netpgpdigest.h"
-
-
-/* get a pass phrase from the user */
-int
-__ops_getpassphrase(void *in, char *phrase, size_t size)
-{
- char *p;
-
- if (in == NULL) {
- while ((p = getpass("netpgp passphrase: ")) == NULL) {
- }
- (void) snprintf(phrase, size, "%s", p);
- } else {
- if (fgets(phrase, (int)size, in) == NULL) {
- return 0;
- }
- phrase[strlen(phrase) - 1] = 0x0;
- }
- return 1;
-}
-
-/**
- * \ingroup Internal_Readers_Generic
- * \brief Starts reader stack
- * \param stream Parse settings
- * \param reader Reader to use
- * \param destroyer Destroyer to use
- * \param vp Reader-specific arg
- */
-void
-__ops_reader_set(__ops_stream_t *stream,
- __ops_reader_func_t *reader,
- __ops_reader_destroyer_t *destroyer,
- void *vp)
-{
- stream->readinfo.reader = reader;
- stream->readinfo.destroyer = destroyer;
- stream->readinfo.arg = vp;
-}
-
-/**
- * \ingroup Internal_Readers_Generic
- * \brief Adds to reader stack
- * \param stream Parse settings
- * \param reader Reader to use
- * \param destroyer Reader's destroyer
- * \param vp Reader-specific arg
- */
-void
-__ops_reader_push(__ops_stream_t *stream,
- __ops_reader_func_t *reader,
- __ops_reader_destroyer_t *destroyer,
- void *vp)
-{
- __ops_reader_t *readinfo;
-
- if ((readinfo = calloc(1, sizeof(*readinfo))) == NULL) {
- (void) fprintf(stderr, "__ops_reader_push: bad alloc\n");
- } else {
- *readinfo = stream->readinfo;
- (void) memset(&stream->readinfo, 0x0, sizeof(stream->readinfo));
- stream->readinfo.next = readinfo;
- stream->readinfo.parent = stream;
-
- /* should copy accumulate flags from other reader? RW */
- stream->readinfo.accumulate = readinfo->accumulate;
-
- __ops_reader_set(stream, reader, destroyer, vp);
- }
-}
-
-/**
- * \ingroup Internal_Readers_Generic
- * \brief Removes from reader stack
- * \param stream Parse settings
- */
-void
-__ops_reader_pop(__ops_stream_t *stream)
-{
- __ops_reader_t *next = stream->readinfo.next;
-
- stream->readinfo = *next;
- free(next);
-}
-
-/**
- * \ingroup Internal_Readers_Generic
- * \brief Gets arg from reader
- * \param readinfo Reader info
- * \return Pointer to reader info's arg
- */
-void *
-__ops_reader_get_arg(__ops_reader_t *readinfo)
-{
- return readinfo->arg;
-}
-
-/**************************************************************************/
-
-#define CRC24_POLY 0x1864cfbL
-
-enum {
- NONE = 0,
- BEGIN_PGP_MESSAGE,
- BEGIN_PGP_PUBLIC_KEY_BLOCK,
- BEGIN_PGP_PRIVATE_KEY_BLOCK,
- BEGIN_PGP_MULTI,
- BEGIN_PGP_SIGNATURE,
-
- END_PGP_MESSAGE,
- END_PGP_PUBLIC_KEY_BLOCK,
- END_PGP_PRIVATE_KEY_BLOCK,
- END_PGP_MULTI,
- END_PGP_SIGNATURE,
-
- BEGIN_PGP_SIGNED_MESSAGE
-};
-
-/**
- * \struct dearmour_t
- */
-typedef struct {
- enum {
- OUTSIDE_BLOCK = 0,
- BASE64,
- AT_TRAILER_NAME
- } state;
- int lastseen;
- __ops_stream_t *parse_info;
- unsigned seen_nl:1;
- unsigned prev_nl:1;
- unsigned allow_headers_without_gap:1;
- /* !< allow headers in armoured data that are
- * not separated from the data by a blank line
- * */
- unsigned allow_no_gap:1;
- /* !< allow no blank line at the start of
- * armoured data */
- unsigned allow_trailing_whitespace:1;
- /* !< allow armoured stuff to have trailing
- * whitespace where we wouldn't strictly expect
- * it */
- /* it is an error to get a cleartext message without a sig */
- unsigned expect_sig:1;
- unsigned got_sig:1;
- /* base64 stuff */
- unsigned buffered;
- uint8_t buffer[3];
- unsigned eof64;
- uint32_t checksum;
- uint32_t read_checksum;
- /* unarmoured text blocks */
- uint8_t unarmoured[NETPGP_BUFSIZ];
- size_t unarmoredc;
- /* pushed back data (stored backwards) */
- uint8_t *pushback;
- unsigned pushbackc;
- /* armoured block headers */
- __ops_headers_t headers;
-} dearmour_t;
-
-static void
-push_back(dearmour_t *dearmour, const uint8_t *buf,
- unsigned length)
-{
- unsigned n;
-
- if (dearmour->pushback) {
- (void) fprintf(stderr, "push_back: already pushed back\n");
- } else if ((dearmour->pushback = calloc(1, length)) == NULL) {
- (void) fprintf(stderr, "push_back: bad alloc\n");
- } else {
- for (n = 0; n < length; ++n) {
- dearmour->pushback[n] = buf[(length - n) - 1];
- }
- dearmour->pushbackc = length;
- }
-}
-
-/* this struct holds a textual header line */
-typedef struct headerline_t {
- const char *s; /* the header line */
- size_t len; /* its length */
- int type; /* the defined type */
-} headerline_t;
-
-static headerline_t headerlines[] = {
- { "BEGIN PGP MESSAGE", 17, BEGIN_PGP_MESSAGE },
- { "BEGIN PGP PUBLIC KEY BLOCK", 26, BEGIN_PGP_PUBLIC_KEY_BLOCK },
- { "BEGIN PGP PRIVATE KEY BLOCK",27, BEGIN_PGP_PRIVATE_KEY_BLOCK },
- { "BEGIN PGP MESSAGE, PART ", 25, BEGIN_PGP_MULTI },
- { "BEGIN PGP SIGNATURE", 19, BEGIN_PGP_SIGNATURE },
-
- { "END PGP MESSAGE", 15, END_PGP_MESSAGE },
- { "END PGP PUBLIC KEY BLOCK", 24, END_PGP_PUBLIC_KEY_BLOCK },
- { "END PGP PRIVATE KEY BLOCK", 25, END_PGP_PRIVATE_KEY_BLOCK },
- { "END PGP MESSAGE, PART ", 22, END_PGP_MULTI },
- { "END PGP SIGNATURE", 17, END_PGP_SIGNATURE },
-
- { "BEGIN PGP SIGNED MESSAGE", 24, BEGIN_PGP_SIGNED_MESSAGE },
-
- { NULL, 0, -1 }
-};
-
-/* search through the table of header lines */
-static int
-findheaderline(char *headerline)
-{
- headerline_t *hp;
-
- for (hp = headerlines ; hp->s ; hp++) {
- if (strncmp(headerline, hp->s, hp->len) == 0) {
- break;
- }
- }
- return hp->type;
-}
-
-static int
-set_lastseen_headerline(dearmour_t *dearmour, char *hdr, __ops_error_t **errors)
-{
- int lastseen;
- int prev;
-
- prev = dearmour->lastseen;
- if ((lastseen = findheaderline(hdr)) == -1) {
- OPS_ERROR_1(errors, OPS_E_R_BAD_FORMAT,
- "Unrecognised Header Line %s", hdr);
- return 0;
- }
- dearmour->lastseen = lastseen;
- if (__ops_get_debug_level(__FILE__)) {
- printf("set header: hdr=%s, dearmour->lastseen=%d, prev=%d\n",
- hdr, dearmour->lastseen, prev);
- }
- switch (dearmour->lastseen) {
- case NONE:
- OPS_ERROR_1(errors, OPS_E_R_BAD_FORMAT,
- "Unrecognised last seen Header Line %s", hdr);
- break;
-
- case END_PGP_MESSAGE:
- if (prev != BEGIN_PGP_MESSAGE) {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "Got END PGP MESSAGE, but not after BEGIN");
- }
- break;
-
- case END_PGP_PUBLIC_KEY_BLOCK:
- if (prev != BEGIN_PGP_PUBLIC_KEY_BLOCK) {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "Got END PGP PUBLIC KEY BLOCK, but not after BEGIN");
- }
- break;
-
- case END_PGP_PRIVATE_KEY_BLOCK:
- if (prev != BEGIN_PGP_PRIVATE_KEY_BLOCK) {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "Got END PGP PRIVATE KEY BLOCK, but not after BEGIN");
- }
- break;
-
- case BEGIN_PGP_MULTI:
- case END_PGP_MULTI:
- OPS_ERROR(errors, OPS_E_R_UNSUPPORTED,
- "Multi-part messages are not yet supported");
- break;
-
- case END_PGP_SIGNATURE:
- if (prev != BEGIN_PGP_SIGNATURE) {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "Got END PGP SIGNATURE, but not after BEGIN");
- }
- break;
-
- case BEGIN_PGP_MESSAGE:
- case BEGIN_PGP_PUBLIC_KEY_BLOCK:
- case BEGIN_PGP_PRIVATE_KEY_BLOCK:
- case BEGIN_PGP_SIGNATURE:
- case BEGIN_PGP_SIGNED_MESSAGE:
- break;
- }
- return 1;
-}
-
-static int
-read_char(dearmour_t *dearmour,
- __ops_error_t **errors,
- __ops_reader_t *readinfo,
- __ops_cbdata_t *cbinfo,
- unsigned skip)
-{
- uint8_t c;
-
- do {
- if (dearmour->pushbackc) {
- c = dearmour->pushback[--dearmour->pushbackc];
- if (dearmour->pushbackc == 0) {
- free(dearmour->pushback);
- dearmour->pushback = NULL;
- }
- } else if (__ops_stacked_read(&c, 1, errors, readinfo,
- cbinfo) != 1) {
- return -1;
- }
- } while (skip && c == '\r');
- dearmour->prev_nl = dearmour->seen_nl;
- dearmour->seen_nl = c == '\n';
- return c;
-}
-
-static int
-eat_whitespace(int first,
- dearmour_t *dearmour,
- __ops_error_t **errors,
- __ops_reader_t *readinfo,
- __ops_cbdata_t *cbinfo,
- unsigned skip)
-{
- int c = first;
-
- while (c == ' ' || c == '\t') {
- c = read_char(dearmour, errors, readinfo, cbinfo, skip);
- }
- return c;
-}
-
-static int
-read_and_eat_whitespace(dearmour_t *dearmour,
- __ops_error_t **errors,
- __ops_reader_t *readinfo,
- __ops_cbdata_t *cbinfo,
- unsigned skip)
-{
- int c;
-
- do {
- c = read_char(dearmour, errors, readinfo, cbinfo, skip);
- } while (c == ' ' || c == '\t');
- return c;
-}
-
-static void
-flush(dearmour_t *dearmour, __ops_cbdata_t *cbinfo)
-{
- __ops_packet_t content;
-
- if (dearmour->unarmoredc > 0) {
- content.u.unarmoured_text.data = dearmour->unarmoured;
- content.u.unarmoured_text.length = (unsigned)dearmour->unarmoredc;
- CALLBACK(OPS_PTAG_CT_UNARMOURED_TEXT, cbinfo, &content);
- dearmour->unarmoredc = 0;
- }
-}
-
-static int
-unarmoured_read_char(dearmour_t *dearmour,
- __ops_error_t **errors,
- __ops_reader_t *readinfo,
- __ops_cbdata_t *cbinfo,
- unsigned skip)
-{
- int c;
-
- do {
- c = read_char(dearmour, errors, readinfo, cbinfo, 0);
- if (c < 0) {
- return c;
- }
- dearmour->unarmoured[dearmour->unarmoredc++] = c;
- if (dearmour->unarmoredc == sizeof(dearmour->unarmoured)) {
- flush(dearmour, cbinfo);
- }
- } while (skip && c == '\r');
- return c;
-}
-
-/**
- * \param headers
- * \param key
- *
- * \return header value if found, otherwise NULL
- */
-static const char *
-__ops_find_header(__ops_headers_t *headers, const char *key)
-{
- unsigned n;
-
- for (n = 0; n < headers->headerc; ++n) {
- if (strcmp(headers->headers[n].key, key) == 0) {
- return headers->headers[n].value;
- }
- }
- return NULL;
-}
-
-/**
- * \param dest
- * \param src
- */
-static void
-__ops_dup_headers(__ops_headers_t *dest, const __ops_headers_t *src)
-{
- unsigned n;
-
- if ((dest->headers = calloc(src->headerc, sizeof(*dest->headers))) == NULL) {
- (void) fprintf(stderr, "__ops_dup_headers: bad alloc\n");
- } else {
- dest->headerc = src->headerc;
- for (n = 0; n < src->headerc; ++n) {
- dest->headers[n].key = netpgp_strdup(src->headers[n].key);
- dest->headers[n].value = netpgp_strdup(src->headers[n].value);
- }
- }
-}
-
-/*
- * Note that this skips CRs so implementations always see just straight LFs
- * as line terminators
- */
-static int
-process_dash_escaped(dearmour_t *dearmour,
- __ops_error_t **errors,
- __ops_reader_t *readinfo,
- __ops_cbdata_t *cbinfo)
-{
- __ops_fixed_body_t *body;
- __ops_packet_t content2;
- __ops_packet_t content;
- const char *hashstr;
- __ops_hash_t *hash;
- int total;
-
- body = &content.u.cleartext_body;
- if ((hash = calloc(1, sizeof(*hash))) == NULL) {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "process_dash_escaped: bad alloc");
- return -1;
- }
- hashstr = __ops_find_header(&dearmour->headers, "Hash");
- if (hashstr) {
- __ops_hash_alg_t alg;
-
- alg = __ops_str_to_hash_alg(hashstr);
- if (!__ops_is_hash_alg_supported(&alg)) {
- free(hash);
- OPS_ERROR_1(errors, OPS_E_R_BAD_FORMAT,
- "Unsupported hash algorithm '%s'", hashstr);
- return -1;
- }
- if (alg == OPS_HASH_UNKNOWN) {
- free(hash);
- OPS_ERROR_1(errors, OPS_E_R_BAD_FORMAT,
- "Unknown hash algorithm '%s'", hashstr);
- return -1;
- }
- __ops_hash_any(hash, alg);
- } else {
- __ops_hash_md5(hash);
- }
-
- if (!hash->init(hash)) {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "can't initialise hash");
- return -1;
- }
-
- body->length = 0;
- total = 0;
- for (;;) {
- int c;
- unsigned count;
-
- c = read_char(dearmour, errors, readinfo, cbinfo, 1);
- if (c < 0) {
- return -1;
- }
- if (dearmour->prev_nl && c == '-') {
- if ((c = read_char(dearmour, errors, readinfo, cbinfo,
- 0)) < 0) {
- return -1;
- }
- if (c != ' ') {
- /* then this had better be a trailer! */
- if (c != '-') {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "Bad dash-escaping");
- }
- for (count = 2; count < 5; ++count) {
- if ((c = read_char(dearmour, errors,
- readinfo, cbinfo, 0)) < 0) {
- return -1;
- }
- if (c != '-') {
- OPS_ERROR(errors,
- OPS_E_R_BAD_FORMAT,
- "Bad dash-escaping (2)");
- }
- }
- dearmour->state = AT_TRAILER_NAME;
- break;
- }
- /* otherwise we read the next character */
- if ((c = read_char(dearmour, errors, readinfo, cbinfo,
- 0)) < 0) {
- return -1;
- }
- }
- if (c == '\n' && body->length) {
- if (memchr(body->data + 1, '\n', body->length - 1)
- != NULL) {
- (void) fprintf(stderr,
- "process_dash_escaped: newline found\n");
- return -1;
- }
- if (body->data[0] == '\n') {
- hash->add(hash, (const uint8_t *)"\r", 1);
- }
- hash->add(hash, body->data, body->length);
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(stderr, "Got body:\n%s\n", body->data);
- }
- CALLBACK(OPS_PTAG_CT_SIGNED_CLEARTEXT_BODY, cbinfo,
- &content);
- body->length = 0;
- }
- body->data[body->length++] = c;
- total += 1;
- if (body->length == sizeof(body->data)) {
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr, "Got body (2):\n%s\n",
- body->data);
- }
- CALLBACK(OPS_PTAG_CT_SIGNED_CLEARTEXT_BODY, cbinfo,
- &content);
- body->length = 0;
- }
- }
- if (body->data[0] != '\n') {
- (void) fprintf(stderr,
- "process_dash_escaped: no newline in body data\n");
- return -1;
- }
- if (body->length != 1) {
- (void) fprintf(stderr,
- "process_dash_escaped: bad body length\n");
- return -1;
- }
- /* don't send that one character, because it's part of the trailer */
- (void) memset(&content2, 0x0, sizeof(content2));
- CALLBACK(OPS_PTAG_CT_SIGNED_CLEARTEXT_TRAILER, cbinfo, &content2);
- return total;
-}
-
-static int
-add_header(dearmour_t *dearmour, const char *key, const char *value)
-{
- int n;
-
- /*
- * Check that the header is valid
- */
- if (strcmp(key, "Version") == 0 ||
- strcmp(key, "Comment") == 0 ||
- strcmp(key, "MessageID") == 0 ||
- strcmp(key, "Hash") == 0 ||
- strcmp(key, "Charset") == 0) {
- n = dearmour->headers.headerc;
- dearmour->headers.headers = realloc(dearmour->headers.headers,
- (n + 1) * sizeof(*dearmour->headers.headers));
- if (dearmour->headers.headers == NULL) {
- (void) fprintf(stderr, "add_header: bad alloc\n");
- return 0;
- }
- dearmour->headers.headers[n].key = netpgp_strdup(key);
- dearmour->headers.headers[n].value = netpgp_strdup(value);
- dearmour->headers.headerc = n + 1;
- return 1;
- }
- return 0;
-}
-
-/* \todo what does a return value of 0 indicate? 1 is good, -1 is bad */
-static int
-parse_headers(dearmour_t *dearmour, __ops_error_t **errors,
- __ops_reader_t * readinfo, __ops_cbdata_t * cbinfo)
-{
- unsigned nbuf;
- unsigned size;
- unsigned first = 1;
- char *buf;
- int ret = 1;
-
- nbuf = 0;
- size = 80;
- if ((buf = calloc(1, size)) == NULL) {
- (void) fprintf(stderr, "parse_headers: bad calloc\n");
- return -1;
- }
- for (;;) {
- int c;
-
- if ((c = read_char(dearmour, errors, readinfo, cbinfo, 1)) < 0) {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT, "Unexpected EOF");
- ret = -1;
- break;
- }
- if (c == '\n') {
- char *s;
-
- if (nbuf == 0) {
- break;
- }
-
- if (nbuf >= size) {
- (void) fprintf(stderr,
- "parse_headers: bad size\n");
- return -1;
- }
- buf[nbuf] = '\0';
-
- if ((s = strchr(buf, ':')) == NULL) {
- if (!first && !dearmour->allow_headers_without_gap) {
- /*
- * then we have seriously malformed
- * armour
- */
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT, "No colon in armour header");
- ret = -1;
- break;
- } else {
- if (first &&
- !(dearmour->allow_headers_without_gap || dearmour->allow_no_gap)) {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT, "No colon in armour header (2)");
- /*
- * then we have a nasty
- * armoured block with no
- * headers, not even a blank
- * line.
- */
- buf[nbuf] = '\n';
- push_back(dearmour, (uint8_t *) buf, nbuf + 1);
- ret = -1;
- break;
- }
- }
- } else {
- *s = '\0';
- if (s[1] != ' ') {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT, "No space in armour header");
- ret = -1;
- goto end;
- }
- if (!add_header(dearmour, buf, s + 2)) {
- OPS_ERROR_1(errors, OPS_E_R_BAD_FORMAT, "Invalid header %s", buf);
- ret = -1;
- goto end;
- }
- nbuf = 0;
- }
- first = 0;
- } else {
- if (size <= nbuf + 1) {
- size += size + 80;
- buf = realloc(buf, size);
- if (buf == NULL) {
- (void) fprintf(stderr, "bad alloc\n");
- ret = -1;
- goto end;
- }
- }
- buf[nbuf++] = c;
- }
- }
-
-end:
- free(buf);
-
- return ret;
-}
-
-static int
-read4(dearmour_t *dearmour, __ops_error_t **errors,
- __ops_reader_t *readinfo, __ops_cbdata_t *cbinfo,
- int *pc, unsigned *pn, uint32_t *pl)
-{
- int n, c;
- uint32_t l = 0;
-
- for (n = 0; n < 4; ++n) {
- c = read_char(dearmour, errors, readinfo, cbinfo, 1);
- if (c < 0) {
- dearmour->eof64 = 1;
- return -1;
- }
- if (c == '-' || c == '=') {
- break;
- }
- l <<= 6;
- if (c >= 'A' && c <= 'Z') {
- l += (uint32_t)(c - 'A');
- } else if (c >= 'a' && c <= 'z') {
- l += (uint32_t)(c - 'a') + 26;
- } else if (c >= '0' && c <= '9') {
- l += (uint32_t)(c - '0') + 52;
- } else if (c == '+') {
- l += 62;
- } else if (c == '/') {
- l += 63;
- } else {
- --n;
- l >>= 6;
- }
- }
-
- *pc = c;
- *pn = n;
- *pl = l;
-
- return 4;
-}
-
-unsigned
-__ops_crc24(unsigned checksum, uint8_t c)
-{
- unsigned i;
-
- checksum ^= c << 16;
- for (i = 0; i < 8; i++) {
- checksum <<= 1;
- if (checksum & 0x1000000)
- checksum ^= CRC24_POLY;
- }
- return (unsigned)(checksum & 0xffffffL);
-}
-
-static int
-decode64(dearmour_t *dearmour, __ops_error_t **errors,
- __ops_reader_t *readinfo, __ops_cbdata_t *cbinfo)
-{
- unsigned n;
- int n2;
- uint32_t l;
- int c;
- int ret;
-
- if (dearmour->buffered) {
- (void) fprintf(stderr, "decode64: bad dearmour->buffered\n");
- return 0;
- }
-
- ret = read4(dearmour, errors, readinfo, cbinfo, &c, &n, &l);
- if (ret < 0) {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT, "Badly formed base64");
- return 0;
- }
- if (n == 3) {
- if (c != '=') {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "Badly terminated base64 (2)");
- return 0;
- }
- dearmour->buffered = 2;
- dearmour->eof64 = 1;
- l >>= 2;
- } else if (n == 2) {
- if (c != '=') {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "Badly terminated base64 (3)");
- return 0;
- }
- dearmour->buffered = 1;
- dearmour->eof64 = 1;
- l >>= 4;
- c = read_char(dearmour, errors, readinfo, cbinfo, 0);
- if (c != '=') {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "Badly terminated base64");
- return 0;
- }
- } else if (n == 0) {
- if (!dearmour->prev_nl || c != '=') {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "Badly terminated base64 (4)");
- return 0;
- }
- dearmour->buffered = 0;
- } else {
- if (n != 4) {
- (void) fprintf(stderr,
- "decode64: bad n (!= 4)\n");
- return 0;
- }
- dearmour->buffered = 3;
- if (c == '-' || c == '=') {
- (void) fprintf(stderr, "decode64: bad c\n");
- return 0;
- }
- }
-
- if (dearmour->buffered < 3 && dearmour->buffered > 0) {
- /* then we saw padding */
- if (c != '=') {
- (void) fprintf(stderr, "decode64: bad c (=)\n");
- return 0;
- }
- c = read_and_eat_whitespace(dearmour, errors, readinfo, cbinfo,
- 1);
- if (c != '\n') {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "No newline at base64 end");
- return 0;
- }
- c = read_char(dearmour, errors, readinfo, cbinfo, 0);
- if (c != '=') {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "No checksum at base64 end");
- return 0;
- }
- }
- if (c == '=') {
- /* now we are at the checksum */
- ret = read4(dearmour, errors, readinfo, cbinfo, &c, &n,
- &dearmour->read_checksum);
- if (ret < 0 || n != 4) {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "Error in checksum");
- return 0;
- }
- c = read_char(dearmour, errors, readinfo, cbinfo, 1);
- if (dearmour->allow_trailing_whitespace)
- c = eat_whitespace(c, dearmour, errors, readinfo, cbinfo,
- 1);
- if (c != '\n') {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "Badly terminated checksum");
- return 0;
- }
- c = read_char(dearmour, errors, readinfo, cbinfo, 0);
- if (c != '-') {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "Bad base64 trailer (2)");
- return 0;
- }
- }
- if (c == '-') {
- for (n = 0; n < 4; ++n)
- if (read_char(dearmour, errors, readinfo, cbinfo,
- 0) != '-') {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "Bad base64 trailer");
- return 0;
- }
- dearmour->eof64 = 1;
- } else {
- if (!dearmour->buffered) {
- (void) fprintf(stderr, "decode64: not buffered\n");
- return 0;
- }
- }
-
- for (n = 0; n < dearmour->buffered; ++n) {
- dearmour->buffer[n] = (uint8_t)l;
- l >>= 8;
- }
-
- for (n2 = dearmour->buffered - 1; n2 >= 0; --n2)
- dearmour->checksum = __ops_crc24((unsigned)dearmour->checksum,
- dearmour->buffer[n2]);
-
- if (dearmour->eof64 && dearmour->read_checksum != dearmour->checksum) {
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT, "Checksum mismatch");
- return 0;
- }
- return 1;
-}
-
-static void
-base64(dearmour_t *dearmour)
-{
- dearmour->state = BASE64;
- dearmour->checksum = CRC24_INIT;
- dearmour->eof64 = 0;
- dearmour->buffered = 0;
-}
-
-/* This reader is rather strange in that it can generate callbacks for */
-/* content - this is because plaintext is not encapsulated in PGP */
-/* packets... it also calls back for the text between the blocks. */
-
-static int
-armoured_data_reader(void *dest_, size_t length, __ops_error_t **errors,
- __ops_reader_t *readinfo,
- __ops_cbdata_t *cbinfo)
-{
- __ops_packet_t content;
- dearmour_t *dearmour;
- unsigned first;
- uint8_t *dest = dest_;
- char buf[1024];
- int saved;
- int ret;
-
- dearmour = __ops_reader_get_arg(readinfo);
- saved = (int)length;
- if (dearmour->eof64 && !dearmour->buffered) {
- if (dearmour->state != OUTSIDE_BLOCK &&
- dearmour->state != AT_TRAILER_NAME) {
- (void) fprintf(stderr,
- "armoured_data_reader: bad dearmour state\n");
- return 0;
- }
- }
-
- while (length > 0) {
- unsigned count;
- unsigned n;
- int c;
-
- flush(dearmour, cbinfo);
- switch (dearmour->state) {
- case OUTSIDE_BLOCK:
- /*
- * This code returns EOF rather than EARLY_EOF
- * because if we don't see a header line at all, then
- * it is just an EOF (and not a BLOCK_END)
- */
- while (!dearmour->seen_nl) {
- if ((c = unarmoured_read_char(dearmour, errors,
- readinfo, cbinfo, 1)) < 0) {
- return 0;
- }
- }
-
- /*
- * flush at this point so we definitely have room for
- * the header, and so we can easily erase it from the
- * buffer
- */
- flush(dearmour, cbinfo);
- /* Find and consume the 5 leading '-' */
- for (count = 0; count < 5; ++count) {
- if ((c = unarmoured_read_char(dearmour, errors,
- readinfo, cbinfo, 0)) < 0) {
- return 0;
- }
- if (c != '-') {
- goto reloop;
- }
- }
-
- /* Now find the block type */
- for (n = 0; n < sizeof(buf) - 1;) {
- if ((c = unarmoured_read_char(dearmour, errors,
- readinfo, cbinfo, 0)) < 0) {
- return 0;
- }
- if (c == '-') {
- goto got_minus;
- }
- buf[n++] = c;
- }
- /* then I guess this wasn't a proper header */
- break;
-
-got_minus:
- buf[n] = '\0';
-
- /* Consume trailing '-' */
- for (count = 1; count < 5; ++count) {
- if ((c = unarmoured_read_char(dearmour, errors,
- readinfo, cbinfo, 0)) < 0) {
- return 0;
- }
- if (c != '-') {
- /* wasn't a header after all */
- goto reloop;
- }
- }
-
- /* Consume final NL */
- if ((c = unarmoured_read_char(dearmour, errors, readinfo,
- cbinfo, 1)) < 0) {
- return 0;
- }
- if (dearmour->allow_trailing_whitespace) {
- if ((c = eat_whitespace(c, dearmour, errors,
- readinfo, cbinfo, 1)) < 0) {
- return 0;
- }
- }
- if (c != '\n') {
- /* wasn't a header line after all */
- break;
- }
-
- /*
- * Now we've seen the header, scrub it from the
- * buffer
- */
- dearmour->unarmoredc = 0;
-
- /*
- * But now we've seen a header line, then errors are
- * EARLY_EOF
- */
- if ((ret = parse_headers(dearmour, errors, readinfo,
- cbinfo)) <= 0) {
- return -1;
- }
-
- if (!set_lastseen_headerline(dearmour, buf, errors)) {
- return -1;
- }
-
- if (strcmp(buf, "BEGIN PGP SIGNED MESSAGE") == 0) {
- __ops_dup_headers(
- &content.u.cleartext_head,
- &dearmour->headers);
- CALLBACK(OPS_PTAG_CT_SIGNED_CLEARTEXT_HEADER,
- cbinfo,
- &content);
- ret = process_dash_escaped(dearmour, errors,
- readinfo, cbinfo);
- if (ret <= 0) {
- return ret;
- }
- } else {
- content.u.armour_header.type = buf;
- content.u.armour_header.headers =
- dearmour->headers;
- (void) memset(&dearmour->headers, 0x0,
- sizeof(dearmour->headers));
- CALLBACK(OPS_PTAG_CT_ARMOUR_HEADER, cbinfo,
- &content);
- base64(dearmour);
- }
- break;
-
- case BASE64:
- first = 1;
- while (length > 0) {
- if (!dearmour->buffered) {
- if (!dearmour->eof64) {
- ret = decode64(dearmour,
- errors, readinfo, cbinfo);
- if (ret <= 0) {
- return ret;
- }
- }
- if (!dearmour->buffered) {
- if (!dearmour->eof64) {
- (void) fprintf(stderr,
-"armoured_data_reader: bad dearmour eof64\n");
- return 0;
- }
- if (first) {
- dearmour->state =
- AT_TRAILER_NAME;
- goto reloop;
- }
- return -1;
- }
- }
- if (!dearmour->buffered) {
- (void) fprintf(stderr,
- "armoured_data_reader: bad dearmour buffered\n");
- return 0;
- }
- *dest = dearmour->buffer[--dearmour->buffered];
- ++dest;
- --length;
- first = 0;
- }
- if (dearmour->eof64 && !dearmour->buffered) {
- dearmour->state = AT_TRAILER_NAME;
- }
- break;
-
- case AT_TRAILER_NAME:
- for (n = 0; n < sizeof(buf) - 1;) {
- if ((c = read_char(dearmour, errors, readinfo,
- cbinfo, 0)) < 0) {
- return -1;
- }
- if (c == '-') {
- goto got_minus2;
- }
- buf[n++] = c;
- }
- /* then I guess this wasn't a proper trailer */
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "Bad ASCII armour trailer");
- break;
-
-got_minus2:
- buf[n] = '\0';
-
- if (!set_lastseen_headerline(dearmour, buf, errors)) {
- return -1;
- }
-
- /* Consume trailing '-' */
- for (count = 1; count < 5; ++count) {
- if ((c = read_char(dearmour, errors, readinfo,
- cbinfo, 0)) < 0) {
- return -1;
- }
- if (c != '-') {
- /* wasn't a trailer after all */
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "Bad ASCII armour trailer (2)");
- }
- }
-
- /* Consume final NL */
- if ((c = read_char(dearmour, errors, readinfo, cbinfo,
- 1)) < 0) {
- return -1;
- }
- if (dearmour->allow_trailing_whitespace) {
- if ((c = eat_whitespace(c, dearmour, errors,
- readinfo, cbinfo, 1)) < 0) {
- return 0;
- }
- }
- if (c != '\n') {
- /* wasn't a trailer line after all */
- OPS_ERROR(errors, OPS_E_R_BAD_FORMAT,
- "Bad ASCII armour trailer (3)");
- }
-
- if (strncmp(buf, "BEGIN ", 6) == 0) {
- if (!set_lastseen_headerline(dearmour, buf,
- errors)) {
- return -1;
- }
- if ((ret = parse_headers(dearmour, errors,
- readinfo, cbinfo)) <= 0) {
- return ret;
- }
- content.u.armour_header.type = buf;
- content.u.armour_header.headers =
- dearmour->headers;
- (void) memset(&dearmour->headers, 0x0,
- sizeof(dearmour->headers));
- CALLBACK(OPS_PTAG_CT_ARMOUR_HEADER, cbinfo,
- &content);
- base64(dearmour);
- } else {
- content.u.armour_trailer = buf;
- CALLBACK(OPS_PTAG_CT_ARMOUR_TRAILER, cbinfo,
- &content);
- dearmour->state = OUTSIDE_BLOCK;
- }
- break;
- }
-reloop:
- continue;
- }
-
- return saved;
-}
-
-static void
-armoured_data_destroyer(__ops_reader_t *readinfo)
-{
- free(__ops_reader_get_arg(readinfo));
-}
-
-/**
- * \ingroup Core_Readers_Armour
- * \brief Pushes dearmouring reader onto stack
- * \param parse_info Usual structure containing information about to how to do the parse
- * \sa __ops_reader_pop_dearmour()
- */
-void
-__ops_reader_push_dearmour(__ops_stream_t *parse_info)
-/*
- * This function originally had these params to cater for packets which
- * didn't strictly match the RFC. The initial 0.5 release is only going to
- * support strict checking. If it becomes desirable to support loose checking
- * of armoured packets and these params are reinstated, parse_headers() must
- * be fixed so that these flags work correctly.
- *
- * // Allow headers in armoured data that are not separated from the data by a
- * blank line unsigned without_gap,
- *
- * // Allow no blank line at the start of armoured data unsigned no_gap,
- *
- * //Allow armoured data to have trailing whitespace where we strictly would not
- * expect it unsigned trailing_whitespace
- */
-{
- dearmour_t *dearmour;
-
- if ((dearmour = calloc(1, sizeof(*dearmour))) == NULL) {
- (void) fprintf(stderr, "__ops_reader_push_dearmour: bad alloc\n");
- } else {
- dearmour->seen_nl = 1;
- /*
- dearmour->allow_headers_without_gap=without_gap;
- dearmour->allow_no_gap=no_gap;
- dearmour->allow_trailing_whitespace=trailing_whitespace;
- */
- dearmour->expect_sig = 0;
- dearmour->got_sig = 0;
-
- __ops_reader_push(parse_info, armoured_data_reader,
- armoured_data_destroyer, dearmour);
- }
-}
-
-/**
- * \ingroup Core_Readers_Armour
- * \brief Pops dearmour reader from stock
- * \param stream
- * \sa __ops_reader_push_dearmour()
- */
-void
-__ops_reader_pop_dearmour(__ops_stream_t *stream)
-{
- dearmour_t *dearmour;
-
- dearmour = __ops_reader_get_arg(__ops_readinfo(stream));
- free(dearmour);
- __ops_reader_pop(stream);
-}
-
-/**************************************************************************/
-
-/* this is actually used for *decrypting* */
-typedef struct {
- uint8_t decrypted[1024 * 15];
- size_t c;
- size_t off;
- __ops_crypt_t *decrypt;
- __ops_region_t *region;
- unsigned prevplain:1;
-} encrypted_t;
-
-static int
-encrypted_data_reader(void *dest,
- size_t length,
- __ops_error_t **errors,
- __ops_reader_t *readinfo,
- __ops_cbdata_t *cbinfo)
-{
- encrypted_t *encrypted;
- char *cdest;
- int saved;
-
- encrypted = __ops_reader_get_arg(readinfo);
- saved = (int)length;
- /*
- * V3 MPIs have the count plain and the cipher is reset after each
- * count
- */
- if (encrypted->prevplain && !readinfo->parent->reading_mpi_len) {
- if (!readinfo->parent->reading_v3_secret) {
- (void) fprintf(stderr,
- "encrypted_data_reader: bad v3 secret\n");
- return -1;
- }
- encrypted->decrypt->decrypt_resync(encrypted->decrypt);
- encrypted->prevplain = 0;
- } else if (readinfo->parent->reading_v3_secret &&
- readinfo->parent->reading_mpi_len) {
- encrypted->prevplain = 1;
- }
- while (length > 0) {
- if (encrypted->c) {
- unsigned n;
-
- /*
- * if we are reading v3 we should never read
- * more than we're asked for */
- if (length < encrypted->c &&
- (readinfo->parent->reading_v3_secret ||
- readinfo->parent->exact_read)) {
- (void) fprintf(stderr,
- "encrypted_data_reader: bad v3 read\n");
- return 0;
- }
- n = (int)MIN(length, encrypted->c);
- (void) memcpy(dest,
- encrypted->decrypted + encrypted->off, n);
- encrypted->c -= n;
- encrypted->off += n;
- length -= n;
- cdest = dest;
- cdest += n;
- dest = cdest;
- } else {
- unsigned n = encrypted->region->length;
- uint8_t buffer[1024];
-
- if (!n) {
- return -1;
- }
- if (!encrypted->region->indeterminate) {
- n -= encrypted->region->readc;
- if (n == 0) {
- return (int)(saved - length);
- }
- if (n > sizeof(buffer)) {
- n = sizeof(buffer);
- }
- } else {
- n = sizeof(buffer);
- }
-
- /*
- * we can only read as much as we're asked for
- * in v3 keys because they're partially
- * unencrypted! */
- if ((readinfo->parent->reading_v3_secret ||
- readinfo->parent->exact_read) && n > length) {
- n = (unsigned)length;
- }
-
- if (!__ops_stacked_limited_read(buffer, n,
- encrypted->region, errors, readinfo, cbinfo)) {
- return -1;
- }
- if (!readinfo->parent->reading_v3_secret ||
- !readinfo->parent->reading_mpi_len) {
- encrypted->c =
- __ops_decrypt_se_ip(encrypted->decrypt,
- encrypted->decrypted, buffer, n);
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "encrypted", buffer, 16);
- hexdump(stderr, "decrypted", encrypted->decrypted, 16);
- }
- } else {
- (void) memcpy(
- &encrypted->decrypted[encrypted->off], buffer, n);
- encrypted->c = n;
- }
-
- if (encrypted->c == 0) {
- (void) fprintf(stderr,
- "encrypted_data_reader: 0 decrypted count\n");
- return 0;
- }
-
- encrypted->off = 0;
- }
- }
-
- return saved;
-}
-
-static void
-encrypted_data_destroyer(__ops_reader_t *readinfo)
-{
- free(__ops_reader_get_arg(readinfo));
-}
-
-/**
- * \ingroup Core_Readers_SE
- * \brief Pushes decryption reader onto stack
- * \sa __ops_reader_pop_decrypt()
- */
-void
-__ops_reader_push_decrypt(__ops_stream_t *stream, __ops_crypt_t *decrypt,
- __ops_region_t *region)
-{
- encrypted_t *encrypted;
-
- if ((encrypted = calloc(1, sizeof(*encrypted))) == NULL) {
- (void) fprintf(stderr, "__ops_reader_push_decrypted: bad alloc\n");
- } else {
- encrypted->decrypt = decrypt;
- encrypted->region = region;
- __ops_decrypt_init(encrypted->decrypt);
- __ops_reader_push(stream, encrypted_data_reader,
- encrypted_data_destroyer, encrypted);
- }
-}
-
-/**
- * \ingroup Core_Readers_Encrypted
- * \brief Pops decryption reader from stack
- * \sa __ops_reader_push_decrypt()
- */
-void
-__ops_reader_pop_decrypt(__ops_stream_t *stream)
-{
- encrypted_t *encrypted;
-
- encrypted = __ops_reader_get_arg(__ops_readinfo(stream));
- encrypted->decrypt->decrypt_finish(encrypted->decrypt);
- free(encrypted);
- __ops_reader_pop(stream);
-}
-
-/**************************************************************************/
-
-typedef struct {
- /* boolean: 0 once we've done the preamble/MDC checks */
- /* and are reading from the plaintext */
- int passed_checks;
- uint8_t *plaintext;
- size_t plaintext_available;
- size_t plaintext_offset;
- __ops_region_t *region;
- __ops_crypt_t *decrypt;
-} decrypt_se_ip_t;
-
-/*
- Gets entire SE_IP data packet.
- Verifies leading preamble
- Verifies trailing MDC packet
- Then passes up plaintext as requested
-*/
-static int
-se_ip_data_reader(void *dest_,
- size_t len,
- __ops_error_t **errors,
- __ops_reader_t *readinfo,
- __ops_cbdata_t *cbinfo)
-{
- decrypt_se_ip_t *se_ip;
- __ops_region_t decrypted_region;
- unsigned n = 0;
-
- se_ip = __ops_reader_get_arg(readinfo);
- if (!se_ip->passed_checks) {
- uint8_t *buf = NULL;
- uint8_t hashed[OPS_SHA1_HASH_SIZE];
- uint8_t *preamble;
- uint8_t *plaintext;
- uint8_t *mdc;
- uint8_t *mdc_hash;
- __ops_hash_t hash;
- size_t b;
- size_t sz_preamble;
- size_t sz_mdc_hash;
- size_t sz_mdc;
- size_t sz_plaintext;
-
- __ops_hash_any(&hash, OPS_HASH_SHA1);
- if (!hash.init(&hash)) {
- (void) fprintf(stderr,
- "se_ip_data_reader: can't init hash\n");
- return -1;
- }
-
- __ops_init_subregion(&decrypted_region, NULL);
- decrypted_region.length =
- se_ip->region->length - se_ip->region->readc;
- if ((buf = calloc(1, decrypted_region.length)) == NULL) {
- (void) fprintf(stderr, "se_ip_data_reader: bad alloc\n");
- return -1;
- }
-
- /* read entire SE IP packet */
- if (!__ops_stacked_limited_read(buf, decrypted_region.length,
- &decrypted_region, errors, readinfo, cbinfo)) {
- free(buf);
- return -1;
- }
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "SE IP packet", buf, decrypted_region.length);
- }
- /* verify leading preamble */
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "preamble", buf, se_ip->decrypt->blocksize);
- }
- b = se_ip->decrypt->blocksize;
- if (buf[b - 2] != buf[b] || buf[b - 1] != buf[b + 1]) {
- fprintf(stderr,
- "Bad symmetric decrypt (%02x%02x vs %02x%02x)\n",
- buf[b - 2], buf[b - 1], buf[b], buf[b + 1]);
- OPS_ERROR(errors, OPS_E_PROTO_BAD_SYMMETRIC_DECRYPT,
- "Bad symmetric decrypt when parsing SE IP packet");
- free(buf);
- return -1;
- }
- /* Verify trailing MDC hash */
-
- sz_preamble = se_ip->decrypt->blocksize + 2;
- sz_mdc_hash = OPS_SHA1_HASH_SIZE;
- sz_mdc = 1 + 1 + sz_mdc_hash;
- sz_plaintext = (decrypted_region.length - sz_preamble) - sz_mdc;
-
- preamble = buf;
- plaintext = buf + sz_preamble;
- mdc = plaintext + sz_plaintext;
- mdc_hash = mdc + 2;
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "plaintext", plaintext, sz_plaintext);
- hexdump(stderr, "mdc", mdc, sz_mdc);
- }
- __ops_calc_mdc_hash(preamble, sz_preamble, plaintext,
- (unsigned)sz_plaintext, hashed);
-
- if (memcmp(mdc_hash, hashed, OPS_SHA1_HASH_SIZE) != 0) {
- OPS_ERROR(errors, OPS_E_V_BAD_HASH,
- "Bad hash in MDC packet");
- free(buf);
- return 0;
- }
- /* all done with the checks */
- /* now can start reading from the plaintext */
- if (se_ip->plaintext) {
- (void) fprintf(stderr,
- "se_ip_data_reader: bad plaintext\n");
- return 0;
- }
- if ((se_ip->plaintext = calloc(1, sz_plaintext)) == NULL) {
- (void) fprintf(stderr,
- "se_ip_data_reader: bad alloc\n");
- return 0;
- }
- memcpy(se_ip->plaintext, plaintext, sz_plaintext);
- se_ip->plaintext_available = sz_plaintext;
-
- se_ip->passed_checks = 1;
-
- free(buf);
- }
- n = (unsigned)len;
- if (n > se_ip->plaintext_available) {
- n = (unsigned)se_ip->plaintext_available;
- }
-
- memcpy(dest_, se_ip->plaintext + se_ip->plaintext_offset, n);
- se_ip->plaintext_available -= n;
- se_ip->plaintext_offset += n;
- /* len -= n; - not used at all, for info only */
-
- return n;
-}
-
-static void
-se_ip_data_destroyer(__ops_reader_t *readinfo)
-{
- decrypt_se_ip_t *se_ip;
-
- se_ip = __ops_reader_get_arg(readinfo);
- free(se_ip->plaintext);
- free(se_ip);
-}
-
-/**
- \ingroup Internal_Readers_SEIP
-*/
-void
-__ops_reader_push_se_ip_data(__ops_stream_t *stream, __ops_crypt_t *decrypt,
- __ops_region_t * region)
-{
- decrypt_se_ip_t *se_ip;
-
- if ((se_ip = calloc(1, sizeof(*se_ip))) == NULL) {
- (void) fprintf(stderr, "__ops_reader_push_se_ip_data: bad alloc\n");
- } else {
- se_ip->region = region;
- se_ip->decrypt = decrypt;
- __ops_reader_push(stream, se_ip_data_reader, se_ip_data_destroyer,
- se_ip);
- }
-}
-
-/**
- \ingroup Internal_Readers_SEIP
- */
-void
-__ops_reader_pop_se_ip_data(__ops_stream_t *stream)
-{
- /*
- * decrypt_se_ip_t
- * *se_ip=__ops_reader_get_arg(__ops_readinfo(stream));
- */
- /* free(se_ip); */
- __ops_reader_pop(stream);
-}
-
-/**************************************************************************/
-
-/** Arguments for reader_fd
- */
-typedef struct mmap_reader_t {
- void *mem; /* memory mapped file */
- uint64_t size; /* size of file */
- uint64_t offset; /* current offset in file */
- int fd; /* file descriptor */
-} mmap_reader_t;
-
-
-/**
- * \ingroup Core_Readers
- *
- * __ops_reader_fd() attempts to read up to "plength" bytes from the file
- * descriptor in "parse_info" into the buffer starting at "dest" using the
- * rules contained in "flags"
- *
- * \param dest Pointer to previously allocated buffer
- * \param plength Number of bytes to try to read
- * \param flags Rules about reading to use
- * \param readinfo Reader info
- * \param cbinfo Callback info
- *
- * \return n Number of bytes read
- *
- * OPS_R_EARLY_EOF and OPS_R_ERROR push errors on the stack
- */
-static int
-fd_reader(void *dest, size_t length, __ops_error_t **errors,
- __ops_reader_t *readinfo, __ops_cbdata_t *cbinfo)
-{
- mmap_reader_t *reader;
- int n;
-
- __OPS_USED(cbinfo);
- reader = __ops_reader_get_arg(readinfo);
- n = (int)read(reader->fd, dest, length);
- if (n == 0)
- return 0;
- if (n < 0) {
- OPS_SYSTEM_ERROR_1(errors, OPS_E_R_READ_FAILED, "read",
- "file descriptor %d", reader->fd);
- return -1;
- }
- return n;
-}
-
-static void
-reader_fd_destroyer(__ops_reader_t *readinfo)
-{
- free(__ops_reader_get_arg(readinfo));
-}
-
-/**
- \ingroup Core_Readers_First
- \brief Starts stack with file reader
-*/
-
-void
-__ops_reader_set_fd(__ops_stream_t *stream, int fd)
-{
- mmap_reader_t *reader;
-
- if ((reader = calloc(1, sizeof(*reader))) == NULL) {
- (void) fprintf(stderr, "__ops_reader_set_fd: bad alloc\n");
- } else {
- reader->fd = fd;
- __ops_reader_set(stream, fd_reader, reader_fd_destroyer, reader);
- }
-}
-
-/**************************************************************************/
-
-typedef struct {
- const uint8_t *buffer;
- size_t length;
- size_t offset;
-} reader_mem_t;
-
-static int
-mem_reader(void *dest, size_t length, __ops_error_t **errors,
- __ops_reader_t *readinfo, __ops_cbdata_t *cbinfo)
-{
- reader_mem_t *reader = __ops_reader_get_arg(readinfo);
- unsigned n;
-
- __OPS_USED(cbinfo);
- __OPS_USED(errors);
-
- if (reader->offset + length > reader->length)
- n = (unsigned)(reader->length - reader->offset);
- else
- n = (unsigned)length;
-
- if (n == (unsigned)0)
- return 0;
-
- memcpy(dest, reader->buffer + reader->offset, n);
- reader->offset += n;
-
- return n;
-}
-
-static void
-mem_destroyer(__ops_reader_t *readinfo)
-{
- free(__ops_reader_get_arg(readinfo));
-}
-
-/**
- \ingroup Core_Readers_First
- \brief Starts stack with memory reader
-*/
-
-void
-__ops_reader_set_memory(__ops_stream_t *stream, const void *buffer,
- size_t length)
-{
- reader_mem_t *mem;
-
- if ((mem = calloc(1, sizeof(*mem))) == NULL) {
- (void) fprintf(stderr, "__ops_reader_set_memory: bad alloc\n");
- } else {
- mem->buffer = buffer;
- mem->length = length;
- mem->offset = 0;
- __ops_reader_set(stream, mem_reader, mem_destroyer, mem);
- }
-}
-
-/**************************************************************************/
-
-/**
- \ingroup Core_Writers
- \brief Create and initialise output and mem; Set for writing to mem
- \param output Address where new output pointer will be set
- \param mem Address when new mem pointer will be set
- \param bufsz Initial buffer size (will automatically be increased when necessary)
- \note It is the caller's responsiblity to free output and mem.
- \sa __ops_teardown_memory_write()
-*/
-void
-__ops_setup_memory_write(__ops_output_t **output, __ops_memory_t **mem, size_t bufsz)
-{
- /*
- * initialise needed structures for writing to memory
- */
-
- *output = __ops_output_new();
- *mem = __ops_memory_new();
-
- __ops_memory_init(*mem, bufsz);
-
- __ops_writer_set_memory(*output, *mem);
-}
-
-/**
- \ingroup Core_Writers
- \brief Closes writer and frees output and mem
- \param output
- \param mem
- \sa __ops_setup_memory_write()
-*/
-void
-__ops_teardown_memory_write(__ops_output_t *output, __ops_memory_t *mem)
-{
- __ops_writer_close(output);/* new */
- __ops_output_delete(output);
- __ops_memory_free(mem);
-}
-
-/**
- \ingroup Core_Readers
- \brief Create parse_info and sets to read from memory
- \param stream Address where new parse_info will be set
- \param mem Memory to read from
- \param arg Reader-specific arg
- \param callback Callback to use with reader
- \param accumulate Set if we need to accumulate as we read. (Usually 0 unless doing signature verification)
- \note It is the caller's responsiblity to free parse_info
- \sa __ops_teardown_memory_read()
-*/
-void
-__ops_setup_memory_read(__ops_io_t *io,
- __ops_stream_t **stream,
- __ops_memory_t *mem,
- void *vp,
- __ops_cb_ret_t callback(const __ops_packet_t *,
- __ops_cbdata_t *),
- unsigned accumulate)
-{
- *stream = __ops_new(sizeof(**stream));
- (*stream)->io = (*stream)->cbinfo.io = io;
- __ops_set_callback(*stream, callback, vp);
- __ops_reader_set_memory(*stream,
- __ops_mem_data(mem),
- __ops_mem_len(mem));
- if (accumulate) {
- (*stream)->readinfo.accumulate = 1;
- }
-}
-
-/**
- \ingroup Core_Readers
- \brief Frees stream and mem
- \param stream
- \param mem
- \sa __ops_setup_memory_read()
-*/
-void
-__ops_teardown_memory_read(__ops_stream_t *stream, __ops_memory_t *mem)
-{
- __ops_stream_delete(stream);
- __ops_memory_free(mem);
-}
-
-/**
- \ingroup Core_Writers
- \brief Create and initialise output and mem; Set for writing to file
- \param output Address where new output pointer will be set
- \param filename File to write to
- \param allow_overwrite Allows file to be overwritten, if set.
- \return Newly-opened file descriptor
- \note It is the caller's responsiblity to free output and to close fd.
- \sa __ops_teardown_file_write()
-*/
-int
-__ops_setup_file_write(__ops_output_t **output, const char *filename,
- unsigned allow_overwrite)
-{
- int fd = 0;
- int flags = 0;
-
- /*
- * initialise needed structures for writing to file
- */
- if (filename == NULL) {
- /* write to stdout */
- fd = STDOUT_FILENO;
- } else {
- flags = O_WRONLY | O_CREAT;
- if (allow_overwrite)
- flags |= O_TRUNC;
- else
- flags |= O_EXCL;
-#ifdef O_BINARY
- flags |= O_BINARY;
-#endif
- fd = open(filename, flags, 0600);
- if (fd < 0) {
- perror(filename);
- return fd;
- }
- }
- *output = __ops_output_new();
- __ops_writer_set_fd(*output, fd);
- return fd;
-}
-
-/**
- \ingroup Core_Writers
- \brief Closes writer, frees info, closes fd
- \param output
- \param fd
-*/
-void
-__ops_teardown_file_write(__ops_output_t *output, int fd)
-{
- __ops_writer_close(output);
- close(fd);
- __ops_output_delete(output);
-}
-
-/**
- \ingroup Core_Writers
- \brief As __ops_setup_file_write, but appends to file
-*/
-int
-__ops_setup_file_append(__ops_output_t **output, const char *filename)
-{
- int fd;
-
- /*
- * initialise needed structures for writing to file
- */
-#ifdef O_BINARY
- fd = open(filename, O_WRONLY | O_APPEND | O_BINARY, 0600);
-#else
- fd = open(filename, O_WRONLY | O_APPEND, 0600);
-#endif
- if (fd >= 0) {
- *output = __ops_output_new();
- __ops_writer_set_fd(*output, fd);
- }
- return fd;
-}
-
-/**
- \ingroup Core_Writers
- \brief As __ops_teardown_file_write()
-*/
-void
-__ops_teardown_file_append(__ops_output_t *output, int fd)
-{
- __ops_teardown_file_write(output, fd);
-}
-
-/**
- \ingroup Core_Readers
- \brief Creates parse_info, opens file, and sets to read from file
- \param stream Address where new parse_info will be set
- \param filename Name of file to read
- \param vp Reader-specific arg
- \param callback Callback to use when reading
- \param accumulate Set if we need to accumulate as we read. (Usually 0 unless doing signature verification)
- \note It is the caller's responsiblity to free parse_info and to close fd
- \sa __ops_teardown_file_read()
-*/
-int
-__ops_setup_file_read(__ops_io_t *io,
- __ops_stream_t **stream,
- const char *filename,
- void *vp,
- __ops_cb_ret_t callback(const __ops_packet_t *,
- __ops_cbdata_t *),
- unsigned accumulate)
-{
- int fd;
-
-#ifdef O_BINARY
- fd = open(filename, O_RDONLY | O_BINARY);
-#else
- fd = open(filename, O_RDONLY);
-#endif
- if (fd < 0) {
- (void) fprintf(io->errs, "can't open \"%s\"\n", filename);
- return fd;
- }
- *stream = __ops_new(sizeof(**stream));
- (*stream)->io = (*stream)->cbinfo.io = io;
- __ops_set_callback(*stream, callback, vp);
-#ifdef USE_MMAP_FOR_FILES
- __ops_reader_set_mmap(*stream, fd);
-#else
- __ops_reader_set_fd(*stream, fd);
-#endif
- if (accumulate) {
- (*stream)->readinfo.accumulate = 1;
- }
- return fd;
-}
-
-/**
- \ingroup Core_Readers
- \brief Frees stream and closes fd
- \param stream
- \param fd
- \sa __ops_setup_file_read()
-*/
-void
-__ops_teardown_file_read(__ops_stream_t *stream, int fd)
-{
- close(fd);
- __ops_stream_delete(stream);
-}
-
-__ops_cb_ret_t
-__ops_litdata_cb(const __ops_packet_t *pkt, __ops_cbdata_t *cbinfo)
-{
- const __ops_contents_t *content = &pkt->u;
-
- if (__ops_get_debug_level(__FILE__)) {
- printf("__ops_litdata_cb: ");
- __ops_print_packet(&cbinfo->printstate, pkt);
- }
- /* Read data from packet into static buffer */
- switch (pkt->tag) {
- case OPS_PTAG_CT_LITDATA_BODY:
- /* if writer enabled, use it */
- if (cbinfo->output) {
- if (__ops_get_debug_level(__FILE__)) {
- printf("__ops_litdata_cb: length is %u\n",
- content->litdata_body.length);
- }
- __ops_write(cbinfo->output,
- content->litdata_body.data,
- content->litdata_body.length);
- }
- break;
-
- case OPS_PTAG_CT_LITDATA_HEADER:
- /* ignore */
- break;
-
- default:
- break;
- }
-
- return OPS_RELEASE_MEMORY;
-}
-
-__ops_cb_ret_t
-__ops_pk_sesskey_cb(const __ops_packet_t *pkt, __ops_cbdata_t *cbinfo)
-{
- const __ops_contents_t *content = &pkt->u;
- unsigned from;
- __ops_io_t *io;
-
- io = cbinfo->io;
- if (__ops_get_debug_level(__FILE__)) {
- __ops_print_packet(&cbinfo->printstate, pkt);
- }
- /* Read data from packet into static buffer */
- switch (pkt->tag) {
- case OPS_PTAG_CT_PK_SESSION_KEY:
- if (__ops_get_debug_level(__FILE__)) {
- printf("OPS_PTAG_CT_PK_SESSION_KEY\n");
- }
- if (!cbinfo->cryptinfo.secring) {
- (void) fprintf(io->errs,
- "__ops_pk_sesskey_cb: bad keyring\n");
- return (__ops_cb_ret_t)0;
- }
- from = 0;
- cbinfo->cryptinfo.keydata =
- __ops_getkeybyid(io, cbinfo->cryptinfo.secring,
- content->pk_sesskey.key_id, &from, NULL);
- if (!cbinfo->cryptinfo.keydata) {
- break;
- }
- break;
-
- default:
- break;
- }
-
- return OPS_RELEASE_MEMORY;
-}
-
-/**
- \ingroup Core_Callbacks
-
-\brief Callback to get secret key, decrypting if necessary.
-
-@verbatim
- This callback does the following:
- * finds the session key in the keyring
- * gets a passphrase if required
- * decrypts the secret key, if necessary
- * sets the seckey in the content struct
-@endverbatim
-*/
-
-__ops_cb_ret_t
-__ops_get_seckey_cb(const __ops_packet_t *pkt, __ops_cbdata_t *cbinfo)
-{
- const __ops_contents_t *content = &pkt->u;
- const __ops_seckey_t *secret;
- const __ops_key_t *pubkey;
- const __ops_key_t *keypair;
- unsigned from;
- __ops_io_t *io;
-
- io = cbinfo->io;
- if (__ops_get_debug_level(__FILE__)) {
- __ops_print_packet(&cbinfo->printstate, pkt);
- }
- switch (pkt->tag) {
- case OPS_GET_SECKEY:
- /* print key from pubring */
- from = 0;
- pubkey = __ops_getkeybyid(io, cbinfo->cryptinfo.pubring,
- content->get_seckey.pk_sesskey->key_id,
- &from, NULL);
- /* validate key from secring */
- from = 0;
- cbinfo->cryptinfo.keydata =
- __ops_getkeybyid(io, cbinfo->cryptinfo.secring,
- content->get_seckey.pk_sesskey->key_id,
- &from, NULL);
- if (!cbinfo->cryptinfo.keydata ||
- !__ops_is_key_secret(cbinfo->cryptinfo.keydata)) {
- return (__ops_cb_ret_t)0;
- }
- keypair = cbinfo->cryptinfo.keydata;
- if (pubkey == NULL) {
- pubkey = keypair;
- }
- do {
- /* print out the user id */
- __ops_print_keydata(io, cbinfo->cryptinfo.pubring, pubkey,
- "signature ", &pubkey->key.pubkey, 0);
- /* now decrypt key */
- secret = __ops_decrypt_seckey(keypair, cbinfo->passfp);
- if (secret == NULL) {
- (void) fprintf(io->errs, "Bad passphrase\n");
- }
- } while (secret == NULL);
- *content->get_seckey.seckey = secret;
- break;
-
- default:
- break;
- }
-
- return OPS_RELEASE_MEMORY;
-}
-
-/**
- \ingroup HighLevel_Callbacks
- \brief Callback to use when you need to prompt user for passphrase
- \param contents
- \param cbinfo
-*/
-__ops_cb_ret_t
-get_passphrase_cb(const __ops_packet_t *pkt, __ops_cbdata_t *cbinfo)
-{
- const __ops_contents_t *content = &pkt->u;
- __ops_io_t *io;
-
- io = cbinfo->io;
- if (__ops_get_debug_level(__FILE__)) {
- __ops_print_packet(&cbinfo->printstate, pkt);
- }
- if (cbinfo->cryptinfo.keydata == NULL) {
- (void) fprintf(io->errs, "get_passphrase_cb: NULL keydata\n");
- } else {
- __ops_print_keydata(io, cbinfo->cryptinfo.pubring, cbinfo->cryptinfo.keydata, "signature ",
- &cbinfo->cryptinfo.keydata->key.pubkey, 0);
- }
- switch (pkt->tag) {
- case OPS_GET_PASSPHRASE:
- *(content->skey_passphrase.passphrase) =
- netpgp_strdup(getpass("netpgp passphrase: "));
- return OPS_KEEP_MEMORY;
- default:
- break;
- }
- return OPS_RELEASE_MEMORY;
-}
-
-unsigned
-__ops_reader_set_accumulate(__ops_stream_t *stream, unsigned state)
-{
- return stream->readinfo.accumulate = state;
-}
-
-/**************************************************************************/
-
-static int
-hash_reader(void *dest,
- size_t length,
- __ops_error_t **errors,
- __ops_reader_t *readinfo,
- __ops_cbdata_t *cbinfo)
-{
- __ops_hash_t *hash = __ops_reader_get_arg(readinfo);
- int r;
-
- r = __ops_stacked_read(dest, length, errors, readinfo, cbinfo);
- if (r <= 0) {
- return r;
- }
- hash->add(hash, dest, (unsigned)r);
- return r;
-}
-
-/**
- \ingroup Internal_Readers_Hash
- \brief Push hashed data reader on stack
-*/
-void
-__ops_reader_push_hash(__ops_stream_t *stream, __ops_hash_t *hash)
-{
- if (!hash->init(hash)) {
- (void) fprintf(stderr, "__ops_reader_push_hash: can't init hash\n");
- /* just continue and die */
- /* XXX - agc - no way to return failure */
- }
- __ops_reader_push(stream, hash_reader, NULL, hash);
-}
-
-/**
- \ingroup Internal_Readers_Hash
- \brief Pop hashed data reader from stack
-*/
-void
-__ops_reader_pop_hash(__ops_stream_t *stream)
-{
- __ops_reader_pop(stream);
-}
-
-/* read memory from the previously mmap-ed file */
-static int
-mmap_reader(void *dest, size_t length, __ops_error_t **errors,
- __ops_reader_t *readinfo, __ops_cbdata_t *cbinfo)
-{
- mmap_reader_t *mem = __ops_reader_get_arg(readinfo);
- unsigned n;
- char *cmem = mem->mem;
-
- __OPS_USED(errors);
- __OPS_USED(cbinfo);
- n = (unsigned)MIN(length, (unsigned)(mem->size - mem->offset));
- if (n > 0) {
- (void) memcpy(dest, &cmem[(int)mem->offset], (unsigned)n);
- mem->offset += n;
- }
- return (int)n;
-}
-
-/* tear down the mmap, close the fd */
-static void
-mmap_destroyer(__ops_reader_t *readinfo)
-{
- mmap_reader_t *mem = __ops_reader_get_arg(readinfo);
-
- (void) munmap(mem->mem, (unsigned)mem->size);
- (void) close(mem->fd);
- free(__ops_reader_get_arg(readinfo));
-}
-
-/* set up the file to use mmap-ed memory if available, file IO otherwise */
-void
-__ops_reader_set_mmap(__ops_stream_t *stream, int fd)
-{
- mmap_reader_t *mem;
- struct stat st;
-
- if (fstat(fd, &st) != 0) {
- (void) fprintf(stderr, "__ops_reader_set_mmap: can't fstat\n");
- } else if ((mem = calloc(1, sizeof(*mem))) == NULL) {
- (void) fprintf(stderr, "__ops_reader_set_mmap: bad alloc\n");
- } else {
- mem->size = (uint64_t)st.st_size;
- mem->offset = 0;
- mem->fd = fd;
- mem->mem = mmap(NULL, (size_t)st.st_size, PROT_READ,
- MAP_PRIVATE | MAP_FILE, fd, 0);
- if (mem->mem == MAP_FAILED) {
- __ops_reader_set(stream, fd_reader, reader_fd_destroyer,
- mem);
- } else {
- __ops_reader_set(stream, mmap_reader, mmap_destroyer,
- mem);
- }
- }
-}
diff --git a/enzevalos_iphone/netpgp/lib/readerwriter.h b/enzevalos_iphone/netpgp/lib/readerwriter.h
deleted file mode 100644
index aa3487a4..00000000
--- a/enzevalos_iphone/netpgp/lib/readerwriter.h
+++ /dev/null
@@ -1,126 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef READERWRITER_H_
-#define READERWRITER_H_
-
-#include "create.h"
-
-#include "memory.h"
-
-/* if this is defined, we'll use mmap in preference to file ops */
-#define USE_MMAP_FOR_FILES 1
-
-void __ops_reader_set_fd(__ops_stream_t *, int);
-void __ops_reader_set_mmap(__ops_stream_t *, int);
-void __ops_reader_set_memory(__ops_stream_t *, const void *, size_t);
-
-/* Do a sum mod 65536 of all bytes read (as needed for secret keys) */
-void __ops_reader_push_sum16(__ops_stream_t *);
-uint16_t __ops_reader_pop_sum16(__ops_stream_t *);
-
-void __ops_reader_push_se_ip_data(__ops_stream_t *, __ops_crypt_t *,
- __ops_region_t *);
-void __ops_reader_pop_se_ip_data(__ops_stream_t *);
-
-/* */
-unsigned __ops_write_mdc(__ops_output_t *, const uint8_t *);
-unsigned __ops_write_se_ip_pktset(__ops_output_t *, const uint8_t *,
- const unsigned,
- __ops_crypt_t *);
-void __ops_push_enc_crypt(__ops_output_t *, __ops_crypt_t *);
-int __ops_push_enc_se_ip(__ops_output_t *, const __ops_key_t *, const char *, int);
-
-/* Secret Key checksum */
-void __ops_push_checksum_writer(__ops_output_t *, __ops_seckey_t *);
-unsigned __ops_pop_skey_checksum_writer(__ops_output_t *);
-
-
-/* memory writing */
-void __ops_setup_memory_write(__ops_output_t **, __ops_memory_t **, size_t);
-void __ops_teardown_memory_write(__ops_output_t *, __ops_memory_t *);
-
-/* memory reading */
-void __ops_setup_memory_read(__ops_io_t *,
- __ops_stream_t **,
- __ops_memory_t *,
- void *,
- __ops_cb_ret_t callback(const __ops_packet_t *,
- __ops_cbdata_t *),
- unsigned);
-void __ops_teardown_memory_read(__ops_stream_t *, __ops_memory_t *);
-
-/* file writing */
-int __ops_setup_file_write(__ops_output_t **, const char *, unsigned);
-void __ops_teardown_file_write(__ops_output_t *, int);
-
-/* file appending */
-int __ops_setup_file_append(__ops_output_t **, const char *);
-void __ops_teardown_file_append(__ops_output_t *, int);
-
-/* file reading */
-int __ops_setup_file_read(__ops_io_t *,
- __ops_stream_t **,
- const char *,
- void *,
- __ops_cb_ret_t callback(const __ops_packet_t *,
- __ops_cbdata_t *),
- unsigned);
-void __ops_teardown_file_read(__ops_stream_t *, int);
-
-unsigned __ops_reader_set_accumulate(__ops_stream_t *, unsigned);
-
-/* useful callbacks */
-__ops_cb_ret_t __ops_litdata_cb(const __ops_packet_t *, __ops_cbdata_t *);
-__ops_cb_ret_t __ops_pk_sesskey_cb(const __ops_packet_t *, __ops_cbdata_t *);
-__ops_cb_ret_t __ops_get_seckey_cb(const __ops_packet_t *, __ops_cbdata_t *);
-
-int __ops_getpassphrase(void *, char *, size_t);
-
-#endif /* READERWRITER_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/signature.c b/enzevalos_iphone/netpgp/lib/signature.c
deleted file mode 100644
index bb8029a7..00000000
--- a/enzevalos_iphone/netpgp/lib/signature.c
+++ /dev/null
@@ -1,1272 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-#if defined(__NetBSD__)
-__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: signature.c,v 1.32 2010/08/15 16:36:24 agc Exp $");
-#endif
-
-#include <sys/types.h>
-#include <sys/param.h>
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#include <string.h>
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_OPENSSL_DSA_H
-#include <openssl/dsa.h>
-#endif
-
-#include "signature.h"
-#include "crypto.h"
-#include "create.h"
-#include "netpgpsdk.h"
-#include "readerwriter.h"
-#include "validate.h"
-#include "netpgpdefs.h"
-#include "netpgpdigest.h"
-
-
-/** \ingroup Core_Create
- * needed for signature creation
- */
-struct __ops_create_sig_t {
- __ops_hash_t hash;
- __ops_sig_t sig;
- __ops_memory_t *mem;
- __ops_output_t *output; /* how to do the writing */
- unsigned hashoff; /* hashed count offset */
- unsigned hashlen;
- unsigned unhashoff;
-};
-
-/**
- \ingroup Core_Signature
- Creates new __ops_create_sig_t
- \return new __ops_create_sig_t
- \note It is the caller's responsibility to call __ops_create_sig_delete()
- \sa __ops_create_sig_delete()
-*/
-__ops_create_sig_t *
-__ops_create_sig_new(void)
-{
- return calloc(1, sizeof(__ops_create_sig_t));
-}
-
-/**
- \ingroup Core_Signature
- Free signature and memory associated with it
- \param sig struct to free
- \sa __ops_create_sig_new()
-*/
-void
-__ops_create_sig_delete(__ops_create_sig_t *sig)
-{
- __ops_output_delete(sig->output);
- sig->output = NULL;
- free(sig);
-}
-
-#if 0
-void
-__ops_dump_sig(__ops_sig_t *sig)
-{
-}
-#endif
-
-static uint8_t prefix_md5[] = {
- 0x30, 0x20, 0x30, 0x0C, 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86,
- 0xF7, 0x0D, 0x02, 0x05, 0x05, 0x00, 0x04, 0x10
-};
-
-static uint8_t prefix_sha1[] = {
- 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0E, 0x03, 0x02,
- 0x1A, 0x05, 0x00, 0x04, 0x14
-};
-
-static uint8_t prefix_sha256[] = {
- 0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
- 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20
-};
-
-
-/* XXX: both this and verify would be clearer if the signature were */
-/* treated as an MPI. */
-static int
-rsa_sign(__ops_hash_t *hash,
- const __ops_rsa_pubkey_t *pubrsa,
- const __ops_rsa_seckey_t *secrsa,
- __ops_output_t *out)
-{
- unsigned prefixsize;
- unsigned expected;
- unsigned hashsize;
- unsigned keysize;
- unsigned n;
- unsigned t;
- uint8_t hashbuf[NETPGP_BUFSIZ];
- uint8_t sigbuf[NETPGP_BUFSIZ];
- uint8_t *prefix;
- BIGNUM *bn;
-
- if (strcmp(hash->name, "SHA1") == 0) {
- hashsize = OPS_SHA1_HASH_SIZE + sizeof(prefix_sha1);
- prefix = prefix_sha1;
- prefixsize = sizeof(prefix_sha1);
- expected = OPS_SHA1_HASH_SIZE;
- } else {
- hashsize = OPS_SHA256_HASH_SIZE + sizeof(prefix_sha256);
- prefix = prefix_sha256;
- prefixsize = sizeof(prefix_sha256);
- expected = OPS_SHA256_HASH_SIZE;
- }
- keysize = (BN_num_bits(pubrsa->n) + 7) / 8;
- if (keysize > sizeof(hashbuf)) {
- (void) fprintf(stderr, "rsa_sign: keysize too big\n");
- return 0;
- }
- if (10 + hashsize > keysize) {
- (void) fprintf(stderr, "rsa_sign: hashsize too big\n");
- return 0;
- }
-
- hashbuf[0] = 0;
- hashbuf[1] = 1;
- if (__ops_get_debug_level(__FILE__)) {
- printf("rsa_sign: PS is %d\n", keysize - hashsize - 1 - 2);
- }
- for (n = 2; n < keysize - hashsize - 1; ++n) {
- hashbuf[n] = 0xff;
- }
- hashbuf[n++] = 0;
-
- (void) memcpy(&hashbuf[n], prefix, prefixsize);
- n += prefixsize;
- if ((t = hash->finish(hash, &hashbuf[n])) != expected) {
- (void) fprintf(stderr, "rsa_sign: short %s hash\n", hash->name);
- return 0;
- }
-
- __ops_write(out, &hashbuf[n], 2);
-
- n += t;
- if (n != keysize) {
- (void) fprintf(stderr, "rsa_sign: n != keysize\n");
- return 0;
- }
-
- t = __ops_rsa_private_encrypt(sigbuf, hashbuf, keysize, secrsa, pubrsa);
- bn = BN_bin2bn(sigbuf, (int)t, NULL);
- __ops_write_mpi(out, bn);
- BN_free(bn);
- return 1;
-}
-
-static int
-dsa_sign(__ops_hash_t *hash,
- const __ops_dsa_pubkey_t *dsa,
- const __ops_dsa_seckey_t *sdsa,
- __ops_output_t *output)
-{
- unsigned hashsize;
- unsigned t;
- uint8_t hashbuf[NETPGP_BUFSIZ];
- DSA_SIG *dsasig;
-
- /* hashsize must be "equal in size to the number of bits of q, */
- /* the group generated by the DSA key's generator value */
- /* 160/8 = 20 */
-
- hashsize = 20;
-
- /* finalise hash */
- t = hash->finish(hash, &hashbuf[0]);
- if (t != 20) {
- (void) fprintf(stderr, "dsa_sign: hashfinish not 20\n");
- return 0;
- }
-
- __ops_write(output, &hashbuf[0], 2);
-
- /* write signature to buf */
- dsasig = __ops_dsa_sign(hashbuf, hashsize, sdsa, dsa);
-
- /* convert and write the sig out to memory */
- __ops_write_mpi(output, dsasig->r);
- __ops_write_mpi(output, dsasig->s);
- DSA_SIG_free(dsasig);
- return 1;
-}
-
-static unsigned
-rsa_verify(__ops_hash_alg_t type,
- const uint8_t *hash,
- size_t hash_length,
- const __ops_rsa_sig_t *sig,
- const __ops_rsa_pubkey_t *pubrsa)
-{
- const uint8_t *prefix;
- unsigned n;
- unsigned keysize;
- unsigned plen;
- unsigned debug_len_decrypted;
- uint8_t sigbuf[NETPGP_BUFSIZ];
- uint8_t hashbuf_from_sig[NETPGP_BUFSIZ];
-
- plen = 0;
- prefix = (const uint8_t *) "";
- keysize = BN_num_bytes(pubrsa->n);
- /* RSA key can't be bigger than 65535 bits, so... */
- if (keysize > sizeof(hashbuf_from_sig)) {
- (void) fprintf(stderr, "rsa_verify: keysize too big\n");
- return 0;
- }
- if ((unsigned) BN_num_bits(sig->sig) > 8 * sizeof(sigbuf)) {
- (void) fprintf(stderr, "rsa_verify: BN_numbits too big\n");
- return 0;
- }
- BN_bn2bin(sig->sig, sigbuf);
-
- n = __ops_rsa_public_decrypt(hashbuf_from_sig, sigbuf,
- (unsigned)(BN_num_bits(sig->sig) + 7) / 8, pubrsa);
- debug_len_decrypted = n;
-
- if (n != keysize) {
- /* obviously, this includes error returns */
- return 0;
- }
-
- /* XXX: why is there a leading 0? The first byte should be 1... */
- /* XXX: because the decrypt should use keysize and not sigsize? */
- if (hashbuf_from_sig[0] != 0 || hashbuf_from_sig[1] != 1) {
- return 0;
- }
-
- switch (type) {
- case OPS_HASH_MD5:
- prefix = prefix_md5;
- plen = sizeof(prefix_md5);
- break;
- case OPS_HASH_SHA1:
- prefix = prefix_sha1;
- plen = sizeof(prefix_sha1);
- break;
- case OPS_HASH_SHA256:
- prefix = prefix_sha256;
- plen = sizeof(prefix_sha256);
- break;
- default:
- (void) fprintf(stderr, "Unknown hash algorithm: %d\n", type);
- return 0;
- }
-
- if (keysize - plen - hash_length < 10) {
- return 0;
- }
-
- for (n = 2; n < keysize - plen - hash_length - 1; ++n) {
- if (hashbuf_from_sig[n] != 0xff) {
- return 0;
- }
- }
-
- if (hashbuf_from_sig[n++] != 0) {
- return 0;
- }
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "sig hashbuf", hashbuf_from_sig, debug_len_decrypted);
- hexdump(stderr, "prefix", prefix, plen);
- hexdump(stderr, "sig hash", &hashbuf_from_sig[n + plen], hash_length);
- hexdump(stderr, "input hash", hash, hash_length);
- }
- return (memcmp(&hashbuf_from_sig[n], prefix, plen) == 0 &&
- memcmp(&hashbuf_from_sig[n + plen], hash, hash_length) == 0);
-}
-
-static void
-hash_add_key(__ops_hash_t *hash, const __ops_pubkey_t *key)
-{
- __ops_memory_t *mem = __ops_memory_new();
- const unsigned dontmakepacket = 0;
- size_t len;
-
- __ops_build_pubkey(mem, key, dontmakepacket);
- len = __ops_mem_len(mem);
- __ops_hash_add_int(hash, 0x99, 1);
- __ops_hash_add_int(hash, (unsigned)len, 2);
- hash->add(hash, __ops_mem_data(mem), (unsigned)len);
- __ops_memory_free(mem);
-}
-
-static void
-initialise_hash(__ops_hash_t *hash, const __ops_sig_t *sig)
-{
- __ops_hash_any(hash, sig->info.hash_alg);
- if (!hash->init(hash)) {
- (void) fprintf(stderr,
- "initialise_hash: bad hash init\n");
- /* just continue and die */
- /* XXX - agc - no way to return failure */
- }
-}
-
-static void
-init_key_sig(__ops_hash_t *hash, const __ops_sig_t *sig,
- const __ops_pubkey_t *key)
-{
- initialise_hash(hash, sig);
- hash_add_key(hash, key);
-}
-
-static void
-hash_add_trailer(__ops_hash_t *hash, const __ops_sig_t *sig,
- const uint8_t *raw_packet)
-{
- if (sig->info.version == OPS_V4) {
- if (raw_packet) {
- hash->add(hash, raw_packet + sig->v4_hashstart,
- (unsigned)sig->info.v4_hashlen);
- }
- __ops_hash_add_int(hash, (unsigned)sig->info.version, 1);
- __ops_hash_add_int(hash, 0xff, 1);
- __ops_hash_add_int(hash, (unsigned)sig->info.v4_hashlen, 4);
- } else {
- __ops_hash_add_int(hash, (unsigned)sig->info.type, 1);
- __ops_hash_add_int(hash, (unsigned)sig->info.birthtime, 4);
- }
-}
-
-/**
- \ingroup Core_Signature
- \brief Checks a signature
- \param hash Signature Hash to be checked
- \param length Signature Length
- \param sig The Signature to be checked
- \param signer The signer's public key
- \return 1 if good; else 0
-*/
-unsigned
-__ops_check_sig(const uint8_t *hash, unsigned length,
- const __ops_sig_t * sig,
- const __ops_pubkey_t * signer)
-{
- unsigned ret;
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stdout, "hash", hash, length);
- }
- ret = 0;
- switch (sig->info.key_alg) {
- case OPS_PKA_DSA:
- ret = __ops_dsa_verify(hash, length, &sig->info.sig.dsa,
- &signer->key.dsa);
- break;
-
- case OPS_PKA_RSA:
- ret = rsa_verify(sig->info.hash_alg, hash, length,
- &sig->info.sig.rsa,
- &signer->key.rsa);
- break;
-
- default:
- (void) fprintf(stderr, "__ops_check_sig: unusual alg\n");
- ret = 0;
- }
-
- return ret;
-}
-
-static unsigned
-hash_and_check_sig(__ops_hash_t *hash,
- const __ops_sig_t *sig,
- const __ops_pubkey_t *signer)
-{
- uint8_t hashout[OPS_MAX_HASH_SIZE];
- unsigned n;
-
- n = hash->finish(hash, hashout);
- return __ops_check_sig(hashout, n, sig, signer);
-}
-
-static unsigned
-finalise_sig(__ops_hash_t *hash,
- const __ops_sig_t *sig,
- const __ops_pubkey_t *signer,
- const uint8_t *raw_packet)
-{
- hash_add_trailer(hash, sig, raw_packet);
- return hash_and_check_sig(hash, sig, signer);
-}
-
-/**
- * \ingroup Core_Signature
- *
- * \brief Verify a certification signature.
- *
- * \param key The public key that was signed.
- * \param id The user ID that was signed
- * \param sig The signature.
- * \param signer The public key of the signer.
- * \param raw_packet The raw signature packet.
- * \return 1 if OK; else 0
- */
-unsigned
-__ops_check_useridcert_sig(const __ops_pubkey_t *key,
- const uint8_t *id,
- const __ops_sig_t *sig,
- const __ops_pubkey_t *signer,
- const uint8_t *raw_packet)
-{
- __ops_hash_t hash;
- size_t userid_len;
-
- userid_len = strlen((const char *) id);
- init_key_sig(&hash, sig, key);
- if (sig->info.version == OPS_V4) {
- __ops_hash_add_int(&hash, 0xb4, 1);
- __ops_hash_add_int(&hash, (unsigned)userid_len, 4);
- }
- hash.add(&hash, id, (unsigned)userid_len);
- return finalise_sig(&hash, sig, signer, raw_packet);
-}
-
-/**
- * \ingroup Core_Signature
- *
- * Verify a certification signature.
- *
- * \param key The public key that was signed.
- * \param attribute The user attribute that was signed
- * \param sig The signature.
- * \param signer The public key of the signer.
- * \param raw_packet The raw signature packet.
- * \return 1 if OK; else 0
- */
-unsigned
-__ops_check_userattrcert_sig(const __ops_pubkey_t *key,
- const __ops_data_t *attribute,
- const __ops_sig_t *sig,
- const __ops_pubkey_t *signer,
- const uint8_t *raw_packet)
-{
- __ops_hash_t hash;
-
- init_key_sig(&hash, sig, key);
- if (sig->info.version == OPS_V4) {
- __ops_hash_add_int(&hash, 0xd1, 1);
- __ops_hash_add_int(&hash, (unsigned)attribute->len, 4);
- }
- hash.add(&hash, attribute->contents, (unsigned)attribute->len);
- return finalise_sig(&hash, sig, signer, raw_packet);
-}
-
-/**
- * \ingroup Core_Signature
- *
- * Verify a subkey signature.
- *
- * \param key The public key whose subkey was signed.
- * \param subkey The subkey of the public key that was signed.
- * \param sig The signature.
- * \param signer The public key of the signer.
- * \param raw_packet The raw signature packet.
- * \return 1 if OK; else 0
- */
-unsigned
-__ops_check_subkey_sig(const __ops_pubkey_t *key,
- const __ops_pubkey_t *subkey,
- const __ops_sig_t *sig,
- const __ops_pubkey_t *signer,
- const uint8_t *raw_packet)
-{
- __ops_hash_t hash;
- unsigned ret;
-
- init_key_sig(&hash, sig, key);
- hash_add_key(&hash, subkey);
- ret = finalise_sig(&hash, sig, signer, raw_packet);
- return ret;
-}
-
-/**
- * \ingroup Core_Signature
- *
- * Verify a direct signature.
- *
- * \param key The public key which was signed.
- * \param sig The signature.
- * \param signer The public key of the signer.
- * \param raw_packet The raw signature packet.
- * \return 1 if OK; else 0
- */
-unsigned
-__ops_check_direct_sig(const __ops_pubkey_t *key,
- const __ops_sig_t *sig,
- const __ops_pubkey_t *signer,
- const uint8_t *raw_packet)
-{
- __ops_hash_t hash;
- unsigned ret;
-
- init_key_sig(&hash, sig, key);
- ret = finalise_sig(&hash, sig, signer, raw_packet);
- return ret;
-}
-
-/**
- * \ingroup Core_Signature
- *
- * Verify a signature on a hash (the hash will have already been fed
- * the material that was being signed, for example signed cleartext).
- *
- * \param hash A hash structure of appropriate type that has been fed
- * the material to be signed. This MUST NOT have been finalised.
- * \param sig The signature to be verified.
- * \param signer The public key of the signer.
- * \return 1 if OK; else 0
- */
-unsigned
-__ops_check_hash_sig(__ops_hash_t *hash,
- const __ops_sig_t *sig,
- const __ops_pubkey_t *signer)
-{
- return (sig->info.hash_alg == hash->alg) ?
- finalise_sig(hash, sig, signer, NULL) :
- 0;
-}
-
-static void
-start_sig_in_mem(__ops_create_sig_t *sig)
-{
- /* since this has subpackets and stuff, we have to buffer the whole */
- /* thing to get counts before writing. */
- sig->mem = __ops_memory_new();
- __ops_memory_init(sig->mem, 100);
- __ops_writer_set_memory(sig->output, sig->mem);
-
- /* write nearly up to the first subpacket */
- __ops_write_scalar(sig->output, (unsigned)sig->sig.info.version, 1);
- __ops_write_scalar(sig->output, (unsigned)sig->sig.info.type, 1);
- __ops_write_scalar(sig->output, (unsigned)sig->sig.info.key_alg, 1);
- __ops_write_scalar(sig->output, (unsigned)sig->sig.info.hash_alg, 1);
-
- /* dummy hashed subpacket count */
- sig->hashoff = (unsigned)__ops_mem_len(sig->mem);
- __ops_write_scalar(sig->output, 0, 2);
-}
-
-/**
- * \ingroup Core_Signature
- *
- * __ops_sig_start() creates a V4 public key signature with a SHA1 hash.
- *
- * \param sig The signature structure to initialise
- * \param key The public key to be signed
- * \param id The user ID being bound to the key
- * \param type Signature type
- */
-void
-__ops_sig_start_key_sig(__ops_create_sig_t *sig,
- const __ops_pubkey_t *key,
- const uint8_t *id,
- __ops_sig_type_t type)
-{
- sig->output = __ops_output_new();
-
- /* XXX: refactor with check (in several ways - check should
- * probably use the buffered writer to construct packets
- * (done), and also should share code for hash calculation) */
- sig->sig.info.version = OPS_V4;
- sig->sig.info.hash_alg = OPS_HASH_SHA1;
- sig->sig.info.key_alg = key->alg;
- sig->sig.info.type = type;
- sig->hashlen = (unsigned)-1;
- init_key_sig(&sig->hash, &sig->sig, key);
- __ops_hash_add_int(&sig->hash, 0xb4, 1);
- __ops_hash_add_int(&sig->hash, (unsigned)strlen((const char *) id), 4);
- sig->hash.add(&sig->hash, id, (unsigned)strlen((const char *) id));
- start_sig_in_mem(sig);
-}
-
-/**
- * \ingroup Core_Signature
- *
- * Create a V4 public key signature over some cleartext.
- *
- * \param sig The signature structure to initialise
- * \param id
- * \param type
- * \todo Expand description. Allow other hashes.
- */
-
-void
-__ops_start_sig(__ops_create_sig_t *sig,
- const __ops_seckey_t *key,
- const __ops_hash_alg_t hash,
- const __ops_sig_type_t type)
-{
- sig->output = __ops_output_new();
-
- /* XXX: refactor with check (in several ways - check should
- * probably use the buffered writer to construct packets
- * (done), and also should share code for hash calculation) */
- sig->sig.info.version = OPS_V4;
- sig->sig.info.key_alg = key->pubkey.alg;
- sig->sig.info.hash_alg = hash;
- sig->sig.info.type = type;
-
- sig->hashlen = (unsigned)-1;
-
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(stderr, "initialising hash for sig in mem\n");
- }
- initialise_hash(&sig->hash, &sig->sig);
- start_sig_in_mem(sig);
-}
-
-/**
- * \ingroup Core_Signature
- *
- * Add plaintext data to a signature-to-be.
- *
- * \param sig The signature-to-be.
- * \param buf The plaintext data.
- * \param length The amount of plaintext data.
- */
-void
-__ops_sig_add_data(__ops_create_sig_t *sig, const void *buf, size_t length)
-{
- sig->hash.add(&sig->hash, buf, (unsigned)length);
-}
-
-/**
- * \ingroup Core_Signature
- *
- * Mark the end of the hashed subpackets in the signature
- *
- * \param sig
- */
-
-unsigned
-__ops_end_hashed_subpkts(__ops_create_sig_t *sig)
-{
- sig->hashlen = (unsigned)(__ops_mem_len(sig->mem) - sig->hashoff - 2);
- __ops_memory_place_int(sig->mem, sig->hashoff, sig->hashlen, 2);
- /* dummy unhashed subpacket count */
- sig->unhashoff = (unsigned)__ops_mem_len(sig->mem);
- return __ops_write_scalar(sig->output, 0, 2);
-}
-
-/**
- * \ingroup Core_Signature
- *
- * Write out a signature
- *
- * \param sig
- * \param key
- * \param seckey
- * \param info
- *
- */
-
-unsigned
-__ops_write_sig(__ops_output_t *output,
- __ops_create_sig_t *sig,
- const __ops_pubkey_t *key,
- const __ops_seckey_t *seckey)
-{
- unsigned ret = 0;
- size_t len = __ops_mem_len(sig->mem);
-
- /* check key not decrypted */
- switch (seckey->pubkey.alg) {
- case OPS_PKA_RSA:
- case OPS_PKA_RSA_ENCRYPT_ONLY:
- case OPS_PKA_RSA_SIGN_ONLY:
- if (seckey->key.rsa.d == NULL) {
- (void) fprintf(stderr, "__ops_write_sig: null rsa.d\n");
- return 0;
- }
- break;
-
- case OPS_PKA_DSA:
- if (seckey->key.dsa.x == NULL) {
- (void) fprintf(stderr, "__ops_write_sig: null dsa.x\n");
- return 0;
- }
- break;
-
- default:
- (void) fprintf(stderr, "Unsupported algorithm %d\n",
- seckey->pubkey.alg);
- return 0;
- }
-
- if (sig->hashlen == (unsigned) -1) {
- (void) fprintf(stderr,
- "ops_write_sig: bad hashed data len\n");
- return 0;
- }
-
- __ops_memory_place_int(sig->mem, sig->unhashoff,
- (unsigned)(len - sig->unhashoff - 2), 2);
-
- /* add the packet from version number to end of hashed subpackets */
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr, "ops_write_sig: hashed packet info\n");
- }
- sig->hash.add(&sig->hash, __ops_mem_data(sig->mem), sig->unhashoff);
-
- /* add final trailer */
- __ops_hash_add_int(&sig->hash, (unsigned)sig->sig.info.version, 1);
- __ops_hash_add_int(&sig->hash, 0xff, 1);
- /* +6 for version, type, pk alg, hash alg, hashed subpacket length */
- __ops_hash_add_int(&sig->hash, sig->hashlen + 6, 4);
-
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr, "ops_write_sig: done writing hashed\n");
- }
- /* XXX: technically, we could figure out how big the signature is */
- /* and write it directly to the output instead of via memory. */
- switch (seckey->pubkey.alg) {
- case OPS_PKA_RSA:
- case OPS_PKA_RSA_ENCRYPT_ONLY:
- case OPS_PKA_RSA_SIGN_ONLY:
- if (!rsa_sign(&sig->hash, &key->key.rsa, &seckey->key.rsa,
- sig->output)) {
- (void) fprintf(stderr,
- "__ops_write_sig: rsa_sign failure\n");
- return 0;
- }
- break;
-
- case OPS_PKA_DSA:
- if (!dsa_sign(&sig->hash, &key->key.dsa, &seckey->key.dsa,
- sig->output)) {
- (void) fprintf(stderr,
- "__ops_write_sig: dsa_sign failure\n");
- return 0;
- }
- break;
-
- default:
- (void) fprintf(stderr, "Unsupported algorithm %d\n",
- seckey->pubkey.alg);
- return 0;
- }
-
- ret = __ops_write_ptag(output, OPS_PTAG_CT_SIGNATURE);
- if (ret) {
- len = __ops_mem_len(sig->mem);
- ret = __ops_write_length(output, (unsigned)len) &&
- __ops_write(output, __ops_mem_data(sig->mem), (unsigned)len);
- }
- __ops_memory_free(sig->mem);
-
- if (ret == 0) {
- OPS_ERROR(&output->errors, OPS_E_W, "Cannot write signature");
- }
- return ret;
-}
-
-/* add a time stamp to the output */
-unsigned
-__ops_add_time(__ops_create_sig_t *sig, int64_t when, const char *type)
-{
- __ops_content_enum tag;
-
- tag = (strcmp(type, "birth") == 0) ?
- OPS_PTAG_SS_CREATION_TIME : OPS_PTAG_SS_EXPIRATION_TIME;
- /* just do 32-bit timestamps for just now - it's in the protocol */
- return __ops_write_ss_header(sig->output, 5, tag) &&
- __ops_write_scalar(sig->output, (uint32_t)when, (unsigned)sizeof(uint32_t));
-}
-
-/* add key flags to the output by Oliver */
-unsigned
-__ops_add_key_flags(__ops_create_sig_t *sig, uint8_t flags)
-{
-
- __ops_content_enum tag;
-
- tag = OPS_PTAG_SS_KEY_FLAGS;
-
- return __ops_write_ss_header(sig->output, 2, tag) &&
- __ops_write_scalar(sig->output, (unsigned int) flags, 1);
-
-}
-
-/**
- * \ingroup Core_Signature
- *
- * Adds issuer's key ID to the signature
- *
- * \param sig
- * \param keyid
- */
-
-unsigned
-__ops_add_issuer_keyid(__ops_create_sig_t *sig,
- const uint8_t keyid[OPS_KEY_ID_SIZE])
-{
- return __ops_write_ss_header(sig->output, OPS_KEY_ID_SIZE + 1,
- OPS_PTAG_SS_ISSUER_KEY_ID) &&
- __ops_write(sig->output, keyid, OPS_KEY_ID_SIZE);
-}
-
-/**
- * \ingroup Core_Signature
- *
- * Adds primary user ID to the signature
- *
- * \param sig
- * \param primary
- */
-void
-__ops_add_primary_userid(__ops_create_sig_t *sig, unsigned primary)
-{
- __ops_write_ss_header(sig->output, 2, OPS_PTAG_SS_PRIMARY_USER_ID);
- __ops_write_scalar(sig->output, primary, 1);
-}
-
-/**
- * \ingroup Core_Signature
- *
- * Get the hash structure in use for the signature.
- *
- * \param sig The signature structure.
- * \return The hash structure.
- */
-__ops_hash_t *
-__ops_sig_get_hash(__ops_create_sig_t *sig)
-{
- return &sig->hash;
-}
-
-/* open up an output file */
-static int
-open_output_file(__ops_output_t **output,
- const char *inname,
- const char *outname,
- const char *suffix,
- const unsigned overwrite)
-{
- int fd;
-
- /* setup output file */
- if (outname) {
- fd = __ops_setup_file_write(output, outname, overwrite);
- } else {
- unsigned flen = (unsigned)(strlen(inname) + 4 + 1);
- char *f = NULL;
-
- if ((f = calloc(1, flen)) == NULL) {
- (void) fprintf(stderr, "open_output_file: bad alloc\n");
- fd = -1;
- } else {
- (void) snprintf(f, flen, "%s.%s", inname, suffix);
- fd = __ops_setup_file_write(output, f, overwrite);
- free(f);
- }
- }
- return fd;
-}
-
-/**
-\ingroup HighLevel_Sign
-\brief Sign a file
-\param inname Input filename
-\param outname Output filename. If NULL, a name is constructed from the input filename.
-\param seckey Secret Key to use for signing
-\param armored Write armoured text, if set.
-\param overwrite May overwrite existing file, if set.
-\return 1 if OK; else 0;
-
-*/
-unsigned
-__ops_sign_file(__ops_io_t *io,
- const char *inname,
- const char *outname,
- const __ops_seckey_t *seckey,
- const char *hashname,
- const int64_t from,
- const uint64_t duration,
- const unsigned armored,
- const unsigned cleartext,
- const unsigned overwrite)
-{
- __ops_create_sig_t *sig;
- __ops_sig_type_t sig_type;
- __ops_hash_alg_t hash_alg;
- __ops_memory_t *infile;
- __ops_output_t *output;
- __ops_hash_t *hash;
- unsigned ret;
- uint8_t keyid[OPS_KEY_ID_SIZE];
- int fd_out;
-
- sig = NULL;
- sig_type = OPS_SIG_BINARY;
- infile = NULL;
- output = NULL;
- hash = NULL;
- fd_out = 0;
-
- /* find the hash algorithm */
- hash_alg = __ops_str_to_hash_alg(hashname);
- if (hash_alg == OPS_HASH_UNKNOWN) {
- (void) fprintf(io->errs,
- "__ops_sign_file: unknown hash algorithm: \"%s\"\n",
- hashname);
- return 0;
- }
-
- /* read input file into buf */
- infile = __ops_memory_new();
- if (!__ops_mem_readfile(infile, inname)) {
- return 0;
- }
-
- /* setup output file */
- fd_out = open_output_file(&output, inname, outname,
- (armored) ? "asc" : "gpg", overwrite);
- if (fd_out < 0) {
- __ops_memory_free(infile);
- return 0;
- }
-
- /* set up signature */
- sig = __ops_create_sig_new();
- if (!sig) {
- __ops_memory_free(infile);
- __ops_teardown_file_write(output, fd_out);
- return 0;
- }
-
- __ops_start_sig(sig, seckey, hash_alg, sig_type);
-
- if (cleartext) {
- if (__ops_writer_push_clearsigned(output, sig) != 1) {
- return 0;
- }
-
- /* Do the signing */
- __ops_write(output, __ops_mem_data(infile), (unsigned)__ops_mem_len(infile));
- __ops_memory_free(infile);
-
- /* add signature with subpackets: */
- /* - creation time */
- /* - key id */
- ret = __ops_writer_use_armored_sig(output) &&
- __ops_add_time(sig, (int64_t)from, "birth") &&
- __ops_add_time(sig, (int64_t)duration, "expiration");
- if (ret == 0) {
- __ops_teardown_file_write(output, fd_out);
- return 0;
- }
-
- __ops_keyid(keyid, OPS_KEY_ID_SIZE, &seckey->pubkey, hash_alg);
- ret = __ops_add_issuer_keyid(sig, keyid) &&
- __ops_end_hashed_subpkts(sig) &&
- __ops_write_sig(output, sig, &seckey->pubkey, seckey);
-
- __ops_teardown_file_write(output, fd_out);
-
- if (ret == 0) {
- OPS_ERROR(&output->errors, OPS_E_W,
- "Cannot sign file as cleartext");
- }
- } else {
- /* set armoured/not armoured here */
- if (armored) {
- __ops_writer_push_armor_msg(output);
- }
-
- /* write one_pass_sig */
- __ops_write_one_pass_sig(output, seckey, hash_alg, sig_type);
-
- /* hash file contents */
- hash = __ops_sig_get_hash(sig);
- hash->add(hash, __ops_mem_data(infile), (unsigned)__ops_mem_len(infile));
-
-#if 1
- /* output file contents as Literal Data packet */
- __ops_write_litdata(output, __ops_mem_data(infile),
- (const int)__ops_mem_len(infile),
- OPS_LDT_BINARY);
-#else
- /* XXX - agc - sync with writer.c 1094 for ops_writez */
- __ops_setup_memory_write(&litoutput, &litmem, bufsz);
- __ops_setup_memory_write(&zoutput, &zmem, bufsz);
- __ops_write_litdata(litoutput,
- __ops_mem_data(__ops_mem_data(infile),
- (const int)__ops_mem_len(infile), OPS_LDT_BINARY);
- __ops_writez(zoutput, __ops_mem_data(litmem), __ops_mem_len(litmem));
-#endif
-
- /* add creation time to signature */
- __ops_add_time(sig, (int64_t)from, "birth");
- __ops_add_time(sig, (int64_t)duration, "expiration");
- /* add key id to signature */
- __ops_keyid(keyid, OPS_KEY_ID_SIZE, &seckey->pubkey, hash_alg);
- __ops_add_issuer_keyid(sig, keyid);
- __ops_end_hashed_subpkts(sig);
- __ops_write_sig(output, sig, &seckey->pubkey, seckey);
-
- /* tidy up */
- __ops_teardown_file_write(output, fd_out);
-
- __ops_create_sig_delete(sig);
- __ops_memory_free(infile);
-
- ret = 1;
- }
-
- return ret;
-}
-
-/**
-\ingroup HighLevel_Sign
-\brief Signs a buffer
-\param input Input text to be signed
-\param input_len Length of input text
-\param sig_type Signature type
-\param seckey Secret Key
-\param armored Write armoured text, if set
-\return New __ops_memory_t struct containing signed text
-\note It is the caller's responsibility to call __ops_memory_free(me)
-
-*/
-__ops_memory_t *
-__ops_sign_buf(__ops_io_t *io,
- const void *input,
- const size_t insize,
- const __ops_seckey_t *seckey,
- const int64_t from,
- const uint64_t duration,
- const char *hashname,
- const unsigned armored,
- const unsigned cleartext)
-{
- __ops_litdata_enum ld_type;
- __ops_create_sig_t *sig;
- __ops_sig_type_t sig_type;
- __ops_hash_alg_t hash_alg;
- __ops_output_t *output;
- __ops_memory_t *mem;
- uint8_t keyid[OPS_KEY_ID_SIZE];
- __ops_hash_t *hash;
- unsigned ret;
-
- sig = NULL;
- sig_type = OPS_SIG_BINARY;
- output = NULL;
- mem = __ops_memory_new();
- hash = NULL;
- ret = 0;
-
- hash_alg = __ops_str_to_hash_alg(hashname);
- if (hash_alg == OPS_HASH_UNKNOWN) {
- (void) fprintf(io->errs,
- "__ops_sign_buf: unknown hash algorithm: \"%s\"\n",
- hashname);
- return NULL;
- }
-
- /* setup literal data packet type */
- ld_type = (cleartext) ? OPS_LDT_TEXT : OPS_LDT_BINARY;
-
- if (input == NULL) {
- (void) fprintf(io->errs,
- "__ops_sign_buf: null input\n");
- return NULL;
- }
-
- /* set up signature */
- if ((sig = __ops_create_sig_new()) == NULL) {
- return NULL;
- }
- __ops_start_sig(sig, seckey, hash_alg, sig_type);
-
- /* setup writer */
- __ops_setup_memory_write(&output, &mem, insize);
-
- if (cleartext) {
- /* Do the signing */
- /* add signature with subpackets: */
- /* - creation time */
- /* - key id */
- ret = __ops_writer_push_clearsigned(output, sig) &&
- __ops_write(output, input, (unsigned)insize) &&
- __ops_writer_use_armored_sig(output) &&
- __ops_add_time(sig, from, "birth") &&
- __ops_add_time(sig, (int64_t)duration, "expiration");
- if (ret == 0) {
- return NULL;
- }
- __ops_output_delete(output);
- } else {
- /* set armoured/not armoured here */
- if (armored) {
- __ops_writer_push_armor_msg(output);
- }
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(io->errs, "** Writing out one pass sig\n");
- }
- /* write one_pass_sig */
- __ops_write_one_pass_sig(output, seckey, hash_alg, sig_type);
-
- /* hash memory */
- hash = __ops_sig_get_hash(sig);
- hash->add(hash, input, (unsigned)insize);
-
- /* output file contents as Literal Data packet */
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr, "** Writing out data now\n");
- }
- __ops_write_litdata(output, input, (const int)insize, ld_type);
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(stderr, "** After Writing out data now\n");
- }
-
- /* add creation time to signature */
- __ops_add_time(sig, from, "birth");
- __ops_add_time(sig, (int64_t)duration, "expiration");
- /* add key id to signature */
- __ops_keyid(keyid, OPS_KEY_ID_SIZE, &seckey->pubkey, hash_alg);
- __ops_add_issuer_keyid(sig, keyid);
- __ops_end_hashed_subpkts(sig);
-
- /* write out sig */
- __ops_write_sig(output, sig, &seckey->pubkey, seckey);
-
- /* tidy up */
- __ops_writer_close(output);
- __ops_create_sig_delete(sig);
- }
- return mem;
-}
-
-/* sign a file, and put the signature in a separate file */
-int
-__ops_sign_detached(__ops_io_t *io,
- const char *f,
- char *sigfile,
- __ops_seckey_t *seckey,
- const char *hash,
- const int64_t from,
- const uint64_t duration,
- const unsigned armored, const unsigned overwrite)
-{
- __ops_create_sig_t *sig;
- __ops_hash_alg_t hash_alg;
- __ops_output_t *output;
- __ops_memory_t *mem;
- uint8_t keyid[OPS_KEY_ID_SIZE];
- int fd;
-
- /* find out which hash algorithm to use */
- hash_alg = __ops_str_to_hash_alg(hash);
- if (hash_alg == OPS_HASH_UNKNOWN) {
- (void) fprintf(io->errs,"Unknown hash algorithm: %s\n", hash);
- return 0;
- }
-
- /* setup output file */
- fd = open_output_file(&output, f, sigfile,
- (armored) ? "asc" : "sig", overwrite);
- if (fd < 0) {
- (void) fprintf(io->errs,"Can't open output file: %s\n", f);
- return 0;
- }
-
- /* create a new signature */
- sig = __ops_create_sig_new();
- __ops_start_sig(sig, seckey, hash_alg, OPS_SIG_BINARY);
-
- /* read the contents of 'f', and add that to the signature */
- mem = __ops_memory_new();
- if (!__ops_mem_readfile(mem, f)) {
- __ops_teardown_file_write(output, fd);
- return 0;
- }
- /* set armoured/not armoured here */
- if (armored) {
- __ops_writer_push_armor_msg(output);
- }
- __ops_sig_add_data(sig, __ops_mem_data(mem), __ops_mem_len(mem));
- __ops_memory_free(mem);
-
- /* calculate the signature */
- __ops_add_time(sig, from, "birth");
- __ops_add_time(sig, (int64_t)duration, "expiration");
- __ops_keyid(keyid, sizeof(keyid), &seckey->pubkey, hash_alg);
- __ops_add_issuer_keyid(sig, keyid);
- __ops_end_hashed_subpkts(sig);
- __ops_write_sig(output, sig, &seckey->pubkey, seckey);
- __ops_teardown_file_write(output, fd);
- __ops_seckey_free(seckey);
-
- return 1;
-}
diff --git a/enzevalos_iphone/netpgp/lib/signature.h b/enzevalos_iphone/netpgp/lib/signature.h
deleted file mode 100644
index cfa57570..00000000
--- a/enzevalos_iphone/netpgp/lib/signature.h
+++ /dev/null
@@ -1,172 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- */
-
-#ifndef SIGNATURE_H_
-#define SIGNATURE_H_
-
-#include <sys/types.h>
-
-#include <inttypes.h>
-
-#include "packet.h"
-#include "create.h"
-#include "memory.h"
-
-typedef struct __ops_create_sig_t __ops_create_sig_t;
-
-__ops_create_sig_t *__ops_create_sig_new(void);
-void __ops_create_sig_delete(__ops_create_sig_t *);
-
-unsigned __ops_check_useridcert_sig(const __ops_pubkey_t *,
- const uint8_t *,
- const __ops_sig_t *,
- const __ops_pubkey_t *,
- const uint8_t *);
-unsigned __ops_check_userattrcert_sig(const __ops_pubkey_t *,
- const __ops_data_t *,
- const __ops_sig_t *,
- const __ops_pubkey_t *,
- const uint8_t *);
-unsigned __ops_check_subkey_sig(const __ops_pubkey_t *,
- const __ops_pubkey_t *,
- const __ops_sig_t *,
- const __ops_pubkey_t *,
- const uint8_t *);
-unsigned __ops_check_direct_sig(const __ops_pubkey_t *,
- const __ops_sig_t *,
- const __ops_pubkey_t *,
- const uint8_t *);
-unsigned __ops_check_hash_sig(__ops_hash_t *,
- const __ops_sig_t *,
- const __ops_pubkey_t *);
-void __ops_sig_start_key_sig(__ops_create_sig_t *,
- const __ops_pubkey_t *,
- const uint8_t *,
- __ops_sig_type_t);
-void __ops_start_sig(__ops_create_sig_t *,
- const __ops_seckey_t *,
- const __ops_hash_alg_t,
- const __ops_sig_type_t);
-
-void __ops_sig_add_data(__ops_create_sig_t *, const void *, size_t);
-__ops_hash_t *__ops_sig_get_hash(__ops_create_sig_t *);
-unsigned __ops_end_hashed_subpkts(__ops_create_sig_t *);
-unsigned __ops_write_sig(__ops_output_t *, __ops_create_sig_t *,
- const __ops_pubkey_t *, const __ops_seckey_t *);
-unsigned __ops_add_time(__ops_create_sig_t *, int64_t, const char *);
-unsigned __ops_add_issuer_keyid(__ops_create_sig_t *,
- const uint8_t *);
-unsigned __ops_add_key_flags(__ops_create_sig_t *sig, uint8_t flags);
-void __ops_add_primary_userid(__ops_create_sig_t *, unsigned);
-
-/* Standard Interface */
-unsigned __ops_sign_file(__ops_io_t *,
- const char *,
- const char *,
- const __ops_seckey_t *,
- const char *,
- const int64_t,
- const uint64_t,
- const unsigned,
- const unsigned,
- const unsigned);
-
-int __ops_sign_detached(__ops_io_t *,
- const char *,
- char *,
- __ops_seckey_t *,
- const char *,
- const int64_t,
- const uint64_t,
- const unsigned,
- const unsigned);
-
-/* armoured stuff */
-unsigned __ops_crc24(unsigned, uint8_t);
-
-void __ops_reader_push_dearmour(__ops_stream_t *);
-
-void __ops_reader_pop_dearmour(__ops_stream_t *);
-unsigned __ops_writer_push_clearsigned(__ops_output_t *, __ops_create_sig_t *);
-void __ops_writer_push_armor_msg(__ops_output_t *);
-
-typedef enum {
- OPS_PGP_MESSAGE = 1,
- OPS_PGP_PUBLIC_KEY_BLOCK,
- OPS_PGP_PRIVATE_KEY_BLOCK,
- OPS_PGP_MULTIPART_MESSAGE_PART_X_OF_Y,
- OPS_PGP_MULTIPART_MESSAGE_PART_X,
- OPS_PGP_SIGNATURE
-} __ops_armor_type_t;
-
-#define CRC24_INIT 0xb704ceL
-
-unsigned __ops_writer_use_armored_sig(__ops_output_t *);
-
-void __ops_writer_push_armoured(__ops_output_t *, __ops_armor_type_t);
-
-__ops_memory_t *__ops_sign_buf(__ops_io_t *,
- const void *,
- const size_t,
- const __ops_seckey_t *,
- const int64_t,
- const uint64_t,
- const char *,
- const unsigned,
- const unsigned);
-
-unsigned __ops_keyring_read_from_mem(__ops_io_t *,
- __ops_keyring_t *,
- const unsigned,
- __ops_memory_t *);
-
-#endif /* SIGNATURE_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/ssh2pgp.c b/enzevalos_iphone/netpgp/lib/ssh2pgp.c
deleted file mode 100644
index be226dca..00000000
--- a/enzevalos_iphone/netpgp/lib/ssh2pgp.c
+++ /dev/null
@@ -1,472 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <sys/param.h>
-
-#include <arpa/inet.h>
-
-#include <inttypes.h>
-#include <stdio.h>
-
-#include <stdlib.h>
-#include <string.h>
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_LIMITS_H
-#include <limits.h>
-#endif
-
-#ifdef HAVE_OPENSSL_CAST_H
-#include <openssl/cast.h>
-#endif
-
-#include <openssl/pem.h>
-
-#include "bufgap.h"
-#include "fastctype.h"
-
-#include "packet-parse.h"
-#include "netpgpdefs.h"
-#include "netpgpsdk.h"
-#include "crypto.h"
-#include "netpgpdigest.h"
-#include "ops-ssh.h"
-
-/* structure for earching for constant strings */
-typedef struct str_t {
- const char *s; /* string */
- size_t len; /* its length */
- int type; /* return type */
-} str_t;
-
-#ifndef USE_ARG
-#define USE_ARG(x) /*LINTED*/(void)&x
-#endif
-
-static const uint8_t base64s[] =
-/* 000 */ "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
-/* 016 */ "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
-/* 032 */ "\0\0\0\0\0\0\0\0\0\0\0?\0\0\0@"
-/* 048 */ "56789:;<=>\0\0\0\0\0\0"
-/* 064 */ "\0\1\2\3\4\5\6\7\10\11\12\13\14\15\16\17"
-/* 080 */ "\20\21\22\23\24\25\26\27\30\31\32\0\0\0\0\0"
-/* 096 */ "\0\33\34\35\36\37 !\"#$%&'()"
-/* 112 */ "*+,-./01234\0\0\0\0\0"
-/* 128 */ "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
-/* 144 */ "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
-/* 160 */ "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
-/* 176 */ "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
-/* 192 */ "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
-/* 208 */ "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
-/* 224 */ "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
-/* 240 */ "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
-
-
-/* short function to decode from base64 */
-/* inspired by an ancient copy of b64.c, then rewritten, the bugs are all mine */
-static int
-frombase64(char *dst, const char *src, size_t size, int flag)
-{
- uint8_t out[3];
- uint8_t in[4];
- uint8_t b;
- size_t srcc;
- int dstc;
- int gotc;
- int i;
-
- USE_ARG(flag);
- for (dstc = 0, srcc = 0 ; srcc < size; ) {
- for (gotc = 0, i = 0; i < 4 && srcc < size; i++) {
- for (b = 0x0; srcc < size && b == 0x0 ; ) {
- b = base64s[(unsigned)src[srcc++]];
- }
- if (srcc < size) {
- gotc += 1;
- if (b) {
- in[i] = (uint8_t)(b - 1);
- }
- } else {
- in[i] = 0x0;
- }
- }
- if (gotc) {
- out[0] = (uint8_t)((unsigned)in[0] << 2 |
- (unsigned)in[1] >> 4);
- out[1] = (uint8_t)((unsigned)in[1] << 4 |
- (unsigned)in[2] >> 2);
- out[2] = (uint8_t)(((in[2] << 6) & 0xc0) | in[3]);
- for (i = 0; i < gotc - 1; i++) {
- *dst++ = out[i];
- }
- dstc += gotc - 1;
- }
- }
- return dstc;
-}
-
-/* get a bignum from the buffer gap */
-static BIGNUM *
-getbignum(bufgap_t *bg, char *buf, const char *header)
-{
- uint32_t len;
- BIGNUM *bignum;
-
- (void) bufgap_getbin(bg, &len, sizeof(len));
- len = ntohl(len);
- (void) bufgap_seek(bg, sizeof(len), BGFromHere, BGByte);
- (void) bufgap_getbin(bg, buf, len);
- bignum = BN_bin2bn((const uint8_t *)buf, (int)len, NULL);
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, header, (const uint8_t *)(void *)buf, len);
- }
- (void) bufgap_seek(bg, len, BGFromHere, BGByte);
- return bignum;
-}
-
-#if 0
-static int
-putbignum(bufgap_t *bg, BIGNUM *bignum)
-{
- uint32_t len;
-
- len = BN_num_bytes(bignum);
- (void) bufgap_insert(bg, &len, sizeof(len));
- (void) bufgap_insert(bg, buf, len);
- bignum = BN_bin2bn((const uint8_t *)buf, (int)len, NULL);
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, header, buf, (int)len);
- }
- (void) bufgap_seek(bg, len, BGFromHere, BGByte);
- return bignum;
-}
-#endif
-
-static str_t pkatypes[] = {
- { "ssh-rsa", 7, OPS_PKA_RSA },
- { "ssh-dss", 7, OPS_PKA_DSA },
- { "ssh-dsa", 7, OPS_PKA_DSA },
- { NULL, 0, 0 }
-};
-
-/* look for a string in the given array */
-static int
-findstr(str_t *array, const char *name)
-{
- str_t *sp;
-
- for (sp = array ; sp->s ; sp++) {
- if (strncmp(name, sp->s, sp->len) == 0) {
- return sp->type;
- }
- }
- return -1;
-}
-
-/* convert an ssh (host) pubkey to a pgp pubkey */
-int
-__ops_ssh2pubkey(__ops_io_t *io, const char *f, __ops_key_t *key, __ops_hash_alg_t hashtype)
-{
- __ops_pubkey_t *pubkey;
- struct stat st;
- bufgap_t bg;
- uint32_t len;
- int64_t off;
- uint8_t *userid;
- char hostname[256];
- char owner[256];
- char *space;
- char *buf;
- char *bin;
- int ok;
- int cc;
-
- (void) memset(&bg, 0x0, sizeof(bg));
- if (!bufgap_open(&bg, f)) {
- (void) fprintf(stderr, "__ops_ssh2pubkey: can't open '%s'\n", f);
- return 0;
- }
- (void)stat(f, &st);
- if ((buf = calloc(1, (size_t)st.st_size)) == NULL) {
- (void) fprintf(stderr, "can't calloc %zu bytes for '%s'\n", (size_t)st.st_size, f);
- bufgap_close(&bg);
- return 0;
- }
- if ((bin = calloc(1, (size_t)st.st_size)) == NULL) {
- (void) fprintf(stderr, "can't calloc %zu bytes for '%s'\n", (size_t)st.st_size, f);
- (void) free(buf);
- bufgap_close(&bg);
- return 0;
- }
-
- /* move past ascii type of key */
- while (bufgap_peek(&bg, 0) != ' ') {
- bufgap_seek(&bg, 1, BGFromHere, BGByte);
- }
- bufgap_seek(&bg, 1, BGFromHere, BGByte);
- off = bufgap_tell(&bg, BGFromBOF, BGByte);
-
- if (bufgap_size(&bg, BGByte) - off < 10) {
- (void) fprintf(stderr, "bad key file '%s'\n", f);
- (void) free(buf);
- bufgap_close(&bg);
- return 0;
- }
-
- /* convert from base64 to binary */
- cc = bufgap_getbin(&bg, buf, (size_t)bg.bcc);
- if ((space = strchr(buf, ' ')) != NULL) {
- cc = (int)(space - buf);
- }
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, NULL, (const uint8_t *)(const void *)buf, (size_t)cc);
- }
- cc = frombase64(bin, buf, (size_t)cc, 0);
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "decoded base64:", (const uint8_t *)(const void *)bin, (size_t)cc);
- }
- bufgap_delete(&bg, (uint64_t)bufgap_tell(&bg, BGFromEOF, BGByte));
- bufgap_insert(&bg, bin, cc);
- bufgap_seek(&bg, off, BGFromBOF, BGByte);
-
- /* get the type of key */
- (void) bufgap_getbin(&bg, &len, sizeof(len));
- len = ntohl(len);
- (void) bufgap_seek(&bg, sizeof(len), BGFromHere, BGByte);
- (void) bufgap_getbin(&bg, buf, len);
- (void) bufgap_seek(&bg, len, BGFromHere, BGByte);
-
- (void) memset(key, 0x0, sizeof(*key));
- pubkey = &key->key.seckey.pubkey;
- pubkey->version = OPS_V4;
- pubkey->birthtime = st.st_mtime;
- /* get key type */
- ok = 1;
- switch (pubkey->alg = findstr(pkatypes, buf)) {
- case OPS_PKA_RSA:
- /* get the 'e' param of the key */
- pubkey->key.rsa.e = getbignum(&bg, buf, "RSA E");
- /* get the 'n' param of the key */
- pubkey->key.rsa.n = getbignum(&bg, buf, "RSA N");
- break;
- case OPS_PKA_DSA:
- /* get the 'p' param of the key */
- pubkey->key.dsa.p = getbignum(&bg, buf, "DSA P");
- /* get the 'q' param of the key */
- pubkey->key.dsa.q = getbignum(&bg, buf, "DSA Q");
- /* get the 'g' param of the key */
- pubkey->key.dsa.g = getbignum(&bg, buf, "DSA G");
- /* get the 'y' param of the key */
- pubkey->key.dsa.y = getbignum(&bg, buf, "DSA Y");
- break;
- default:
- (void) fprintf(stderr, "Unrecognised pubkey type %d for '%s'\n",
- pubkey->alg, f);
- ok = 0;
- break;
- }
-
- /* check for stragglers */
- if (ok && bufgap_tell(&bg, BGFromEOF, BGByte) > 0) {
- printf("%"PRIi64" bytes left\n", bufgap_tell(&bg, BGFromEOF, BGByte));
- printf("[%s]\n", bufgap_getstr(&bg));
- ok = 0;
- }
- if (ok) {
- (void) memset(&userid, 0x0, sizeof(userid));
- (void) gethostname(hostname, sizeof(hostname));
- if (strlen(space + 1) - 1 == 0) {
- (void) snprintf(owner, sizeof(owner), "<root@%s>",
- hostname);
- } else {
- (void) snprintf(owner, sizeof(owner), "<%.*s>",
- (int)strlen(space + 1) - 1,
- space + 1);
- }
- (void) __ops_asprintf((char **)(void *)&userid,
- "%s (%s) %s",
- hostname,
- f,
- owner);
- __ops_keyid(key->sigid, sizeof(key->sigid), pubkey, hashtype);
- __ops_add_userid(key, userid);
- __ops_fingerprint(&key->sigfingerprint, pubkey, hashtype);
- free(userid);
- if (__ops_get_debug_level(__FILE__)) {
- /*__ops_print_keydata(io, keyring, key, "pub", pubkey, 0);*/
- __OPS_USED(io); /* XXX */
- }
- }
- (void) free(bin);
- (void) free(buf);
- bufgap_close(&bg);
- return ok;
-}
-
-/* convert an ssh (host) seckey to a pgp seckey */
-int
-__ops_ssh2seckey(__ops_io_t *io, const char *f, __ops_key_t *key, __ops_pubkey_t *pubkey, __ops_hash_alg_t hashtype)
-{
- __ops_crypt_t crypted;
- __ops_hash_t hash;
- unsigned done = 0;
- unsigned i = 0;
- uint8_t sesskey[CAST_KEY_LENGTH];
- uint8_t hashed[OPS_SHA1_HASH_SIZE];
- BIGNUM *tmp;
-
- __OPS_USED(io);
- /* XXX - check for rsa/dsa */
- if (!openssl_read_pem_seckey(f, key, "ssh-rsa", 0)) {
- return 0;
- }
- if (__ops_get_debug_level(__FILE__)) {
- /*__ops_print_keydata(io, key, "sec", &key->key.seckey.pubkey, 0);*/
- /* XXX */
- }
- /* let's add some sane defaults */
- (void) memcpy(&key->key.seckey.pubkey, pubkey, sizeof(*pubkey));
- key->key.seckey.s2k_usage = OPS_S2KU_ENCRYPTED_AND_HASHED;
- key->key.seckey.alg = OPS_SA_CAST5;
- key->key.seckey.s2k_specifier = OPS_S2KS_SALTED;
- key->key.seckey.hash_alg = OPS_HASH_SHA1;
- if (key->key.seckey.pubkey.alg == OPS_PKA_RSA) {
- /* openssh and openssl have p and q swapped */
- tmp = key->key.seckey.key.rsa.p;
- key->key.seckey.key.rsa.p = key->key.seckey.key.rsa.q;
- key->key.seckey.key.rsa.q = tmp;
- }
- for (done = 0, i = 0; done < CAST_KEY_LENGTH; i++) {
- unsigned j;
- uint8_t zero = 0;
- int needed;
- int size;
-
- needed = CAST_KEY_LENGTH - done;
- size = MIN(needed, OPS_SHA1_HASH_SIZE);
-
- __ops_hash_any(&hash, key->key.seckey.hash_alg);
- if (!hash.init(&hash)) {
- (void) fprintf(stderr, "write_seckey_body: bad alloc\n");
- return 0;
- }
-
- /* preload if iterating */
- for (j = 0; j < i; j++) {
- /*
- * Coverity shows a DEADCODE error on this
- * line. This is expected since the hardcoded
- * use of SHA1 and CAST5 means that it will
- * not used. This will change however when
- * other algorithms are supported.
- */
- hash.add(&hash, &zero, 1);
- }
-
- if (key->key.seckey.s2k_specifier == OPS_S2KS_SALTED) {
- hash.add(&hash, key->key.seckey.salt, OPS_SALT_SIZE);
- }
- hash.finish(&hash, hashed);
-
- /*
- * if more in hash than is needed by session key, use
- * the leftmost octets
- */
- (void) memcpy(&sesskey[i * OPS_SHA1_HASH_SIZE],
- hashed, (unsigned)size);
- done += (unsigned)size;
- if (done > CAST_KEY_LENGTH) {
- (void) fprintf(stderr,
- "write_seckey_body: short add\n");
- return 0;
- }
- }
- __ops_crypt_any(&crypted, key->key.seckey.alg);
- crypted.set_iv(&crypted, key->key.seckey.iv);
- crypted.set_crypt_key(&crypted, sesskey);
- __ops_encrypt_init(&crypted);
- key->key.seckey.pubkey.alg = OPS_PKA_RSA;
- __ops_fingerprint(&key->sigfingerprint, pubkey, hashtype);
- __ops_keyid(key->sigid, sizeof(key->sigid), pubkey, hashtype);
- return 1;
-}
-
-/* read a key from the ssh file, and add it to a keyring */
-int
-__ops_ssh2_readkeys(__ops_io_t *io, __ops_keyring_t *pubring,
- __ops_keyring_t *secring, const char *pubfile,
- const char *secfile, unsigned hashtype)
-{
- __ops_key_t *pubkey;
- __ops_key_t *seckey;
- __ops_key_t key;
-
- pubkey = NULL;
- (void) memset(&key, 0x0, sizeof(key));
- if (pubfile) {
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(io->errs, "__ops_ssh2_readkeys: pubfile '%s'\n", pubfile);
- }
- if (!__ops_ssh2pubkey(io, pubfile, &key, (__ops_hash_alg_t)hashtype)) {
- (void) fprintf(io->errs, "__ops_ssh2_readkeys: can't read pubkeys '%s'\n", pubfile);
- return 0;
- }
- EXPAND_ARRAY(pubring, key);
- pubkey = &pubring->keys[pubring->keyc++];
- (void) memcpy(pubkey, &key, sizeof(key));
- pubkey->type = OPS_PTAG_CT_PUBLIC_KEY;
- }
- if (secfile) {
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(io->errs, "__ops_ssh2_readkeys: secfile '%s'\n", secfile);
- }
- if (pubkey == NULL) {
- pubkey = &pubring->keys[0];
- }
- if (!__ops_ssh2seckey(io, secfile, &key, &pubkey->key.pubkey, (__ops_hash_alg_t)hashtype)) {
- (void) fprintf(io->errs, "__ops_ssh2_readkeys: can't read seckeys '%s'\n", secfile);
- return 0;
- }
- EXPAND_ARRAY(secring, key);
- seckey = &secring->keys[secring->keyc++];
- (void) memcpy(seckey, &key, sizeof(key));
- seckey->type = OPS_PTAG_CT_SECRET_KEY;
- }
- return 1;
-}
diff --git a/enzevalos_iphone/netpgp/lib/symmetric.c b/enzevalos_iphone/netpgp/lib/symmetric.c
deleted file mode 100644
index f6f0fdbe..00000000
--- a/enzevalos_iphone/netpgp/lib/symmetric.c
+++ /dev/null
@@ -1,802 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-#if defined(__NetBSD__)
-__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: symmetric.c,v 1.17 2010/11/05 03:37:18 agc Exp $");
-#endif
-
-#include "crypto.h"
-#include "packet-show.h"
-
-#include <string.h>
-
-#ifdef HAVE_OPENSSL_CAST_H
-#include <openssl/cast.h>
-#endif
-
-#ifdef HAVE_OPENSSL_IDEA_H
-#include <openssl/idea.h>
-#endif
-
-#ifdef HAVE_OPENSSL_AES_H
-#include <openssl/aes.h>
-#endif
-
-#ifdef HAVE_OPENSSL_DES_H
-#include <openssl/des.h>
-#endif
-
-#ifdef HAVE_OPENSSL_CAMELLIA_H
-#include <openssl/camellia.h>
-#endif
-
-#include "crypto.h"
-#include "netpgpdefs.h"
-
-
-static void
-std_set_iv(__ops_crypt_t *crypt, const uint8_t *iv)
-{
- (void) memcpy(crypt->iv, iv, crypt->blocksize);
- crypt->num = 0;
-}
-
-static void
-std_set_key(__ops_crypt_t *crypt, const uint8_t *key)
-{
- (void) memcpy(crypt->key, key, crypt->keysize);
-}
-
-static void
-std_resync(__ops_crypt_t *decrypt)
-{
- if ((size_t) decrypt->num == decrypt->blocksize) {
- return;
- }
-
- memmove(decrypt->civ + decrypt->blocksize - decrypt->num, decrypt->civ,
- (unsigned)decrypt->num);
- (void) memcpy(decrypt->civ, decrypt->siv + decrypt->num,
- decrypt->blocksize - decrypt->num);
- decrypt->num = 0;
-}
-
-static void
-std_finish(__ops_crypt_t *crypt)
-{
- if (crypt->encrypt_key) {
- free(crypt->encrypt_key);
- crypt->encrypt_key = NULL;
- }
- if (crypt->decrypt_key) {
- free(crypt->decrypt_key);
- crypt->decrypt_key = NULL;
- }
-}
-
-static int
-cast5_init(__ops_crypt_t *crypt)
-{
- if (crypt->encrypt_key) {
- free(crypt->encrypt_key);
- }
- if ((crypt->encrypt_key = calloc(1, sizeof(CAST_KEY))) == NULL) {
- (void) fprintf(stderr, "cast5_init: alloc failure\n");
- return 0;
- }
- CAST_set_key(crypt->encrypt_key, (int)crypt->keysize, crypt->key);
- if ((crypt->decrypt_key = calloc(1, sizeof(CAST_KEY))) == NULL) {
- (void) fprintf(stderr, "cast5_init: alloc failure\n");
- return 0;
- }
- CAST_set_key(crypt->decrypt_key, (int)crypt->keysize, crypt->key);
- return 1;
-}
-
-static void
-cast5_block_encrypt(__ops_crypt_t *crypt, void *out, const void *in)
-{
- CAST_ecb_encrypt(in, out, crypt->encrypt_key, CAST_ENCRYPT);
-}
-
-static void
-cast5_block_decrypt(__ops_crypt_t *crypt, void *out, const void *in)
-{
- CAST_ecb_encrypt(in, out, crypt->encrypt_key, CAST_DECRYPT);
-}
-
-static void
-cast5_cfb_encrypt(__ops_crypt_t *crypt, void *out, const void *in, size_t count)
-{
- CAST_cfb64_encrypt(in, out, (long)count,
- crypt->encrypt_key, crypt->iv, &crypt->num,
- CAST_ENCRYPT);
-}
-
-static void
-cast5_cfb_decrypt(__ops_crypt_t *crypt, void *out, const void *in, size_t count)
-{
- CAST_cfb64_encrypt(in, out, (long)count,
- crypt->encrypt_key, crypt->iv, &crypt->num,
- CAST_DECRYPT);
-}
-
-#define TRAILER "","","","",0,NULL,NULL
-
-static __ops_crypt_t cast5 =
-{
- OPS_SA_CAST5,
- CAST_BLOCK,
- CAST_KEY_LENGTH,
- std_set_iv,
- std_set_key,
- cast5_init,
- std_resync,
- cast5_block_encrypt,
- cast5_block_decrypt,
- cast5_cfb_encrypt,
- cast5_cfb_decrypt,
- std_finish,
- TRAILER
-};
-
-#ifndef OPENSSL_NO_IDEA
-static int
-idea_init(__ops_crypt_t *crypt)
-{
- if (crypt->keysize != IDEA_KEY_LENGTH) {
- (void) fprintf(stderr, "idea_init: keysize wrong\n");
- return 0;
- }
-
- if (crypt->encrypt_key) {
- free(crypt->encrypt_key);
- }
- if ((crypt->encrypt_key = calloc(1, sizeof(IDEA_KEY_SCHEDULE))) == NULL) {
- (void) fprintf(stderr, "idea_init: alloc failure\n");
- return 0;
- }
-
- /* note that we don't invert the key when decrypting for CFB mode */
- idea_set_encrypt_key(crypt->key, crypt->encrypt_key);
-
- if (crypt->decrypt_key) {
- free(crypt->decrypt_key);
- }
- if ((crypt->decrypt_key = calloc(1, sizeof(IDEA_KEY_SCHEDULE))) == NULL) {
- (void) fprintf(stderr, "idea_init: alloc failure\n");
- return 0;
- }
-
- idea_set_decrypt_key(crypt->encrypt_key, crypt->decrypt_key);
- return 1;
-}
-
-static void
-idea_block_encrypt(__ops_crypt_t *crypt, void *out, const void *in)
-{
- idea_ecb_encrypt(in, out, crypt->encrypt_key);
-}
-
-static void
-idea_block_decrypt(__ops_crypt_t *crypt, void *out, const void *in)
-{
- idea_ecb_encrypt(in, out, crypt->decrypt_key);
-}
-
-static void
-idea_cfb_encrypt(__ops_crypt_t *crypt, void *out, const void *in, size_t count)
-{
- idea_cfb64_encrypt(in, out, (long)count,
- crypt->encrypt_key, crypt->iv, &crypt->num,
- CAST_ENCRYPT);
-}
-
-static void
-idea_cfb_decrypt(__ops_crypt_t *crypt, void *out, const void *in, size_t count)
-{
- idea_cfb64_encrypt(in, out, (long)count,
- crypt->decrypt_key, crypt->iv, &crypt->num,
- CAST_DECRYPT);
-}
-
-static const __ops_crypt_t idea =
-{
- OPS_SA_IDEA,
- IDEA_BLOCK,
- IDEA_KEY_LENGTH,
- std_set_iv,
- std_set_key,
- idea_init,
- std_resync,
- idea_block_encrypt,
- idea_block_decrypt,
- idea_cfb_encrypt,
- idea_cfb_decrypt,
- std_finish,
- TRAILER
-};
-#endif /* OPENSSL_NO_IDEA */
-
-/* AES with 128-bit key (AES) */
-
-#define KEYBITS_AES128 128
-
-static int
-aes128_init(__ops_crypt_t *crypt)
-{
- if (crypt->encrypt_key) {
- free(crypt->encrypt_key);
- }
- if ((crypt->encrypt_key = calloc(1, sizeof(AES_KEY))) == NULL) {
- (void) fprintf(stderr, "aes128_init: alloc failure\n");
- return 0;
- }
- if (AES_set_encrypt_key(crypt->key, KEYBITS_AES128,
- crypt->encrypt_key)) {
- fprintf(stderr, "aes128_init: Error setting encrypt_key\n");
- }
-
- if (crypt->decrypt_key) {
- free(crypt->decrypt_key);
- }
- if ((crypt->decrypt_key = calloc(1, sizeof(AES_KEY))) == NULL) {
- (void) fprintf(stderr, "aes128_init: alloc failure\n");
- return 0;
- }
- if (AES_set_decrypt_key(crypt->key, KEYBITS_AES128,
- crypt->decrypt_key)) {
- fprintf(stderr, "aes128_init: Error setting decrypt_key\n");
- }
- return 1;
-}
-
-static void
-aes_block_encrypt(__ops_crypt_t *crypt, void *out, const void *in)
-{
- AES_encrypt(in, out, crypt->encrypt_key);
-}
-
-static void
-aes_block_decrypt(__ops_crypt_t *crypt, void *out, const void *in)
-{
- AES_decrypt(in, out, crypt->decrypt_key);
-}
-
-static void
-aes_cfb_encrypt(__ops_crypt_t *crypt, void *out, const void *in, size_t count)
-{
- AES_cfb128_encrypt(in, out, (unsigned)count,
- crypt->encrypt_key, crypt->iv, &crypt->num,
- AES_ENCRYPT);
-}
-
-static void
-aes_cfb_decrypt(__ops_crypt_t *crypt, void *out, const void *in, size_t count)
-{
- AES_cfb128_encrypt(in, out, (unsigned)count,
- crypt->encrypt_key, crypt->iv, &crypt->num,
- AES_DECRYPT);
-}
-
-static const __ops_crypt_t aes128 =
-{
- OPS_SA_AES_128,
- AES_BLOCK_SIZE,
- KEYBITS_AES128 / 8,
- std_set_iv,
- std_set_key,
- aes128_init,
- std_resync,
- aes_block_encrypt,
- aes_block_decrypt,
- aes_cfb_encrypt,
- aes_cfb_decrypt,
- std_finish,
- TRAILER
-};
-
-/* AES with 256-bit key */
-
-#define KEYBITS_AES256 256
-
-static int
-aes256_init(__ops_crypt_t *crypt)
-{
- if (crypt->encrypt_key) {
- free(crypt->encrypt_key);
- }
- if ((crypt->encrypt_key = calloc(1, sizeof(AES_KEY))) == NULL) {
- (void) fprintf(stderr, "aes256_init: alloc failure\n");
- return 0;
- }
- if (AES_set_encrypt_key(crypt->key, KEYBITS_AES256,
- crypt->encrypt_key)) {
- fprintf(stderr, "aes256_init: Error setting encrypt_key\n");
- free(crypt->encrypt_key);
- crypt->encrypt_key = NULL;
- return 0;
- }
- if (crypt->decrypt_key) {
- free(crypt->decrypt_key);
- }
- if ((crypt->decrypt_key = calloc(1, sizeof(AES_KEY))) == NULL) {
- (void) fprintf(stderr, "aes256_init: alloc failure\n");
- free(crypt->encrypt_key);
- crypt->encrypt_key = NULL;
- return 0;
- }
- if (AES_set_decrypt_key(crypt->key, KEYBITS_AES256,
- crypt->decrypt_key)) {
- fprintf(stderr, "aes256_init: Error setting decrypt_key\n");
- free(crypt->encrypt_key);
- crypt->encrypt_key = NULL;
- free(crypt->decrypt_key);
- crypt->decrypt_key = NULL;
- return 0;
- }
- return 1;
-}
-
-static const __ops_crypt_t aes256 =
-{
- OPS_SA_AES_256,
- AES_BLOCK_SIZE,
- KEYBITS_AES256 / 8,
- std_set_iv,
- std_set_key,
- aes256_init,
- std_resync,
- aes_block_encrypt,
- aes_block_decrypt,
- aes_cfb_encrypt,
- aes_cfb_decrypt,
- std_finish,
- TRAILER
-};
-
-/* Triple DES */
-
-static int
-tripledes_init(__ops_crypt_t *crypt)
-{
- DES_key_schedule *keys;
- int n;
-
- if (crypt->encrypt_key) {
- free(crypt->encrypt_key);
- }
- if ((keys = crypt->encrypt_key = calloc(1, 3 * sizeof(DES_key_schedule))) == NULL) {
- (void) fprintf(stderr, "tripledes_init: alloc failure\n");
- return 0;
- }
- for (n = 0; n < 3; ++n) {
- DES_set_key((DES_cblock *)(void *)(crypt->key + n * 8),
- &keys[n]);
- }
- return 1;
-}
-
-static void
-tripledes_block_encrypt(__ops_crypt_t *crypt, void *out, const void *in)
-{
- DES_key_schedule *keys = crypt->encrypt_key;
-
- DES_ecb3_encrypt(__UNCONST(in), out, &keys[0], &keys[1], &keys[2],
- DES_ENCRYPT);
-}
-
-static void
-tripledes_block_decrypt(__ops_crypt_t *crypt, void *out, const void *in)
-{
- DES_key_schedule *keys = crypt->encrypt_key;
-
- DES_ecb3_encrypt(__UNCONST(in), out, &keys[0], &keys[1], &keys[2],
- DES_DECRYPT);
-}
-
-static void
-tripledes_cfb_encrypt(__ops_crypt_t *crypt, void *out, const void *in,
- size_t count)
-{
- DES_key_schedule *keys = crypt->encrypt_key;
-
- DES_ede3_cfb64_encrypt(in, out, (long)count,
- &keys[0], &keys[1], &keys[2], (DES_cblock *)(void *)crypt->iv,
- &crypt->num, DES_ENCRYPT);
-}
-
-static void
-tripledes_cfb_decrypt(__ops_crypt_t *crypt, void *out, const void *in,
- size_t count)
-{
- DES_key_schedule *keys = crypt->encrypt_key;
-
- DES_ede3_cfb64_encrypt(in, out, (long)count,
- &keys[0], &keys[1], &keys[2], (DES_cblock *)(void *)crypt->iv,
- &crypt->num, DES_DECRYPT);
-}
-
-static const __ops_crypt_t tripledes =
-{
- OPS_SA_TRIPLEDES,
- 8,
- 24,
- std_set_iv,
- std_set_key,
- tripledes_init,
- std_resync,
- tripledes_block_encrypt,
- tripledes_block_decrypt,
- tripledes_cfb_encrypt,
- tripledes_cfb_decrypt,
- std_finish,
- TRAILER
-};
-
-#if defined(HAVE_OPENSSL_CAMELLIA_H) && !defined(OPENSSL_NO_CAMELLIA)
-/* Camellia with 128-bit key (CAMELLIA) */
-
-#define KEYBITS_CAMELLIA128 128
-
-static int
-camellia128_init(__ops_crypt_t *crypt)
-{
- if (crypt->encrypt_key) {
- free(crypt->encrypt_key);
- }
- if ((crypt->encrypt_key = calloc(1, sizeof(CAMELLIA_KEY))) == NULL) {
- (void) fprintf(stderr, "camellia128_init: alloc failure\n");
- return 0;
- }
- if (Camellia_set_key(crypt->key, KEYBITS_CAMELLIA128, crypt->encrypt_key)) {
- fprintf(stderr, "camellia128_init: Error setting encrypt_key\n");
- }
- if (crypt->decrypt_key) {
- free(crypt->decrypt_key);
- }
- if ((crypt->decrypt_key = calloc(1, sizeof(CAMELLIA_KEY))) == NULL) {
- (void) fprintf(stderr, "camellia128_init: alloc failure\n");
- return 0;
- }
- if (Camellia_set_key(crypt->key, KEYBITS_CAMELLIA128, crypt->decrypt_key)) {
- fprintf(stderr, "camellia128_init: Error setting decrypt_key\n");
- }
- return 1;
-}
-
-static void
-camellia_block_encrypt(__ops_crypt_t *crypt, void *out, const void *in)
-{
- Camellia_encrypt(in, out, crypt->encrypt_key);
-}
-
-static void
-camellia_block_decrypt(__ops_crypt_t *crypt, void *out, const void *in)
-{
- Camellia_decrypt(in, out, crypt->decrypt_key);
-}
-
-static void
-camellia_cfb_encrypt(__ops_crypt_t *crypt, void *out, const void *in, size_t count)
-{
- Camellia_cfb128_encrypt(in, out, (unsigned)count,
- crypt->encrypt_key, crypt->iv, &crypt->num,
- CAMELLIA_ENCRYPT);
-}
-
-static void
-camellia_cfb_decrypt(__ops_crypt_t *crypt, void *out, const void *in, size_t count)
-{
- Camellia_cfb128_encrypt(in, out, (unsigned)count,
- crypt->encrypt_key, crypt->iv, &crypt->num,
- CAMELLIA_DECRYPT);
-}
-
-static const __ops_crypt_t camellia128 =
-{
- OPS_SA_CAMELLIA_128,
- CAMELLIA_BLOCK_SIZE,
- KEYBITS_CAMELLIA128 / 8,
- std_set_iv,
- std_set_key,
- camellia128_init,
- std_resync,
- camellia_block_encrypt,
- camellia_block_decrypt,
- camellia_cfb_encrypt,
- camellia_cfb_decrypt,
- std_finish,
- TRAILER
-};
-
-/* Camellia with 256-bit key (CAMELLIA) */
-
-#define KEYBITS_CAMELLIA256 256
-
-static int
-camellia256_init(__ops_crypt_t *crypt)
-{
- if (crypt->encrypt_key) {
- free(crypt->encrypt_key);
- }
- if ((crypt->encrypt_key = calloc(1, sizeof(CAMELLIA_KEY))) == NULL) {
- (void) fprintf(stderr, "camellia256_init: alloc failure\n");
- return 0;
- }
- if (Camellia_set_key(crypt->key, KEYBITS_CAMELLIA256, crypt->encrypt_key)) {
- fprintf(stderr, "camellia256_init: Error setting encrypt_key\n");
- }
- if (crypt->decrypt_key) {
- free(crypt->decrypt_key);
- }
- if ((crypt->decrypt_key = calloc(1, sizeof(CAMELLIA_KEY))) == NULL) {
- (void) fprintf(stderr, "camellia256_init: alloc failure\n");
- return 0;
- }
- if (Camellia_set_key(crypt->key, KEYBITS_CAMELLIA256, crypt->decrypt_key)) {
- fprintf(stderr, "camellia256_init: Error setting decrypt_key\n");
- }
- return 1;
-}
-
-static const __ops_crypt_t camellia256 =
-{
- OPS_SA_CAMELLIA_256,
- CAMELLIA_BLOCK_SIZE,
- KEYBITS_CAMELLIA256 / 8,
- std_set_iv,
- std_set_key,
- camellia256_init,
- std_resync,
- camellia_block_encrypt,
- camellia_block_decrypt,
- camellia_cfb_encrypt,
- camellia_cfb_decrypt,
- std_finish,
- TRAILER
-};
-#endif
-
-
-static const __ops_crypt_t *
-get_proto(__ops_symm_alg_t alg)
-{
- switch (alg) {
- case OPS_SA_CAST5:
- return &cast5;
-#ifndef OPENSSL_NO_IDEA
- case OPS_SA_IDEA:
- return &idea;
-#endif /* OPENSSL_NO_IDEA */
- case OPS_SA_AES_128:
- return &aes128;
- case OPS_SA_AES_256:
- return &aes256;
-#if defined(HAVE_OPENSSL_CAMELLIA_H) && !defined(OPENSSL_NO_CAMELLIA)
- case OPS_SA_CAMELLIA_128:
- return &camellia128;
- case OPS_SA_CAMELLIA_256:
- return &camellia256;
-#endif
- case OPS_SA_TRIPLEDES:
- return &tripledes;
- default:
- (void) fprintf(stderr, "Unknown algorithm: %d (%s)\n",
- alg, __ops_show_symm_alg(alg));
- }
- return NULL;
-}
-
-int
-__ops_crypt_any(__ops_crypt_t *crypt, __ops_symm_alg_t alg)
-{
- const __ops_crypt_t *ptr = get_proto(alg);
-
- if (ptr) {
- *crypt = *ptr;
- return 1;
- } else {
- (void) memset(crypt, 0x0, sizeof(*crypt));
- return 0;
- }
-}
-
-unsigned
-__ops_block_size(__ops_symm_alg_t alg)
-{
- const __ops_crypt_t *p = get_proto(alg);
-
- return (p == NULL) ? 0 : (unsigned)p->blocksize;
-}
-
-unsigned
-__ops_key_size(__ops_symm_alg_t alg)
-{
- const __ops_crypt_t *p = get_proto(alg);
-
- return (p == NULL) ? 0 : (unsigned)p->keysize;
-}
-
-void
-__ops_encrypt_init(__ops_crypt_t *encrypt)
-{
- /* \todo should there be a separate __ops_encrypt_init? */
- __ops_decrypt_init(encrypt);
-}
-
-void
-__ops_decrypt_init(__ops_crypt_t *decrypt)
-{
- decrypt->base_init(decrypt);
- decrypt->block_encrypt(decrypt, decrypt->siv, decrypt->iv);
- (void) memcpy(decrypt->civ, decrypt->siv, decrypt->blocksize);
- decrypt->num = 0;
-}
-
-size_t
-__ops_decrypt_se(__ops_crypt_t *decrypt, void *outvoid, const void *invoid,
- size_t count)
-{
- const uint8_t *in = invoid;
- uint8_t *out = outvoid;
- int saved = (int)count;
-
- /*
- * in order to support v3's weird resyncing we have to implement CFB
- * mode ourselves
- */
- while (count-- > 0) {
- uint8_t t;
-
- if ((size_t) decrypt->num == decrypt->blocksize) {
- (void) memcpy(decrypt->siv, decrypt->civ,
- decrypt->blocksize);
- decrypt->block_decrypt(decrypt, decrypt->civ,
- decrypt->civ);
- decrypt->num = 0;
- }
- t = decrypt->civ[decrypt->num];
- *out++ = t ^ (decrypt->civ[decrypt->num++] = *in++);
- }
-
- return (size_t)saved;
-}
-
-size_t
-__ops_encrypt_se(__ops_crypt_t *encrypt, void *outvoid, const void *invoid,
- size_t count)
-{
- const uint8_t *in = invoid;
- uint8_t *out = outvoid;
- int saved = (int)count;
-
- /*
- * in order to support v3's weird resyncing we have to implement CFB
- * mode ourselves
- */
- while (count-- > 0) {
- if ((size_t) encrypt->num == encrypt->blocksize) {
- (void) memcpy(encrypt->siv, encrypt->civ,
- encrypt->blocksize);
- encrypt->block_encrypt(encrypt, encrypt->civ,
- encrypt->civ);
- encrypt->num = 0;
- }
- encrypt->civ[encrypt->num] = *out++ =
- encrypt->civ[encrypt->num] ^ *in++;
- ++encrypt->num;
- }
-
- return (size_t)saved;
-}
-
-/**
-\ingroup HighLevel_Supported
-\brief Is this Symmetric Algorithm supported?
-\param alg Symmetric Algorithm to check
-\return 1 if supported; else 0
-*/
-unsigned
-__ops_is_sa_supported(__ops_symm_alg_t alg)
-{
- switch (alg) {
- case OPS_SA_AES_128:
- case OPS_SA_AES_256:
- case OPS_SA_CAST5:
- case OPS_SA_TRIPLEDES:
-#if defined(HAVE_OPENSSL_CAMELLIA_H) && !defined(OPENSSL_NO_CAMELLIA)
- case OPS_SA_CAMELLIA_128:
- case OPS_SA_CAMELLIA_256:
-#endif
-#ifndef OPENSSL_NO_IDEA
- case OPS_SA_IDEA:
-#endif
- return 1;
-
- default:
- fprintf(stderr, "\nWarning: %s not supported\n",
- __ops_show_symm_alg(alg));
- return 0;
- }
-}
-
-size_t
-__ops_encrypt_se_ip(__ops_crypt_t *crypt, void *out, const void *in,
- size_t count)
-{
- if (!__ops_is_sa_supported(crypt->alg)) {
- return 0;
- }
-
- crypt->cfb_encrypt(crypt, out, in, count);
-
- /* \todo test this number was encrypted */
- return count;
-}
-
-size_t
-__ops_decrypt_se_ip(__ops_crypt_t *crypt, void *out, const void *in,
- size_t count)
-{
- if (!__ops_is_sa_supported(crypt->alg)) {
- return 0;
- }
-
- crypt->cfb_decrypt(crypt, out, in, count);
-
- /* \todo check this number was in fact decrypted */
- return count;
-}
diff --git a/enzevalos_iphone/netpgp/lib/types.h b/enzevalos_iphone/netpgp/lib/types.h
deleted file mode 100644
index c04ec57d..00000000
--- a/enzevalos_iphone/netpgp/lib/types.h
+++ /dev/null
@@ -1,94 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef TYPES_H_
-#define TYPES_H_
-
-#ifdef HAVE_INTTYPES_H
-#include <inttypes.h>
-#endif
-
-typedef struct __ops_io_t {
- void *outs; /* output file stream */
- void *errs; /* file stream to put error messages */
- void *res; /* file stream to put results */
-} __ops_io_t;
-
-/** __ops_map_t
- */
-typedef struct {
- int type;
- const char *string;
-} __ops_map_t;
-
-/** __ops_errcode_name_map_t */
-typedef __ops_map_t __ops_errcode_name_map_t;
-
-typedef struct _ops_crypt_t __ops_crypt_t;
-
-/** __ops_hash_t */
-typedef struct _ops_hash_t __ops_hash_t;
-
-/** Revocation Reason type */
-typedef uint8_t __ops_ss_rr_code_t;
-
-/** __ops_packet_t */
-typedef struct __ops_packet_t __ops_packet_t;
-
-/** Writer flags */
-typedef enum {
- OPS_WF_DUMMY
-} __ops_writer_flags_t;
-
-/**
- * \ingroup Create
- * Contains the required information about how to write
- */
-typedef struct __ops_output_t __ops_output_t;
-
-#endif /* TYPES_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/validate.c b/enzevalos_iphone/netpgp/lib/validate.c
deleted file mode 100644
index 5786079c..00000000
--- a/enzevalos_iphone/netpgp/lib/validate.c
+++ /dev/null
@@ -1,969 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-#if defined(__NetBSD__)
-__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: validate.c,v 1.41 2010/11/04 16:24:22 agc Exp $");
-#endif
-
-#include <sys/types.h>
-#include <sys/param.h>
-#include <sys/stat.h>
-
-#include <string.h>
-#include <stdio.h>
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-#include "packet-parse.h"
-#include "packet-show.h"
-#include "keyring.h"
-#include "signature.h"
-#include "netpgpsdk.h"
-#include "readerwriter.h"
-#include "netpgpdefs.h"
-#include "memory.h"
-#include "packet.h"
-#include "crypto.h"
-#include "validate.h"
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
-
-static int
-keydata_reader(void *dest, size_t length, __ops_error_t **errors,
- __ops_reader_t *readinfo,
- __ops_cbdata_t *cbinfo)
-{
- validate_reader_t *reader = __ops_reader_get_arg(readinfo);
-
- __OPS_USED(errors);
- __OPS_USED(cbinfo);
- if (reader->offset == reader->key->packets[reader->packet].length) {
- reader->packet += 1;
- reader->offset = 0;
- }
- if (reader->packet == reader->key->packetc) {
- return 0;
- }
-
- /*
- * we should never be asked to cross a packet boundary in a single
- * read
- */
- if (reader->key->packets[reader->packet].length <
- reader->offset + length) {
- (void) fprintf(stderr, "keydata_reader: weird length\n");
- return 0;
- }
-
- (void) memcpy(dest,
- &reader->key->packets[reader->packet].raw[reader->offset],
- length);
- reader->offset += (unsigned)length;
-
- return (int)length;
-}
-
-static void
-free_sig_info(__ops_sig_info_t *sig)
-{
- free(sig->v4_hashed);
- free(sig);
-}
-
-static void
-copy_sig_info(__ops_sig_info_t *dst, const __ops_sig_info_t *src)
-{
- (void) memcpy(dst, src, sizeof(*src));
- if ((dst->v4_hashed = calloc(1, src->v4_hashlen)) == NULL) {
- (void) fprintf(stderr, "copy_sig_info: bad alloc\n");
- } else {
- (void) memcpy(dst->v4_hashed, src->v4_hashed, src->v4_hashlen);
- }
-}
-
-static int
-add_sig_to_list(const __ops_sig_info_t *sig, __ops_sig_info_t **sigs,
- unsigned *count)
-{
- __ops_sig_info_t *newsigs;
-
- if (*count == 0) {
- newsigs = calloc(*count + 1, sizeof(__ops_sig_info_t));
- } else {
- newsigs = realloc(*sigs,
- (*count + 1) * sizeof(__ops_sig_info_t));
- }
- if (newsigs == NULL) {
- (void) fprintf(stderr, "add_sig_to_list: alloc failure\n");
- return 0;
- }
- *sigs = newsigs;
- copy_sig_info(&(*sigs)[*count], sig);
- *count += 1;
- return 1;
-}
-
-/*
-The hash value is calculated by the following method:
-+ hash the data using the given digest algorithm
-+ hash the hash value onto the end
-+ hash the trailer - 6 bytes
- [OPS_V4][0xff][len >> 24][len >> 16][len >> 8][len & 0xff]
-to give the final hash value that is checked against the one in the signature
-*/
-
-/* Does the signed hash match the given hash? */
-unsigned
-check_binary_sig(const uint8_t *data,
- const unsigned len,
- const __ops_sig_t *sig,
- const __ops_pubkey_t *signer)
-{
- unsigned hashedlen;
- __ops_hash_t hash;
- unsigned n;
- uint8_t hashout[OPS_MAX_HASH_SIZE];
- uint8_t trailer[6];
-
- __ops_hash_any(&hash, sig->info.hash_alg);
- if (!hash.init(&hash)) {
- (void) fprintf(stderr, "check_binary_sig: bad hash init\n");
- return 0;
- }
- hash.add(&hash, data, len);
- switch (sig->info.version) {
- case OPS_V3:
- trailer[0] = sig->info.type;
- trailer[1] = (unsigned)(sig->info.birthtime) >> 24;
- trailer[2] = (unsigned)(sig->info.birthtime) >> 16;
- trailer[3] = (unsigned)(sig->info.birthtime) >> 8;
- trailer[4] = (uint8_t)(sig->info.birthtime);
- hash.add(&hash, trailer, 5);
- break;
-
- case OPS_V4:
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "v4 hash", sig->info.v4_hashed,
- sig->info.v4_hashlen);
- }
- hash.add(&hash, sig->info.v4_hashed, (unsigned)sig->info.v4_hashlen);
- trailer[0] = 0x04; /* version */
- trailer[1] = 0xFF;
- hashedlen = (unsigned)sig->info.v4_hashlen;
- trailer[2] = (uint8_t)(hashedlen >> 24);
- trailer[3] = (uint8_t)(hashedlen >> 16);
- trailer[4] = (uint8_t)(hashedlen >> 8);
- trailer[5] = (uint8_t)(hashedlen);
- hash.add(&hash, trailer, 6);
- break;
-
- default:
- (void) fprintf(stderr, "Invalid signature version %d\n",
- sig->info.version);
- return 0;
- }
-
- n = hash.finish(&hash, hashout);
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stdout, "hash out", hashout, n);
- }
- return __ops_check_sig(hashout, n, sig, signer);
-}
-
-__ops_cb_ret_t
-__ops_validate_key_cb(const __ops_packet_t *pkt, __ops_cbdata_t *cbinfo)
-{
- const __ops_contents_t *content = &pkt->u;
- const __ops_key_t *signer;
- validate_key_cb_t *key;
- __ops_pubkey_t *sigkey;
- __ops_error_t **errors;
- __ops_io_t *io;
- unsigned from;
- unsigned valid = 0;
-
- io = cbinfo->io;
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(io->errs, "%s\n",
- __ops_show_packet_tag(pkt->tag));
- }
- key = __ops_callback_arg(cbinfo);
- errors = __ops_callback_errors(cbinfo);
- switch (pkt->tag) {
- case OPS_PTAG_CT_PUBLIC_KEY:
- if (key->pubkey.version != 0) {
- (void) fprintf(io->errs,
- "__ops_validate_key_cb: version bad\n");
- return OPS_FINISHED;
- }
- key->pubkey = content->pubkey;
- return OPS_KEEP_MEMORY;
-
- case OPS_PTAG_CT_PUBLIC_SUBKEY:
- if (key->subkey.version) {
- __ops_pubkey_free(&key->subkey);
- }
- key->subkey = content->pubkey;
- return OPS_KEEP_MEMORY;
-
- case OPS_PTAG_CT_SECRET_KEY:
- key->seckey = content->seckey;
- key->pubkey = key->seckey.pubkey;
- return OPS_KEEP_MEMORY;
-
- case OPS_PTAG_CT_USER_ID:
- if (key->userid) {
- __ops_userid_free(&key->userid);
- }
- key->userid = content->userid;
- key->last_seen = ID;
- return OPS_KEEP_MEMORY;
-
- case OPS_PTAG_CT_USER_ATTR:
- if (content->userattr.len == 0) {
- (void) fprintf(io->errs,
- "__ops_validate_key_cb: user attribute length 0");
- return OPS_FINISHED;
- }
- (void) fprintf(io->outs, "user attribute, length=%d\n",
- (int) content->userattr.len);
- if (key->userattr.len) {
- __ops_data_free(&key->userattr);
- }
- key->userattr = content->userattr;
- key->last_seen = ATTRIBUTE;
- return OPS_KEEP_MEMORY;
-
- case OPS_PTAG_CT_SIGNATURE: /* V3 sigs */
- case OPS_PTAG_CT_SIGNATURE_FOOTER: /* V4 sigs */
- from = 0;
- signer = __ops_getkeybyid(io, key->keyring,
- content->sig.info.signer_id,
- &from, &sigkey);
- if (!signer) {
- if (!add_sig_to_list(&content->sig.info,
- &key->result->unknown_sigs,
- &key->result->unknownc)) {
- (void) fprintf(io->errs,
- "__ops_validate_key_cb: user attribute length 0");
- return OPS_FINISHED;
- }
- break;
- }
- if (sigkey == &signer->enckey) {
- (void) fprintf(io->errs,
- "WARNING: signature made with encryption key\n");
- }
- switch (content->sig.info.type) {
- case OPS_CERT_GENERIC:
- case OPS_CERT_PERSONA:
- case OPS_CERT_CASUAL:
- case OPS_CERT_POSITIVE:
- case OPS_SIG_REV_CERT:
- valid = (key->last_seen == ID) ?
- __ops_check_useridcert_sig(&key->pubkey,
- key->userid,
- &content->sig,
- __ops_get_pubkey(signer),
- key->reader->key->packets[
- key->reader->packet].raw) :
- __ops_check_userattrcert_sig(&key->pubkey,
- &key->userattr,
- &content->sig,
- __ops_get_pubkey(signer),
- key->reader->key->packets[
- key->reader->packet].raw);
- break;
-
- case OPS_SIG_SUBKEY:
- /*
- * XXX: we should also check that the signer is the
- * key we are validating, I think.
- */
- valid = __ops_check_subkey_sig(&key->pubkey,
- &key->subkey,
- &content->sig,
- __ops_get_pubkey(signer),
- key->reader->key->packets[
- key->reader->packet].raw);
- break;
-
- case OPS_SIG_DIRECT:
- valid = __ops_check_direct_sig(&key->pubkey,
- &content->sig,
- __ops_get_pubkey(signer),
- key->reader->key->packets[
- key->reader->packet].raw);
- break;
-
- case OPS_SIG_STANDALONE:
- case OPS_SIG_PRIMARY:
- case OPS_SIG_REV_KEY:
- case OPS_SIG_REV_SUBKEY:
- case OPS_SIG_TIMESTAMP:
- case OPS_SIG_3RD_PARTY:
- OPS_ERROR_1(errors, OPS_E_UNIMPLEMENTED,
- "Sig Verification type 0x%02x not done yet\n",
- content->sig.info.type);
- break;
-
- default:
- OPS_ERROR_1(errors, OPS_E_UNIMPLEMENTED,
- "Unexpected signature type 0x%02x\n",
- content->sig.info.type);
- }
-
- if (valid) {
- if (!add_sig_to_list(&content->sig.info,
- &key->result->valid_sigs,
- &key->result->validc)) {
- OPS_ERROR(errors, OPS_E_UNIMPLEMENTED,
- "Can't add good sig to list\n");
- }
- } else {
- OPS_ERROR(errors, OPS_E_V_BAD_SIGNATURE, "Bad Sig");
- if (!add_sig_to_list(&content->sig.info,
- &key->result->invalid_sigs,
- &key->result->invalidc)) {
- OPS_ERROR(errors, OPS_E_UNIMPLEMENTED,
- "Can't add good sig to list\n");
- }
- }
- break;
-
- /* ignore these */
- case OPS_PARSER_PTAG:
- case OPS_PTAG_CT_SIGNATURE_HEADER:
- case OPS_PARSER_PACKET_END:
- break;
-
- case OPS_GET_PASSPHRASE:
- if (key->getpassphrase) {
- return key->getpassphrase(pkt, cbinfo);
- }
- break;
-
- case OPS_PTAG_CT_TRUST:
- /* 1 byte for level (depth), 1 byte for trust amount */
- printf("trust dump\n");
- printf("Got trust\n");
- //hexdump(stdout, (const uint8_t *)content->trust.data, 10, " ");
- //hexdump(stdout, (const uint8_t *)&content->ss_trust, 2, " ");
- //printf("Trust level %d, amount %d\n", key->trust.level, key->trust.amount);
- break;
-
- default:
- (void) fprintf(stderr, "unexpected tag=0x%x\n", pkt->tag);
- return OPS_FINISHED;
- }
- return OPS_RELEASE_MEMORY;
-}
-
-__ops_cb_ret_t
-validate_data_cb(const __ops_packet_t *pkt, __ops_cbdata_t *cbinfo)
-{
- const __ops_contents_t *content = &pkt->u;
- const __ops_key_t *signer;
- validate_data_cb_t *data;
- __ops_pubkey_t *sigkey;
- __ops_error_t **errors;
- __ops_io_t *io;
- unsigned from;
- unsigned valid = 0;
-
- io = cbinfo->io;
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(io->errs, "validate_data_cb: %s\n",
- __ops_show_packet_tag(pkt->tag));
- }
- data = __ops_callback_arg(cbinfo);
- errors = __ops_callback_errors(cbinfo);
- switch (pkt->tag) {
- case OPS_PTAG_CT_SIGNED_CLEARTEXT_HEADER:
- /*
- * ignore - this gives us the "Armor Header" line "Hash:
- * SHA1" or similar
- */
- break;
-
- case OPS_PTAG_CT_LITDATA_HEADER:
- /* ignore */
- break;
-
- case OPS_PTAG_CT_LITDATA_BODY:
- data->data.litdata_body = content->litdata_body;
- data->type = LITDATA;
- __ops_memory_add(data->mem, data->data.litdata_body.data,
- data->data.litdata_body.length);
- return OPS_KEEP_MEMORY;
-
- case OPS_PTAG_CT_SIGNED_CLEARTEXT_BODY:
- data->data.cleartext_body = content->cleartext_body;
- data->type = SIGNED_CLEARTEXT;
- __ops_memory_add(data->mem, data->data.cleartext_body.data,
- data->data.cleartext_body.length);
- return OPS_KEEP_MEMORY;
-
- case OPS_PTAG_CT_SIGNED_CLEARTEXT_TRAILER:
- /* this gives us an __ops_hash_t struct */
- break;
-
- case OPS_PTAG_CT_SIGNATURE: /* V3 sigs */
- case OPS_PTAG_CT_SIGNATURE_FOOTER: /* V4 sigs */
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(io->outs, "hashed data", content->sig.info.v4_hashed,
- content->sig.info.v4_hashlen);
- hexdump(io->outs, "signer id", content->sig.info.signer_id,
- sizeof(content->sig.info.signer_id));
- }
- from = 0;
- signer = __ops_getkeybyid(io, data->keyring,
- content->sig.info.signer_id, &from, &sigkey);
- if (!signer) {
- OPS_ERROR(errors, OPS_E_V_UNKNOWN_SIGNER,
- "Unknown Signer");
- if (!add_sig_to_list(&content->sig.info,
- &data->result->unknown_sigs,
- &data->result->unknownc)) {
- OPS_ERROR(errors, OPS_E_V_UNKNOWN_SIGNER,
- "Can't add unknown sig to list");
- }
- break;
- }
- if (sigkey == &signer->enckey) {
- (void) fprintf(io->errs,
- "WARNING: signature made with encryption key\n");
- }
- if (content->sig.info.birthtime_set) {
- data->result->birthtime = content->sig.info.birthtime;
- }
- if (content->sig.info.duration_set) {
- data->result->duration = content->sig.info.duration;
- }
- switch (content->sig.info.type) {
- case OPS_SIG_BINARY:
- case OPS_SIG_TEXT:
- if (__ops_mem_len(data->mem) == 0 &&
- data->detachname) {
- /* check we have seen some data */
- /* if not, need to read from detached name */
- (void) fprintf(io->errs,
- "netpgp: assuming signed data in \"%s\"\n",
- data->detachname);
- data->mem = __ops_memory_new();
- __ops_mem_readfile(data->mem, data->detachname);
- }
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "sig dump", (const uint8_t *)(const void *)&content->sig,
- sizeof(content->sig));
- }
- valid = check_binary_sig(__ops_mem_data(data->mem),
- (const unsigned)__ops_mem_len(data->mem),
- &content->sig,
- __ops_get_pubkey(signer));
- break;
-
- default:
- OPS_ERROR_1(errors, OPS_E_UNIMPLEMENTED,
- "No Sig Verification type 0x%02x yet\n",
- content->sig.info.type);
- break;
-
- }
-
- if (valid) {
- if (!add_sig_to_list(&content->sig.info,
- &data->result->valid_sigs,
- &data->result->validc)) {
- OPS_ERROR(errors, OPS_E_V_BAD_SIGNATURE,
- "Can't add good sig to list");
- }
- } else {
- OPS_ERROR(errors, OPS_E_V_BAD_SIGNATURE,
- "Bad Signature");
- if (!add_sig_to_list(&content->sig.info,
- &data->result->invalid_sigs,
- &data->result->invalidc)) {
- OPS_ERROR(errors, OPS_E_V_BAD_SIGNATURE,
- "Can't add good sig to list");
- }
- }
- break;
-
- /* ignore these */
- case OPS_PARSER_PTAG:
- case OPS_PTAG_CT_SIGNATURE_HEADER:
- case OPS_PTAG_CT_ARMOUR_HEADER:
- case OPS_PTAG_CT_ARMOUR_TRAILER:
- case OPS_PTAG_CT_1_PASS_SIG:
- break;
-
- case OPS_PARSER_PACKET_END:
- break;
-
- default:
- OPS_ERROR(errors, OPS_E_V_NO_SIGNATURE, "No signature");
- break;
- }
- return OPS_RELEASE_MEMORY;
-}
-
-static void
-keydata_destroyer(__ops_reader_t *readinfo)
-{
- free(__ops_reader_get_arg(readinfo));
-}
-
-void
-__ops_keydata_reader_set(__ops_stream_t *stream, const __ops_key_t *key)
-{
- validate_reader_t *data;
-
- if ((data = calloc(1, sizeof(*data))) == NULL) {
- (void) fprintf(stderr, "__ops_keydata_reader_set: bad alloc\n");
- } else {
- data->key = key;
- data->packet = 0;
- data->offset = 0;
- __ops_reader_set(stream, keydata_reader, keydata_destroyer, data);
- }
-}
-
-static char *
-fmtsecs(int64_t n, char *buf, size_t size)
-{
- if (n > 365 * 24 * 60 * 60) {
- n /= (365 * 24 * 60 * 60);
- (void) snprintf(buf, size, "%" PRId64 " year%s", n, (n == 1) ? "" : "s");
- return buf;
- }
- if (n > 30 * 24 * 60 * 60) {
- n /= (30 * 24 * 60 * 60);
- (void) snprintf(buf, size, "%" PRId64 " month%s", n, (n == 1) ? "" : "s");
- return buf;
- }
- if (n > 24 * 60 * 60) {
- n /= (24 * 60 * 60);
- (void) snprintf(buf, size, "%" PRId64 " day%s", n, (n == 1) ? "" : "s");
- return buf;
- }
- if (n > 60 * 60) {
- n /= (60 * 60);
- (void) snprintf(buf, size, "%" PRId64 " hour%s", n, (n == 1) ? "" : "s");
- return buf;
- }
- if (n > 60) {
- n /= 60;
- (void) snprintf(buf, size, "%" PRId64 " minute%s", n, (n == 1) ? "" : "s");
- return buf;
- }
- (void) snprintf(buf, size, "%" PRId64 " second%s", n, (n == 1) ? "" : "s");
- return buf;
-}
-
-/**
- * \ingroup HighLevel_Verify
- * \brief Indicicates whether any errors were found
- * \param result Validation result to check
- * \return 0 if any invalid signatures or unknown signers
- or no valid signatures; else 1
- */
-static unsigned
-validate_result_status(FILE *errs, const char *f, __ops_validation_t *val)
-{
- time_t now;
- time_t t;
- char buf[128];
-
- now = time(NULL);
- if (now < val->birthtime) {
- /* signature is not valid yet! */
- if (f) {
- (void) fprintf(errs, "\"%s\": ", f);
- } else {
- (void) fprintf(errs, "memory ");
- }
- (void) fprintf(errs,
- "signature not valid until %.24s (%s)\n",
- ctime(&val->birthtime),
- fmtsecs((int64_t)(val->birthtime - now), buf, sizeof(buf)));
- return 0;
- }
- if (val->duration != 0 && now > val->birthtime + val->duration) {
- /* signature has expired */
- t = val->duration + val->birthtime;
- if (f) {
- (void) fprintf(errs, "\"%s\": ", f);
- } else {
- (void) fprintf(errs, "memory ");
- }
- (void) fprintf(errs,
- "signature not valid after %.24s (%s ago)\n",
- ctime(&t),
- fmtsecs((int64_t)(now - t), buf, sizeof(buf)));
- return 0;
- }
- return val->validc && !val->invalidc && !val->unknownc;
-}
-
-/**
- * \ingroup HighLevel_Verify
- * \brief Validate all signatures on a single key against the given keyring
- * \param result Where to put the result
- * \param key Key to validate
- * \param keyring Keyring to use for validation
- * \param cb_get_passphrase Callback to use to get passphrase
- * \return 1 if all signatures OK; else 0
- * \note It is the caller's responsiblity to free result after use.
- * \sa __ops_validate_result_free()
- */
-unsigned
-__ops_validate_key_sigs(__ops_validation_t *result,
- const __ops_key_t *key,
- const __ops_keyring_t *keyring,
- __ops_cb_ret_t cb_get_passphrase(const __ops_packet_t *,
- __ops_cbdata_t *))
-{
- __ops_stream_t *stream;
- validate_key_cb_t keysigs;
- const int printerrors = 1;
-
- (void) memset(&keysigs, 0x0, sizeof(keysigs));
- keysigs.result = result;
- keysigs.getpassphrase = cb_get_passphrase;
-
- stream = __ops_new(sizeof(*stream));
- /* __ops_parse_options(&opt,OPS_PTAG_CT_SIGNATURE,OPS_PARSE_PARSED); */
-
- keysigs.keyring = keyring;
-
- __ops_set_callback(stream, __ops_validate_key_cb, &keysigs);
- stream->readinfo.accumulate = 1;
- __ops_keydata_reader_set(stream, key);
-
- /* Note: Coverity incorrectly reports an error that keysigs.reader */
- /* is never used. */
- keysigs.reader = stream->readinfo.arg;
-
- __ops_parse(stream, !printerrors);
-
- __ops_pubkey_free(&keysigs.pubkey);
- if (keysigs.subkey.version) {
- __ops_pubkey_free(&keysigs.subkey);
- }
- __ops_userid_free(&keysigs.userid);
- __ops_data_free(&keysigs.userattr);
-
- __ops_stream_delete(stream);
-
- return (!result->invalidc && !result->unknownc && result->validc);
-}
-
-/**
- \ingroup HighLevel_Verify
- \param result Where to put the result
- \param ring Keyring to use
- \param cb_get_passphrase Callback to use to get passphrase
- \note It is the caller's responsibility to free result after use.
- \sa __ops_validate_result_free()
-*/
-unsigned
-__ops_validate_all_sigs(__ops_validation_t *result,
- const __ops_keyring_t *ring,
- __ops_cb_ret_t cb_get_passphrase(const __ops_packet_t *,
- __ops_cbdata_t *))
-{
- unsigned n;
-
- (void) memset(result, 0x0, sizeof(*result));
- for (n = 0; n < ring->keyc; ++n) {
- __ops_validate_key_sigs(result, &ring->keys[n], ring,
- cb_get_passphrase);
- }
- return validate_result_status(stderr, "keyring", result);
-}
-
-/**
- \ingroup HighLevel_Verify
- \brief Frees validation result and associated memory
- \param result Struct to be freed
- \note Must be called after validation functions
-*/
-void
-__ops_validate_result_free(__ops_validation_t *result)
-{
- if (result != NULL) {
- if (result->valid_sigs) {
- free_sig_info(result->valid_sigs);
- }
- if (result->invalid_sigs) {
- free_sig_info(result->invalid_sigs);
- }
- if (result->unknown_sigs) {
- free_sig_info(result->unknown_sigs);
- }
- free(result);
- /* result = NULL; - XXX unnecessary */
- }
-}
-
-/**
- \ingroup HighLevel_Verify
- \brief Verifies the signatures in a signed file
- \param result Where to put the result
- \param filename Name of file to be validated
- \param armoured Treat file as armoured, if set
- \param keyring Keyring to use
- \return 1 if signatures validate successfully;
- 0 if signatures fail or there are no signatures
- \note After verification, result holds the details of all keys which
- have passed, failed and not been recognised.
- \note It is the caller's responsiblity to call
- __ops_validate_result_free(result) after use.
-*/
-unsigned
-__ops_validate_file(__ops_io_t *io,
- __ops_validation_t *result,
- const char *infile,
- const char *outfile,
- const int user_says_armoured,
- const __ops_keyring_t *keyring)
-{
- validate_data_cb_t validation;
- __ops_stream_t *parse = NULL;
- struct stat st;
- const char *signame;
- const int printerrors = 1;
- unsigned ret;
- char f[MAXPATHLEN];
- char *dataname;
- int realarmour;
- int outfd = 0;
- int infd;
- int cc;
-
- if (stat(infile, &st) < 0) {
- (void) fprintf(io->errs,
- "__ops_validate_file: can't open '%s'\n", infile);
- return 0;
- }
- realarmour = user_says_armoured;
- dataname = NULL;
- signame = NULL;
- cc = snprintf(f, sizeof(f), "%s", infile);
- if (strcmp(&f[cc - 4], ".sig") == 0) {
- /* we've been given a sigfile as infile */
- f[cc - 4] = 0x0;
- /* set dataname to name of file which was signed */
- dataname = f;
- signame = infile;
- } else if (strcmp(&f[cc - 4], ".asc") == 0) {
- /* we've been given an armored sigfile as infile */
- f[cc - 4] = 0x0;
- /* set dataname to name of file which was signed */
- dataname = f;
- signame = infile;
- realarmour = 1;
- } else {
- signame = infile;
- }
- (void) memset(&validation, 0x0, sizeof(validation));
- infd = __ops_setup_file_read(io, &parse, signame, &validation,
- validate_data_cb, 1);
- if (infd < 0) {
- return 0;
- }
-
- if (dataname) {
- validation.detachname = netpgp_strdup(dataname);
- }
-
- /* Set verification reader and handling options */
- validation.result = result;
- validation.keyring = keyring;
- validation.mem = __ops_memory_new();
- __ops_memory_init(validation.mem, 128);
- /* Note: Coverity incorrectly reports an error that validation.reader */
- /* is never used. */
- validation.reader = parse->readinfo.arg;
-
- if (realarmour) {
- __ops_reader_push_dearmour(parse);
- }
-
- /* Do the verification */
- __ops_parse(parse, !printerrors);
-
- /* Tidy up */
- if (realarmour) {
- __ops_reader_pop_dearmour(parse);
- }
- __ops_teardown_file_read(parse, infd);
-
- ret = validate_result_status(io->errs, infile, result);
-
- /* this is triggered only for --cat output */
- if (outfile) {
- /* need to send validated output somewhere */
- if (strcmp(outfile, "-") == 0) {
- outfd = STDOUT_FILENO;
- } else {
- outfd = open(outfile, O_WRONLY | O_CREAT, 0666);
- }
- if (outfd < 0) {
- /* even if the signature was good, we can't
- * write the file, so send back a bad return
- * code */
- ret = 0;
- } else if (validate_result_status(io->errs, infile, result)) {
- unsigned len;
- char *cp;
- int i;
-
- len = (unsigned)__ops_mem_len(validation.mem);
- cp = __ops_mem_data(validation.mem);
- for (i = 0 ; i < (int)len ; i += cc) {
- cc = (int)write(outfd, &cp[i], (unsigned)(len - i));
- if (cc < 0) {
- (void) fprintf(io->errs,
- "netpgp: short write\n");
- ret = 0;
- break;
- }
- }
- if (strcmp(outfile, "-") != 0) {
- (void) close(outfd);
- }
- }
- }
- __ops_memory_free(validation.mem);
- return ret;
-}
-
-/**
- \ingroup HighLevel_Verify
- \brief Verifies the signatures in a __ops_memory_t struct
- \param result Where to put the result
- \param mem Memory to be validated
- \param user_says_armoured Treat data as armoured, if set
- \param keyring Keyring to use
- \return 1 if signature validates successfully; 0 if not
- \note After verification, result holds the details of all keys which
- have passed, failed and not been recognised.
- \note It is the caller's responsiblity to call
- __ops_validate_result_free(result) after use.
-*/
-
-unsigned
-__ops_validate_mem(__ops_io_t *io,
- __ops_validation_t *result,
- __ops_memory_t *mem,
- __ops_memory_t **cat,
- const int user_says_armoured,
- const __ops_keyring_t *keyring)
-{
- validate_data_cb_t validation;
- __ops_stream_t *stream = NULL;
- const int printerrors = 1;
- int realarmour;
-
- __ops_setup_memory_read(io, &stream, mem, &validation, validate_data_cb, 1);
- /* Set verification reader and handling options */
- (void) memset(&validation, 0x0, sizeof(validation));
- validation.result = result;
- validation.keyring = keyring;
- validation.mem = __ops_memory_new();
- __ops_memory_init(validation.mem, 128);
- /* Note: Coverity incorrectly reports an error that validation.reader */
- /* is never used. */
- validation.reader = stream->readinfo.arg;
-
- if ((realarmour = user_says_armoured) != 0 ||
- strncmp(__ops_mem_data(mem),
- "-----BEGIN PGP MESSAGE-----", 27) == 0) {
- realarmour = 1;
- }
- if (realarmour) {
- __ops_reader_push_dearmour(stream);
- }
-
- /* Do the verification */
- __ops_parse(stream, !printerrors);
-
- /* Tidy up */
- if (realarmour) {
- __ops_reader_pop_dearmour(stream);
- }
- __ops_teardown_memory_read(stream, mem);
-
- /* this is triggered only for --cat output */
- if (cat) {
- /* need to send validated output somewhere */
- *cat = validation.mem;
- } else {
- __ops_memory_free(validation.mem);
- }
-
- return validate_result_status(io->errs, NULL, result);
-}
diff --git a/enzevalos_iphone/netpgp/lib/validate.h b/enzevalos_iphone/netpgp/lib/validate.h
deleted file mode 100644
index e12160eb..00000000
--- a/enzevalos_iphone/netpgp/lib/validate.h
+++ /dev/null
@@ -1,120 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef VALIDATE_H_
-#define VALIDATE_H_ 1
-
-typedef struct {
- const __ops_key_t *key;
- unsigned packet;
- unsigned offset;
-} validate_reader_t;
-
-/** Struct used with the validate_key_cb callback */
-typedef struct {
- __ops_pubkey_t pubkey;
- __ops_pubkey_t subkey;
- __ops_seckey_t seckey;
- enum {
- ATTRIBUTE = 1,
- ID
- } last_seen;
- uint8_t *userid;
- __ops_data_t userattr;
- uint8_t hash[OPS_MAX_HASH_SIZE];
- const __ops_keyring_t *keyring;
- validate_reader_t *reader;
- __ops_validation_t *result;
- __ops_cb_ret_t(*getpassphrase) (const __ops_packet_t *,
- __ops_cbdata_t *);
-} validate_key_cb_t;
-
-/** Struct use with the validate_data_cb callback */
-typedef struct {
- enum {
- LITDATA,
- SIGNED_CLEARTEXT
- } type;
- union {
- __ops_litdata_body_t litdata_body;
- __ops_fixed_body_t cleartext_body;
- } data;
- uint8_t hash[OPS_MAX_HASH_SIZE];
- __ops_memory_t *mem;
- const __ops_keyring_t *keyring;
- validate_reader_t *reader;/* reader-specific arg */
- __ops_validation_t *result;
- char *detachname;
-} validate_data_cb_t;
-
-void __ops_keydata_reader_set(__ops_stream_t *, const __ops_key_t *);
-
-__ops_cb_ret_t __ops_validate_key_cb(const __ops_packet_t *, __ops_cbdata_t *);
-
-unsigned check_binary_sig(const uint8_t *,
- const unsigned,
- const __ops_sig_t *,
- const __ops_pubkey_t *);
-
-unsigned __ops_validate_file(__ops_io_t *,
- __ops_validation_t *,
- const char *,
- const char *,
- const int,
- const __ops_keyring_t *);
-
-unsigned __ops_validate_mem(__ops_io_t *,
- __ops_validation_t *,
- __ops_memory_t *,
- __ops_memory_t **,
- const int,
- const __ops_keyring_t *);
-
-__ops_cb_ret_t validate_data_cb(const __ops_packet_t *, __ops_cbdata_t *);
-
-#endif /* !VALIDATE_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/version.h b/enzevalos_iphone/netpgp/lib/version.h
deleted file mode 100644
index 3d2bf4d3..00000000
--- a/enzevalos_iphone/netpgp/lib/version.h
+++ /dev/null
@@ -1,67 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#ifndef VERSION_H_
-#define VERSION_H_ 1
-
-#ifndef NETPGP_AUTOCONF_VERSION
-#define NETPGP_AUTOCONF_VERSION PACKAGE_VERSION
-#endif
-
-#ifndef NETPGP_MAINTAINER
-#define NETPGP_MAINTAINER PACKAGE_BUGREPORT
-#endif
-
-/* development versions have .99 suffix */
-#define NETPGP_BASE_VERSION "3.99.14"
-
-#define NETPGP_VERSION_CAT(a, b) "NetPGP portable " a "/[" b "]"
-#define NETPGP_VERSION_STRING \
- NETPGP_VERSION_CAT(NETPGP_BASE_VERSION, NETPGP_AUTOCONF_VERSION)
-
-#endif /* !VERSION_H_ */
diff --git a/enzevalos_iphone/netpgp/lib/writer.c b/enzevalos_iphone/netpgp/lib/writer.c
deleted file mode 100644
index 3852e236..00000000
--- a/enzevalos_iphone/netpgp/lib/writer.c
+++ /dev/null
@@ -1,1794 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- * This file contains the base functions used by the writers.
- */
-#include "config.h"
-
-#ifdef HAVE_SYS_CDEFS_H
-#include <sys/cdefs.h>
-#endif
-
-#if defined(__NetBSD__)
-__COPYRIGHT("@(#) Copyright (c) 2009 The NetBSD Foundation, Inc. All rights reserved.");
-__RCSID("$NetBSD: writer.c,v 1.29 2010/11/04 15:38:45 agc Exp $");
-#endif
-
-#include <sys/types.h>
-
-#include <stdlib.h>
-#include <string.h>
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_OPENSSL_CAST_H
-#include <openssl/cast.h>
-#endif
-
-#include "create.h"
-#include "writer.h"
-#include "keyring.h"
-#include "signature.h"
-#include "packet.h"
-#include "packet-parse.h"
-#include "readerwriter.h"
-#include "memory.h"
-#include "netpgpdefs.h"
-#include "version.h"
-#include "netpgpdigest.h"
-
-
-/*
- * return 1 if OK, otherwise 0
- */
-static unsigned
-base_write(__ops_output_t *out, const void *src, unsigned len)
-{
- return out->writer.writer(src, len, &out->errors, &out->writer);
-}
-
-/**
- * \ingroup Core_WritePackets
- *
- * \param src
- * \param len
- * \param output
- * \return 1 if OK, otherwise 0
- */
-
-unsigned
-__ops_write(__ops_output_t *output, const void *src, unsigned len)
-{
- return base_write(output, src, len);
-}
-
-/**
- * \ingroup Core_WritePackets
- * \param n
- * \param len
- * \param output
- * \return 1 if OK, otherwise 0
- */
-
-unsigned
-__ops_write_scalar(__ops_output_t *output, unsigned n, unsigned len)
-{
- uint8_t c;
-
- while (len-- > 0) {
- c = n >> (len * 8);
- if (!base_write(output, &c, 1)) {
- return 0;
- }
- }
- return 1;
-}
-
-/**
- * \ingroup Core_WritePackets
- * \param bn
- * \param output
- * \return 1 if OK, otherwise 0
- */
-
-unsigned
-__ops_write_mpi(__ops_output_t *output, const BIGNUM *bn)
-{
- unsigned bits;
- uint8_t buf[NETPGP_BUFSIZ];
-
- bits = (unsigned)BN_num_bits(bn);
- if (bits > 65535) {
- (void) fprintf(stderr, "__ops_write_mpi: too large %u\n", bits);
- return 0;
- }
- BN_bn2bin(bn, buf);
- return __ops_write_scalar(output, bits, 2) &&
- __ops_write(output, buf, (bits + 7) / 8);
-}
-
-/**
- * \ingroup Core_WritePackets
- * \param tag
- * \param output
- * \return 1 if OK, otherwise 0
- */
-
-unsigned
-__ops_write_ptag(__ops_output_t *output, __ops_content_enum tag)
-{
- uint8_t c;
-
- c = tag | OPS_PTAG_ALWAYS_SET | OPS_PTAG_NEW_FORMAT;
- return base_write(output, &c, 1);
-}
-
-/**
- * \ingroup Core_WritePackets
- * \param len
- * \param output
- * \return 1 if OK, otherwise 0
- */
-
-unsigned
-__ops_write_length(__ops_output_t *output, unsigned len)
-{
- uint8_t c[2];
-
- if (len < 192) {
- c[0] = len;
- return base_write(output, c, 1);
- }
- if (len < 8192 + 192) {
- c[0] = ((len - 192) >> 8) + 192;
- c[1] = (len - 192) % 256;
- return base_write(output, c, 2);
- }
- return __ops_write_scalar(output, 0xff, 1) &&
- __ops_write_scalar(output, len, 4);
-}
-
-/*
- * Note that we finalise from the top down, so we don't use writers below
- * that have already been finalised
- */
-unsigned
-__ops_writer_info_finalise(__ops_error_t **errors, __ops_writer_t *writer)
-{
- unsigned ret = 1;
-
- if (writer->finaliser) {
- ret = writer->finaliser(errors, writer);
- writer->finaliser = NULL;
- }
- if (writer->next && !__ops_writer_info_finalise(errors, writer->next)) {
- writer->finaliser = NULL;
- return 0;
- }
- return ret;
-}
-
-void
-__ops_writer_info_delete(__ops_writer_t *writer)
-{
- /* we should have finalised before deleting */
- if (writer->finaliser) {
- (void) fprintf(stderr, "__ops_writer_info_delete: not done\n");
- return;
- }
- if (writer->next) {
- __ops_writer_info_delete(writer->next);
- free(writer->next);
- writer->next = NULL;
- }
- if (writer->destroyer) {
- writer->destroyer(writer);
- writer->destroyer = NULL;
- }
- writer->writer = NULL;
-}
-
-/**
- * \ingroup Core_Writers
- *
- * Set a writer in output. There should not be another writer set.
- *
- * \param output The output structure
- * \param writer
- * \param finaliser
- * \param destroyer
- * \param arg The argument for the writer and destroyer
- */
-void
-__ops_writer_set(__ops_output_t *output,
- __ops_writer_func_t *writer,
- __ops_writer_finaliser_t *finaliser,
- __ops_writer_destroyer_t *destroyer,
- void *arg)
-{
- if (output->writer.writer) {
- (void) fprintf(stderr, "__ops_writer_set: already set\n");
- } else {
- output->writer.writer = writer;
- output->writer.finaliser = finaliser;
- output->writer.destroyer = destroyer;
- output->writer.arg = arg;
- }
-}
-
-/**
- * \ingroup Core_Writers
- *
- * Push a writer in output. There must already be another writer set.
- *
- * \param output The output structure
- * \param writer
- * \param finaliser
- * \param destroyer
- * \param arg The argument for the writer and destroyer
- */
-void
-__ops_writer_push(__ops_output_t *output,
- __ops_writer_func_t *writer,
- __ops_writer_finaliser_t *finaliser,
- __ops_writer_destroyer_t *destroyer,
- void *arg)
-{
- __ops_writer_t *copy;
-
- if ((copy = calloc(1, sizeof(*copy))) == NULL) {
- (void) fprintf(stderr, "__ops_writer_push: bad alloc\n");
- } else if (output->writer.writer == NULL) {
- (void) fprintf(stderr, "__ops_writer_push: no orig writer\n");
- } else {
- *copy = output->writer;
- output->writer.next = copy;
-
- output->writer.writer = writer;
- output->writer.finaliser = finaliser;
- output->writer.destroyer = destroyer;
- output->writer.arg = arg;
- }
-}
-
-void
-__ops_writer_pop(__ops_output_t *output)
-{
- __ops_writer_t *next;
-
- /* Make sure the finaliser has been called. */
- if (output->writer.finaliser) {
- (void) fprintf(stderr,
- "__ops_writer_pop: finaliser not called\n");
- } else if (output->writer.next == NULL) {
- (void) fprintf(stderr,
- "__ops_writer_pop: not a stacked writer\n");
- } else {
- if (output->writer.destroyer) {
- output->writer.destroyer(&output->writer);
- }
- next = output->writer.next;
- output->writer = *next;
- free(next);
- }
-}
-
-/**
- * \ingroup Core_Writers
- *
- * Close the writer currently set in output.
- *
- * \param output The output structure
- */
-unsigned
-__ops_writer_close(__ops_output_t *output)
-{
- unsigned ret;
-
- ret = __ops_writer_info_finalise(&output->errors, &output->writer);
- __ops_writer_info_delete(&output->writer);
- return ret;
-}
-
-/**
- * \ingroup Core_Writers
- *
- * Get the arg supplied to __ops_createinfo_set_writer().
- *
- * \param writer The writer_info structure
- * \return The arg
- */
-void *
-__ops_writer_get_arg(__ops_writer_t *writer)
-{
- return writer->arg;
-}
-
-/**
- * \ingroup Core_Writers
- *
- * Write to the next writer down in the stack.
- *
- * \param src The data to write.
- * \param len The length of src.
- * \param errors A place to store errors.
- * \param writer The writer_info structure.
- * \return Success - if 0, then errors should contain the error.
- */
-static unsigned
-stacked_write(__ops_writer_t *writer, const void *src, unsigned len,
- __ops_error_t ** errors)
-{
- return writer->next->writer(src, len, errors, writer->next);
-}
-
-/**
- * \ingroup Core_Writers
- *
- * Free the arg. Many writers just have a calloc()ed lump of storage, this
- * function releases it.
- *
- * \param writer the info structure.
- */
-static void
-generic_destroyer(__ops_writer_t *writer)
-{
- free(__ops_writer_get_arg(writer));
-}
-
-/**
- * \ingroup Core_Writers
- *
- * A writer that just writes to the next one down. Useful for when you
- * want to insert just a finaliser into the stack.
- */
-unsigned
-__ops_writer_passthrough(const uint8_t *src,
- unsigned len,
- __ops_error_t **errors,
- __ops_writer_t *writer)
-{
- return stacked_write(writer, src, len, errors);
-}
-
-/**************************************************************************/
-
-/**
- * \struct dashesc_t
- */
-typedef struct {
- unsigned seen_nl:1;
- unsigned seen_cr:1;
- __ops_create_sig_t *sig;
- __ops_memory_t *trailing;
-} dashesc_t;
-
-static unsigned
-dash_esc_writer(const uint8_t *src,
- unsigned len,
- __ops_error_t **errors,
- __ops_writer_t *writer)
-{
- dashesc_t *dash = __ops_writer_get_arg(writer);
- unsigned n;
-
- if (__ops_get_debug_level(__FILE__)) {
- unsigned i = 0;
-
- (void) fprintf(stderr, "dash_esc_writer writing %u:\n", len);
- for (i = 0; i < len; i++) {
- fprintf(stderr, "0x%02x ", src[i]);
- if (((i + 1) % 16) == 0) {
- (void) fprintf(stderr, "\n");
- } else if (((i + 1) % 8) == 0) {
- (void) fprintf(stderr, " ");
- }
- }
- (void) fprintf(stderr, "\n");
- }
- /* XXX: make this efficient */
- for (n = 0; n < len; ++n) {
- unsigned l;
-
- if (dash->seen_nl) {
- if (src[n] == '-' &&
- !stacked_write(writer, "- ", 2, errors)) {
- return 0;
- }
- dash->seen_nl = 0;
- }
- dash->seen_nl = src[n] == '\n';
-
- if (dash->seen_nl && !dash->seen_cr) {
- if (!stacked_write(writer, "\r", 1, errors)) {
- return 0;
- }
- __ops_sig_add_data(dash->sig, "\r", 1);
- }
- dash->seen_cr = src[n] == '\r';
-
- if (!stacked_write(writer, &src[n], 1, errors)) {
- return 0;
- }
-
- /* trailing whitespace isn't included in the signature */
- if (src[n] == ' ' || src[n] == '\t') {
- __ops_memory_add(dash->trailing, &src[n], 1);
- } else {
- if ((l = (unsigned)__ops_mem_len(dash->trailing)) != 0) {
- if (!dash->seen_nl && !dash->seen_cr) {
- __ops_sig_add_data(dash->sig,
- __ops_mem_data(dash->trailing), l);
- }
- __ops_memory_clear(dash->trailing);
- }
- __ops_sig_add_data(dash->sig, &src[n], 1);
- }
- }
- return 1;
-}
-
-/**
- * \param writer
- */
-static void
-dash_escaped_destroyer(__ops_writer_t *writer)
-{
- dashesc_t *dash;
-
- dash = __ops_writer_get_arg(writer);
- __ops_memory_free(dash->trailing);
- free(dash);
-}
-
-/**
- * \ingroup Core_WritersNext
- * \brief Push Clearsigned Writer onto stack
- * \param output
- * \param sig
- */
-unsigned
-__ops_writer_push_clearsigned(__ops_output_t *output, __ops_create_sig_t *sig)
-{
- static const char header[] =
- "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: ";
- const char *hash;
- dashesc_t *dash;
- unsigned ret;
-
- hash = __ops_text_from_hash(__ops_sig_get_hash(sig));
- if ((dash = calloc(1, sizeof(*dash))) == NULL) {
- OPS_ERROR(&output->errors, OPS_E_W, "Bad alloc");
- return 0;
- }
- ret = (__ops_write(output, header, (unsigned)(sizeof(header) - 1)) &&
- __ops_write(output, hash, (unsigned)strlen(hash)) &&
- __ops_write(output, "\r\n\r\n", 4));
-
- if (ret == 0) {
- OPS_ERROR(&output->errors, OPS_E_W,
- "Error pushing clearsigned header");
- free(dash);
- return ret;
- }
- dash->seen_nl = 1;
- dash->sig = sig;
- dash->trailing = __ops_memory_new();
- __ops_writer_push(output, dash_esc_writer, NULL,
- dash_escaped_destroyer, dash);
- return ret;
-}
-
-
-/**
- * \struct base64_t
- */
-typedef struct {
- unsigned pos;
- uint8_t t;
- unsigned checksum;
-} base64_t;
-
-static const char b64map[] =
- "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
-
-static unsigned
-base64_writer(const uint8_t *src,
- unsigned len,
- __ops_error_t **errors,
- __ops_writer_t *writer)
-{
- base64_t *base64;
- unsigned n;
-
- base64 = __ops_writer_get_arg(writer);
- for (n = 0; n < len;) {
- base64->checksum = __ops_crc24(base64->checksum, src[n]);
- if (base64->pos == 0) {
- /* XXXXXX00 00000000 00000000 */
- if (!stacked_write(writer,
- &b64map[(unsigned)src[n] >> 2],
- 1, errors)) {
- return 0;
- }
-
- /* 000000XX xxxx0000 00000000 */
- base64->t = (src[n++] & 3) << 4;
- base64->pos = 1;
- } else if (base64->pos == 1) {
- /* 000000xx XXXX0000 00000000 */
- base64->t += (unsigned)src[n] >> 4;
- if (!stacked_write(writer, &b64map[base64->t], 1,
- errors)) {
- return 0;
- }
-
- /* 00000000 0000XXXX xx000000 */
- base64->t = (src[n++] & 0xf) << 2;
- base64->pos = 2;
- } else if (base64->pos == 2) {
- /* 00000000 0000xxxx XX000000 */
- base64->t += (unsigned)src[n] >> 6;
- if (!stacked_write(writer, &b64map[base64->t], 1,
- errors)) {
- return 0;
- }
-
- /* 00000000 00000000 00XXXXXX */
- if (!stacked_write(writer,
- &b64map[src[n++] & 0x3f], 1, errors)) {
- return 0;
- }
-
- base64->pos = 0;
- }
- }
-
- return 1;
-}
-
-static unsigned
-sig_finaliser(__ops_error_t **errors, __ops_writer_t *writer)
-{
- static const char trail[] = "\r\n-----END PGP SIGNATURE-----\r\n";
- base64_t *base64;
- uint8_t c[3];
-
- base64 = __ops_writer_get_arg(writer);
- if (base64->pos) {
- if (!stacked_write(writer, &b64map[base64->t], 1, errors)) {
- return 0;
- }
- if (base64->pos == 1 &&
- !stacked_write(writer, "==", 2, errors)) {
- return 0;
- }
- if (base64->pos == 2 &&
- !stacked_write(writer, "=", 1, errors)) {
- return 0;
- }
- }
- /* Ready for the checksum */
- if (!stacked_write(writer, "\r\n=", 3, errors)) {
- return 0;
- }
-
- base64->pos = 0; /* get ready to write the checksum */
-
- c[0] = base64->checksum >> 16;
- c[1] = base64->checksum >> 8;
- c[2] = base64->checksum;
- /* push the checksum through our own writer */
- if (!base64_writer(c, 3, errors, writer)) {
- return 0;
- }
-
- return stacked_write(writer, trail, (unsigned)(sizeof(trail) - 1), errors);
-}
-
-/**
- * \struct linebreak_t
- */
-typedef struct {
- unsigned pos;
-} linebreak_t;
-
-#define BREAKPOS 76
-
-static unsigned
-linebreak_writer(const uint8_t *src,
- unsigned len,
- __ops_error_t **errors,
- __ops_writer_t *writer)
-{
- linebreak_t *linebreak;
- unsigned n;
-
- linebreak = __ops_writer_get_arg(writer);
- for (n = 0; n < len; ++n, ++linebreak->pos) {
- if (src[n] == '\r' || src[n] == '\n') {
- linebreak->pos = 0;
- }
- if (linebreak->pos == BREAKPOS) {
- if (!stacked_write(writer, "\r\n", 2, errors)) {
- return 0;
- }
- linebreak->pos = 0;
- }
- if (!stacked_write(writer, &src[n], 1, errors)) {
- return 0;
- }
- }
-
- return 1;
-}
-
-/**
- * \ingroup Core_WritersNext
- * \brief Push armoured signature on stack
- * \param output
- */
-unsigned
-__ops_writer_use_armored_sig(__ops_output_t *output)
-{
- static const char header[] =
- "\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: "
- NETPGP_VERSION_STRING
- "\r\n\r\n";
- linebreak_t *linebreak;
- base64_t *base64;
-
- __ops_writer_pop(output);
- if (__ops_write(output, header, (unsigned)(sizeof(header) - 1)) == 0) {
- OPS_ERROR(&output->errors, OPS_E_W,
- "Error switching to armoured signature");
- return 0;
- }
- if ((linebreak = calloc(1, sizeof(*linebreak))) == NULL) {
- OPS_ERROR(&output->errors, OPS_E_W,
- "__ops_writer_use_armored_sig: Bad alloc");
- return 0;
- }
- __ops_writer_push(output, linebreak_writer, NULL,
- generic_destroyer,
- linebreak);
- base64 = calloc(1, sizeof(*base64));
- if (!base64) {
- OPS_MEMORY_ERROR(&output->errors);
- return 0;
- }
- base64->checksum = CRC24_INIT;
- __ops_writer_push(output, base64_writer, sig_finaliser,
- generic_destroyer, base64);
- return 1;
-}
-
-static unsigned
-armoured_message_finaliser(__ops_error_t **errors, __ops_writer_t *writer)
-{
- /* TODO: This is same as sig_finaliser apart from trailer. */
- static const char trailer[] =
- "\r\n-----END PGP MESSAGE-----\r\n";
- base64_t *base64;
- uint8_t c[3];
-
- base64 = __ops_writer_get_arg(writer);
- if (base64->pos) {
- if (!stacked_write(writer, &b64map[base64->t], 1, errors)) {
- return 0;
- }
- if (base64->pos == 1 &&
- !stacked_write(writer, "==", 2, errors)) {
- return 0;
- }
- if (base64->pos == 2 &&
- !stacked_write(writer, "=", 1, errors)) {
- return 0;
- }
- }
- /* Ready for the checksum */
- if (!stacked_write(writer, "\r\n=", 3, errors)) {
- return 0;
- }
-
- base64->pos = 0; /* get ready to write the checksum */
-
- c[0] = base64->checksum >> 16;
- c[1] = base64->checksum >> 8;
- c[2] = base64->checksum;
- /* push the checksum through our own writer */
- if (!base64_writer(c, 3, errors, writer)) {
- return 0;
- }
-
- return stacked_write(writer, trailer, (unsigned)strlen(trailer), errors);
-}
-
-/**
- \ingroup Core_WritersNext
- \brief Write a PGP MESSAGE
- \todo replace with generic function
-*/
-void
-__ops_writer_push_armor_msg(__ops_output_t *output)
-{
- static const char header[] = "-----BEGIN PGP MESSAGE-----\r\n";
- linebreak_t *linebreak;
- base64_t *base64;
-
- __ops_write(output, header, (unsigned)(sizeof(header) - 1));
- __ops_write(output, "\r\n", 2);
- if ((linebreak = calloc(1, sizeof(*linebreak))) == NULL) {
- (void) fprintf(stderr,
- "__ops_writer_push_armor_msg: bad lb alloc\n");
- return;
- }
- __ops_writer_push(output, linebreak_writer, NULL,
- generic_destroyer,
- linebreak);
- if ((base64 = calloc(1, sizeof(*base64))) == NULL) {
- (void) fprintf(stderr,
- "__ops_writer_push_armor_msg: bad alloc\n");
- return;
- }
- base64->checksum = CRC24_INIT;
- __ops_writer_push(output, base64_writer,
- armoured_message_finaliser, generic_destroyer,
- base64);
-}
-
-static unsigned
-armoured_finaliser(__ops_armor_type_t type,
- __ops_error_t **errors,
- __ops_writer_t *writer)
-{
- static const char tail_pubkey[] =
- "\r\n-----END PGP PUBLIC KEY BLOCK-----\r\n";
- static const char tail_private_key[] =
- "\r\n-----END PGP PRIVATE KEY BLOCK-----\r\n";
- const char *tail = NULL;
- unsigned tailsize = 0;
- base64_t *base64;
- uint8_t c[3];
-
- switch (type) {
- case OPS_PGP_PUBLIC_KEY_BLOCK:
- tail = tail_pubkey;
- tailsize = sizeof(tail_pubkey) - 1;
- break;
-
- case OPS_PGP_PRIVATE_KEY_BLOCK:
- tail = tail_private_key;
- tailsize = sizeof(tail_private_key) - 1;
- break;
-
- default:
- (void) fprintf(stderr, "armoured_finaliser: unusual type\n");
- return 0;
- }
- base64 = __ops_writer_get_arg(writer);
- if (base64->pos) {
- if (!stacked_write(writer, &b64map[base64->t], 1,
- errors)) {
- return 0;
- }
- if (base64->pos == 1 && !stacked_write(writer, "==", 2,
- errors)) {
- return 0;
- }
- if (base64->pos == 2 && !stacked_write(writer, "=", 1,
- errors)) {
- return 0;
- }
- }
- /* Ready for the checksum */
- if (!stacked_write(writer, "\r\n=", 3, errors)) {
- return 0;
- }
- base64->pos = 0; /* get ready to write the checksum */
- c[0] = base64->checksum >> 16;
- c[1] = base64->checksum >> 8;
- c[2] = base64->checksum;
- /* push the checksum through our own writer */
- if (!base64_writer(c, 3, errors, writer)) {
- return 0;
- }
- return stacked_write(writer, tail, tailsize, errors);
-}
-
-static unsigned
-armored_pubkey_fini(__ops_error_t **errors, __ops_writer_t *writer)
-{
- return armoured_finaliser(OPS_PGP_PUBLIC_KEY_BLOCK, errors, writer);
-}
-
-static unsigned
-armored_privkey_fini(__ops_error_t **errors, __ops_writer_t *writer)
-{
- return armoured_finaliser(OPS_PGP_PRIVATE_KEY_BLOCK, errors, writer);
-}
-
-/* \todo use this for other armoured types */
-/**
- \ingroup Core_WritersNext
- \brief Push Armoured Writer on stack (generic)
-*/
-void
-__ops_writer_push_armoured(__ops_output_t *output, __ops_armor_type_t type)
-{
- static char hdr_pubkey[] =
- "-----BEGIN PGP PUBLIC KEY BLOCK-----\r\nVersion: "
- NETPGP_VERSION_STRING
- "\r\n\r\n";
- static char hdr_private_key[] =
- "-----BEGIN PGP PRIVATE KEY BLOCK-----\r\nVersion: "
- NETPGP_VERSION_STRING
- "\r\n\r\n";
- unsigned hdrsize = 0;
- unsigned (*finaliser) (__ops_error_t **, __ops_writer_t *);
- base64_t *base64;
- linebreak_t *linebreak;
- char *header = NULL;
-
- finaliser = NULL;
- switch (type) {
- case OPS_PGP_PUBLIC_KEY_BLOCK:
- header = hdr_pubkey;
- hdrsize = sizeof(hdr_pubkey) - 1;
- finaliser = armored_pubkey_fini;
- break;
-
- case OPS_PGP_PRIVATE_KEY_BLOCK:
- header = hdr_private_key;
- hdrsize = sizeof(hdr_private_key) - 1;
- finaliser = armored_privkey_fini;
- break;
-
- default:
- (void) fprintf(stderr,
- "__ops_writer_push_armoured: unusual type\n");
- return;
- }
- if ((linebreak = calloc(1, sizeof(*linebreak))) == NULL) {
- (void) fprintf(stderr,
- "__ops_writer_push_armoured: bad alloc\n");
- return;
- }
- __ops_write(output, header, hdrsize);
- __ops_writer_push(output, linebreak_writer, NULL,
- generic_destroyer,
- linebreak);
- if ((base64 = calloc(1, sizeof(*base64))) == NULL) {
- (void) fprintf(stderr,
- "__ops_writer_push_armoured: bad alloc\n");
- return;
- }
- base64->checksum = CRC24_INIT;
- __ops_writer_push(output, base64_writer, finaliser,
- generic_destroyer, base64);
-}
-
-/**************************************************************************/
-
-typedef struct {
- __ops_crypt_t *crypt;
- int free_crypt;
-} crypt_t;
-
-/*
- * This writer simply takes plaintext as input,
- * encrypts it with the given key
- * and outputs the resulting encrypted text
- */
-static unsigned
-encrypt_writer(const uint8_t *src,
- unsigned len,
- __ops_error_t **errors,
- __ops_writer_t *writer)
-{
-#define BUFSZ 1024 /* arbitrary number */
- uint8_t encbuf[BUFSZ];
- unsigned remaining;
- unsigned done = 0;
- crypt_t *pgp_encrypt;
-
- remaining = len;
- pgp_encrypt = (crypt_t *) __ops_writer_get_arg(writer);
- if (!__ops_is_sa_supported(pgp_encrypt->crypt->alg)) {
- (void) fprintf(stderr, "encrypt_writer: not supported\n");
- return 0;
- }
- while (remaining > 0) {
- unsigned size = (remaining < BUFSZ) ? remaining : BUFSZ;
-
- /* memcpy(buf,src,size); // \todo copy needed here? */
- pgp_encrypt->crypt->cfb_encrypt(pgp_encrypt->crypt, encbuf,
- src + done, size);
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "unencrypted", &src[done], 16);
- hexdump(stderr, "encrypted", encbuf, 16);
- }
- if (!stacked_write(writer, encbuf, size, errors)) {
- if (__ops_get_debug_level(__FILE__)) {
- fprintf(stderr,
- "encrypted_writer: stacked write\n");
- }
- return 0;
- }
- remaining -= size;
- done += size;
- }
-
- return 1;
-}
-
-static void
-encrypt_destroyer(__ops_writer_t *writer)
-{
- crypt_t *pgp_encrypt;
-
- pgp_encrypt = (crypt_t *) __ops_writer_get_arg(writer);
- if (pgp_encrypt->free_crypt) {
- free(pgp_encrypt->crypt);
- }
- free(pgp_encrypt);
-}
-
-/**
-\ingroup Core_WritersNext
-\brief Push Encrypted Writer onto stack (create SE packets)
-*/
-void
-__ops_push_enc_crypt(__ops_output_t *output, __ops_crypt_t *pgp_crypt)
-{
- /* Create encrypt to be used with this writer */
- /* Remember to free this in the destroyer */
- crypt_t *pgp_encrypt;
-
- if ((pgp_encrypt = calloc(1, sizeof(*pgp_encrypt))) == NULL) {
- (void) fprintf(stderr, "__ops_push_enc_crypt: bad alloc\n");
- } else {
- /* Setup the encrypt */
- pgp_encrypt->crypt = pgp_crypt;
- pgp_encrypt->free_crypt = 0;
- /* And push writer on stack */
- __ops_writer_push(output, encrypt_writer, NULL,
- encrypt_destroyer, pgp_encrypt);
- }
-}
-
-/**************************************************************************/
-
-typedef struct {
- __ops_crypt_t *crypt;
-} encrypt_se_ip_t;
-
-static unsigned encrypt_se_ip_writer(const uint8_t *,
- unsigned,
- __ops_error_t **,
- __ops_writer_t *);
-static void encrypt_se_ip_destroyer(__ops_writer_t *);
-
-/* */
-
-/**
-\ingroup Core_WritersNext
-\brief Push Encrypted SE IP Writer onto stack
-*/
-int
-__ops_push_enc_se_ip(__ops_output_t *output, const __ops_key_t *pubkey, const char *cipher, int dont_use_subkey_to_encrypt)
-{
- __ops_pk_sesskey_t *encrypted_pk_sesskey;
- encrypt_se_ip_t *se_ip;
- __ops_crypt_t *encrypted;
- uint8_t *iv;
-
- if ((se_ip = calloc(1, sizeof(*se_ip))) == NULL) {
- (void) fprintf(stderr, "__ops_push_enc_se_ip: bad alloc\n");
- return 0;
- }
-
- /* Create and write encrypted PK session key */
- if ((encrypted_pk_sesskey = __ops_create_pk_sesskey(pubkey, cipher, dont_use_subkey_to_encrypt)) == NULL) {
- (void) fprintf(stderr, "__ops_push_enc_se_ip: null pk sesskey\n");
- return 0;
- }
- __ops_write_pk_sesskey(output, encrypted_pk_sesskey);
-
- /* Setup the se_ip */
- if ((encrypted = calloc(1, sizeof(*encrypted))) == NULL) {
- free(se_ip);
- (void) fprintf(stderr, "__ops_push_enc_se_ip: bad alloc\n");
- return 0;
- }
- __ops_crypt_any(encrypted, encrypted_pk_sesskey->symm_alg);
- if ((iv = calloc(1, encrypted->blocksize)) == NULL) {
- free(se_ip);
- free(encrypted);
- (void) fprintf(stderr, "__ops_push_enc_se_ip: bad alloc\n");
- return 0;
- }
- encrypted->set_iv(encrypted, iv);
- encrypted->set_crypt_key(encrypted, &encrypted_pk_sesskey->key[0]);
- __ops_encrypt_init(encrypted);
-
- se_ip->crypt = encrypted;
-
- /* And push writer on stack */
- __ops_writer_push(output, encrypt_se_ip_writer, NULL,
- encrypt_se_ip_destroyer, se_ip);
- /* tidy up */
- free(encrypted_pk_sesskey);
- free(iv);
- return 1;
-}
-
-static unsigned
-encrypt_se_ip_writer(const uint8_t *src,
- unsigned len,
- __ops_error_t **errors,
- __ops_writer_t *writer)
-{
- const unsigned bufsz = 128;
- encrypt_se_ip_t *se_ip = __ops_writer_get_arg(writer);
- __ops_output_t *litoutput;
- __ops_output_t *zoutput;
- __ops_output_t *output;
- __ops_memory_t *litmem;
- __ops_memory_t *zmem;
- __ops_memory_t *localmem;
- unsigned ret = 1;
-
- __ops_setup_memory_write(&litoutput, &litmem, bufsz);
- __ops_setup_memory_write(&zoutput, &zmem, bufsz);
- __ops_setup_memory_write(&output, &localmem, bufsz);
-
- /* create literal data packet from source data */
- __ops_write_litdata(litoutput, src, (const int)len, OPS_LDT_BINARY);
- if (__ops_mem_len(litmem) <= len) {
- (void) fprintf(stderr, "encrypt_se_ip_writer: bad len\n");
- return 0;
- }
-
- /* create compressed packet from literal data packet */
- __ops_writez(zoutput, __ops_mem_data(litmem), (unsigned)__ops_mem_len(litmem));
-
- /* create SE IP packet set from this compressed literal data */
- __ops_write_se_ip_pktset(output, __ops_mem_data(zmem),
- (unsigned)__ops_mem_len(zmem),
- se_ip->crypt);
- if (__ops_mem_len(localmem) <= __ops_mem_len(zmem)) {
- (void) fprintf(stderr,
- "encrypt_se_ip_writer: bad comp len\n");
- return 0;
- }
-
- /* now write memory to next writer */
- ret = stacked_write(writer, __ops_mem_data(localmem),
- (unsigned)__ops_mem_len(localmem), errors);
-
- __ops_memory_free(localmem);
- __ops_memory_free(zmem);
- __ops_memory_free(litmem);
-
- return ret;
-}
-
-static void
-encrypt_se_ip_destroyer(__ops_writer_t *writer)
-{
- encrypt_se_ip_t *se_ip;
-
- se_ip = __ops_writer_get_arg(writer);
- free(se_ip->crypt);
- free(se_ip);
-}
-
-unsigned
-__ops_write_se_ip_pktset(__ops_output_t *output,
- const uint8_t *data,
- const unsigned len,
- __ops_crypt_t *crypted)
-{
- __ops_output_t *mdcoutput;
- __ops_memory_t *mdc;
- uint8_t hashed[OPS_SHA1_HASH_SIZE];
- uint8_t *preamble;
- const size_t mdcsize = 1 + 1 + OPS_SHA1_HASH_SIZE;
- size_t preamblesize;
- size_t bufsize;
-
- preamblesize = crypted->blocksize + 2;
- if ((preamble = calloc(1, preamblesize)) == NULL) {
- (void) fprintf(stderr, "__ops_write_se_ip_pktset: bad alloc\n");
- return 0;
- }
- bufsize = preamblesize + len + mdcsize;
-
- if (!__ops_write_ptag(output, OPS_PTAG_CT_SE_IP_DATA) ||
- !__ops_write_length(output, (unsigned)(1 + bufsize)) ||
- !__ops_write_scalar(output, OPS_SE_IP_DATA_VERSION, 1)) {
- free(preamble);
- return 0;
- }
- __ops_random(preamble, crypted->blocksize);
- preamble[crypted->blocksize] = preamble[crypted->blocksize - 2];
- preamble[crypted->blocksize + 1] = preamble[crypted->blocksize - 1];
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "preamble", preamble, preamblesize);
- }
-
- /* now construct MDC packet and add to the end of the buffer */
- __ops_setup_memory_write(&mdcoutput, &mdc, mdcsize);
- __ops_calc_mdc_hash(preamble, preamblesize, data, len, &hashed[0]);
- __ops_write_mdc(mdcoutput, hashed);
-
- if (__ops_get_debug_level(__FILE__)) {
- hexdump(stderr, "plaintext", data, len);
- hexdump(stderr, "mdc", __ops_mem_data(mdc), OPS_SHA1_HASH_SIZE + 1 + 1);
- }
-
- /* and write it out */
- __ops_push_enc_crypt(output, crypted);
- if (__ops_get_debug_level(__FILE__)) {
- (void) fprintf(stderr,
- "writing %" PRIsize "u + %u + %" PRIsize "u\n",
- preamblesize, len, __ops_mem_len(mdc));
- }
- if (!__ops_write(output, preamble, (unsigned)preamblesize) ||
- !__ops_write(output, data, len) ||
- !__ops_write(output, __ops_mem_data(mdc), (unsigned)__ops_mem_len(mdc))) {
- /* \todo fix cleanup here and in old code functions */
- return 0;
- }
-
- __ops_writer_pop(output);
-
- /* cleanup */
- __ops_teardown_memory_write(mdcoutput, mdc);
- free(preamble);
-
- return 1;
-}
-
-typedef struct {
- int fd;
-} writer_fd_t;
-
-static unsigned
-fd_writer(const uint8_t *src, unsigned len,
- __ops_error_t **errors,
- __ops_writer_t *writer)
-{
- writer_fd_t *writerfd;
- int n;
-
- writerfd = __ops_writer_get_arg(writer);
- n = (int)write(writerfd->fd, src, len);
- if (n == -1) {
- OPS_SYSTEM_ERROR_1(errors, OPS_E_W_WRITE_FAILED, "write",
- "file descriptor %d", writerfd->fd);
- return 0;
- }
- if ((unsigned) n != len) {
- OPS_ERROR_1(errors, OPS_E_W_WRITE_TOO_SHORT,
- "file descriptor %d", writerfd->fd);
- return 0;
- }
- return 1;
-}
-
-static void
-writer_fd_destroyer(__ops_writer_t *writer)
-{
- free(__ops_writer_get_arg(writer));
-}
-
-/**
- * \ingroup Core_WritersFirst
- * \brief Write to a File
- *
- * Set the writer in output to be a stock writer that writes to a file
- * descriptor. If another writer has already been set, then that is
- * first destroyed.
- *
- * \param output The output structure
- * \param fd The file descriptor
- *
- */
-
-void
-__ops_writer_set_fd(__ops_output_t *output, int fd)
-{
- writer_fd_t *writer;
-
- if ((writer = calloc(1, sizeof(*writer))) == NULL) {
- (void) fprintf(stderr, "__ops_writer_set_fd: bad alloc\n");
- } else {
- writer->fd = fd;
- __ops_writer_set(output, fd_writer, NULL, writer_fd_destroyer, writer);
- }
-}
-
-static unsigned
-memory_writer(const uint8_t *src,
- unsigned len,
- __ops_error_t **errors,
- __ops_writer_t *writer)
-{
- __ops_memory_t *mem;
-
- __OPS_USED(errors);
- mem = __ops_writer_get_arg(writer);
- __ops_memory_add(mem, src, len);
- return 1;
-}
-
-/**
- * \ingroup Core_WritersFirst
- * \brief Write to memory
- *
- * Set a memory writer.
- *
- * \param output The output structure
- * \param mem The memory structure
- * \note It is the caller's responsiblity to call __ops_memory_free(mem)
- * \sa __ops_memory_free()
- */
-
-void
-__ops_writer_set_memory(__ops_output_t *output, __ops_memory_t *mem)
-{
- __ops_writer_set(output, memory_writer, NULL, NULL, mem);
-}
-
-/**************************************************************************/
-
-typedef struct {
- __ops_hash_alg_t hash_alg;
- __ops_hash_t hash;
- uint8_t *hashed;
-} skey_checksum_t;
-
-static unsigned
-skey_checksum_writer(const uint8_t *src,
- const unsigned len,
- __ops_error_t **errors,
- __ops_writer_t *writer)
-{
- skey_checksum_t *sum;
- unsigned ret = 1;
-
- sum = __ops_writer_get_arg(writer);
- /* add contents to hash */
- sum->hash.add(&sum->hash, src, len);
- /* write to next stacked writer */
- ret = stacked_write(writer, src, len, errors);
- /* tidy up and return */
- return ret;
-}
-
-static unsigned
-skey_checksum_finaliser(__ops_error_t **errors, __ops_writer_t *writer)
-{
- skey_checksum_t *sum;
-
- sum = __ops_writer_get_arg(writer);
- if (errors && *errors) {
- printf("errors in skey_checksum_finaliser\n");
- }
- (*sum->hash.finish)(&sum->hash, sum->hashed);
- return 1;
-}
-
-static void
-skey_checksum_destroyer(__ops_writer_t *writer)
-{
- skey_checksum_t *sum;
-
- sum = __ops_writer_get_arg(writer);
- free(sum);
-}
-
-/**
-\ingroup Core_WritersNext
-\param output
-\param seckey
-*/
-void
-__ops_push_checksum_writer(__ops_output_t *output, __ops_seckey_t *seckey)
-{
- /* XXX: push a SHA-1 checksum writer (and change s2k to 254). */
- skey_checksum_t *sum;
-
- if ((sum = calloc(1, sizeof(*sum))) == NULL) {
- (void) fprintf(stderr,
- "__ops_push_checksum_writer: bad alloc\n");
- } else {
- /* configure the arg */
- sum->hash_alg = seckey->hash_alg;
- if ((sum->hashed = seckey->checkhash) == NULL) {
- sum->hashed = seckey->checkhash = calloc(1, OPS_CHECKHASH_SIZE);
- }
- /* init the hash */
- __ops_hash_any(&sum->hash, sum->hash_alg);
- if (!sum->hash.init(&sum->hash)) {
- (void) fprintf(stderr,
- "__ops_push_checksum_writer: bad hash init\n");
- /* just continue and die */
- /* XXX - agc - no way to return failure */
- }
- __ops_writer_push(output, skey_checksum_writer,
- skey_checksum_finaliser, skey_checksum_destroyer, sum);
- }
-}
-
-/**************************************************************************/
-
-#define MAX_PARTIAL_DATA_LENGTH 1073741824
-
-typedef struct {
- __ops_crypt_t *crypt;
- __ops_memory_t *mem_data;
- __ops_memory_t *litmem;
- __ops_output_t *litoutput;
- __ops_memory_t *se_ip_mem;
- __ops_output_t *se_ip_out;
- __ops_hash_t hash;
-} str_enc_se_ip_t;
-
-
-static unsigned
-str_enc_se_ip_writer(const uint8_t *src,
- unsigned len,
- __ops_error_t **errors,
- __ops_writer_t *writer);
-
-static unsigned
-str_enc_se_ip_finaliser(__ops_error_t **errors,
- __ops_writer_t * writer);
-
-static void str_enc_se_ip_destroyer(__ops_writer_t *writer);
-
-/* */
-
-/**
-\ingroup Core_WritersNext
-\param output
-\param pubkey
-*/
-void
-__ops_push_stream_enc_se_ip(__ops_output_t *output, const __ops_key_t *pubkey, const char *cipher)
-{
- __ops_pk_sesskey_t *encrypted_pk_sesskey;
- str_enc_se_ip_t *se_ip;
- const unsigned bufsz = 1024;
- __ops_crypt_t *encrypted;
- uint8_t *iv;
-
- if ((se_ip = calloc(1, sizeof(*se_ip))) == NULL) {
- (void) fprintf(stderr,
- "__ops_push_stream_enc_se_ip: bad alloc\n");
- return;
- }
- encrypted_pk_sesskey = __ops_create_pk_sesskey(pubkey, cipher, 1);
- __ops_write_pk_sesskey(output, encrypted_pk_sesskey);
-
- /* Setup the se_ip */
- if ((encrypted = calloc(1, sizeof(*encrypted))) == NULL) {
- free(se_ip);
- (void) fprintf(stderr,
- "__ops_push_stream_enc_se_ip: bad alloc\n");
- return;
- }
- __ops_crypt_any(encrypted, encrypted_pk_sesskey->symm_alg);
- if ((iv = calloc(1, encrypted->blocksize)) == NULL) {
- free(encrypted);
- free(se_ip);
- (void) fprintf(stderr,
- "__ops_push_stream_enc_se_ip: bad alloc\n");
- return;
- }
- encrypted->set_iv(encrypted, iv);
- encrypted->set_crypt_key(encrypted, &encrypted_pk_sesskey->key[0]);
- __ops_encrypt_init(encrypted);
-
- se_ip->crypt = encrypted;
-
- se_ip->mem_data = __ops_memory_new();
- __ops_memory_init(se_ip->mem_data, bufsz);
-
- se_ip->litmem = NULL;
- se_ip->litoutput = NULL;
-
- __ops_setup_memory_write(&se_ip->se_ip_out, &se_ip->se_ip_mem, bufsz);
-
- /* And push writer on stack */
- __ops_writer_push(output,
- str_enc_se_ip_writer,
- str_enc_se_ip_finaliser,
- str_enc_se_ip_destroyer, se_ip);
- /* tidy up */
- free(encrypted_pk_sesskey);
- free(iv);
-}
-
-
-/* calculate the partial data length */
-static unsigned
-__ops_partial_data_len(unsigned len)
-{
- unsigned mask;
- int i;
-
- if (len == 0) {
- (void) fprintf(stderr, "__ops_partial_data_len: 0 len\n");
- return 0;
- }
- if (len > MAX_PARTIAL_DATA_LENGTH) {
- return MAX_PARTIAL_DATA_LENGTH;
- }
- mask = MAX_PARTIAL_DATA_LENGTH;
- for (i = 0; i <= 30; i++) {
- if (mask & len) {
- break;
- }
- mask >>= 1;
- }
- return mask;
-}
-
-static unsigned
-write_partial_len(__ops_output_t *output, unsigned len)
-{
- /* len must be a power of 2 from 0 to 30 */
- uint8_t c;
- int i;
-
- for (i = 0; i <= 30; i++) {
- if ((len >> i) & 1) {
- break;
- }
- }
- c = 224 + i;
- return __ops_write(output, &c, 1);
-}
-
-static unsigned
-stream_write_litdata(__ops_output_t *output,
- const uint8_t *data,
- unsigned len)
-{
- size_t pdlen;
-
- while (len > 0) {
- pdlen = __ops_partial_data_len(len);
- write_partial_len(output, (unsigned)pdlen);
- __ops_write(output, data, (unsigned)pdlen);
- data += pdlen;
- len -= (unsigned)pdlen;
- }
- return 1;
-}
-
-static unsigned
-stream_write_litdata_first(__ops_output_t *output,
- const uint8_t *data,
- unsigned len,
- const __ops_litdata_enum type)
-{
- /* \todo add filename */
- /* \todo add date */
- /* \todo do we need to check text data for <cr><lf> line endings ? */
-
- unsigned sz_towrite;
- size_t sz_pd;
-
- sz_towrite = 1 + 1 + 4 + len;
- sz_pd = (size_t)__ops_partial_data_len(sz_towrite);
- if (sz_pd < 512) {
- (void) fprintf(stderr,
- "stream_write_litdata_first: bad sz_pd\n");
- return 0;
- }
- __ops_write_ptag(output, OPS_PTAG_CT_LITDATA);
- write_partial_len(output, (unsigned)sz_pd);
- __ops_write_scalar(output, (unsigned)type, 1);
- __ops_write_scalar(output, 0, 1);
- __ops_write_scalar(output, 0, 4);
- __ops_write(output, data, (unsigned)(sz_pd - 6));
-
- data += (sz_pd - 6);
- sz_towrite -= (unsigned)sz_pd;
-
- return stream_write_litdata(output, data, (unsigned)sz_towrite);
-}
-
-static unsigned
-stream_write_litdata_last(__ops_output_t *output,
- const uint8_t *data,
- unsigned len)
-{
- __ops_write_length(output, len);
- return __ops_write(output, data, len);
-}
-
-static unsigned
-stream_write_se_ip(__ops_output_t *output,
- const uint8_t *data,
- unsigned len,
- str_enc_se_ip_t *se_ip)
-{
- size_t pdlen;
-
- while (len > 0) {
- pdlen = __ops_partial_data_len(len);
- write_partial_len(output, (unsigned)pdlen);
-
- __ops_push_enc_crypt(output, se_ip->crypt);
- __ops_write(output, data, (unsigned)pdlen);
- __ops_writer_pop(output);
-
- se_ip->hash.add(&se_ip->hash, data, (unsigned)pdlen);
-
- data += pdlen;
- len -= (unsigned)pdlen;
- }
- return 1;
-}
-
-static unsigned
-stream_write_se_ip_first(__ops_output_t *output,
- const uint8_t *data,
- unsigned len,
- str_enc_se_ip_t *se_ip)
-{
- uint8_t *preamble;
- size_t blocksize;
- size_t preamblesize;
- size_t sz_towrite;
- size_t sz_pd;
-
- blocksize = se_ip->crypt->blocksize;
- preamblesize = blocksize + 2;
- sz_towrite = preamblesize + 1 + len;
- if ((preamble = calloc(1, preamblesize)) == NULL) {
- (void) fprintf(stderr,
- "stream_write_se_ip_first: bad alloc\n");
- return 0;
- }
- sz_pd = (size_t)__ops_partial_data_len((unsigned)sz_towrite);
- if (sz_pd < 512) {
- free(preamble);
- (void) fprintf(stderr,
- "stream_write_se_ip_first: bad sz_pd\n");
- return 0;
- }
- __ops_write_ptag(output, OPS_PTAG_CT_SE_IP_DATA);
- write_partial_len(output, (unsigned)sz_pd);
- __ops_write_scalar(output, OPS_SE_IP_DATA_VERSION, 1);
- __ops_push_enc_crypt(output, se_ip->crypt);
-
- __ops_random(preamble, blocksize);
- preamble[blocksize] = preamble[blocksize - 2];
- preamble[blocksize + 1] = preamble[blocksize - 1];
- __ops_hash_any(&se_ip->hash, OPS_HASH_SHA1);
- if (!se_ip->hash.init(&se_ip->hash)) {
- free(preamble);
- (void) fprintf(stderr,
- "stream_write_se_ip_first: bad hash init\n");
- return 0;
- }
- __ops_write(output, preamble, (unsigned)preamblesize);
- se_ip->hash.add(&se_ip->hash, preamble, (unsigned)preamblesize);
- __ops_write(output, data, (unsigned)(sz_pd - preamblesize - 1));
- se_ip->hash.add(&se_ip->hash, data, (unsigned)(sz_pd - preamblesize - 1));
- data += (sz_pd - preamblesize - 1);
- sz_towrite -= sz_pd;
- __ops_writer_pop(output);
- stream_write_se_ip(output, data, (unsigned)sz_towrite, se_ip);
- free(preamble);
- return 1;
-}
-
-static unsigned
-stream_write_se_ip_last(__ops_output_t *output,
- const uint8_t *data,
- unsigned len,
- str_enc_se_ip_t *se_ip)
-{
- __ops_output_t *mdcoutput;
- __ops_memory_t *mdcmem;
- const size_t mdcsize = 1 + 1 + OPS_SHA1_HASH_SIZE;
- uint8_t c;
- uint8_t hashed[OPS_SHA1_HASH_SIZE];
- size_t bufsize = len + mdcsize;
-
- se_ip->hash.add(&se_ip->hash, data, len);
-
- /* MDC packet tag */
- c = MDC_PKT_TAG;
- se_ip->hash.add(&se_ip->hash, &c, 1);
-
- /* MDC packet len */
- c = OPS_SHA1_HASH_SIZE;
- se_ip->hash.add(&se_ip->hash, &c, 1);
-
- /* finish */
- se_ip->hash.finish(&se_ip->hash, hashed);
-
- __ops_setup_memory_write(&mdcoutput, &mdcmem, mdcsize);
- __ops_write_mdc(mdcoutput, hashed);
-
- /* write length of last se_ip chunk */
- __ops_write_length(output, (unsigned)bufsize);
-
- /* encode everting */
- __ops_push_enc_crypt(output, se_ip->crypt);
-
- __ops_write(output, data, len);
- __ops_write(output, __ops_mem_data(mdcmem), (unsigned)__ops_mem_len(mdcmem));
-
- __ops_writer_pop(output);
-
- __ops_teardown_memory_write(mdcoutput, mdcmem);
-
- return 1;
-}
-
-static unsigned
-str_enc_se_ip_writer(const uint8_t *src,
- unsigned len,
- __ops_error_t **errors,
- __ops_writer_t *writer)
-{
- str_enc_se_ip_t *se_ip;
- unsigned ret;
- size_t datalength;
-
- se_ip = __ops_writer_get_arg(writer);
- ret = 1;
- if (se_ip->litoutput == NULL) {
- /* first literal data chunk is not yet written */
-
- __ops_memory_add(se_ip->mem_data, src, len);
- datalength = __ops_mem_len(se_ip->mem_data);
-
- /* 4.2.2.4. Partial Body Lengths */
- /* The first partial length MUST be at least 512 octets long. */
- if (datalength < 512) {
- return 1; /* will wait for more data or
- * end of stream */
- }
- __ops_setup_memory_write(&se_ip->litoutput,
- &se_ip->litmem, datalength + 32);
- stream_write_litdata_first(se_ip->litoutput,
- __ops_mem_data(se_ip->mem_data),
- (unsigned)datalength,
- OPS_LDT_BINARY);
-
- stream_write_se_ip_first(se_ip->se_ip_out,
- __ops_mem_data(se_ip->litmem),
- (unsigned)__ops_mem_len(se_ip->litmem), se_ip);
- } else {
- stream_write_litdata(se_ip->litoutput, src, len);
- stream_write_se_ip(se_ip->se_ip_out,
- __ops_mem_data(se_ip->litmem),
- (unsigned)__ops_mem_len(se_ip->litmem), se_ip);
- }
-
- /* now write memory to next writer */
- ret = stacked_write(writer, __ops_mem_data(se_ip->se_ip_mem),
- (unsigned)__ops_mem_len(se_ip->se_ip_mem), errors);
-
- __ops_memory_clear(se_ip->litmem);
- __ops_memory_clear(se_ip->se_ip_mem);
-
- return ret;
-}
-
-/* write last chunk of data */
-static unsigned
-str_enc_se_ip_finaliser(__ops_error_t **errors, __ops_writer_t *writer)
-{
- str_enc_se_ip_t *se_ip;
-
- se_ip = __ops_writer_get_arg(writer);
- if (se_ip->litoutput == NULL) {
- /* first literal data chunk was not written */
- /* so we know the total length of data, write a simple packet */
-
- /* create literal data packet from buffered data */
- __ops_setup_memory_write(&se_ip->litoutput, &se_ip->litmem,
- __ops_mem_len(se_ip->mem_data) + 32);
-
- __ops_write_litdata(se_ip->litoutput,
- __ops_mem_data(se_ip->mem_data),
- (const int)__ops_mem_len(se_ip->mem_data),
- OPS_LDT_BINARY);
-
- /* create SE IP packet set from this literal data */
- __ops_write_se_ip_pktset(se_ip->se_ip_out,
- __ops_mem_data(se_ip->litmem),
- (unsigned)__ops_mem_len(se_ip->litmem),
- se_ip->crypt);
-
- } else {
- /* finish writing */
- stream_write_litdata_last(se_ip->litoutput, NULL, 0);
- stream_write_se_ip_last(se_ip->se_ip_out,
- __ops_mem_data(se_ip->litmem),
- (unsigned)__ops_mem_len(se_ip->litmem), se_ip);
- }
-
- /* now write memory to next writer */
- return stacked_write(writer, __ops_mem_data(se_ip->se_ip_mem),
- (unsigned)__ops_mem_len(se_ip->se_ip_mem), errors);
-}
-
-static void
-str_enc_se_ip_destroyer(__ops_writer_t *writer)
-{
- str_enc_se_ip_t *se_ip;
-
- se_ip = __ops_writer_get_arg(writer);
- __ops_memory_free(se_ip->mem_data);
- __ops_teardown_memory_write(se_ip->litoutput, se_ip->litmem);
- __ops_teardown_memory_write(se_ip->se_ip_out, se_ip->se_ip_mem);
-
- se_ip->crypt->decrypt_finish(se_ip->crypt);
-
- free(se_ip->crypt);
- free(se_ip);
-}
diff --git a/enzevalos_iphone/netpgp/lib/writer.h b/enzevalos_iphone/netpgp/lib/writer.h
deleted file mode 100644
index b069f81c..00000000
--- a/enzevalos_iphone/netpgp/lib/writer.h
+++ /dev/null
@@ -1,119 +0,0 @@
-/*-
- * Copyright (c) 2009 The NetBSD Foundation, Inc.
- * All rights reserved.
- *
- * This code is derived from software contributed to The NetBSD Foundation
- * by Alistair Crooks (agc@NetBSD.org)
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
- * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- * POSSIBILITY OF SUCH DAMAGE.
- */
-/*
- * Copyright (c) 2005-2008 Nominet UK (www.nic.uk)
- * All rights reserved.
- * Contributors: Ben Laurie, Rachel Willmer. The Contributors have asserted
- * their moral rights under the UK Copyright Design and Patents Act 1988 to
- * be recorded as the authors of this copyright work.
- *
- * Licensed under the Apache License, Version 2.0 (the "License"); you may not
- * use this file except in compliance with the License.
- *
- * You may obtain a copy of the License at
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-/** \file
- */
-
-#ifndef WRITER_H_
-#define WRITER_H_
-
-#include "types.h"
-#include "packet.h"
-#include "crypto.h"
-#include "errors.h"
-#include "keyring.h"
-
-/**
- * \ingroup Writer
- * the writer function prototype
- */
-
-typedef struct __ops_writer_t __ops_writer_t;
-typedef unsigned __ops_writer_func_t(const uint8_t *,
- unsigned,
- __ops_error_t **,
- __ops_writer_t *);
-typedef unsigned
-__ops_writer_finaliser_t(__ops_error_t **, __ops_writer_t *);
-typedef void __ops_writer_destroyer_t(__ops_writer_t *);
-
-/** Writer settings */
-struct __ops_writer_t {
- __ops_writer_func_t *writer; /* the writer itself */
- __ops_writer_finaliser_t *finaliser; /* the writer's finaliser */
- __ops_writer_destroyer_t *destroyer; /* the writer's destroyer */
- void *arg; /* writer-specific argument */
- __ops_writer_t *next; /* next writer in the stack */
- __ops_io_t *io; /* IO for errors and output */
-};
-
-
-void *__ops_writer_get_arg(__ops_writer_t *);
-
-void __ops_writer_set(__ops_output_t *,
- __ops_writer_func_t *,
- __ops_writer_finaliser_t *,
- __ops_writer_destroyer_t *,
- void *);
-void __ops_writer_push(__ops_output_t *,
- __ops_writer_func_t *,
- __ops_writer_finaliser_t *,
- __ops_writer_destroyer_t *,
- void *);
-void __ops_writer_pop(__ops_output_t *);
-unsigned __ops_writer_passthrough(const uint8_t *,
- unsigned,
- __ops_error_t **,
- __ops_writer_t *);
-
-void __ops_writer_set_fd(__ops_output_t *, int);
-unsigned __ops_writer_close(__ops_output_t *);
-
-unsigned __ops_write(__ops_output_t *, const void *, unsigned);
-unsigned __ops_write_length(__ops_output_t *, unsigned);
-unsigned __ops_write_ptag(__ops_output_t *, __ops_content_enum);
-unsigned __ops_write_scalar(__ops_output_t *, unsigned, unsigned);
-unsigned __ops_write_mpi(__ops_output_t *, const BIGNUM *);
-
-void __ops_writer_info_delete(__ops_writer_t *);
-unsigned __ops_writer_info_finalise(__ops_error_t **, __ops_writer_t *);
-
-void __ops_push_stream_enc_se_ip(__ops_output_t *, const __ops_key_t *, const char *);
-
-#endif /* WRITER_H_ */
--
GitLab