pgp revision 328875
1251886Speter 2251886Speter#------------------------------------------------------------------------------ 3251886Speter# $File: pgp,v 1.14 2017/03/17 21:35:28 christos Exp $ 4251886Speter# pgp: file(1) magic for Pretty Good Privacy 5251886Speter# see http://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html 6251886Speter# 7251886Speter0 beshort 0x9900 PGP key public ring 8251886Speter!:mime application/x-pgp-keyring 9251886Speter0 beshort 0x9501 PGP key security ring 10251886Speter!:mime application/x-pgp-keyring 11251886Speter0 beshort 0x9500 PGP key security ring 12251886Speter!:mime application/x-pgp-keyring 13251886Speter0 beshort 0xa600 PGP encrypted data 14251886Speter#!:mime application/pgp-encrypted 15251886Speter#0 string -----BEGIN\040PGP text/PGP armored data 16251886Speter!:mime text/PGP # encoding: armored data 17251886Speter#>15 string PUBLIC\040KEY\040BLOCK- public key block 18251886Speter#>15 string MESSAGE- message 19251886Speter#>15 string SIGNED\040MESSAGE- signed message 20299742Sdim#>15 string PGP\040SIGNATURE- signature 21251886Speter 22251886Speter2 string ---BEGIN\040PGP\040PUBLIC\040KEY\040BLOCK- PGP public key block 23251886Speter!:mime application/pgp-keys 24251886Speter>10 search/100 \n\n 25251886Speter>>&0 use pgp 26251886Speter0 string -----BEGIN\040PGP\040MESSAGE- PGP message 27251886Speter!:mime application/pgp 28299742Sdim>10 search/100 \n\n 29299742Sdim>>&0 use pgp 30299742Sdim0 string -----BEGIN\040PGP\040SIGNATURE- PGP signature 31251886Speter!:mime application/pgp-signature 32251886Speter>10 search/100 \n\n 33251886Speter>>&0 use pgp 34251886Speter 35251886Speter# Decode the type of the packet based on it's base64 encoding. 36251886Speter# Idea from Mark Martinec 37251886Speter# The specification is in RFC 4880, section 4.2 and 4.3: 38251886Speter# http://tools.ietf.org/html/rfc4880#section-4.2 39251886Speter 40251886Speter0 name pgp 41251886Speter>0 byte 0x67 Reserved (old) 42251886Speter>0 byte 0x68 Public-Key Encrypted Session Key (old) 43251886Speter>0 byte 0x69 Signature (old) 44251886Speter>0 byte 0x6a Symmetric-Key Encrypted Session Key (old) 45251886Speter>0 byte 0x6b One-Pass Signature (old) 46251886Speter>0 byte 0x6c Secret-Key (old) 47251886Speter>0 byte 0x6d Public-Key (old) 48251886Speter>0 byte 0x6e Secret-Subkey (old) 49251886Speter>0 byte 0x6f Compressed Data (old) 50251886Speter>0 byte 0x70 Symmetrically Encrypted Data (old) 51251886Speter>0 byte 0x71 Marker (old) 52251886Speter>0 byte 0x72 Literal Data (old) 53251886Speter>0 byte 0x73 Trust (old) 54251886Speter>0 byte 0x74 User ID (old) 55299742Sdim>0 byte 0x75 Public-Subkey (old) 56299742Sdim>0 byte 0x76 Unused (old) 57299742Sdim>0 byte 0x77 58251886Speter>>1 byte&0xc0 0x00 Reserved 59251886Speter>>1 byte&0xc0 0x40 Public-Key Encrypted Session Key 60251886Speter>>1 byte&0xc0 0x80 Signature 61251886Speter>>1 byte&0xc0 0xc0 Symmetric-Key Encrypted Session Key 62251886Speter>0 byte 0x78 63251886Speter>>1 byte&0xc0 0x00 One-Pass Signature 64251886Speter>>1 byte&0xc0 0x40 Secret-Key 65251886Speter>>1 byte&0xc0 0x80 Public-Key 66251886Speter>>1 byte&0xc0 0xc0 Secret-Subkey 67251886Speter>0 byte 0x79 68251886Speter>>1 byte&0xc0 0x00 Compressed Data 69251886Speter>>1 byte&0xc0 0x40 Symmetrically Encrypted Data 70251886Speter>>1 byte&0xc0 0x80 Marker 71251886Speter>>1 byte&0xc0 0xc0 Literal Data 72251886Speter>0 byte 0x7a 73251886Speter>>1 byte&0xc0 0x00 Trust 74251886Speter>>1 byte&0xc0 0x40 User ID 75251886Speter>>1 byte&0xc0 0x80 Public-Subkey 76251886Speter>>1 byte&0xc0 0xc0 Unused [z%x] 77251886Speter>0 byte 0x30 78251886Speter>>1 byte&0xc0 0x00 Unused [0%x] 79251886Speter>>1 byte&0xc0 0x40 User Attribute 80251886Speter>>1 byte&0xc0 0x80 Sym. Encrypted and Integrity Protected Data 81251886Speter>>1 byte&0xc0 0xc0 Modification Detection Code 82251886Speter 83251886Speter# magic signatures to detect PGP crypto material (from stef) 84251886Speter# detects and extracts metadata from: 85251886Speter# - symmetric encrypted packet header 86251886Speter# - RSA (e=65537) secret (sub-)keys 87251886Speter 88251886Speter# 1024b RSA encrypted data 89251886Speter 90251886Speter0 string \x84\x8c\x03 PGP RSA encrypted session key - 91251886Speter>3 lelong x keyid: %X 92251886Speter>7 lelong x %X 93251886Speter>11 byte 0x01 RSA (Encrypt or Sign) 1024b 94251886Speter>11 byte 0x02 RSA Encrypt-Only 1024b 95251886Speter>12 string \x04\x00 96251886Speter>12 string \x03\xff 97251886Speter>12 string \x03\xfe 98251886Speter>12 string \x03\xfd 99251886Speter>12 string \x03\xfc 100251886Speter>12 string \x03\xfb 101251886Speter>12 string \x03\xfa 102251886Speter>12 string \x03\xf9 103299742Sdim>142 byte 0xd2 . 104251886Speter 105251886Speter# 2048b RSA encrypted data 106251886Speter 107251886Speter0 string \x85\x01\x0c\x03 PGP RSA encrypted session key - 108251886Speter>4 lelong x keyid: %X 109251886Speter>8 lelong x %X 110251886Speter>12 byte 0x01 RSA (Encrypt or Sign) 2048b 111251886Speter>12 byte 0x02 RSA Encrypt-Only 2048b 112251886Speter>13 string \x08\x00 113299742Sdim>13 string \x07\xff 114251886Speter>13 string \x07\xfe 115251886Speter>13 string \x07\xfd 116251886Speter>13 string \x07\xfc 117251886Speter>13 string \x07\xfb 118251886Speter>13 string \x07\xfa 119251886Speter>13 string \x07\xf9 120251886Speter>271 byte 0xd2 . 121251886Speter 122299742Sdim# 3072b RSA encrypted data 123251886Speter 124251886Speter0 string \x85\x01\x8c\x03 PGP RSA encrypted session key - 125251886Speter>4 lelong x keyid: %X 126251886Speter>8 lelong x %X 127299742Sdim>12 byte 0x01 RSA (Encrypt or Sign) 3072b 128289166Speter>12 byte 0x02 RSA Encrypt-Only 3072b 129289166Speter>13 string \x0c\x00 130251886Speter>13 string \x0b\xff 131251886Speter>13 string \x0b\xfe 132251886Speter>13 string \x0b\xfd 133251886Speter>13 string \x0b\xfc 134251886Speter>13 string \x0b\xfb 135251886Speter>13 string \x0b\xfa 136251886Speter>13 string \x0b\xf9 137289166Speter>399 byte 0xd2 . 138251886Speter 139251886Speter# 3072b RSA encrypted data 140289166Speter 141251886Speter0 string \x85\x02\x0c\x03 PGP RSA encrypted session key - 142251886Speter>4 lelong x keyid: %X 143251886Speter>8 lelong x %X 144251886Speter>12 byte 0x01 RSA (Encrypt or Sign) 4096b 145251886Speter>12 byte 0x02 RSA Encrypt-Only 4096b 146251886Speter>13 string \x10\x00 147251886Speter>13 string \x0f\xff 148251886Speter>13 string \x0f\xfe 149251886Speter>13 string \x0f\xfd 150251886Speter>13 string \x0f\xfc 151251886Speter>13 string \x0f\xfb 152251886Speter>13 string \x0f\xfa 153251886Speter>13 string \x0f\xf9 154251886Speter>527 byte 0xd2 . 155251886Speter 156251886Speter# 4096b RSA encrypted data 157251886Speter 158251886Speter0 string \x85\x04\x0c\x03 PGP RSA encrypted session key - 159251886Speter>4 lelong x keyid: %X 160251886Speter>8 lelong x %X 161289166Speter>12 byte 0x01 RSA (Encrypt or Sign) 8129b 162251886Speter>12 byte 0x02 RSA Encrypt-Only 8129b 163251886Speter>13 string \x20\x00 164251886Speter>13 string \x1f\xff 165251886Speter>13 string \x1f\xfe 166251886Speter>13 string \x1f\xfd 167251886Speter>13 string \x1f\xfc 168251886Speter>13 string \x1f\xfb 169251886Speter>13 string \x1f\xfa 170251886Speter>13 string \x1f\xf9 171251886Speter>1039 byte 0xd2 . 172251886Speter 173251886Speter# crypto algo mapper 174251886Speter 175251886Speter0 name crypto 176251886Speter>0 byte 0x00 Plaintext or unencrypted data 177251886Speter>0 byte 0x01 IDEA 178251886Speter>0 byte 0x02 TripleDES 179251886Speter>0 byte 0x03 CAST5 (128 bit key) 180251886Speter>0 byte 0x04 Blowfish (128 bit key, 16 rounds) 181251886Speter>0 byte 0x07 AES with 128-bit key 182251886Speter>0 byte 0x08 AES with 192-bit key 183251886Speter>0 byte 0x09 AES with 256-bit key 184251886Speter>0 byte 0x0a Twofish with 256-bit key 185251886Speter 186251886Speter# hash algo mapper 187251886Speter 188251886Speter0 name hash 189251886Speter>0 byte 0x01 MD5 190251886Speter>0 byte 0x02 SHA-1 191251886Speter>0 byte 0x03 RIPE-MD/160 192251886Speter>0 byte 0x08 SHA256 193251886Speter>0 byte 0x09 SHA384 194251886Speter>0 byte 0x0a SHA512 195251886Speter>0 byte 0x0b SHA224 196251886Speter 197251886Speter# display public key algorithms as human readable text 198251886Speter0 name key_algo 199251886Speter>0 byte 0x01 RSA (Encrypt or Sign) 200251886Speter# keep old look of version 5.28 without parentheses 201251886Speter>0 byte 0x02 RSA Encrypt-Only 202251886Speter>0 byte 0x03 RSA (Sign-Only) 203251886Speter>0 byte 16 ElGamal (Encrypt-Only) 204251886Speter>0 byte 17 DSA 205251886Speter>0 byte 18 Elliptic Curve 206251886Speter>0 byte 19 ECDSA 207251886Speter>0 byte 20 ElGamal (Encrypt or Sign) 208251886Speter>0 byte 21 Diffie-Hellman 209251886Speter>0 default x 210251886Speter>>0 ubyte <22 unknown (pub %d) 211299742Sdim# this should never happen 212299742Sdim>>0 ubyte >21 invalid (%d) 213299742Sdim 214251886Speter# pgp symmetric encrypted data 215251886Speter 216251886Speter0 byte 0x8c PGP symmetric key encrypted data - 217251886Speter>1 byte 0x0d 218251886Speter>1 byte 0x0c 219251886Speter>2 byte 0x04 220251886Speter>3 use crypto 221251886Speter>4 byte 0x01 salted - 222251886Speter>>5 use hash 223251886Speter>>14 byte 0xd2 . 224251886Speter>>14 byte 0xc9 . 225251886Speter>4 byte 0x03 salted & iterated - 226251886Speter>>5 use hash 227251886Speter>>15 byte 0xd2 . 228251886Speter>>15 byte 0xc9 . 229251886Speter 230251886Speter# encrypted keymaterial needs s2k & can be checksummed/hashed 231251886Speter 232299742Sdim0 name chkcrypto 233299742Sdim>0 use crypto 234299742Sdim>1 byte 0x00 Simple S2K 235251886Speter>1 byte 0x01 Salted S2K 236251886Speter>1 byte 0x03 Salted&Iterated S2K 237251886Speter>2 use hash 238251886Speter 239251886Speter# all PGP keys start with this prolog 240251886Speter# containing version, creation date, and purpose 241251886Speter 242251886Speter0 name keyprolog 243251886Speter>0 byte 0x04 244251886Speter>1 beldate x created on %s - 245251886Speter>5 byte 0x01 RSA (Encrypt or Sign) 246251886Speter>5 byte 0x02 RSA Encrypt-Only 247251886Speter 248251886Speter# end of secret keys known signature 249251886Speter# contains e=65537 and the prolog to 250251886Speter# the encrypted parameters 251251886Speter 252251886Speter0 name keyend 253251886Speter>0 string \x00\x11\x01\x00\x01 e=65537 254251886Speter>5 use crypto 255251886Speter>5 byte 0xff checksummed 256251886Speter>>6 use chkcrypto 257251886Speter>5 byte 0xfe hashed 258251886Speter>>6 use chkcrypto 259251886Speter 260251886Speter# PGP secret keys contain also the public parts 261251886Speter# these vary by bitsize of the key 262251886Speter 263251886Speter0 name x1024 264251886Speter>0 use keyprolog 265251886Speter>6 string \x03\xfe 266251886Speter>6 string \x03\xff 267251886Speter>6 string \x04\x00 268251886Speter>136 use keyend 269251886Speter 270251886Speter0 name x2048 271251886Speter>0 use keyprolog 272299742Sdim>6 string \x80\x00 273299742Sdim>6 string \x07\xfe 274299742Sdim>6 string \x07\xff 275299742Sdim>264 use keyend 276299742Sdim 277299742Sdim0 name x3072 278299742Sdim>0 use keyprolog 279299742Sdim>6 string \x0b\xfe 280299742Sdim>6 string \x0b\xff 281299742Sdim>6 string \x0c\x00 282299742Sdim>392 use keyend 283299742Sdim 284299742Sdim0 name x4096 285299742Sdim>0 use keyprolog 286299742Sdim>6 string \x10\x00 287299742Sdim>6 string \x0f\xfe 288299742Sdim>6 string \x0f\xff 289299742Sdim>520 use keyend 290299742Sdim 291299742Sdim# \x00|\x1f[\xfe\xff]).{1024})' 292299742Sdim0 name x8192 293299742Sdim>0 use keyprolog 294299742Sdim>6 string \x20\x00 295299742Sdim>6 string \x1f\xfe 296>6 string \x1f\xff 297>1032 use keyend 298 299# depending on the size of the pkt 300# we branch into the proper key size 301# signatures defined as x{keysize} 302 303>0 name pgpkey 304>0 string \x01\xd8 1024b 305>>2 use x1024 306>0 string \x01\xeb 1024b 307>>2 use x1024 308>0 string \x01\xfb 1024b 309>>2 use x1024 310>0 string \x01\xfd 1024b 311>>2 use x1024 312>0 string \x01\xf3 1024b 313>>2 use x1024 314>0 string \x01\xee 1024b 315>>2 use x1024 316>0 string \x01\xfe 1024b 317>>2 use x1024 318>0 string \x01\xf4 1024b 319>>2 use x1024 320>0 string \x02\x0d 1024b 321>>2 use x1024 322>0 string \x02\x03 1024b 323>>2 use x1024 324>0 string \x02\x05 1024b 325>>2 use x1024 326>0 string \x02\x15 1024b 327>>2 use x1024 328>0 string \x02\x00 1024b 329>>2 use x1024 330>0 string \x02\x10 1024b 331>>2 use x1024 332>0 string \x02\x04 1024b 333>>2 use x1024 334>0 string \x02\x06 1024b 335>>2 use x1024 336>0 string \x02\x16 1024b 337>>2 use x1024 338>0 string \x03\x98 2048b 339>>2 use x2048 340>0 string \x03\xab 2048b 341>>2 use x2048 342>0 string \x03\xbb 2048b 343>>2 use x2048 344>0 string \x03\xbd 2048b 345>>2 use x2048 346>0 string \x03\xcd 2048b 347>>2 use x2048 348>0 string \x03\xb3 2048b 349>>2 use x2048 350>0 string \x03\xc3 2048b 351>>2 use x2048 352>0 string \x03\xc5 2048b 353>>2 use x2048 354>0 string \x03\xd5 2048b 355>>2 use x2048 356>0 string \x03\xae 2048b 357>>2 use x2048 358>0 string \x03\xbe 2048b 359>>2 use x2048 360>0 string \x03\xc0 2048b 361>>2 use x2048 362>0 string \x03\xd0 2048b 363>>2 use x2048 364>0 string \x03\xb4 2048b 365>>2 use x2048 366>0 string \x03\xc4 2048b 367>>2 use x2048 368>0 string \x03\xc6 2048b 369>>2 use x2048 370>0 string \x03\xd6 2048b 371>>2 use x2048 372>0 string \x05X 3072b 373>>2 use x3072 374>0 string \x05k 3072b 375>>2 use x3072 376>0 string \x05{ 3072b 377>>2 use x3072 378>0 string \x05} 3072b 379>>2 use x3072 380>0 string \x05\x8d 3072b 381>>2 use x3072 382>0 string \x05s 3072b 383>>2 use x3072 384>0 string \x05\x83 3072b 385>>2 use x3072 386>0 string \x05\x85 3072b 387>>2 use x3072 388>0 string \x05\x95 3072b 389>>2 use x3072 390>0 string \x05n 3072b 391>>2 use x3072 392>0 string \x05\x7e 3072b 393>>2 use x3072 394>0 string \x05\x80 3072b 395>>2 use x3072 396>0 string \x05\x90 3072b 397>>2 use x3072 398>0 string \x05t 3072b 399>>2 use x3072 400>0 string \x05\x84 3072b 401>>2 use x3072 402>0 string \x05\x86 3072b 403>>2 use x3072 404>0 string \x05\x96 3072b 405>>2 use x3072 406>0 string \x07[ 4096b 407>>2 use x4096 408>0 string \x07\x18 4096b 409>>2 use x4096 410>0 string \x07+ 4096b 411>>2 use x4096 412>0 string \x07; 4096b 413>>2 use x4096 414>0 string \x07= 4096b 415>>2 use x4096 416>0 string \x07M 4096b 417>>2 use x4096 418>0 string \x073 4096b 419>>2 use x4096 420>0 string \x07C 4096b 421>>2 use x4096 422>0 string \x07E 4096b 423>>2 use x4096 424>0 string \x07U 4096b 425>>2 use x4096 426>0 string \x07. 4096b 427>>2 use x4096 428>0 string \x07> 4096b 429>>2 use x4096 430>0 string \x07@ 4096b 431>>2 use x4096 432>0 string \x07P 4096b 433>>2 use x4096 434>0 string \x074 4096b 435>>2 use x4096 436>0 string \x07D 4096b 437>>2 use x4096 438>0 string \x07F 4096b 439>>2 use x4096 440>0 string \x07V 4096b 441>>2 use x4096 442>0 string \x0e[ 8192b 443>>2 use x8192 444>0 string \x0e\x18 8192b 445>>2 use x8192 446>0 string \x0e+ 8192b 447>>2 use x8192 448>0 string \x0e; 8192b 449>>2 use x8192 450>0 string \x0e= 8192b 451>>2 use x8192 452>0 string \x0eM 8192b 453>>2 use x8192 454>0 string \x0e3 8192b 455>>2 use x8192 456>0 string \x0eC 8192b 457>>2 use x8192 458>0 string \x0eE 8192b 459>>2 use x8192 460>0 string \x0eU 8192b 461>>2 use x8192 462>0 string \x0e. 8192b 463>>2 use x8192 464>0 string \x0e> 8192b 465>>2 use x8192 466>0 string \x0e@ 8192b 467>>2 use x8192 468>0 string \x0eP 8192b 469>>2 use x8192 470>0 string \x0e4 8192b 471>>2 use x8192 472>0 string \x0eD 8192b 473>>2 use x8192 474>0 string \x0eF 8192b 475>>2 use x8192 476>0 string \x0eV 8192b 477>>2 use x8192 478 479# PGP RSA (e=65537) secret (sub-)key header 480 4810 byte 0x95 PGP Secret Key - 482>1 use pgpkey 4830 byte 0x97 PGP Secret Sub-key - 484>1 use pgpkey 4850 byte 0x9d 486# Update: Joerg Jenderek 487# secret subkey packet (tag 7) with same structure as secret key packet (tag 5) 488# skip Fetus.Sys16 CALIBUS.MAIN OrbFix.Sys16.Ex by looking for positive len 489>1 ubeshort >0 490#>1 ubeshort x \b, body length 0x%x 491# next packet type often 88h,89h~(tag 2)~Signature Packet 492#>>(1.S+3) ubyte x \b, next packet type 0x%x 493# skip Dragon.SHR DEMO.INIT by looking for positive version 494>>3 ubyte >0 495# skip BUISSON.13 GUITAR1 by looking for low version number 496>>>3 ubyte <5 PGP Secret Sub-key 497# sub-key are normally part of secret key. So it does not occur as standalone file 498#!:ext bin 499# version 2,3~old 4~new . Comment following line for version 5.28 look 500>>>>3 ubyte x (v%d) 501>>>>3 ubyte x - 502# old versions 2 or 3 but no real example found 503>>>>3 ubyte <4 504# 2 byte for key bits in version 5.28 look 505>>>>>11 ubeshort x %db 506>>>>>4 beldate x created on %s - 507# old versions use 2 additional bytes after time stamp 508#>>>>>8 ubeshort x 0x%x 509# display key algorithm 1~RSA Encrypt|Sign - 21~Diffie-Hellman 510>>>>>10 use key_algo 511>>>>>(11.S/8) ubequad x 512# look after first key 513>>>>>>&5 use keyend 514# new version 515>>>>3 ubyte >3 516>>>>>9 ubeshort x %db 517>>>>>4 beldate x created on %s - 518# display key algorithm 519>>>>>8 use key_algo 520>>>>>(9.S/8) ubequad x 521# look after first key for something like s2k 522>>>>>>&3 use keyend 523