diff options
| author | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2010-02-23 10:34:14 +0000 |
|---|---|---|
| committer | Rene Mayrhofer <rene@mayrhofer.eu.org> | 2010-02-23 10:34:14 +0000 |
| commit | ed7d79f96177044949744da10f4431c1d6242241 (patch) | |
| tree | 3aabaa55ed3b5291daef891cfee9befb5235e2b8 /src/libstrongswan/plugins/pgp | |
| parent | 7410d3c6d6a9a1cd7aa55083c938946af6ff9498 (diff) | |
| download | vyos-strongswan-ed7d79f96177044949744da10f4431c1d6242241.tar.gz vyos-strongswan-ed7d79f96177044949744da10f4431c1d6242241.zip | |
[svn-upgrade] Integrating new upstream version, strongswan (4.3.6)
Diffstat (limited to 'src/libstrongswan/plugins/pgp')
| -rw-r--r-- | src/libstrongswan/plugins/pgp/Makefile.am | 15 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/Makefile.in | 576 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_builder.c | 275 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_builder.h | 45 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_cert.c | 501 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_cert.h | 48 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_encoder.c | 68 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_encoder.h | 32 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_plugin.c | 79 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_plugin.h | 47 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_utils.c | 180 | ||||
| -rw-r--r-- | src/libstrongswan/plugins/pgp/pgp_utils.h | 130 |
12 files changed, 1996 insertions, 0 deletions
diff --git a/src/libstrongswan/plugins/pgp/Makefile.am b/src/libstrongswan/plugins/pgp/Makefile.am new file mode 100644 index 000000000..c232971bb --- /dev/null +++ b/src/libstrongswan/plugins/pgp/Makefile.am @@ -0,0 +1,15 @@ + +INCLUDES = -I$(top_srcdir)/src/libstrongswan + +AM_CFLAGS = -rdynamic + +plugin_LTLIBRARIES = libstrongswan-pgp.la + +libstrongswan_pgp_la_SOURCES = pgp_plugin.h pgp_plugin.c \ + pgp_utils.h pgp_utils.c \ + pgp_cert.h pgp_cert.c \ + pgp_encoder.h pgp_encoder.c \ + pgp_builder.h pgp_builder.c + +libstrongswan_pgp_la_LDFLAGS = -module -avoid-version + diff --git a/src/libstrongswan/plugins/pgp/Makefile.in b/src/libstrongswan/plugins/pgp/Makefile.in new file mode 100644 index 000000000..70840c400 --- /dev/null +++ b/src/libstrongswan/plugins/pgp/Makefile.in @@ -0,0 +1,576 @@ +# Makefile.in generated by automake 1.11 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, +# Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +subdir = src/libstrongswan/plugins/pgp +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/config/libtool.m4 \ + $(top_srcdir)/m4/config/ltoptions.m4 \ + $(top_srcdir)/m4/config/ltsugar.m4 \ + $(top_srcdir)/m4/config/ltversion.m4 \ + $(top_srcdir)/m4/config/lt~obsolete.m4 \ + $(top_srcdir)/m4/macros/with.m4 \ + $(top_srcdir)/m4/macros/enable-disable.m4 \ + $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_CLEAN_FILES = +CONFIG_CLEAN_VPATH_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__installdirs = "$(DESTDIR)$(plugindir)" +LTLIBRARIES = $(plugin_LTLIBRARIES) +libstrongswan_pgp_la_LIBADD = +am_libstrongswan_pgp_la_OBJECTS = pgp_plugin.lo pgp_utils.lo \ + pgp_cert.lo pgp_encoder.lo pgp_builder.lo +libstrongswan_pgp_la_OBJECTS = $(am_libstrongswan_pgp_la_OBJECTS) +libstrongswan_pgp_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(libstrongswan_pgp_la_LDFLAGS) $(LDFLAGS) -o $@ +DEFAULT_INCLUDES = -I.@am__isrc@ +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +am__mv = mv -f +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = $(libstrongswan_pgp_la_SOURCES) +DIST_SOURCES = $(libstrongswan_pgp_la_SOURCES) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +ALLOCA = @ALLOCA@ +AMTAR = @AMTAR@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +BTLIB = @BTLIB@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +DLLIB = @DLLIB@ +DSYMUTIL = @DSYMUTIL@ +DUMPBIN = @DUMPBIN@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +FGREP = @FGREP@ +GPERF = @GPERF@ +GREP = @GREP@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ +LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LIBTOOL = @LIBTOOL@ +LIPO = @LIPO@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +MYSQLCFLAG = @MYSQLCFLAG@ +MYSQLCONFIG = @MYSQLCONFIG@ +MYSQLLIB = @MYSQLLIB@ +NM = @NM@ +NMEDIT = @NMEDIT@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +OTOOL = @OTOOL@ +OTOOL64 = @OTOOL64@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PERL = @PERL@ +PKG_CONFIG = @PKG_CONFIG@ +PTHREADLIB = @PTHREADLIB@ +RANLIB = @RANLIB@ +RTLIB = @RTLIB@ +RUBY = @RUBY@ +RUBYINCLUDE = @RUBYINCLUDE@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +SOCKLIB = @SOCKLIB@ +STRIP = @STRIP@ +VERSION = @VERSION@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +default_pkcs11 = @default_pkcs11@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +gtk_CFLAGS = @gtk_CFLAGS@ +gtk_LIBS = @gtk_LIBS@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +ipsecdir = @ipsecdir@ +ipsecgid = @ipsecgid@ +ipsecgroup = @ipsecgroup@ +ipsecuid = @ipsecuid@ +ipsecuser = @ipsecuser@ +libdir = @libdir@ +libexecdir = @libexecdir@ +libstrongswan_plugins = @libstrongswan_plugins@ +linux_headers = @linux_headers@ +localedir = @localedir@ +localstatedir = @localstatedir@ +lt_ECHO = @lt_ECHO@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +nm_CFLAGS = @nm_CFLAGS@ +nm_LIBS = @nm_LIBS@ +nm_ca_dir = @nm_ca_dir@ +oldincludedir = @oldincludedir@ +pdfdir = @pdfdir@ +piddir = @piddir@ +plugindir = @plugindir@ +pluto_plugins = @pluto_plugins@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +random_device = @random_device@ +resolv_conf = @resolv_conf@ +routing_table = @routing_table@ +routing_table_prio = @routing_table_prio@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +strongswan_conf = @strongswan_conf@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_build_prefix = @top_build_prefix@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +urandom_device = @urandom_device@ +xml_CFLAGS = @xml_CFLAGS@ +xml_LIBS = @xml_LIBS@ +INCLUDES = -I$(top_srcdir)/src/libstrongswan +AM_CFLAGS = -rdynamic +plugin_LTLIBRARIES = libstrongswan-pgp.la +libstrongswan_pgp_la_SOURCES = pgp_plugin.h pgp_plugin.c \ + pgp_utils.h pgp_utils.c \ + pgp_cert.h pgp_cert.c \ + pgp_encoder.h pgp_encoder.c \ + pgp_builder.h pgp_builder.c + +libstrongswan_pgp_la_LDFLAGS = -module -avoid-version +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ + && { if test -f $@; then exit 0; else break; fi; }; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu src/libstrongswan/plugins/pgp/Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --gnu src/libstrongswan/plugins/pgp/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(am__aclocal_m4_deps): +install-pluginLTLIBRARIES: $(plugin_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(plugindir)" || $(MKDIR_P) "$(DESTDIR)$(plugindir)" + @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \ + list2=; for p in $$list; do \ + if test -f $$p; then \ + list2="$$list2 $$p"; \ + else :; fi; \ + done; \ + test -z "$$list2" || { \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(plugindir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(plugindir)"; \ + } + +uninstall-pluginLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(plugin_LTLIBRARIES)'; test -n "$(plugindir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(plugindir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(plugindir)/$$f"; \ + done + +clean-pluginLTLIBRARIES: + -test -z "$(plugin_LTLIBRARIES)" || rm -f $(plugin_LTLIBRARIES) + @list='$(plugin_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +libstrongswan-pgp.la: $(libstrongswan_pgp_la_OBJECTS) $(libstrongswan_pgp_la_DEPENDENCIES) + $(libstrongswan_pgp_la_LINK) -rpath $(plugindir) $(libstrongswan_pgp_la_OBJECTS) $(libstrongswan_pgp_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pgp_builder.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pgp_cert.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pgp_encoder.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pgp_plugin.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pgp_utils.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + set x; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in files) print i; }; }'`; \ + test -z "$(CTAGS_ARGS)$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ + else \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(LTLIBRARIES) +installdirs: + for dir in "$(DESTDIR)$(plugindir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-libtool clean-pluginLTLIBRARIES \ + mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +html-am: + +info: info-am + +info-am: + +install-data-am: install-pluginLTLIBRARIES + +install-dvi: install-dvi-am + +install-dvi-am: + +install-exec-am: + +install-html: install-html-am + +install-html-am: + +install-info: install-info-am + +install-info-am: + +install-man: + +install-pdf: install-pdf-am + +install-pdf-am: + +install-ps: install-ps-am + +install-ps-am: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-pluginLTLIBRARIES + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS all all-am check check-am clean clean-generic \ + clean-libtool clean-pluginLTLIBRARIES ctags distclean \ + distclean-compile distclean-generic distclean-libtool \ + distclean-tags distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-dvi \ + install-dvi-am install-exec install-exec-am install-html \ + install-html-am install-info install-info-am install-man \ + install-pdf install-pdf-am install-pluginLTLIBRARIES \ + install-ps install-ps-am install-strip installcheck \ + installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic mostlyclean mostlyclean-compile \ + mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ + tags uninstall uninstall-am uninstall-pluginLTLIBRARIES + + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/src/libstrongswan/plugins/pgp/pgp_builder.c b/src/libstrongswan/plugins/pgp/pgp_builder.c new file mode 100644 index 000000000..d262d18ff --- /dev/null +++ b/src/libstrongswan/plugins/pgp/pgp_builder.c @@ -0,0 +1,275 @@ +/* + * Copyright (C) 2009 Martin Willi + * Copyright (C) 2002-2009 Andreas Steffen + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "pgp_builder.h" +#include "pgp_utils.h" + +#include <enum.h> +#include <debug.h> +#include <credentials/keys/private_key.h> + +/** + * Load a generic public key from a PGP packet + */ +static public_key_t *parse_public_key(chunk_t blob) +{ + u_int32_t alg; + public_key_t *key; + + if (!pgp_read_scalar(&blob, 1, &alg)) + { + return NULL; + } + switch (alg) + { + case PGP_PUBKEY_ALG_RSA: + case PGP_PUBKEY_ALG_RSA_SIGN_ONLY: + key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_RSA, + BUILD_BLOB_PGP, blob, BUILD_END); + break; + default: + DBG1("PGP public key algorithm %N not supported", + pgp_pubkey_alg_names, alg); + return NULL; + } + return key; +} + +/** + * Load a RSA public key from a PGP packet + */ +static public_key_t *parse_rsa_public_key(chunk_t blob) +{ + chunk_t mpi[2]; + int i; + + for (i = 0; i < 2; i++) + { + if (!pgp_read_mpi(&blob, &mpi[i])) + { + return NULL; + } + } + return lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_RSA, + BUILD_RSA_MODULUS, mpi[0], BUILD_RSA_PUB_EXP, mpi[1], + BUILD_END); +} + +/** + * Load a RSA private key from a PGP packet + */ +static private_key_t *parse_rsa_private_key(chunk_t blob) +{ + chunk_t mpi[6]; + u_int32_t s2k; + int i; + + for (i = 0; i < 2; i++) + { + if (!pgp_read_mpi(&blob, &mpi[i])) + { + return NULL; + } + } + if (!pgp_read_scalar(&blob, 1, &s2k)) + { + return NULL; + } + if (s2k == 255 || s2k == 254) + { + DBG1("string-to-key specifiers not supported"); + return NULL; + } + if (s2k != PGP_SYM_ALG_PLAIN) + { + DBG1("%N private key encryption not supported", pgp_sym_alg_names, s2k); + return NULL; + } + + for (i = 2; i < 6; i++) + { + if (!pgp_read_mpi(&blob, &mpi[i])) + { + return NULL; + } + } + + /* PGP has uses p < q, but we use p > q */ + return lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, + BUILD_RSA_MODULUS, mpi[0], BUILD_RSA_PUB_EXP, mpi[1], + BUILD_RSA_PRIV_EXP, mpi[2], BUILD_RSA_PRIME2, mpi[3], + BUILD_RSA_PRIME1, mpi[4], BUILD_RSA_COEFF, mpi[5], + BUILD_END); +} + +/** + * Implementation of private_key_t.sign for encryption-only keys + */ +static bool sign_not_allowed(private_key_t *this, signature_scheme_t scheme, + chunk_t data, chunk_t *signature) +{ + DBG1("signing failed - decryption only key"); + return FALSE; +} + +/** + * Implementation of private_key_t.decrypt for signature-only keys + */ +static bool decrypt_not_allowed(private_key_t *this, + chunk_t crypto, chunk_t *plain) +{ + DBG1("decryption failed - signature only key"); + return FALSE; +} + +/** + * Load a generic private key from a PGP packet + */ +static private_key_t *parse_private_key(chunk_t blob) +{ + chunk_t packet; + pgp_packet_tag_t tag; + u_int32_t version, created, days, alg; + private_key_t *key; + + if (!pgp_read_packet(&blob, &packet, &tag)) + { + return NULL; + } + if (!pgp_read_scalar(&packet, 1, &version)) + { + return FALSE; + } + switch (version) + { + case 3: + if (!pgp_read_scalar(&packet, 2, &days)) + { + return NULL; + } + break; + case 4: + break; + default: + DBG1("PGP packet version V%d not supported", version); + return FALSE; + } + if (!pgp_read_scalar(&packet, 4, &created)) + { + return NULL; + } + if (!pgp_read_scalar(&packet, 1, &alg)) + { + return NULL; + } + switch (alg) + { + case PGP_PUBKEY_ALG_RSA: + return lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, + BUILD_BLOB_PGP, packet, BUILD_END); + case PGP_PUBKEY_ALG_RSA_ENC_ONLY: + key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, + BUILD_BLOB_PGP, packet, BUILD_END); + if (key) + { + key->sign = sign_not_allowed; + } + return key; + case PGP_PUBKEY_ALG_RSA_SIGN_ONLY: + key = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, + BUILD_BLOB_PGP, packet, BUILD_END); + if (key) + { + key->decrypt = decrypt_not_allowed; + } + return key; + case PGP_PUBKEY_ALG_ECDSA: + return lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ECDSA, + BUILD_BLOB_PGP, packet, BUILD_END); + case PGP_PUBKEY_ALG_ELGAMAL_ENC_ONLY: + case PGP_PUBKEY_ALG_DSA: + case PGP_PUBKEY_ALG_ECC: + case PGP_PUBKEY_ALG_ELGAMAL: + case PGP_PUBKEY_ALG_DIFFIE_HELLMAN: + default: + return NULL; + } +} + +/** + * See header. + */ +public_key_t *pgp_public_key_load(key_type_t type, va_list args) +{ + chunk_t blob = chunk_empty; + + while (TRUE) + { + switch (va_arg(args, builder_part_t)) + { + case BUILD_BLOB_PGP: + blob = va_arg(args, chunk_t); + continue; + case BUILD_END: + break; + default: + return NULL; + } + break; + } + switch (type) + { + case KEY_ANY: + return parse_public_key(blob); + case KEY_RSA: + return parse_rsa_public_key(blob); + default: + return NULL; + } +} + +/** + * See header. + */ +private_key_t *pgp_private_key_load(key_type_t type, va_list args) +{ + chunk_t blob = chunk_empty; + + while (TRUE) + { + switch (va_arg(args, builder_part_t)) + { + case BUILD_BLOB_PGP: + blob = va_arg(args, chunk_t); + continue; + case BUILD_END: + break; + default: + return NULL; + } + break; + } + switch (type) + { + case KEY_ANY: + return parse_private_key(blob); + case KEY_RSA: + return parse_rsa_private_key(blob); + default: + return NULL; + } +} + diff --git a/src/libstrongswan/plugins/pgp/pgp_builder.h b/src/libstrongswan/plugins/pgp/pgp_builder.h new file mode 100644 index 000000000..1168babd6 --- /dev/null +++ b/src/libstrongswan/plugins/pgp/pgp_builder.h @@ -0,0 +1,45 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup pgp_public_key pgp_public_key + * @{ @ingroup pgp + */ + +#ifndef PGP_BUILDER_H_ +#define PGP_BUILDER_H_ + +#include <credentials/builder.h> +#include <credentials/keys/private_key.h> + +/** + * Load a generic or an RSA public key using PGP decoding. + * + * @param type type of the key, either KEY_ANY or KEY_RSA + * @param args builder_part_t argument list + * @return private key, NULL if failed + */ +public_key_t *pgp_public_key_load(key_type_t type, va_list args); + +/** + * Load a generic or RSA private key using PGP decoding. + * + * @param type type of the key, either KEY_ANY or KEY_RSA + * @param args builder_part_t argument list + * @return builder instance + */ +private_key_t *pgp_private_key_load(key_type_t type, va_list args); + +#endif /** PGP_BUILDER_H_ @}*/ diff --git a/src/libstrongswan/plugins/pgp/pgp_cert.c b/src/libstrongswan/plugins/pgp/pgp_cert.c new file mode 100644 index 000000000..fa2612285 --- /dev/null +++ b/src/libstrongswan/plugins/pgp/pgp_cert.c @@ -0,0 +1,501 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "pgp_cert.h" +#include "pgp_utils.h" + +#include <time.h> + +#include <debug.h> + +typedef struct private_pgp_cert_t private_pgp_cert_t; + +/** + * Private data of an pgp_cert_t object. + */ +struct private_pgp_cert_t { + + /** + * Implements pgp_cert_t interface. + */ + pgp_cert_t public; + + /** + * Public key of the certificate + */ + public_key_t *key; + + /** + * version of the public key + */ + u_int32_t version; + + /** + * creation time + */ + u_int32_t created; + + /** + * days the certificate is valid + */ + u_int32_t valid; + + /** + * userid of the certificate + */ + identification_t *user_id; + + /** + * v3 or v4 fingerprint of the PGP public key + */ + chunk_t fingerprint; + + /** + * full PGP encoding + */ + chunk_t encoding; + + /** + * reference counter + */ + refcount_t ref; +}; + + +/** + * Implementation of certificate_t.get_type + */ +static certificate_type_t get_type(private_pgp_cert_t *this) +{ + return CERT_GPG; +} + +/** + * Implementation of certificate_t.get_subject + */ +static identification_t* get_subject(private_pgp_cert_t *this) +{ + return this->user_id; +} + +/** + * Implementation of certificate_t.get_issuer + */ +static identification_t* get_issuer(private_pgp_cert_t *this) +{ + return this->user_id; +} + +/** + * Implementation of certificate_t.has_subject. + */ +static id_match_t has_subject(private_pgp_cert_t *this, + identification_t *subject) +{ + id_match_t match_user_id; + + match_user_id = this->user_id->matches(this->user_id, subject); + if (match_user_id == ID_MATCH_NONE && + subject->get_type(subject) == ID_KEY_ID && + chunk_equals(this->fingerprint, subject->get_encoding(subject))) + { + return ID_MATCH_PERFECT; + } + return match_user_id; +} + +/** + * Implementation of certificate_t.has_subject. + */ +static id_match_t has_issuer(private_pgp_cert_t *this, identification_t *issuer) +{ + return ID_MATCH_NONE; +} + +/** + * Implementation of certificate_t.issued_by + */ +static bool issued_by(private_pgp_cert_t *this, certificate_t *issuer) +{ + /* TODO: check signature blobs for a valid signature */ + return FALSE; +} + +/** + * Implementation of certificate_t.get_public_key + */ +static public_key_t* get_public_key(private_pgp_cert_t *this) +{ + this->key->get_ref(this->key); + return this->key; +} + +/** + * Implementation of certificate_t.get_ref + */ +static private_pgp_cert_t* get_ref(private_pgp_cert_t *this) +{ + ref_get(&this->ref); + return this; +} + +/** + * Implementation of certificate_t.get_validity. + */ +static bool get_validity(private_pgp_cert_t *this, time_t *when, + time_t *not_before, time_t *not_after) +{ + time_t t, until; + + if (when) + { + t = *when; + } + else + { + t = time(NULL); + } + if (not_before) + { + *not_before = this->created; + } + if (this->valid) + { + until = this->valid + this->created * 24 * 60 * 60; + } + else + { + /* Jan 19 03:14:07 UTC 2038 */ + until = TIME_32_BIT_SIGNED_MAX; + } + if (not_after) + { + *not_after = until; + } + return (t >= this->valid && t <= until); +} + +/** + * Implementation of certificate_t.is_newer. + */ +static bool is_newer(certificate_t *this, certificate_t *that) +{ + time_t this_update, that_update, now = time(NULL); + bool new; + + this->get_validity(this, &now, &this_update, NULL); + that->get_validity(that, &now, &that_update, NULL); + new = this_update > that_update; + DBG1(" certificate from %T is %s - existing certificate from %T %s", + &this_update, FALSE, new ? "newer":"not newer", + &that_update, FALSE, new ? "replaced":"retained"); + return new; +} + +/** + * Implementation of certificate_t.get_encoding. + */ +static chunk_t get_encoding(private_pgp_cert_t *this) +{ + return chunk_clone(this->encoding); +} + +/** + * Implementation of certificate_t.equals. + */ +static bool equals(private_pgp_cert_t *this, certificate_t *other) +{ + chunk_t encoding; + bool equal; + + if (this == (private_pgp_cert_t*)other) + { + return TRUE; + } + if (other->get_type(other) != CERT_X509) + { + return FALSE; + } + if (other->equals == (void*)equals) + { /* skip allocation if we have the same implementation */ + return chunk_equals(this->encoding, ((private_pgp_cert_t*)other)->encoding); + } + encoding = other->get_encoding(other); + equal = chunk_equals(this->encoding, encoding); + free(encoding.ptr); + return equal; +} + +/** + * Implementation of pgp_cert_t.destroy. + */ +static void destroy(private_pgp_cert_t *this) +{ + if (ref_put(&this->ref)) + { + DESTROY_IF(this->key); + DESTROY_IF(this->user_id); + free(this->fingerprint.ptr); + free(this->encoding.ptr); + free(this); + } +} + +/** + * Implementation of pgp_certificate_t.get_fingerprint. + */ +static chunk_t get_fingerprint(private_pgp_cert_t *this) +{ + return this->fingerprint; +} + +/** + * See header + */ +private_pgp_cert_t *create_empty() +{ + private_pgp_cert_t *this = malloc_thing(private_pgp_cert_t); + + this->public.interface.interface.get_type = (certificate_type_t (*) (certificate_t*))get_type; + this->public.interface.interface.get_subject = (identification_t* (*) (certificate_t*))get_subject; + this->public.interface.interface.get_issuer = (identification_t* (*) (certificate_t*))get_issuer; + this->public.interface.interface.has_subject = (id_match_t (*) (certificate_t*, identification_t*))has_subject; + this->public.interface.interface.has_issuer = (id_match_t (*) (certificate_t*, identification_t*))has_issuer; + this->public.interface.interface.issued_by = (bool (*) (certificate_t*, certificate_t*))issued_by; + this->public.interface.interface.get_public_key = (public_key_t* (*) (certificate_t*))get_public_key; + this->public.interface.interface.get_validity = (bool (*) (certificate_t*, time_t*, time_t*, time_t*))get_validity; + this->public.interface.interface.is_newer = (bool (*) (certificate_t*,certificate_t*))is_newer; + this->public.interface.interface.get_encoding = (chunk_t (*) (certificate_t*))get_encoding; + this->public.interface.interface.equals = (bool (*)(certificate_t*, certificate_t*))equals; + this->public.interface.interface.get_ref = (certificate_t* (*)(certificate_t*))get_ref; + this->public.interface.interface.destroy = (void (*)(certificate_t*))destroy; + this->public.interface.get_fingerprint = (chunk_t (*)(pgp_certificate_t*))get_fingerprint; + + this->key = NULL; + this->version = 0; + this->created = 0; + this->valid = 0; + this->user_id = NULL; + this->fingerprint = chunk_empty; + this->encoding = chunk_empty; + this->ref = 1; + + return this; +} + +/** + * Parse the public key packet of a PGP certificate + */ +static bool parse_public_key(private_pgp_cert_t *this, chunk_t packet) +{ + chunk_t pubkey_packet = packet; + + if (!pgp_read_scalar(&packet, 1, &this->version)) + { + return FALSE; + } + switch (this->version) + { + case 3: + if (!pgp_read_scalar(&packet, 4, &this->created) || + !pgp_read_scalar(&packet, 2, &this->valid)) + { + return FALSE; + } + break; + case 4: + if (!pgp_read_scalar(&packet, 4, &this->created)) + { + return FALSE; + } + break; + default: + DBG1("PGP packet version V%d not supported", this->version); + return FALSE; + } + if (this->valid) + { + DBG2("L2 - created %T, valid %d days", &this->created, FALSE, this->valid); + } + else + { + DBG2("L2 - created %T, never expires", &this->created, FALSE); + } + DESTROY_IF(this->key); + this->key = lib->creds->create(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, + BUILD_BLOB_PGP, packet, BUILD_END); + if (this->key == NULL) + { + return FALSE; + } + + /* compute V4 or V3 fingerprint according to section 12.2 of RFC 4880 */ + if (this->version == 4) + { + chunk_t pubkey_packet_header = chunk_from_chars( + 0x99, pubkey_packet.len / 256, pubkey_packet.len % 256 + ); + hasher_t *hasher; + + hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1); + if (hasher == NULL) + { + DBG1("no SHA-1 hasher available"); + return FALSE; + } + hasher->allocate_hash(hasher, pubkey_packet_header, NULL); + hasher->allocate_hash(hasher, pubkey_packet, &this->fingerprint); + hasher->destroy(hasher); + DBG2("L2 - v4 fingerprint %#B", &this->fingerprint); + } + else + { + /* V3 fingerprint is computed by public_key_t class */ + if (!this->key->get_fingerprint(this->key, KEY_ID_PGPV3, + &this->fingerprint)) + { + return FALSE; + } + this->fingerprint = chunk_clone(this->fingerprint); + DBG2("L2 - v3 fingerprint %#B", &this->fingerprint); + } + return TRUE; +} + +/** + * Parse the signature packet of a PGP certificate + */ +static bool parse_signature(private_pgp_cert_t *this, chunk_t packet) +{ + u_int32_t version, len, type, created; + + if (!pgp_read_scalar(&packet, 1, &version)) + { + return FALSE; + } + + /* we parse only v3 or v4 signature packets */ + if (version != 3 && version != 4) + { + DBG2("L2 - v%d signature ignored", version); + return TRUE; + } + if (version == 4) + { + if (!pgp_read_scalar(&packet, 1, &type)) + { + return FALSE; + } + DBG2("L2 - v%d signature of type 0x%02x", version, type); + } + else + { + if (!pgp_read_scalar(&packet, 1, &len) || len != 5) + { + return FALSE; + } + if (!pgp_read_scalar(&packet, 1, &type) || + !pgp_read_scalar(&packet, 4, &created)) + { + return FALSE; + } + DBG2("L2 - v3 signature of type 0x%02x, created %T", type, + &created, FALSE); + } + /* TODO: parse and save signature to a list */ + return TRUE; +} + +/** + * Parse the userid packet of a PGP certificate + */ +static bool parse_user_id(private_pgp_cert_t *this, chunk_t packet) +{ + DESTROY_IF(this->user_id); + this->user_id = identification_create_from_encoding(ID_KEY_ID, packet); + DBG2("L2 - '%Y'", this->user_id); + return TRUE; +} + +/** + * See header. + */ +pgp_cert_t *pgp_cert_load(certificate_type_t type, va_list args) +{ + chunk_t packet, blob = chunk_empty; + pgp_packet_tag_t tag; + private_pgp_cert_t *this; + + while (TRUE) + { + switch (va_arg(args, builder_part_t)) + { + case BUILD_BLOB_PGP: + blob = va_arg(args, chunk_t); + continue; + case BUILD_END: + break; + default: + return NULL; + } + break; + } + + this = create_empty(); + this->encoding = chunk_clone(blob); + while (blob.len) + { + if (!pgp_read_packet(&blob, &packet, &tag)) + { + destroy(this); + return NULL; + } + switch (tag) + { + case PGP_PKT_PUBLIC_KEY: + if (!parse_public_key(this, packet)) + { + destroy(this); + return NULL; + } + break; + case PGP_PKT_SIGNATURE: + if (!parse_signature(this, packet)) + { + destroy(this); + return FALSE; + } + break; + case PGP_PKT_USER_ID: + if (!parse_user_id(this, packet)) + { + destroy(this); + return FALSE; + } + break; + default: + DBG1("ignoring %N packet in PGP certificate", + pgp_packet_tag_names, tag); + break; + } + } + if (this->key) + { + return &this->public; + } + destroy(this); + return NULL; +} + diff --git a/src/libstrongswan/plugins/pgp/pgp_cert.h b/src/libstrongswan/plugins/pgp/pgp_cert.h new file mode 100644 index 000000000..4db795ddc --- /dev/null +++ b/src/libstrongswan/plugins/pgp/pgp_cert.h @@ -0,0 +1,48 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup pgp_cert pgp_cert + * @{ @ingroup pgp + */ + +#ifndef PGP_CERT_H_ +#define PGP_CERT_H_ + +#include <credentials/certificates/pgp_certificate.h> + +typedef struct pgp_cert_t pgp_cert_t; + +/** + * PGP certificate implementation. + */ +struct pgp_cert_t { + + /** + * Implements pgp_certificate_t. + */ + pgp_certificate_t interface; +}; + +/** + * Load a PGP certificate. + * + * @param type type of the certificate, CERT_GPG + * @param args builder_part_t argument list + * @return builder instance + */ +pgp_cert_t *pgp_cert_load(certificate_type_t type, va_list args); + +#endif /** PGP_CERT_H_ @}*/ diff --git a/src/libstrongswan/plugins/pgp/pgp_encoder.c b/src/libstrongswan/plugins/pgp/pgp_encoder.c new file mode 100644 index 000000000..56acac597 --- /dev/null +++ b/src/libstrongswan/plugins/pgp/pgp_encoder.c @@ -0,0 +1,68 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "pgp_encoder.h" + +#include <debug.h> + +/** + * Build a PGPv3 fingerprint + */ +static bool build_v3_fingerprint(chunk_t *encoding, va_list args) +{ + hasher_t *hasher; + chunk_t n, e; + + if (key_encoding_args(args, KEY_PART_RSA_MODULUS, &n, + KEY_PART_RSA_PUB_EXP, &e, KEY_PART_END)) + { + hasher = lib->crypto->create_hasher(lib->crypto, HASH_MD5); + if (!hasher) + { + DBG1("MD5 hash algorithm not supported, PGP fingerprinting failed"); + return FALSE; + } + /* remove leading zero bytes before hashing modulus and exponent */ + while (n.len > 0 && n.ptr[0] == 0x00) + { + n = chunk_skip(n, 1); + } + while (e.len > 0 && e.ptr[0] == 0x00) + { + e = chunk_skip(e, 1); + } + hasher->allocate_hash(hasher, n, NULL); + hasher->allocate_hash(hasher, e, encoding); + hasher->destroy(hasher); + return TRUE; + } + return FALSE; +} + +/** + * See header. + */ +bool pgp_encoder_encode(key_encoding_type_t type, chunk_t *encoding, + va_list args) +{ + switch (type) + { + case KEY_ID_PGPV3: + return build_v3_fingerprint(encoding, args); + default: + return FALSE; + } +} + diff --git a/src/libstrongswan/plugins/pgp/pgp_encoder.h b/src/libstrongswan/plugins/pgp/pgp_encoder.h new file mode 100644 index 000000000..9df143399 --- /dev/null +++ b/src/libstrongswan/plugins/pgp/pgp_encoder.h @@ -0,0 +1,32 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup pgp_encoder pgp_encoder + * @{ @ingroup pgp + */ + +#ifndef PGP_ENCODER_H_ +#define PGP_ENCODER_H_ + +#include <credentials/keys/key_encoding.h> + +/** + * Encoding function for PGP fingerprints. + */ +bool pgp_encoder_encode(key_encoding_type_t type, chunk_t *encoding, + va_list args); + +#endif /** PGP_ENCODER_H_ @}*/ diff --git a/src/libstrongswan/plugins/pgp/pgp_plugin.c b/src/libstrongswan/plugins/pgp/pgp_plugin.c new file mode 100644 index 000000000..eabb3695f --- /dev/null +++ b/src/libstrongswan/plugins/pgp/pgp_plugin.c @@ -0,0 +1,79 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "pgp_plugin.h" + +#include <library.h> +#include "pgp_builder.h" +#include "pgp_encoder.h" +#include "pgp_cert.h" + +typedef struct private_pgp_plugin_t private_pgp_plugin_t; + +/** + * private data of pgp_plugin + */ +struct private_pgp_plugin_t { + + /** + * public functions + */ + pgp_plugin_t public; +}; + +/** + * Implementation of pgp_plugin_t.pgptroy + */ +static void destroy(private_pgp_plugin_t *this) +{ + lib->creds->remove_builder(lib->creds, + (builder_function_t)pgp_public_key_load); + lib->creds->remove_builder(lib->creds, + (builder_function_t)pgp_private_key_load); + + lib->creds->remove_builder(lib->creds, + (builder_function_t)pgp_cert_load); + + lib->encoding->remove_encoder(lib->encoding, pgp_encoder_encode); + + free(this); +} + +/* + * see header file + */ +plugin_t *plugin_create() +{ + private_pgp_plugin_t *this = malloc_thing(private_pgp_plugin_t); + + this->public.plugin.destroy = (void(*)(plugin_t*))destroy; + + lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_ANY, + (builder_function_t)pgp_public_key_load); + lib->creds->add_builder(lib->creds, CRED_PUBLIC_KEY, KEY_RSA, + (builder_function_t)pgp_public_key_load); + lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_ANY, + (builder_function_t)pgp_private_key_load); + lib->creds->add_builder(lib->creds, CRED_PRIVATE_KEY, KEY_RSA, + (builder_function_t)pgp_private_key_load); + + lib->creds->add_builder(lib->creds, CRED_CERTIFICATE, CERT_GPG, + (builder_function_t)pgp_cert_load); + + lib->encoding->add_encoder(lib->encoding, pgp_encoder_encode); + + return &this->public.plugin; +} + diff --git a/src/libstrongswan/plugins/pgp/pgp_plugin.h b/src/libstrongswan/plugins/pgp/pgp_plugin.h new file mode 100644 index 000000000..95765cd76 --- /dev/null +++ b/src/libstrongswan/plugins/pgp/pgp_plugin.h @@ -0,0 +1,47 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup pgp pgp + * @ingroup plugins + * + * @defgroup pgp_plugin pgp_plugin + * @{ @ingroup pgp + */ + +#ifndef PGP_PLUGIN_H_ +#define PGP_PLUGIN_H_ + +#include <plugins/plugin.h> + +typedef struct pgp_plugin_t pgp_plugin_t; + +/** + * Plugin providing PKCS#1 private/public key decoding functions + */ +struct pgp_plugin_t { + + /** + * implements plugin interface + */ + plugin_t plugin; +}; + +/** + * Create a pgp_plugin instance. + */ +plugin_t *plugin_create(); + +#endif /** PGP_PLUGIN_H_ @}*/ diff --git a/src/libstrongswan/plugins/pgp/pgp_utils.c b/src/libstrongswan/plugins/pgp/pgp_utils.c new file mode 100644 index 000000000..1658f3232 --- /dev/null +++ b/src/libstrongswan/plugins/pgp/pgp_utils.c @@ -0,0 +1,180 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +#include "pgp_utils.h" + +#include <debug.h> + +ENUM_BEGIN(pgp_pubkey_alg_names, PGP_PUBKEY_ALG_RSA, PGP_PUBKEY_ALG_RSA_SIGN_ONLY, + "RSA", + "RSA_ENC_ONLY", + "RSA_SIGN_ONLY" +); +ENUM_NEXT(pgp_pubkey_alg_names, PGP_PUBKEY_ALG_ELGAMAL_ENC_ONLY, PGP_PUBKEY_ALG_DIFFIE_HELLMAN, PGP_PUBKEY_ALG_RSA_SIGN_ONLY, + "ELGAMAL_ENC_ONLY", + "DSA", + "ECC", + "ECDSA", + "ELGAMAL", + "DIFFIE_HELLMAN" +); +ENUM_END(pgp_pubkey_alg_names, PGP_PUBKEY_ALG_DIFFIE_HELLMAN); + +ENUM(pgp_sym_alg_names, PGP_SYM_ALG_PLAIN, PGP_SYM_ALG_TWOFISH, + "PLAINTEXT", + "IDEA", + "3DES", + "CAST5", + "BLOWFISH", + "SAFER", + "DES", + "AES_128", + "AES_192", + "AES_256", + "TWOFISH" +); + +ENUM_BEGIN(pgp_packet_tag_names, PGP_PKT_RESERVED, PGP_PKT_PUBLIC_SUBKEY, + "Reserved", + "Public-Key Encrypted Session Key Packet", + "Signature Packet", + "Symmetric-Key Encrypted Session Key Packet", + "One-Pass Signature Packet", + "Secret Key Packet", + "Public Key Packet", + "Secret Subkey Packet", + "Compressed Data Packet", + "Symmetrically Encrypted Data Packet", + "Marker Packet", + "Literal Data Packet", + "Trust Packet", + "User ID Packet", + "Public Subkey Packet" +); +ENUM_NEXT(pgp_packet_tag_names, PGP_PKT_USER_ATTRIBUTE, PGP_PKT_MOD_DETECT_CODE, PGP_PKT_PUBLIC_SUBKEY, + "User Attribute Packet", + "Sym. Encrypted and Integrity Protected Data Packet", + "Modification Detection Code Packet" +); +ENUM_END(pgp_packet_tag_names, PGP_PKT_MOD_DETECT_CODE); + +/** + * Read a PGP scalar of bytes length, advance blob + */ +bool pgp_read_scalar(chunk_t *blob, size_t bytes, u_int32_t *scalar) +{ + u_int32_t res = 0; + + if (bytes > blob->len) + { + DBG1("PGP data too short to read %d byte scalar", bytes); + return FALSE; + } + while (bytes-- > 0) + { + res = 256 * res + blob->ptr[0]; + *blob = chunk_skip(*blob, 1); + } + *scalar = res; + return TRUE; +} + +/** + * Read a PGP MPI, advance blob + */ +bool pgp_read_mpi(chunk_t *blob, chunk_t *mpi) +{ + u_int32_t bits, bytes; + + if (!pgp_read_scalar(blob, 2, &bits)) + { + DBG1("PGP data too short to read MPI length"); + return FALSE; + } + bytes = (bits + 7) / 8; + if (bytes > blob->len) + { + DBG1("PGP data too short to read %d byte MPI", bytes); + return FALSE; + } + *mpi = chunk_create(blob->ptr, bytes); + *blob = chunk_skip(*blob, bytes); + return TRUE; +} + +/** + * Read length of an PGP old packet length encoding + */ +static bool pgp_old_packet_length(chunk_t *blob, u_int32_t *length) +{ + /* bits 0 and 1 define the packet length type */ + u_char type; + + if (!blob->len) + { + return FALSE; + } + type = 0x03 & blob->ptr[0]; + *blob = chunk_skip(*blob, 1); + + if (type > 2) + { + return FALSE; + } + return pgp_read_scalar(blob, type == 0 ? 1 : type * 2, length); +} + +/** + * See header. + */ +bool pgp_read_packet(chunk_t *blob, chunk_t *data, pgp_packet_tag_t *tag) +{ + u_int32_t len; + u_char t; + + if (!blob->len) + { + DBG1("missing input"); + return FALSE; + } + t = blob->ptr[0]; + + /* bit 7 must be set */ + if (!(t & 0x80)) + { + DBG1("invalid packet tag"); + return FALSE; + } + /* bit 6 set defines new packet format */ + if (t & 0x40) + { + DBG1("new PGP packet format not supported"); + return FALSE; + } + + t = (t & 0x3C) >> 2; + if (!pgp_old_packet_length(blob, &len) || len > blob->len) + { + DBG1("invalid packet length"); + return FALSE; + } + *data = chunk_create(blob->ptr, len); + *blob = chunk_skip(*blob, len); + *tag = t; + DBG2("L1 - PGP %N (%u bytes)", pgp_packet_tag_names, t, len); + DBG3("%B", data); + return TRUE; +} + diff --git a/src/libstrongswan/plugins/pgp/pgp_utils.h b/src/libstrongswan/plugins/pgp/pgp_utils.h new file mode 100644 index 000000000..203a0a85d --- /dev/null +++ b/src/libstrongswan/plugins/pgp/pgp_utils.h @@ -0,0 +1,130 @@ +/* + * Copyright (C) 2009 Martin Willi + * Hochschule fuer Technik Rapperswil + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + */ + +/** + * @defgroup pgp_utils pgp_utils + * @{ @ingroup pgp + */ + +#ifndef PGP_UTILS_H_ +#define PGP_UTILS_H_ + +#include <library.h> + +typedef enum pgp_pubkey_alg_t pgp_pubkey_alg_t; +typedef enum pgp_sym_alg_t pgp_sym_alg_t; +typedef enum pgp_packet_tag_t pgp_packet_tag_t; + +/** + * OpenPGP public key algorithms as defined in section 9.1 of RFC 4880 + */ +enum pgp_pubkey_alg_t { + PGP_PUBKEY_ALG_RSA = 1, + PGP_PUBKEY_ALG_RSA_ENC_ONLY = 2, + PGP_PUBKEY_ALG_RSA_SIGN_ONLY = 3, + PGP_PUBKEY_ALG_ELGAMAL_ENC_ONLY = 16, + PGP_PUBKEY_ALG_DSA = 17, + PGP_PUBKEY_ALG_ECC = 18, + PGP_PUBKEY_ALG_ECDSA = 19, + PGP_PUBKEY_ALG_ELGAMAL = 20, + PGP_PUBKEY_ALG_DIFFIE_HELLMAN = 21, +}; + +/** + * Enum names of pgp_pubkey_alg_t + */ +extern enum_name_t *pgp_pubkey_alg_names; + +/** + * OpenPGP symmetric key algorithms as defined in section 9.2 of RFC 4880 + */ +enum pgp_sym_alg_t { + PGP_SYM_ALG_PLAIN = 0, + PGP_SYM_ALG_IDEA = 1, + PGP_SYM_ALG_3DES = 2, + PGP_SYM_ALG_CAST5 = 3, + PGP_SYM_ALG_BLOWFISH = 4, + PGP_SYM_ALG_SAFER = 5, + PGP_SYM_ALG_DES = 6, + PGP_SYM_ALG_AES_128 = 7, + PGP_SYM_ALG_AES_192 = 8, + PGP_SYM_ALG_AES_256 = 9, + PGP_SYM_ALG_TWOFISH = 10 +}; + +/** + * Enum names of pgp_sym_alg_t + */ +extern enum_name_t *pgp_sym_alg_names; + +/** + * OpenPGP packet tags as defined in section 4.3 of RFC 4880 + */ +enum pgp_packet_tag_t { + PGP_PKT_RESERVED = 0, + PGP_PKT_PUBKEY_ENC_SESSION_KEY = 1, + PGP_PKT_SIGNATURE = 2, + PGP_PKT_SYMKEY_ENC_SESSION_KEY = 3, + PGP_PKT_ONE_PASS_SIGNATURE_PKT = 4, + PGP_PKT_SECRET_KEY = 5, + PGP_PKT_PUBLIC_KEY = 6, + PGP_PKT_SECRET_SUBKEY = 7, + PGP_PKT_COMPRESSED_DATA = 8, + PGP_PKT_SYMKEY_ENC_DATA = 9, + PGP_PKT_MARKER = 10, + PGP_PKT_LITERAL_DATA = 11, + PGP_PKT_TRUST = 12, + PGP_PKT_USER_ID = 13, + PGP_PKT_PUBLIC_SUBKEY = 14, + PGP_PKT_USER_ATTRIBUTE = 17, + PGP_PKT_SYM_ENC_INT_PROT_DATA = 18, + PGP_PKT_MOD_DETECT_CODE = 19 +}; + +/** + * Enum names of pgp_packet_tag_t + */ +extern enum_name_t *pgp_packet_tag_names; + +/** + * Parse a PGP encoded MPI. + * + * @param blob blob to read from, gets advanced + * @param mpi parsed MPI value + * @return TRUE if MPI parsed successfully + */ +bool pgp_read_mpi(chunk_t *blob, chunk_t *mpi); + +/** + * Parse a PGP encoded Scalar. + * + * @param blob blob to read from, gets advanced + * @param bytes number of bytes the scalar uses for encoding + * @param scalar resultin scalar + * @return TRUE if scalar parsed successfully + */ +bool pgp_read_scalar(chunk_t *blob, size_t bytes, u_int32_t *scalar); + +/** + * Parse a PGP packet. + * + * @param blob blob to read from, gets advanced + * @param data contained packet data + * @param tag tag of the parsed PGP packet + * @return TRUE if packet parsed successfully + */ +bool pgp_read_packet(chunk_t *blob, chunk_t *data, pgp_packet_tag_t *tag); + +#endif /** PGP_UTILS_H_ @}*/ |