head 1.10; access; symbols netbsd-11-0-RC4:1.10 netbsd-11-0-RC3:1.10 netbsd-11-0-RC2:1.10 netbsd-11-0-RC1:1.10 perseant-exfatfs-base-20250801:1.10 netbsd-11:1.10.0.6 netbsd-11-base:1.10 netbsd-10-1-RELEASE:1.10 perseant-exfatfs-base-20240630:1.10 perseant-exfatfs:1.10.0.4 perseant-exfatfs-base:1.10 netbsd-8-3-RELEASE:1.5 netbsd-9-4-RELEASE:1.7 netbsd-10-0-RELEASE:1.10 netbsd-10-0-RC6:1.10 netbsd-10-0-RC5:1.10 netbsd-10-0-RC4:1.10 netbsd-10-0-RC3:1.10 netbsd-10-0-RC2:1.10 netbsd-10-0-RC1:1.10 FILE5_45:1.1.1.10 netbsd-10:1.10.0.2 netbsd-10-base:1.10 FILE5_43:1.1.1.10 netbsd-9-3-RELEASE:1.7 cjep_sun2x-base1:1.9 cjep_sun2x:1.9.0.4 cjep_sun2x-base:1.9 cjep_staticlib_x-base1:1.9 netbsd-9-2-RELEASE:1.7 cjep_staticlib_x:1.9.0.2 cjep_staticlib_x-base:1.9 FILE5_40:1.1.1.9 netbsd-9-1-RELEASE:1.7 FILE5_39:1.1.1.8 phil-wifi-20200421:1.7 phil-wifi-20200411:1.7 is-mlppp:1.7.0.4 is-mlppp-base:1.7 phil-wifi-20200406:1.7 netbsd-8-2-RELEASE:1.5 netbsd-9-0-RELEASE:1.7 netbsd-9-0-RC2:1.7 FILE5_38:1.1.1.7 netbsd-9-0-RC1:1.7 phil-wifi-20191119:1.7 netbsd-9:1.7.0.2 netbsd-9-base:1.7 phil-wifi-20190609:1.7 netbsd-8-1-RELEASE:1.5 FILE5_37:1.1.1.7 netbsd-8-1-RC1:1.5 pgoyette-compat-merge-20190127:1.5.8.1 pgoyette-compat-20190127:1.6 pgoyette-compat-20190118:1.6 pgoyette-compat-1226:1.6 pgoyette-compat-1126:1.6 pgoyette-compat-1020:1.6 FILE5_35:1.1.1.6 pgoyette-compat-0930:1.6 pgoyette-compat-0906:1.6 netbsd-7-2-RELEASE:1.1.1.2 pgoyette-compat-0728:1.6 netbsd-8-0-RELEASE:1.5 phil-wifi:1.6.0.2 phil-wifi-base:1.6 pgoyette-compat-0625:1.6 netbsd-8-0-RC2:1.5 pgoyette-compat-0521:1.6 pgoyette-compat-0502:1.6 pgoyette-compat-0422:1.6 netbsd-8-0-RC1:1.5 FILE5_33:1.1.1.6 pgoyette-compat-0415:1.5 pgoyette-compat-0407:1.5 pgoyette-compat-0330:1.5 pgoyette-compat-0322:1.5 pgoyette-compat-0315:1.5 netbsd-7-1-2-RELEASE:1.1.1.2 pgoyette-compat:1.5.0.8 pgoyette-compat-base:1.5 netbsd-7-1-1-RELEASE:1.1.1.2 matt-nb8-mediatek:1.5.0.6 matt-nb8-mediatek-base:1.5 FILE5_32:1.1.1.5 perseant-stdc-iso10646:1.5.0.4 perseant-stdc-iso10646-base:1.5 netbsd-8:1.5.0.2 netbsd-8-base:1.5 FILE5_31:1.1.1.5 prg-localcount2-base3:1.4 prg-localcount2-base2:1.4 prg-localcount2-base1:1.4 prg-localcount2:1.4.0.2 prg-localcount2-base:1.4 pgoyette-localcount-20170426:1.4 bouyer-socketcan-base1:1.4 pgoyette-localcount-20170320:1.4 netbsd-7-1:1.1.1.2.0.30 netbsd-7-1-RELEASE:1.1.1.2 netbsd-7-1-RC2:1.1.1.2 FILE5_30:1.1.1.4 netbsd-7-nhusb-base-20170116:1.1.1.2 bouyer-socketcan:1.3.0.4 bouyer-socketcan-base:1.3 pgoyette-localcount-20170107:1.3 netbsd-7-1-RC1:1.1.1.2 pgoyette-localcount-20161104:1.3 netbsd-7-0-2-RELEASE:1.1.1.2 localcount-20160914:1.3 netbsd-7-nhusb:1.1.1.2.0.28 netbsd-7-nhusb-base:1.1.1.2 pgoyette-localcount-20160806:1.3 pgoyette-localcount-20160726:1.3 pgoyette-localcount:1.3.0.2 pgoyette-localcount-base:1.3 netbsd-7-0-1-RELEASE:1.1.1.2 netbsd-7-0:1.1.1.2.0.26 netbsd-7-0-RELEASE:1.1.1.2 netbsd-7-0-RC3:1.1.1.2 netbsd-7-0-RC2:1.1.1.2 netbsd-7-0-RC1:1.1.1.2 FILE5_22:1.1.1.3 FILE5_20:1.1.1.2 netbsd-6-0-6-RELEASE:1.1.1.2 netbsd-6-1-5-RELEASE:1.1.1.2 netbsd-7:1.1.1.2.0.24 netbsd-7-base:1.1.1.2 FILE5_19:1.1.1.2 yamt-pagecache-base9:1.1.1.2 yamt-pagecache-tag8:1.1.1.2 netbsd-6-1-4-RELEASE:1.1.1.2 netbsd-6-0-5-RELEASE:1.1.1.2 tls-earlyentropy:1.1.1.2.0.22 tls-earlyentropy-base:1.1.1.2 riastradh-xf86-video-intel-2-7-1-pre-2-21-15:1.1.1.2 riastradh-drm2-base3:1.1.1.2 netbsd-6-1-3-RELEASE:1.1.1.2 netbsd-6-0-4-RELEASE:1.1.1.2 FILE5_16:1.1.1.2 netbsd-6-1-2-RELEASE:1.1.1.2 netbsd-6-0-3-RELEASE:1.1.1.2 netbsd-6-1-1-RELEASE:1.1.1.2 riastradh-drm2-base2:1.1.1.2 riastradh-drm2-base1:1.1.1.2 riastradh-drm2:1.1.1.2.0.14 riastradh-drm2-base:1.1.1.2 netbsd-6-1:1.1.1.2.0.20 netbsd-6-0-2-RELEASE:1.1.1.2 netbsd-6-1-RELEASE:1.1.1.2 khorben-n900:1.1.1.2.0.18 netbsd-6-1-RC4:1.1.1.2 netbsd-6-1-RC3:1.1.1.2 agc-symver:1.1.1.2.0.16 agc-symver-base:1.1.1.2 FILE5_14:1.1.1.2 netbsd-6-1-RC2:1.1.1.2 netbsd-6-1-RC1:1.1.1.2 yamt-pagecache-base8:1.1.1.2 FILE_5_12:1.1.1.2 netbsd-6-0-1-RELEASE:1.1.1.2 yamt-pagecache-base7:1.1.1.2 matt-nb6-plus-nbase:1.1.1.2 yamt-pagecache-base6:1.1.1.2 netbsd-6-0:1.1.1.2.0.12 netbsd-6-0-RELEASE:1.1.1.2 netbsd-6-0-RC2:1.1.1.2 tls-maxphys:1.1.1.2.0.10 tls-maxphys-base:1.1.1.2 matt-nb6-plus:1.1.1.2.0.8 matt-nb6-plus-base:1.1.1.2 netbsd-6-0-RC1:1.1.1.2 yamt-pagecache-base5:1.1.1.2 yamt-pagecache-base4:1.1.1.2 FILE5_11:1.1.1.2 netbsd-6:1.1.1.2.0.6 netbsd-6-base:1.1.1.2 yamt-pagecache-base3:1.1.1.2 yamt-pagecache-base2:1.1.1.2 yamt-pagecache:1.1.1.2.0.4 yamt-pagecache-base:1.1.1.2 FILE5_09:1.1.1.2 cherry-xenmp:1.1.1.2.0.2 cherry-xenmp-base:1.1.1.2 FILE5_07:1.1.1.2 bouyer-quota2-nbase:1.1.1.1 bouyer-quota2:1.1.1.1.0.4 bouyer-quota2-base:1.1.1.1 matt-mips64-premerge-20101231:1.1.1.1 matt-premerge-20091211:1.1.1.1 jym-xensuspend-base:1.1.1.1 jym-xensuspend:1.1.1.1.0.2 jym-xensuspend-nbase:1.1.1.1 FILE5_03:1.1.1.1 CHRISTOS:1.1.1; locks; strict; comment @# @; 1.10 date 2022.09.24.20.21.46; author christos; state Exp; branches; next 1.9; commitid zJ5LoIcubBSIH9VD; 1.9 date 2021.04.09.19.11.41; author christos; state Exp; branches; next 1.8; commitid hKe2GL3vw8SVrEOC; 1.8 date 2020.06.15.00.37.24; author christos; state Exp; branches; next 1.7; commitid OSLCnHKb0ryCRfcC; 1.7 date 2019.05.22.17.26.05; author christos; state Exp; branches; next 1.6; commitid GumkPZ4rDiPTYdoB; 1.6 date 2018.04.15.19.45.32; author christos; state Exp; branches 1.6.2.1; next 1.5; commitid PISTUVsbDjqSFzyA; 1.5 date 2017.05.25.00.11.26; author christos; state Exp; branches 1.5.8.1; next 1.4; commitid FQJOXzdL3jIJCHSz; 1.4 date 2017.02.10.17.53.24; author christos; state Exp; branches; next 1.3; commitid bl2PZy94aycnQqFz; 1.3 date 2015.01.02.21.15.32; author christos; state Exp; branches 1.3.2.1 1.3.4.1; next 1.2; commitid plHyuBVC8BZdIu4y; 1.2 date 2014.10.20.21.48.57; author christos; state Exp; branches; next 1.1; commitid hE8TPef93m86hZUx; 1.1 date 2009.05.08.16.35.09; author christos; state Exp; branches 1.1.1.1; next ; 1.6.2.1 date 2019.06.10.21.44.46; author christos; state Exp; branches; next ; commitid jtc8rnCzWiEEHGqB; 1.5.8.1 date 2018.04.22.07.20.08; author pgoyette; state Exp; branches; next ; commitid W6xykws0Zbl4kpzA; 1.3.2.1 date 2017.03.20.06.52.20; author pgoyette; state Exp; branches; next ; commitid jjw7cAwgyKq7RfKz; 1.3.4.1 date 2017.04.21.16.51.24; author bouyer; state Exp; branches; next ; commitid dUG7nkTKALCadqOz; 1.1.1.1 date 2009.05.08.16.35.09; author christos; state Exp; branches 1.1.1.1.2.1; next 1.1.1.2; 1.1.1.2 date 2011.05.12.20.47.04; author christos; state Exp; branches; next 1.1.1.3; 1.1.1.3 date 2015.01.02.20.34.28; author christos; state Exp; branches; next 1.1.1.4; commitid VjK78yRsQNs8uu4y; 1.1.1.4 date 2017.02.10.17.42.59; author christos; state Exp; branches; next 1.1.1.5; commitid HAP3kn9Hn6ovMqFz; 1.1.1.5 date 2017.05.24.23.59.57; author christos; state Exp; branches; next 1.1.1.6; commitid WbyOU2LBE5qOyHSz; 1.1.1.6 date 2018.04.15.19.32.48; author christos; state Exp; branches; next 1.1.1.7; commitid unKSwpX2g9VqBzyA; 1.1.1.7 date 2019.05.22.17.19.57; author christos; state Exp; branches; next 1.1.1.8; commitid VXeNRYYruN1MWdoB; 1.1.1.8 date 2020.06.15.00.18.48; author christos; state Exp; branches; next 1.1.1.9; commitid HMbuXSjPojU5LfcC; 1.1.1.9 date 2021.04.09.18.58.02; author christos; state Exp; branches; next 1.1.1.10; commitid W9ddLLbSkHHinEOC; 1.1.1.10 date 2022.09.24.20.07.54; author christos; state Exp; branches; next ; commitid Nf6F9kcpc0EPC9VD; 1.1.1.1.2.1 date 2009.05.08.16.35.09; author jym; state dead; branches; next 1.1.1.1.2.2; 1.1.1.1.2.2 date 2009.05.13.18.51.59; author jym; state Exp; branches; next ; desc @@ 1.10 log @merge changes between 5.40 and 5.43 @ text @ #------------------------------------------------------------------------------ # $File: pgp,v 1.25 2021/04/26 15:56:00 christos Exp $ # pgp: file(1) magic for Pretty Good Privacy # Handling of binary PGP keys is in pgp-binary-keys. # see https://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html # 0 beshort 0xa600 PGP encrypted data #!:mime application/pgp-encrypted #0 string -----BEGIN\040PGP text/PGP armored data !:mime text/PGP # encoding: armored data #>15 string PUBLIC\040KEY\040BLOCK- public key block #>15 string MESSAGE- message #>15 string SIGNED\040MESSAGE- signed message #>15 string PGP\040SIGNATURE- signature # Update: Joerg Jenderek # URL: http://en.wikipedia.org/wiki/Pretty_Good_Privacy # Reference: https://reposcope.com/mimetype/application/pgp-keys 2 string ---BEGIN\040PGP\040PRIVATE\040KEY\040BLOCK- PGP private key block #!:mime text/PGP !:mime application/pgp-keys !:ext asc 2 string ---BEGIN\040PGP\040PUBLIC\040KEY\040BLOCK- PGP public key block !:mime application/pgp-keys !:ext asc >10 search/100 \n\n >>&0 use pgp 0 string -----BEGIN\040PGP\040MESSAGE- PGP message # https://reposcope.com/mimetype/application/pgp-encrypted #!:mime application/pgp !:mime application/pgp-encrypted !:ext asc #!:ext asc/pgp/gpg >10 search/100 \n\n >>&0 use pgp # Reference: https://www.gnupg.org/gph/en/manual/x135.html 0 string -----BEGIN\040PGP\040SIGNED\040MESSAGE- PGP signed message #!:mime text/plain !:mime text/PGP #!:mime application/pgp !:ext asc 0 string -----BEGIN\040PGP\040SIGNATURE- PGP signature # https://reposcope.com/mimetype/application/pgp-signature !:mime application/pgp-signature !:ext asc >10 search/100 \n\n >>&0 use pgp # Decode the type of the packet based on it's base64 encoding. # Idea from Mark Martinec # The specification is in RFC 4880, section 4.2 and 4.3: # https://tools.ietf.org/html/rfc4880#section-4.2 0 name pgp >0 byte 0x67 Reserved (old) >0 byte 0x68 Public-Key Encrypted Session Key (old) >0 byte 0x69 Signature (old) >0 byte 0x6a Symmetric-Key Encrypted Session Key (old) >0 byte 0x6b One-Pass Signature (old) >0 byte 0x6c Secret-Key (old) >0 byte 0x6d Public-Key (old) >0 byte 0x6e Secret-Subkey (old) >0 byte 0x6f Compressed Data (old) >0 byte 0x70 Symmetrically Encrypted Data (old) >0 byte 0x71 Marker (old) >0 byte 0x72 Literal Data (old) >0 byte 0x73 Trust (old) >0 byte 0x74 User ID (old) >0 byte 0x75 Public-Subkey (old) >0 byte 0x76 Unused (old) >0 byte 0x77 >>1 byte&0xc0 0x00 Reserved >>1 byte&0xc0 0x40 Public-Key Encrypted Session Key >>1 byte&0xc0 0x80 Signature >>1 byte&0xc0 0xc0 Symmetric-Key Encrypted Session Key >0 byte 0x78 >>1 byte&0xc0 0x00 One-Pass Signature >>1 byte&0xc0 0x40 Secret-Key >>1 byte&0xc0 0x80 Public-Key >>1 byte&0xc0 0xc0 Secret-Subkey >0 byte 0x79 >>1 byte&0xc0 0x00 Compressed Data >>1 byte&0xc0 0x40 Symmetrically Encrypted Data >>1 byte&0xc0 0x80 Marker >>1 byte&0xc0 0xc0 Literal Data >0 byte 0x7a >>1 byte&0xc0 0x00 Trust >>1 byte&0xc0 0x40 User ID >>1 byte&0xc0 0x80 Public-Subkey >>1 byte&0xc0 0xc0 Unused [z%x] >0 byte 0x30 >>1 byte&0xc0 0x00 Unused [0%x] >>1 byte&0xc0 0x40 User Attribute >>1 byte&0xc0 0x80 Sym. Encrypted and Integrity Protected Data >>1 byte&0xc0 0xc0 Modification Detection Code # magic signatures to detect PGP crypto material (from stef) # detects and extracts metadata from: # - symmetric encrypted packet header # - RSA (e=65537) secret (sub-)keys # 1024b RSA encrypted data 0 string \x84\x8c\x03 PGP RSA encrypted session key - >3 belong x keyid: %08X >7 belong x %08X >11 byte 0x01 RSA (Encrypt or Sign) 1024b >11 byte 0x02 RSA Encrypt-Only 1024b >12 string \x04\x00 >12 string \x03\xff >12 string \x03\xfe >12 string \x03\xfd >12 string \x03\xfc >12 string \x03\xfb >12 string \x03\xfa >12 string \x03\xf9 >142 byte 0xd2 . # 2048b RSA encrypted data 0 string \x85\x01\x0c\x03 PGP RSA encrypted session key - >4 belong x keyid: %08X >8 belong x %08X >12 byte 0x01 RSA (Encrypt or Sign) 2048b >12 byte 0x02 RSA Encrypt-Only 2048b >13 string \x08\x00 >13 string \x07\xff >13 string \x07\xfe >13 string \x07\xfd >13 string \x07\xfc >13 string \x07\xfb >13 string \x07\xfa >13 string \x07\xf9 >271 byte 0xd2 . # 3072b RSA encrypted data 0 string \x85\x01\x8c\x03 PGP RSA encrypted session key - >4 belong x keyid: %08X >8 belong x %08X >12 byte 0x01 RSA (Encrypt or Sign) 3072b >12 byte 0x02 RSA Encrypt-Only 3072b >13 string \x0c\x00 >13 string \x0b\xff >13 string \x0b\xfe >13 string \x0b\xfd >13 string \x0b\xfc >13 string \x0b\xfb >13 string \x0b\xfa >13 string \x0b\xf9 >399 byte 0xd2 . # 4096b RSA encrypted data 0 string \x85\x02\x0c\x03 PGP RSA encrypted session key - >4 belong x keyid: %08X >8 belong x %08X >12 byte 0x01 RSA (Encrypt or Sign) 4096b >12 byte 0x02 RSA Encrypt-Only 4096b >13 string \x10\x00 >13 string \x0f\xff >13 string \x0f\xfe >13 string \x0f\xfd >13 string \x0f\xfc >13 string \x0f\xfb >13 string \x0f\xfa >13 string \x0f\xf9 >527 byte 0xd2 . # 8192b RSA encrypted data 0 string \x85\x04\x0c\x03 PGP RSA encrypted session key - >4 belong x keyid: %08X >8 belong x %08X >12 byte 0x01 RSA (Encrypt or Sign) 8192b >12 byte 0x02 RSA Encrypt-Only 8192b >13 string \x20\x00 >13 string \x1f\xff >13 string \x1f\xfe >13 string \x1f\xfd >13 string \x1f\xfc >13 string \x1f\xfb >13 string \x1f\xfa >13 string \x1f\xf9 >1039 byte 0xd2 . # 1024b Elgamal encrypted data 0 string \x85\x01\x0e\x03 PGP Elgamal encrypted session key - >4 belong x keyid: %08X >8 belong x %08X >12 byte 0x10 Elgamal Encrypt-Only 1024b. >13 string \x04\x00 >13 string \x03\xff >13 string \x03\xfe >13 string \x03\xfd >13 string \x03\xfc >13 string \x03\xfb >13 string \x03\xfa >13 string \x03\xf9 # 2048b Elgamal encrypted data 0 string \x85\x02\x0e\x03 PGP Elgamal encrypted session key - >4 belong x keyid: %08X >8 belong x %08X >12 byte 0x10 Elgamal Encrypt-Only 2048b. >13 string \x08\x00 >13 string \x07\xff >13 string \x07\xfe >13 string \x07\xfd >13 string \x07\xfc >13 string \x07\xfb >13 string \x07\xfa >13 string \x07\xf9 # 3072b Elgamal encrypted data 0 string \x85\x03\x0e\x03 PGP Elgamal encrypted session key - >4 belong x keyid: %08X >8 belong x %08X >12 byte 0x10 Elgamal Encrypt-Only 3072b. >13 string \x0c\x00 >13 string \x0b\xff >13 string \x0b\xfe >13 string \x0b\xfd >13 string \x0b\xfc >13 string \x0b\xfb >13 string \x0b\xfa >13 string \x0b\xf9 # crypto algo mapper 0 name crypto >0 byte 0x00 Plaintext or unencrypted data >0 byte 0x01 IDEA >0 byte 0x02 TripleDES >0 byte 0x03 CAST5 (128 bit key) >0 byte 0x04 Blowfish (128 bit key, 16 rounds) >0 byte 0x07 AES with 128-bit key >0 byte 0x08 AES with 192-bit key >0 byte 0x09 AES with 256-bit key >0 byte 0x0a Twofish with 256-bit key # hash algo mapper 0 name hash >0 byte 0x01 MD5 >0 byte 0x02 SHA-1 >0 byte 0x03 RIPE-MD/160 >0 byte 0x08 SHA256 >0 byte 0x09 SHA384 >0 byte 0x0a SHA512 >0 byte 0x0b SHA224 # display public key algorithms as human readable text 0 name key_algo >0 byte 0x01 RSA (Encrypt or Sign) # keep old look of version 5.28 without parentheses >0 byte 0x02 RSA Encrypt-Only >0 byte 0x03 RSA (Sign-Only) >0 byte 16 ElGamal (Encrypt-Only) >0 byte 17 DSA >0 byte 18 Elliptic Curve >0 byte 19 ECDSA >0 byte 20 ElGamal (Encrypt or Sign) >0 byte 21 Diffie-Hellman >0 default x >>0 ubyte <22 unknown (pub %d) # this should never happen >>0 ubyte >21 invalid (%d) # pgp symmetric encrypted data 0 byte 0x8c PGP symmetric key encrypted data - >1 byte 0x0d >1 byte 0x0c >2 byte 0x04 >3 use crypto >4 byte 0x01 salted - >>5 use hash >>14 byte 0xd2 . >>14 byte 0xc9 . >4 byte 0x03 salted & iterated - >>5 use hash >>15 byte 0xd2 . >>15 byte 0xc9 . # encrypted keymaterial needs s2k & can be checksummed/hashed 0 name chkcrypto >0 use crypto >1 byte 0x00 Simple S2K >1 byte 0x01 Salted S2K >1 byte 0x03 Salted&Iterated S2K >2 use hash # all PGP keys start with this prolog # containing version, creation date, and purpose 0 name keyprolog >0 byte 0x04 >1 beldate x created on %s - >5 byte 0x01 RSA (Encrypt or Sign) >5 byte 0x02 RSA Encrypt-Only # end of secret keys known signature # contains e=65537 and the prolog to # the encrypted parameters 0 name keyend >0 string \x00\x11\x01\x00\x01 e=65537 >5 use crypto >5 byte 0xff checksummed >>6 use chkcrypto >5 byte 0xfe hashed >>6 use chkcrypto # PGP secret keys contain also the public parts # these vary by bitsize of the key 0 name x1024 >0 use keyprolog >6 string \x03\xfe >6 string \x03\xff >6 string \x04\x00 >136 use keyend 0 name x2048 >0 use keyprolog >6 string \x80\x00 >6 string \x07\xfe >6 string \x07\xff >264 use keyend 0 name x3072 >0 use keyprolog >6 string \x0b\xfe >6 string \x0b\xff >6 string \x0c\x00 >392 use keyend 0 name x4096 >0 use keyprolog >6 string \x10\x00 >6 string \x0f\xfe >6 string \x0f\xff >520 use keyend # \x00|\x1f[\xfe\xff]).{1024})' 0 name x8192 >0 use keyprolog >6 string \x20\x00 >6 string \x1f\xfe >6 string \x1f\xff >1032 use keyend # depending on the size of the pkt # we branch into the proper key size # signatures defined as x{keysize} 0 name pgpkey >0 string \x01\xd8 1024b >>2 use x1024 >0 string \x01\xeb 1024b >>2 use x1024 >0 string \x01\xfb 1024b >>2 use x1024 >0 string \x01\xfd 1024b >>2 use x1024 >0 string \x01\xf3 1024b >>2 use x1024 >0 string \x01\xee 1024b >>2 use x1024 >0 string \x01\xfe 1024b >>2 use x1024 >0 string \x01\xf4 1024b >>2 use x1024 >0 string \x02\x0d 1024b >>2 use x1024 >0 string \x02\x03 1024b >>2 use x1024 >0 string \x02\x05 1024b >>2 use x1024 >0 string \x02\x15 1024b >>2 use x1024 >0 string \x02\x00 1024b >>2 use x1024 >0 string \x02\x10 1024b >>2 use x1024 >0 string \x02\x04 1024b >>2 use x1024 >0 string \x02\x06 1024b >>2 use x1024 >0 string \x02\x16 1024b >>2 use x1024 >0 string \x03\x98 2048b >>2 use x2048 >0 string \x03\xab 2048b >>2 use x2048 >0 string \x03\xbb 2048b >>2 use x2048 >0 string \x03\xbd 2048b >>2 use x2048 >0 string \x03\xcd 2048b >>2 use x2048 >0 string \x03\xb3 2048b >>2 use x2048 >0 string \x03\xc3 2048b >>2 use x2048 >0 string \x03\xc5 2048b >>2 use x2048 >0 string \x03\xd5 2048b >>2 use x2048 >0 string \x03\xae 2048b >>2 use x2048 >0 string \x03\xbe 2048b >>2 use x2048 >0 string \x03\xc0 2048b >>2 use x2048 >0 string \x03\xd0 2048b >>2 use x2048 >0 string \x03\xb4 2048b >>2 use x2048 >0 string \x03\xc4 2048b >>2 use x2048 >0 string \x03\xc6 2048b >>2 use x2048 >0 string \x03\xd6 2048b >>2 use x2048 >0 string \x05X 3072b >>2 use x3072 >0 string \x05k 3072b >>2 use x3072 >0 string \x05{ 3072b >>2 use x3072 >0 string \x05} 3072b >>2 use x3072 >0 string \x05\x8d 3072b >>2 use x3072 >0 string \x05s 3072b >>2 use x3072 >0 string \x05\x83 3072b >>2 use x3072 >0 string \x05\x85 3072b >>2 use x3072 >0 string \x05\x95 3072b >>2 use x3072 >0 string \x05n 3072b >>2 use x3072 >0 string \x05\x7e 3072b >>2 use x3072 >0 string \x05\x80 3072b >>2 use x3072 >0 string \x05\x90 3072b >>2 use x3072 >0 string \x05t 3072b >>2 use x3072 >0 string \x05\x84 3072b >>2 use x3072 >0 string \x05\x86 3072b >>2 use x3072 >0 string \x05\x96 3072b >>2 use x3072 >0 string \x07[ 4096b >>2 use x4096 >0 string \x07\x18 4096b >>2 use x4096 >0 string \x07+ 4096b >>2 use x4096 >0 string \x07; 4096b >>2 use x4096 >0 string \x07= 4096b >>2 use x4096 >0 string \x07M 4096b >>2 use x4096 >0 string \x073 4096b >>2 use x4096 >0 string \x07C 4096b >>2 use x4096 >0 string \x07E 4096b >>2 use x4096 >0 string \x07U 4096b >>2 use x4096 >0 string \x07. 4096b >>2 use x4096 >0 string \x07> 4096b >>2 use x4096 >0 string \x07@@ 4096b >>2 use x4096 >0 string \x07P 4096b >>2 use x4096 >0 string \x074 4096b >>2 use x4096 >0 string \x07D 4096b >>2 use x4096 >0 string \x07F 4096b >>2 use x4096 >0 string \x07V 4096b >>2 use x4096 >0 string \x0e[ 8192b >>2 use x8192 >0 string \x0e\x18 8192b >>2 use x8192 >0 string \x0e+ 8192b >>2 use x8192 >0 string \x0e; 8192b >>2 use x8192 >0 string \x0e= 8192b >>2 use x8192 >0 string \x0eM 8192b >>2 use x8192 >0 string \x0e3 8192b >>2 use x8192 >0 string \x0eC 8192b >>2 use x8192 >0 string \x0eE 8192b >>2 use x8192 >0 string \x0eU 8192b >>2 use x8192 >0 string \x0e. 8192b >>2 use x8192 >0 string \x0e> 8192b >>2 use x8192 >0 string \x0e@@ 8192b >>2 use x8192 >0 string \x0eP 8192b >>2 use x8192 >0 string \x0e4 8192b >>2 use x8192 >0 string \x0eD 8192b >>2 use x8192 >0 string \x0eF 8192b >>2 use x8192 >0 string \x0eV 8192b >>2 use x8192 # PGP RSA (e=65537) secret (sub-)key header 0 byte 0x97 PGP Secret Sub-key - >1 use pgpkey 0 byte 0x9d # Update: Joerg Jenderek # secret subkey packet (tag 7) with same structure as secret key packet (tag 5) # skip Fetus.Sys16 CALIBUS.MAIN OrbFix.Sys16.Ex by looking for positive len >1 ubeshort >0 #>1 ubeshort x \b, body length %#x # next packet type often 88h,89h~(tag 2)~Signature Packet #>>(1.S+3) ubyte x \b, next packet type %#x # skip Dragon.SHR DEMO.INIT by looking for positive version >>3 ubyte >0 # skip BUISSON.13 GUITAR1 by looking for low version number >>>3 ubyte <5 PGP Secret Sub-key # sub-key are normally part of secret key. So it does not occur as standalone file #!:ext bin # version 2,3~old 4~new . Comment following line for version 5.28 look >>>>3 ubyte x (v%d) >>>>3 ubyte x - # old versions 2 or 3 but no real example found >>>>3 ubyte <4 # 2 byte for key bits in version 5.28 look >>>>>11 ubeshort x %db >>>>>4 beldate x created on %s - # old versions use 2 additional bytes after time stamp #>>>>>8 ubeshort x %#x # display key algorithm 1~RSA Encrypt|Sign - 21~Diffie-Hellman >>>>>10 use key_algo >>>>>(11.S/8) ubequad x # look after first key >>>>>>&5 use keyend # new version >>>>3 ubyte >3 >>>>>9 ubeshort x %db >>>>>4 beldate x created on %s - # display key algorithm >>>>>8 use key_algo >>>>>(9.S/8) ubequad x # look after first key for something like s2k >>>>>>&3 use keyend @ 1.9 log @merge local changes between 5.39 and 5.40 and add magic entries from HEAD. @ text @d3 1 a3 1 # $File: pgp,v 1.24 2020/10/14 21:07:29 christos Exp $ d549 1 a549 1 #>1 ubeshort x \b, body length 0x%x d551 1 a551 1 #>>(1.S+3) ubyte x \b, next packet type 0x%x d567 1 a567 1 #>>>>>8 ubeshort x 0x%x @ 1.8 log @merge conflicts @ text @d3 1 a3 1 # $File: pgp,v 1.21 2020/03/20 17:11:05 christos Exp $ d5 2 a8 45 # Update: Joerg Jenderek # Note: verified by `gpg -v --debug 0x02 --list-packets < PUBRING263_10.PGP` #0 byte 0x99 MAYBE PGP 0x99 0 byte 0x99 # 99h~10;0110;01~2=old packet type;tag 6=Public-Key Packet;1=two-octet length # A two-octet body header encodes packet lengths of 192~00C0h - 8383~20BFh #>1 ubeshort x \b, body length 0x%.4x # skip Basic.Image Beauty.320 Pic.Icons by looking for low version number #>3 ubyte x \b, V=%u #>3 ubyte <5 VERSION OK >3 ubyte <5 # next packet type often b4h~(tag 13)~User ID Packet, b0h~(tag 12)~Trust packet #>>(1.S+3) ubyte x \b, next packet type 0x%x # skip 9900-v4.bin 9902-v4.bin by looking for valid second packet type (bit 7=1) #>>(1.S+3) ubyte >0x7F TYPE OK, >>(1.S+3) ubyte >0x7F # old versions 2,3 implies Pretty Good Privacy >>>3 ubyte <4 PGP key public ring (v%u) !:mime application/pgp-keys !:ext pgp/ASD >>>>4 beldate x created %s # days that this key is valid. If this number is zero, then it does not expire >>>>8 ubeshort >0 \b, %u days valid >>>>8 ubeshort =0 \b, not expire # display key algorithm 1~RSA (Encrypt or Sign) >>>>10 use key_algo # Multiprecision Integers (MPI) size >>>>11 ubeshort x %u bits # MPI >>>>13 ubequad x MPI=0x%16.16llx... # new version implies Pretty Good Privacy (PGP) >= 5.0 or Gnu Privacy Guard (GPG) >>>3 ubyte >3 PGP/GPG key public ring (v%u) !:mime application/pgp-keys !:ext pgp/gpg/pkr/asd >>>>4 beldate x created %s # display key algorithm 17~DSA >>>>8 use key_algo # Multiprecision Integers (MPI) size >>>>9 ubeshort x %u bits >>>>11 ubequad x MPI=0x%16.16llx... 0 beshort 0x9501 PGP key security ring !:mime application/x-pgp-keyring 0 beshort 0x9500 PGP key security ring !:mime application/x-pgp-keyring d364 1 a364 1 >0 name pgpkey a541 2 0 byte 0x95 PGP Secret Key - >1 use pgpkey @ 1.7 log @merge conflicts @ text @d3 1 a3 1 # $File: pgp,v 1.17 2019/04/19 00:42:27 christos Exp $ d61 7 d70 1 d74 5 a78 1 !:mime application/pgp d81 6 d88 1 d90 1 d150 2 a151 2 >3 lelong x keyid: %X >7 lelong x %X d167 2 a168 2 >4 lelong x keyid: %X >8 lelong x %X d184 2 a185 2 >4 lelong x keyid: %X >8 lelong x %X d198 1 a198 1 # 3072b RSA encrypted data d201 2 a202 2 >4 lelong x keyid: %X >8 lelong x %X d215 1 a215 1 # 4096b RSA encrypted data d218 4 a221 4 >4 lelong x keyid: %X >8 lelong x %X >12 byte 0x01 RSA (Encrypt or Sign) 8129b >12 byte 0x02 RSA Encrypt-Only 8129b d232 45 @ 1.6 log @merge conflicts for file-5.33 @ text @d3 1 a3 1 # $File: pgp,v 1.15 2018/02/24 16:11:23 christos Exp $ d5 1 a5 1 # see http://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html d77 1 a77 1 # http://tools.ietf.org/html/rfc4880#section-4.2 d520 1 a520 1 0 byte 0x95 PGP Secret Key - d522 1 a522 1 0 byte 0x97 PGP Secret Sub-key - @ 1.6.2.1 log @Sync with HEAD @ text @d3 1 a3 1 # $File: pgp,v 1.17 2019/04/19 00:42:27 christos Exp $ d5 1 a5 1 # see https://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html d77 1 a77 1 # https://tools.ietf.org/html/rfc4880#section-4.2 d520 1 a520 1 0 byte 0x95 PGP Secret Key - d522 1 a522 1 0 byte 0x97 PGP Secret Sub-key - @ 1.5 log @merge 5.31 @ text @d3 1 a3 1 # $File: pgp,v 1.14 2017/03/17 21:35:28 christos Exp $ d7 41 a47 2 0 beshort 0x9900 PGP key public ring !:mime application/x-pgp-keyring @ 1.5.8.1 log @Sync with HEAD @ text @d3 1 a3 1 # $File: pgp,v 1.15 2018/02/24 16:11:23 christos Exp $ d7 2 a8 41 # Update: Joerg Jenderek # Note: verified by `gpg -v --debug 0x02 --list-packets < PUBRING263_10.PGP` #0 byte 0x99 MAYBE PGP 0x99 0 byte 0x99 # 99h~10;0110;01~2=old packet type;tag 6=Public-Key Packet;1=two-octet length # A two-octet body header encodes packet lengths of 192~00C0h - 8383~20BFh #>1 ubeshort x \b, body length 0x%.4x # skip Basic.Image Beauty.320 Pic.Icons by looking for low version number #>3 ubyte x \b, V=%u #>3 ubyte <5 VERSION OK >3 ubyte <5 # next packet type often b4h~(tag 13)~User ID Packet, b0h~(tag 12)~Trust packet #>>(1.S+3) ubyte x \b, next packet type 0x%x # skip 9900-v4.bin 9902-v4.bin by looking for valid second packet type (bit 7=1) #>>(1.S+3) ubyte >0x7F TYPE OK, >>(1.S+3) ubyte >0x7F # old versions 2,3 implies Pretty Good Privacy >>>3 ubyte <4 PGP key public ring (v%u) !:mime application/pgp-keys !:ext pgp/ASD >>>>4 beldate x created %s # days that this key is valid. If this number is zero, then it does not expire >>>>8 ubeshort >0 \b, %u days valid >>>>8 ubeshort =0 \b, not expire # display key algorithm 1~RSA (Encrypt or Sign) >>>>10 use key_algo # Multiprecision Integers (MPI) size >>>>11 ubeshort x %u bits # MPI >>>>13 ubequad x MPI=0x%16.16llx... # new version implies Pretty Good Privacy (PGP) >= 5.0 or Gnu Privacy Guard (GPG) >>>3 ubyte >3 PGP/GPG key public ring (v%u) !:mime application/pgp-keys !:ext pgp/gpg/pkr/asd >>>>4 beldate x created %s # display key algorithm 17~DSA >>>>8 use key_algo # Multiprecision Integers (MPI) size >>>>9 ubeshort x %u bits >>>>11 ubequad x MPI=0x%16.16llx... @ 1.4 log @merge conflicts @ text @d3 1 a3 1 # $File: pgp,v 1.13 2017/01/22 21:13:13 christos Exp $ d80 1 a80 1 >>1 byte&0xc0 0x80 Sym. Encrypted and Integrity Protected Data d209 1 a209 1 >0 default x d485 1 a485 1 0 byte 0x9d d489 1 a489 1 >1 ubeshort >0 d494 1 a494 1 >>3 ubyte >0 d503 1 a503 1 >>>>3 ubyte <4 d511 1 a511 1 >>>>>(11.S/8) ubequad x d515 1 a515 1 >>>>3 ubyte >3 d520 1 a520 1 >>>>>(9.S/8) ubequad x @ 1.3 log @merge conflicts @ text @d3 1 a3 1 # $File: pgp,v 1.11 2014/11/11 21:32:38 christos Exp $ d22 1 a22 1 2 string ---BEGIN\ PGP\ PUBLIC\ KEY\ BLOCK- PGP public key block d26 1 a26 1 0 string -----BEGIN\040PGP\40MESSAGE- PGP message d30 1 a30 1 0 string -----BEGIN\040PGP\40SIGNATURE- PGP signature d197 17 d485 38 a522 2 0 byte 0x9d PGP Secret Sub-key - >1 use pgpkey @ 1.3.4.1 log @Sync with HEAD @ text @d3 1 a3 1 # $File: pgp,v 1.13 2017/01/22 21:13:13 christos Exp $ d22 1 a22 1 2 string ---BEGIN\040PGP\040PUBLIC\040KEY\040BLOCK- PGP public key block d26 1 a26 1 0 string -----BEGIN\040PGP\040MESSAGE- PGP message d30 1 a30 1 0 string -----BEGIN\040PGP\040SIGNATURE- PGP signature a196 17 # display public key algorithms as human readable text 0 name key_algo >0 byte 0x01 RSA (Encrypt or Sign) # keep old look of version 5.28 without parentheses >0 byte 0x02 RSA Encrypt-Only >0 byte 0x03 RSA (Sign-Only) >0 byte 16 ElGamal (Encrypt-Only) >0 byte 17 DSA >0 byte 18 Elliptic Curve >0 byte 19 ECDSA >0 byte 20 ElGamal (Encrypt or Sign) >0 byte 21 Diffie-Hellman >0 default x >>0 ubyte <22 unknown (pub %d) # this should never happen >>0 ubyte >21 invalid (%d) d468 2 a469 38 0 byte 0x9d # Update: Joerg Jenderek # secret subkey packet (tag 7) with same structure as secret key packet (tag 5) # skip Fetus.Sys16 CALIBUS.MAIN OrbFix.Sys16.Ex by looking for positive len >1 ubeshort >0 #>1 ubeshort x \b, body length 0x%x # next packet type often 88h,89h~(tag 2)~Signature Packet #>>(1.S+3) ubyte x \b, next packet type 0x%x # skip Dragon.SHR DEMO.INIT by looking for positive version >>3 ubyte >0 # skip BUISSON.13 GUITAR1 by looking for low version number >>>3 ubyte <5 PGP Secret Sub-key # sub-key are normally part of secret key. So it does not occur as standalone file #!:ext bin # version 2,3~old 4~new . Comment following line for version 5.28 look >>>>3 ubyte x (v%d) >>>>3 ubyte x - # old versions 2 or 3 but no real example found >>>>3 ubyte <4 # 2 byte for key bits in version 5.28 look >>>>>11 ubeshort x %db >>>>>4 beldate x created on %s - # old versions use 2 additional bytes after time stamp #>>>>>8 ubeshort x 0x%x # display key algorithm 1~RSA Encrypt|Sign - 21~Diffie-Hellman >>>>>10 use key_algo >>>>>(11.S/8) ubequad x # look after first key >>>>>>&5 use keyend # new version >>>>3 ubyte >3 >>>>>9 ubeshort x %db >>>>>4 beldate x created on %s - # display key algorithm >>>>>8 use key_algo >>>>>(9.S/8) ubequad x # look after first key for something like s2k >>>>>>&3 use keyend @ 1.3.2.1 log @Sync with HEAD @ text @d3 1 a3 1 # $File: pgp,v 1.13 2017/01/22 21:13:13 christos Exp $ d22 1 a22 1 2 string ---BEGIN\040PGP\040PUBLIC\040KEY\040BLOCK- PGP public key block d26 1 a26 1 0 string -----BEGIN\040PGP\040MESSAGE- PGP message d30 1 a30 1 0 string -----BEGIN\040PGP\040SIGNATURE- PGP signature a196 17 # display public key algorithms as human readable text 0 name key_algo >0 byte 0x01 RSA (Encrypt or Sign) # keep old look of version 5.28 without parentheses >0 byte 0x02 RSA Encrypt-Only >0 byte 0x03 RSA (Sign-Only) >0 byte 16 ElGamal (Encrypt-Only) >0 byte 17 DSA >0 byte 18 Elliptic Curve >0 byte 19 ECDSA >0 byte 20 ElGamal (Encrypt or Sign) >0 byte 21 Diffie-Hellman >0 default x >>0 ubyte <22 unknown (pub %d) # this should never happen >>0 ubyte >21 invalid (%d) d468 2 a469 38 0 byte 0x9d # Update: Joerg Jenderek # secret subkey packet (tag 7) with same structure as secret key packet (tag 5) # skip Fetus.Sys16 CALIBUS.MAIN OrbFix.Sys16.Ex by looking for positive len >1 ubeshort >0 #>1 ubeshort x \b, body length 0x%x # next packet type often 88h,89h~(tag 2)~Signature Packet #>>(1.S+3) ubyte x \b, next packet type 0x%x # skip Dragon.SHR DEMO.INIT by looking for positive version >>3 ubyte >0 # skip BUISSON.13 GUITAR1 by looking for low version number >>>3 ubyte <5 PGP Secret Sub-key # sub-key are normally part of secret key. So it does not occur as standalone file #!:ext bin # version 2,3~old 4~new . Comment following line for version 5.28 look >>>>3 ubyte x (v%d) >>>>3 ubyte x - # old versions 2 or 3 but no real example found >>>>3 ubyte <4 # 2 byte for key bits in version 5.28 look >>>>>11 ubeshort x %db >>>>>4 beldate x created on %s - # old versions use 2 additional bytes after time stamp #>>>>>8 ubeshort x 0x%x # display key algorithm 1~RSA Encrypt|Sign - 21~Diffie-Hellman >>>>>10 use key_algo >>>>>(11.S/8) ubequad x # look after first key >>>>>>&5 use keyend # new version >>>>3 ubyte >3 >>>>>9 ubeshort x %db >>>>>4 beldate x created on %s - # display key algorithm >>>>>8 use key_algo >>>>>(9.S/8) ubequad x # look after first key for something like s2k >>>>>>&3 use keyend @ 1.2 log @sync with head of upstream to fix MacOS/X compilation and more. @ text @d3 1 a3 1 # $File: pgp,v 1.10 2014/10/14 16:50:37 christos Exp $ d24 2 d28 2 d32 50 @ 1.1 log @Initial revision @ text @d3 1 d28 388 @ 1.1.1.1 log @from ftp.astron.com @ text @@ 1.1.1.2 log @from ftp.astron.com. - many security related fixes - no MAXPATHLEN limits - fixed missing text specification on ascii magic - new ``pascal'' style string formats - whitespace comparison fix - more magic @ text @a2 1 # $File: pgp,v 1.9 2009/09/19 16:28:11 christos Exp $ @ 1.1.1.3 log @Import file-5.22 @ text @d3 1 a3 1 # $File: pgp,v 1.11 2014/11/11 21:32:38 christos Exp $ a23 2 >10 search/100 \n\n >>&0 use pgp a25 2 >10 search/100 \n\n >>&0 use pgp a27 438 >10 search/100 \n\n >>&0 use pgp # Decode the type of the packet based on it's base64 encoding. # Idea from Mark Martinec # The specification is in RFC 4880, section 4.2 and 4.3: # http://tools.ietf.org/html/rfc4880#section-4.2 0 name pgp >0 byte 0x67 Reserved (old) >0 byte 0x68 Public-Key Encrypted Session Key (old) >0 byte 0x69 Signature (old) >0 byte 0x6a Symmetric-Key Encrypted Session Key (old) >0 byte 0x6b One-Pass Signature (old) >0 byte 0x6c Secret-Key (old) >0 byte 0x6d Public-Key (old) >0 byte 0x6e Secret-Subkey (old) >0 byte 0x6f Compressed Data (old) >0 byte 0x70 Symmetrically Encrypted Data (old) >0 byte 0x71 Marker (old) >0 byte 0x72 Literal Data (old) >0 byte 0x73 Trust (old) >0 byte 0x74 User ID (old) >0 byte 0x75 Public-Subkey (old) >0 byte 0x76 Unused (old) >0 byte 0x77 >>1 byte&0xc0 0x00 Reserved >>1 byte&0xc0 0x40 Public-Key Encrypted Session Key >>1 byte&0xc0 0x80 Signature >>1 byte&0xc0 0xc0 Symmetric-Key Encrypted Session Key >0 byte 0x78 >>1 byte&0xc0 0x00 One-Pass Signature >>1 byte&0xc0 0x40 Secret-Key >>1 byte&0xc0 0x80 Public-Key >>1 byte&0xc0 0xc0 Secret-Subkey >0 byte 0x79 >>1 byte&0xc0 0x00 Compressed Data >>1 byte&0xc0 0x40 Symmetrically Encrypted Data >>1 byte&0xc0 0x80 Marker >>1 byte&0xc0 0xc0 Literal Data >0 byte 0x7a >>1 byte&0xc0 0x00 Trust >>1 byte&0xc0 0x40 User ID >>1 byte&0xc0 0x80 Public-Subkey >>1 byte&0xc0 0xc0 Unused [z%x] >0 byte 0x30 >>1 byte&0xc0 0x00 Unused [0%x] >>1 byte&0xc0 0x40 User Attribute >>1 byte&0xc0 0x80 Sym. Encrypted and Integrity Protected Data >>1 byte&0xc0 0xc0 Modification Detection Code # magic signatures to detect PGP crypto material (from stef) # detects and extracts metadata from: # - symmetric encrypted packet header # - RSA (e=65537) secret (sub-)keys # 1024b RSA encrypted data 0 string \x84\x8c\x03 PGP RSA encrypted session key - >3 lelong x keyid: %X >7 lelong x %X >11 byte 0x01 RSA (Encrypt or Sign) 1024b >11 byte 0x02 RSA Encrypt-Only 1024b >12 string \x04\x00 >12 string \x03\xff >12 string \x03\xfe >12 string \x03\xfd >12 string \x03\xfc >12 string \x03\xfb >12 string \x03\xfa >12 string \x03\xf9 >142 byte 0xd2 . # 2048b RSA encrypted data 0 string \x85\x01\x0c\x03 PGP RSA encrypted session key - >4 lelong x keyid: %X >8 lelong x %X >12 byte 0x01 RSA (Encrypt or Sign) 2048b >12 byte 0x02 RSA Encrypt-Only 2048b >13 string \x08\x00 >13 string \x07\xff >13 string \x07\xfe >13 string \x07\xfd >13 string \x07\xfc >13 string \x07\xfb >13 string \x07\xfa >13 string \x07\xf9 >271 byte 0xd2 . # 3072b RSA encrypted data 0 string \x85\x01\x8c\x03 PGP RSA encrypted session key - >4 lelong x keyid: %X >8 lelong x %X >12 byte 0x01 RSA (Encrypt or Sign) 3072b >12 byte 0x02 RSA Encrypt-Only 3072b >13 string \x0c\x00 >13 string \x0b\xff >13 string \x0b\xfe >13 string \x0b\xfd >13 string \x0b\xfc >13 string \x0b\xfb >13 string \x0b\xfa >13 string \x0b\xf9 >399 byte 0xd2 . # 3072b RSA encrypted data 0 string \x85\x02\x0c\x03 PGP RSA encrypted session key - >4 lelong x keyid: %X >8 lelong x %X >12 byte 0x01 RSA (Encrypt or Sign) 4096b >12 byte 0x02 RSA Encrypt-Only 4096b >13 string \x10\x00 >13 string \x0f\xff >13 string \x0f\xfe >13 string \x0f\xfd >13 string \x0f\xfc >13 string \x0f\xfb >13 string \x0f\xfa >13 string \x0f\xf9 >527 byte 0xd2 . # 4096b RSA encrypted data 0 string \x85\x04\x0c\x03 PGP RSA encrypted session key - >4 lelong x keyid: %X >8 lelong x %X >12 byte 0x01 RSA (Encrypt or Sign) 8129b >12 byte 0x02 RSA Encrypt-Only 8129b >13 string \x20\x00 >13 string \x1f\xff >13 string \x1f\xfe >13 string \x1f\xfd >13 string \x1f\xfc >13 string \x1f\xfb >13 string \x1f\xfa >13 string \x1f\xf9 >1039 byte 0xd2 . # crypto algo mapper 0 name crypto >0 byte 0x00 Plaintext or unencrypted data >0 byte 0x01 IDEA >0 byte 0x02 TripleDES >0 byte 0x03 CAST5 (128 bit key) >0 byte 0x04 Blowfish (128 bit key, 16 rounds) >0 byte 0x07 AES with 128-bit key >0 byte 0x08 AES with 192-bit key >0 byte 0x09 AES with 256-bit key >0 byte 0x0a Twofish with 256-bit key # hash algo mapper 0 name hash >0 byte 0x01 MD5 >0 byte 0x02 SHA-1 >0 byte 0x03 RIPE-MD/160 >0 byte 0x08 SHA256 >0 byte 0x09 SHA384 >0 byte 0x0a SHA512 >0 byte 0x0b SHA224 # pgp symmetric encrypted data 0 byte 0x8c PGP symmetric key encrypted data - >1 byte 0x0d >1 byte 0x0c >2 byte 0x04 >3 use crypto >4 byte 0x01 salted - >>5 use hash >>14 byte 0xd2 . >>14 byte 0xc9 . >4 byte 0x03 salted & iterated - >>5 use hash >>15 byte 0xd2 . >>15 byte 0xc9 . # encrypted keymaterial needs s2k & can be checksummed/hashed 0 name chkcrypto >0 use crypto >1 byte 0x00 Simple S2K >1 byte 0x01 Salted S2K >1 byte 0x03 Salted&Iterated S2K >2 use hash # all PGP keys start with this prolog # containing version, creation date, and purpose 0 name keyprolog >0 byte 0x04 >1 beldate x created on %s - >5 byte 0x01 RSA (Encrypt or Sign) >5 byte 0x02 RSA Encrypt-Only # end of secret keys known signature # contains e=65537 and the prolog to # the encrypted parameters 0 name keyend >0 string \x00\x11\x01\x00\x01 e=65537 >5 use crypto >5 byte 0xff checksummed >>6 use chkcrypto >5 byte 0xfe hashed >>6 use chkcrypto # PGP secret keys contain also the public parts # these vary by bitsize of the key 0 name x1024 >0 use keyprolog >6 string \x03\xfe >6 string \x03\xff >6 string \x04\x00 >136 use keyend 0 name x2048 >0 use keyprolog >6 string \x80\x00 >6 string \x07\xfe >6 string \x07\xff >264 use keyend 0 name x3072 >0 use keyprolog >6 string \x0b\xfe >6 string \x0b\xff >6 string \x0c\x00 >392 use keyend 0 name x4096 >0 use keyprolog >6 string \x10\x00 >6 string \x0f\xfe >6 string \x0f\xff >520 use keyend # \x00|\x1f[\xfe\xff]).{1024})' 0 name x8192 >0 use keyprolog >6 string \x20\x00 >6 string \x1f\xfe >6 string \x1f\xff >1032 use keyend # depending on the size of the pkt # we branch into the proper key size # signatures defined as x{keysize} >0 name pgpkey >0 string \x01\xd8 1024b >>2 use x1024 >0 string \x01\xeb 1024b >>2 use x1024 >0 string \x01\xfb 1024b >>2 use x1024 >0 string \x01\xfd 1024b >>2 use x1024 >0 string \x01\xf3 1024b >>2 use x1024 >0 string \x01\xee 1024b >>2 use x1024 >0 string \x01\xfe 1024b >>2 use x1024 >0 string \x01\xf4 1024b >>2 use x1024 >0 string \x02\x0d 1024b >>2 use x1024 >0 string \x02\x03 1024b >>2 use x1024 >0 string \x02\x05 1024b >>2 use x1024 >0 string \x02\x15 1024b >>2 use x1024 >0 string \x02\x00 1024b >>2 use x1024 >0 string \x02\x10 1024b >>2 use x1024 >0 string \x02\x04 1024b >>2 use x1024 >0 string \x02\x06 1024b >>2 use x1024 >0 string \x02\x16 1024b >>2 use x1024 >0 string \x03\x98 2048b >>2 use x2048 >0 string \x03\xab 2048b >>2 use x2048 >0 string \x03\xbb 2048b >>2 use x2048 >0 string \x03\xbd 2048b >>2 use x2048 >0 string \x03\xcd 2048b >>2 use x2048 >0 string \x03\xb3 2048b >>2 use x2048 >0 string \x03\xc3 2048b >>2 use x2048 >0 string \x03\xc5 2048b >>2 use x2048 >0 string \x03\xd5 2048b >>2 use x2048 >0 string \x03\xae 2048b >>2 use x2048 >0 string \x03\xbe 2048b >>2 use x2048 >0 string \x03\xc0 2048b >>2 use x2048 >0 string \x03\xd0 2048b >>2 use x2048 >0 string \x03\xb4 2048b >>2 use x2048 >0 string \x03\xc4 2048b >>2 use x2048 >0 string \x03\xc6 2048b >>2 use x2048 >0 string \x03\xd6 2048b >>2 use x2048 >0 string \x05X 3072b >>2 use x3072 >0 string \x05k 3072b >>2 use x3072 >0 string \x05{ 3072b >>2 use x3072 >0 string \x05} 3072b >>2 use x3072 >0 string \x05\x8d 3072b >>2 use x3072 >0 string \x05s 3072b >>2 use x3072 >0 string \x05\x83 3072b >>2 use x3072 >0 string \x05\x85 3072b >>2 use x3072 >0 string \x05\x95 3072b >>2 use x3072 >0 string \x05n 3072b >>2 use x3072 >0 string \x05\x7e 3072b >>2 use x3072 >0 string \x05\x80 3072b >>2 use x3072 >0 string \x05\x90 3072b >>2 use x3072 >0 string \x05t 3072b >>2 use x3072 >0 string \x05\x84 3072b >>2 use x3072 >0 string \x05\x86 3072b >>2 use x3072 >0 string \x05\x96 3072b >>2 use x3072 >0 string \x07[ 4096b >>2 use x4096 >0 string \x07\x18 4096b >>2 use x4096 >0 string \x07+ 4096b >>2 use x4096 >0 string \x07; 4096b >>2 use x4096 >0 string \x07= 4096b >>2 use x4096 >0 string \x07M 4096b >>2 use x4096 >0 string \x073 4096b >>2 use x4096 >0 string \x07C 4096b >>2 use x4096 >0 string \x07E 4096b >>2 use x4096 >0 string \x07U 4096b >>2 use x4096 >0 string \x07. 4096b >>2 use x4096 >0 string \x07> 4096b >>2 use x4096 >0 string \x07@@ 4096b >>2 use x4096 >0 string \x07P 4096b >>2 use x4096 >0 string \x074 4096b >>2 use x4096 >0 string \x07D 4096b >>2 use x4096 >0 string \x07F 4096b >>2 use x4096 >0 string \x07V 4096b >>2 use x4096 >0 string \x0e[ 8192b >>2 use x8192 >0 string \x0e\x18 8192b >>2 use x8192 >0 string \x0e+ 8192b >>2 use x8192 >0 string \x0e; 8192b >>2 use x8192 >0 string \x0e= 8192b >>2 use x8192 >0 string \x0eM 8192b >>2 use x8192 >0 string \x0e3 8192b >>2 use x8192 >0 string \x0eC 8192b >>2 use x8192 >0 string \x0eE 8192b >>2 use x8192 >0 string \x0eU 8192b >>2 use x8192 >0 string \x0e. 8192b >>2 use x8192 >0 string \x0e> 8192b >>2 use x8192 >0 string \x0e@@ 8192b >>2 use x8192 >0 string \x0eP 8192b >>2 use x8192 >0 string \x0e4 8192b >>2 use x8192 >0 string \x0eD 8192b >>2 use x8192 >0 string \x0eF 8192b >>2 use x8192 >0 string \x0eV 8192b >>2 use x8192 # PGP RSA (e=65537) secret (sub-)key header 0 byte 0x95 PGP Secret Key - >1 use pgpkey 0 byte 0x97 PGP Secret Sub-key - >1 use pgpkey 0 byte 0x9d PGP Secret Sub-key - >1 use pgpkey @ 1.1.1.4 log @2017-02-10 12:24 Christos Zoulas * release 5.30 2017-02-07 23:27 Christos Zoulas * If we exceeded the offset in a search return no match (Christoph Biedl) * Be more lenient on corrupt CDF files (Christoph Biedl) 2017-02-04 16:46 Christos Zoulas * pacify ubsan sign extension (oss-fuzz/524) 2017-02-01 12:42 Christos Zoulas * off by one in cdf parsing (PR/593) * report debugging sections in elf (PR/591) 2016-11-06 10:52 Christos Zoulas * Allow @@@@@@ in extensions * Add missing overflow check in der magic (Jonas Wagner) 2016-10-25 10:40 Christos Zoulas * release 5.29 2016-10-24 11:20 Christos Zoulas * der getlength overflow (Jonas Wagner) * multiple magic file load failure (Christoph Biedl) 2016-10-17 11:26 Christos Zoulas * CDF parsing improvements (Guy Helmer) 2016-07-20 7:26 Christos Zoulas * Add support for signed indirect offsets 2016-07-18 7:41 Christos Zoulas * cat /dev/null | file - should print empty (Christoph Biedl) 2016-07-05 15:20 Christos Zoulas * Bump string size from 64 to 96. 2016-06-13 20:20 Christos Zoulas * PR/556: Fix separators on annotations. 2016-06-13 19:40 Christos Zoulas * release 5.28 * fix leak on allocation failure 2016-06-01 1:20 Christos Zoulas * PR/555: Avoid overflow for offset > nbytes * PR/550: Segv on DER parsing: - use the correct variable for length - set offset to 0 on failure. 2016-05-13 12:00 Christos Zoulas * release 5.27 2016-04-18 9:35 Christos Zoulas * Errors comparing DER entries or computing offsets are just indications of malformed non-DER files. Don't print them. * Offset comparison was off-by-one. * Fix compression code (Werner Fink) * Put new bytes constant in the right file (not the generated one) 2016-04-16 18:34 Christos Zoulas * release 5.26 2016-03-31 13:50 Christos Zoulas * make the number of bytes read from files configurable. 2016-03-21 13:40 Christos Zoulas * Add bounds checks for DER code (discovered by Thomas Jarosch) * Change indirect recursion limit to indirect use count and bump from 15 to 50 to prevent abuse. 2016-03-13 20:39 Christos Zoulas * Add -00 which prints filename\0description\0 2016-03-01 13:28 Christos Zoulas * Fix ID3 indirect parsing 2016-01-19 10:18 Christos Zoulas * add DER parsing capability 2015-11-13 10:35 Christos Zoulas * provide dprintf(3) for the OS's that don't have it. 2015-11-11 16:25 Christos Zoulas * redo the compression code report decompression errors 2015-11-10 23:25 Christos Zoulas * REG_STARTEND code is not working as expected, delete it. 2015-11-09 16:05 Christos Zoulas * Add zlib support if we have it. 2015-11-05 11:22 Christos Zoulas * PR/492: compression forking was broken with magic_buffer. 2015-09-16 9:50 Christos Zoulas * release 5.25 2015-09-11 13:25 Christos Zoulas * add a limit to the length of regex searches 2015-09-08 9:50 Christos Zoulas * fix problems with --parameter (Christoph Biedl) 2015-07-11 10:35 Christos Zoulas * Windows fixes PR/466 (Jason Hood) 2015-07-09 10:35 Christos Zoulas * release 5.24 2015-06-11 8:52 Christos Zoulas * redo long option encoding to fix off-by-one in 5.23 2015-06-10 13:50 Christos Zoulas * release 5.23 2015-06-09 16:10 Christos Zoulas * Fix issue with regex range for magic with offset * Always return true from mget with USE (success to mget not match indication). Fixes mime evaluation after USE magic * PR/459: Don't insert magic entries to the list if there are parsing errors for them. 2015-06-03 16:00 Christos Zoulas * PR/455: Add utf-7 encoding 2015-06-03 14:30 Christos Zoulas * PR/455: Implement -Z, look inside, but don't report on compression * PR/454: Fix allocation error on bad magic. 2015-05-29 10:30 Christos Zoulas * handle MAGIC_CONTINUE everywhere, not just in softmagic 2015-05-21 14:30 Christos Zoulas * don't print descriptions for NAME types when mime. 2015-04-09 15:59 Christos Zoulas * Add --extension to list the known extensions for this file type Idea by Andrew J Roazen 2015-02-14 12:23 Christos Zoulas * Bump file search buffer size to 1M. 2015-01-09 14:35 Christos Zoulas * Fix multiple issues with date formats reported by Christoph Biedl: - T_LOCAL meaning was reversed - Arithmetic did not work Also stop adjusting daylight savings for gmt printing. 2015-01-05 13:00 Christos Zoulas * PR/411: Fix memory corruption from corrupt cdf file. @ text @d3 1 a3 1 # $File: pgp,v 1.13 2017/01/22 21:13:13 christos Exp $ d22 1 a22 1 2 string ---BEGIN\040PGP\040PUBLIC\040KEY\040BLOCK- PGP public key block d26 1 a26 1 0 string -----BEGIN\040PGP\040MESSAGE- PGP message d30 1 a30 1 0 string -----BEGIN\040PGP\040SIGNATURE- PGP signature a196 17 # display public key algorithms as human readable text 0 name key_algo >0 byte 0x01 RSA (Encrypt or Sign) # keep old look of version 5.28 without parentheses >0 byte 0x02 RSA Encrypt-Only >0 byte 0x03 RSA (Sign-Only) >0 byte 16 ElGamal (Encrypt-Only) >0 byte 17 DSA >0 byte 18 Elliptic Curve >0 byte 19 ECDSA >0 byte 20 ElGamal (Encrypt or Sign) >0 byte 21 Diffie-Hellman >0 default x >>0 ubyte <22 unknown (pub %d) # this should never happen >>0 ubyte >21 invalid (%d) d468 2 a469 38 0 byte 0x9d # Update: Joerg Jenderek # secret subkey packet (tag 7) with same structure as secret key packet (tag 5) # skip Fetus.Sys16 CALIBUS.MAIN OrbFix.Sys16.Ex by looking for positive len >1 ubeshort >0 #>1 ubeshort x \b, body length 0x%x # next packet type often 88h,89h~(tag 2)~Signature Packet #>>(1.S+3) ubyte x \b, next packet type 0x%x # skip Dragon.SHR DEMO.INIT by looking for positive version >>3 ubyte >0 # skip BUISSON.13 GUITAR1 by looking for low version number >>>3 ubyte <5 PGP Secret Sub-key # sub-key are normally part of secret key. So it does not occur as standalone file #!:ext bin # version 2,3~old 4~new . Comment following line for version 5.28 look >>>>3 ubyte x (v%d) >>>>3 ubyte x - # old versions 2 or 3 but no real example found >>>>3 ubyte <4 # 2 byte for key bits in version 5.28 look >>>>>11 ubeshort x %db >>>>>4 beldate x created on %s - # old versions use 2 additional bytes after time stamp #>>>>>8 ubeshort x 0x%x # display key algorithm 1~RSA Encrypt|Sign - 21~Diffie-Hellman >>>>>10 use key_algo >>>>>(11.S/8) ubequad x # look after first key >>>>>>&5 use keyend # new version >>>>3 ubyte >3 >>>>>9 ubeshort x %db >>>>>4 beldate x created on %s - # display key algorithm >>>>>8 use key_algo >>>>>(9.S/8) ubequad x # look after first key for something like s2k >>>>>>&3 use keyend @ 1.1.1.5 log @Import file-5.31; mostly oss-fuzz found bugs. @ text @d3 1 a3 1 # $File: pgp,v 1.14 2017/03/17 21:35:28 christos Exp $ d80 1 a80 1 >>1 byte&0xc0 0x80 Sym. Encrypted and Integrity Protected Data d209 1 a209 1 >0 default x d485 1 a485 1 0 byte 0x9d d489 1 a489 1 >1 ubeshort >0 d494 1 a494 1 >>3 ubyte >0 d503 1 a503 1 >>>>3 ubyte <4 d511 1 a511 1 >>>>>(11.S/8) ubequad x d515 1 a515 1 >>>>3 ubyte >3 d520 1 a520 1 >>>>>(9.S/8) ubequad x @ 1.1.1.6 log @2018-04-15 14:52 Christos Zoulas * release 5.33 2018-02-24 14:50 Christos Zoulas * extend the support for ${x?:} expansions for magic descriptions 2018-02-21 16:25 Christos Zoulas * add support for ${x?:} in mime types to handle pie binaries. 2017-11-03 9:23 Christos Zoulas * add support for negative offsets (offsets from the end of file) 2017-09-26 8:22 Christos Zoulas * close the file on error when writing magic (Steve Grubb) 2017-09-24 12:02 Christos Zoulas * seccomp support (Paul Moore) 2017-09-02 11:53 Christos Zoulas * release 5.32 2017-08-28 16:37 Christos Zoulas * Always reset state in {file,buffer}_apprentice (Krzysztof Wilczynski) 2017-08-27 03:55 Christos Zoulas * Fix always true condition (Thomas Jarosch) 2017-05-24 17:30 Christos Zoulas * pickier parsing of numeric values in magic files. 2017-05-23 17:55 Christos Zoulas * PR/615 add magic_getflags() @ text @d3 1 a3 1 # $File: pgp,v 1.15 2018/02/24 16:11:23 christos Exp $ d7 2 a8 41 # Update: Joerg Jenderek # Note: verified by `gpg -v --debug 0x02 --list-packets < PUBRING263_10.PGP` #0 byte 0x99 MAYBE PGP 0x99 0 byte 0x99 # 99h~10;0110;01~2=old packet type;tag 6=Public-Key Packet;1=two-octet length # A two-octet body header encodes packet lengths of 192~00C0h - 8383~20BFh #>1 ubeshort x \b, body length 0x%.4x # skip Basic.Image Beauty.320 Pic.Icons by looking for low version number #>3 ubyte x \b, V=%u #>3 ubyte <5 VERSION OK >3 ubyte <5 # next packet type often b4h~(tag 13)~User ID Packet, b0h~(tag 12)~Trust packet #>>(1.S+3) ubyte x \b, next packet type 0x%x # skip 9900-v4.bin 9902-v4.bin by looking for valid second packet type (bit 7=1) #>>(1.S+3) ubyte >0x7F TYPE OK, >>(1.S+3) ubyte >0x7F # old versions 2,3 implies Pretty Good Privacy >>>3 ubyte <4 PGP key public ring (v%u) !:mime application/pgp-keys !:ext pgp/ASD >>>>4 beldate x created %s # days that this key is valid. If this number is zero, then it does not expire >>>>8 ubeshort >0 \b, %u days valid >>>>8 ubeshort =0 \b, not expire # display key algorithm 1~RSA (Encrypt or Sign) >>>>10 use key_algo # Multiprecision Integers (MPI) size >>>>11 ubeshort x %u bits # MPI >>>>13 ubequad x MPI=0x%16.16llx... # new version implies Pretty Good Privacy (PGP) >= 5.0 or Gnu Privacy Guard (GPG) >>>3 ubyte >3 PGP/GPG key public ring (v%u) !:mime application/pgp-keys !:ext pgp/gpg/pkr/asd >>>>4 beldate x created %s # display key algorithm 17~DSA >>>>8 use key_algo # Multiprecision Integers (MPI) size >>>>9 ubeshort x %u bits >>>>11 ubequad x MPI=0x%16.16llx... @ 1.1.1.7 log @2019-05-14 22:26 Christos Zoulas * release 5.37 2019-05-09 22:27 Christos Zoulas * Make sure that continuation separators are printed with -k within softmagic 2019-05-06 22:27 Christos Zoulas * Change SIGPIPE saving and restoring during compression to use sigaction(2) instead of signal(3) and cache it. (Denys Vlasenko) * Cache stat(2) calls more to reduce number of calls (Denys Vlasenko) 2019-05-06 17:25 Christos Zoulas * PR/77: Handle --mime-type and -k correctly. 2019-05-03 15:26 Christos Zoulas * Switch decompression code to use vfork() because tools like rpmdiff and rpmbuild call libmagic with large process footprints (Denys Vlasenko) 2019-04-07 14:05 Christos Zoulas * PR/75: --enable-zlib, did not work. 2019-02-27 11:54 Christos Zoulas * Improve regex efficiency (Michael Schroeder) by: 1. Prefixing regex searches with regular search for keywords where possible 2. Using memmem(3) where available @ text @d3 1 a3 1 # $File: pgp,v 1.17 2019/04/19 00:42:27 christos Exp $ d5 1 a5 1 # see https://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html d77 1 a77 1 # https://tools.ietf.org/html/rfc4880#section-4.2 d520 1 a520 1 0 byte 0x95 PGP Secret Key - d522 1 a522 1 0 byte 0x97 PGP Secret Sub-key - @ 1.1.1.8 log @Import 5.39: * Remove unused subtype_mime (Steve Grubb) * Remove unused check in okstat (Steve Grubb) * Fix mime-type in elf binaries by making sure $x is set * Fix indirect negative offsets broken by OFFNEGATIVE * Fix GUID equality check * PR/165: Handle empty array and strings in JSON * PR/162: Add --exclude-quiet * Fix memory leak in ascmagic (Steve Grubb) * Fix string comparison length with ignore whitespace * Fix mingwin 64 compilation * PR/159: whitelist getpid needed for file_pipe2file() * Indicate negative offsets with a flag OFFNEGATIVE so that -0 works. * Introduce "offset" magic type that can be used to detect the file size, and bail on short files. * document DER better in the magic man page. * fix memory leaks (SonarQube) * rewrite confusing loops (SonarQube) * fix bogus test (SonarQube) * pass a sized buffer to file_fmttime() (SonarQube) * Don't allow * in printf formats, or the code itself (Christoph Biedl) * Introduce a printf output size checker to avoid DoS attacks * Avoid memory leak on error (oss-fuzz) * Check length of string on DER before derefercing and add new types * Add missing DER string (oss-fuzz) * Add missing DER types, and debugging * PR/140: Avoid abort with hand-crafted magic file (gockelhahn) * PR/139: Avoid DoS in printf with hand-crafted magic file (gockelhahn) * PR/138: Avoid crash with hand-crafted magic file (gockelhahn) * PR/136: Fix static build by adding a libmagic.pc (Fabrice Fontaine) * add guid support native support via the "guid" type. @ text @d3 1 a3 1 # $File: pgp,v 1.21 2020/03/20 17:11:05 christos Exp $ a60 7 # Update: Joerg Jenderek # URL: http://en.wikipedia.org/wiki/Pretty_Good_Privacy # Reference: https://reposcope.com/mimetype/application/pgp-keys 2 string ---BEGIN\040PGP\040PRIVATE\040KEY\040BLOCK- PGP private key block #!:mime text/PGP !:mime application/pgp-keys !:ext asc a62 1 !:ext asc d66 1 a66 5 # https://reposcope.com/mimetype/application/pgp-encrypted #!:mime application/pgp !:mime application/pgp-encrypted !:ext asc #!:ext asc/pgp/gpg a68 6 # Reference: https://www.gnupg.org/gph/en/manual/x135.html 0 string -----BEGIN\040PGP\040SIGNED\040MESSAGE- PGP signed message #!:mime text/plain !:mime text/PGP #!:mime application/pgp !:ext asc a69 1 # https://reposcope.com/mimetype/application/pgp-signature a70 1 !:ext asc d130 2 a131 2 >3 belong x keyid: %08X >7 belong x %08X d147 2 a148 2 >4 belong x keyid: %08X >8 belong x %08X d164 2 a165 2 >4 belong x keyid: %08X >8 belong x %08X d178 1 a178 1 # 4096b RSA encrypted data d181 2 a182 2 >4 belong x keyid: %08X >8 belong x %08X d195 1 a195 1 # 8192b RSA encrypted data d198 4 a201 4 >4 belong x keyid: %08X >8 belong x %08X >12 byte 0x01 RSA (Encrypt or Sign) 8192b >12 byte 0x02 RSA Encrypt-Only 8192b a211 45 # 1024b Elgamal encrypted data 0 string \x85\x01\x0e\x03 PGP Elgamal encrypted session key - >4 belong x keyid: %08X >8 belong x %08X >12 byte 0x10 Elgamal Encrypt-Only 1024b. >13 string \x04\x00 >13 string \x03\xff >13 string \x03\xfe >13 string \x03\xfd >13 string \x03\xfc >13 string \x03\xfb >13 string \x03\xfa >13 string \x03\xf9 # 2048b Elgamal encrypted data 0 string \x85\x02\x0e\x03 PGP Elgamal encrypted session key - >4 belong x keyid: %08X >8 belong x %08X >12 byte 0x10 Elgamal Encrypt-Only 2048b. >13 string \x08\x00 >13 string \x07\xff >13 string \x07\xfe >13 string \x07\xfd >13 string \x07\xfc >13 string \x07\xfb >13 string \x07\xfa >13 string \x07\xf9 # 3072b Elgamal encrypted data 0 string \x85\x03\x0e\x03 PGP Elgamal encrypted session key - >4 belong x keyid: %08X >8 belong x %08X >12 byte 0x10 Elgamal Encrypt-Only 3072b. >13 string \x0c\x00 >13 string \x0b\xff >13 string \x0b\xfe >13 string \x0b\xfd >13 string \x0b\xfc >13 string \x0b\xfb >13 string \x0b\xfa >13 string \x0b\xf9 @ 1.1.1.9 log @2021-03-30 20:21 Christos Zoulas * release 5.40 2021-02-05 16:31 Christos Zoulas * PR/234: Add limit to the number of bytes to scan for encoding * PR/230: Fix /T (trim flag) for regex 2021-02-01 12:31 Christos Zoulas * PR/77: Trim trailing separator. 2020-12-17 15:44 Christos Zoulas * PR/211: Convert system read errors from corrupt ELF files into human readable error messages 2020-12-08 16:24 Christos Zoulas * fix multithreaded decompression file descriptor issue by using close-on-exec (Denys Vlasenko) 2020-06-27 11:58 Christos Zoulas * Exclude surrogate pairs from utf-8 detection (Michael Liu) 2020-06-25 12:53 Christos Zoulas * Include # to the list of ignored format chars (Werner Fink) @ text @d3 1 a3 1 # $File: pgp,v 1.24 2020/10/14 21:07:29 christos Exp $ a4 2 # Handling of binary PGP keys is in pgp-binary-keys. d7 45 d407 1 a407 1 0 name pgpkey d585 2 @ 1.1.1.10 log @Import file-5.43+; last was file-5.40 2022-09-20 17:12 Christos Zoulas * fixed various clustefuzz issues 2022-09-19 15:54 Christos Zoulas * Fix error detection for decompression code (Vincent Mihalkovic) 2022-09-15 13:50 Christos Zoulas * Add MAGIC_NO_COMPRESS_FORK and use it to produce a more meaningful error message if we are sandboxing. 2022-09-15 10:45 Christos Zoulas * Add built-in lzip decompression support (Michal Gorny) 2022-09-14 10:35 Christos Zoulas * Add built-in zstd decompression support (Martin Rodriguez Reboredo) 2022-09-13 14:55 Christos Zoulas * release 5.43 2022-09-10 9:17 Christos Zoulas * Add octal indirect magic (Michal Gorny) 2022-08-17 11:43 Christos Zoulas * PR/374: avoid infinite loop in non-wide code (piru) * PR/373: Obey MAGIC_CONTINUE with multiple magic files (vismarli) 2022-07-26 11:10 Christos Zoulas * Fix bug with large flist (Florian Weimer) 2022-07-07 13:21 Christos Zoulas * PR/364: Detect non-nul-terminated core filenames from QEMU (mam-ableton) 2022-07-04 15:45 Christos Zoulas * PR/359: Add support for http://ndjson.org/ (darose) * PR/362: Fix wide printing (ro-ee) * PR/358: Fix width for -f - (jpalus) * PR/356: Fix JSON constant parsing (davewhite) 2022-06-10 9:40 Christos Zoulas * release 5.42 2022-05-31 14:50 Christos Zoulas * PR/348: add missing cases to prevent file from aborting on random magic files. 2022-05-27 21:05 Christos Zoulas * PR/351: octalify filenames when not raw before printing. 2022-04-18 17:51 Christos Zoulas * fix regex cacheing bug (Dirk Mueller) * merge file_regcomp and file_regerror() to simplify the code and reduce memory requirements for storing regexes (Dirk Mueller) 2022-03-19 12:56 Christos Zoulas * cache regex (Dirk Mueller) * detect filesystem full by flushing output (Dirk Mueller) 2021-11-19 12:36 Christos Zoulas * implement running decompressor programs using posix_spawnp(2) instead of vfork(2) 2021-10-24 11:51 Christos Zoulas * Add support for msdos dates and times 2021-10-20 9:55 Christos Zoulas * use the system byte swapping functions if available (Werner Fink) 2021-10-18 11:57 Christos Zoulas * release 5.41 2021-09-23 03:51 Christos Zoulas * Avinash Sonawane: Fix tzname detection 2021-09-03 09:17 Christos Zoulas * Fix relationship tests with "search" magic, don't short circuit logic 2021-07-13 01:06 Christos Zoulas * Fix memory leak in compile mode 2021-07-01 03:51 Christos Zoulas * PR/272: kiefermat: Only set returnval = 1 when we printed something (in all cases print or !print). This simplifies the logic and fixes the issue in the PR with -k and --mime-type there was no continuation printed before the default case. 2021-06-30 13:07 Christos Zoulas * PR/270: Don't translate unprintable characters in %s magic formats when -r * PR/269: Avoid undefined behavior with clang (adding offset to NULL) 2021-05-09 18:38 Christos Zoulas * Add a new flag (f) that requires that the match is a full word, not a partial word match. * Add varint types (unused) 2021-04-19 17:17 Christos Zoulas * PR/256: mutableVoid: If the file is less than 3 bytes, use the file length to determine type * PR/259: aleksandr.v.novichkov: mime printing through indirect magic is not taken into account, use match directly so that it does. 2021-04-04 17:02 Christos Zoulas * count the total bytes found not the total byte positions in order to determine encoding (Anatol Belski) @ text @d3 1 a3 1 # $File: pgp,v 1.25 2021/04/26 15:56:00 christos Exp $ d549 1 a549 1 #>1 ubeshort x \b, body length %#x d551 1 a551 1 #>>(1.S+3) ubyte x \b, next packet type %#x d567 1 a567 1 #>>>>>8 ubeshort x %#x @ 1.1.1.1.2.1 log @file pgp was added on branch jym-xensuspend on 2009-05-13 18:51:59 +0000 @ text @d1 26 @ 1.1.1.1.2.2 log @Sync with HEAD. Second commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html @ text @a0 26 #------------------------------------------------------------------------------ # pgp: file(1) magic for Pretty Good Privacy # see http://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html # 0 beshort 0x9900 PGP key public ring !:mime application/x-pgp-keyring 0 beshort 0x9501 PGP key security ring !:mime application/x-pgp-keyring 0 beshort 0x9500 PGP key security ring !:mime application/x-pgp-keyring 0 beshort 0xa600 PGP encrypted data #!:mime application/pgp-encrypted #0 string -----BEGIN\040PGP text/PGP armored data !:mime text/PGP # encoding: armored data #>15 string PUBLIC\040KEY\040BLOCK- public key block #>15 string MESSAGE- message #>15 string SIGNED\040MESSAGE- signed message #>15 string PGP\040SIGNATURE- signature 2 string ---BEGIN\ PGP\ PUBLIC\ KEY\ BLOCK- PGP public key block !:mime application/pgp-keys 0 string -----BEGIN\040PGP\40MESSAGE- PGP message !:mime application/pgp 0 string -----BEGIN\040PGP\40SIGNATURE- PGP signature !:mime application/pgp-signature @