2 #------------------------------------------------------------------------------
3 # $File: pgp,v 1.21 2020/03/20 17:11:05 christos Exp $
4 # pgp: file(1) magic for Pretty Good Privacy
5 # see https://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html
7 # Update: Joerg Jenderek
8 # Note: verified by `gpg -v --debug 0x02 --list-packets < PUBRING263_10.PGP`
9 #0 byte 0x99 MAYBE PGP 0x99
11 # 99h~10;0110;01~2=old packet type;tag 6=Public-Key Packet;1=two-octet length
12 # A two-octet body header encodes packet lengths of 192~00C0h - 8383~20BFh
13 #>1 ubeshort x \b, body length 0x%.4x
14 # skip Basic.Image Beauty.320 Pic.Icons by looking for low version number
16 #>3 ubyte <5 VERSION OK
18 # next packet type often b4h~(tag 13)~User ID Packet, b0h~(tag 12)~Trust packet
19 #>>(1.S+3) ubyte x \b, next packet type 0x%x
20 # skip 9900-v4.bin 9902-v4.bin by looking for valid second packet type (bit 7=1)
21 #>>(1.S+3) ubyte >0x7F TYPE OK,
23 # old versions 2,3 implies Pretty Good Privacy
24 >>>3 ubyte <4 PGP key public ring (v%u)
25 !:mime application/pgp-keys
27 >>>>4 beldate x created %s
28 # days that this key is valid. If this number is zero, then it does not expire
29 >>>>8 ubeshort >0 \b, %u days valid
30 >>>>8 ubeshort =0 \b, not expire
31 # display key algorithm 1~RSA (Encrypt or Sign)
33 # Multiprecision Integers (MPI) size
34 >>>>11 ubeshort x %u bits
36 >>>>13 ubequad x MPI=0x%16.16llx...
37 # new version implies Pretty Good Privacy (PGP) >= 5.0 or Gnu Privacy Guard (GPG)
38 >>>3 ubyte >3 PGP/GPG key public ring (v%u)
39 !:mime application/pgp-keys
41 >>>>4 beldate x created %s
42 # display key algorithm 17~DSA
44 # Multiprecision Integers (MPI) size
45 >>>>9 ubeshort x %u bits
46 >>>>11 ubequad x MPI=0x%16.16llx...
48 0 beshort 0x9501 PGP key security ring
49 !:mime application/x-pgp-keyring
50 0 beshort 0x9500 PGP key security ring
51 !:mime application/x-pgp-keyring
52 0 beshort 0xa600 PGP encrypted data
53 #!:mime application/pgp-encrypted
54 #0 string -----BEGIN\040PGP text/PGP armored data
55 !:mime text/PGP # encoding: armored data
56 #>15 string PUBLIC\040KEY\040BLOCK- public key block
57 #>15 string MESSAGE- message
58 #>15 string SIGNED\040MESSAGE- signed message
59 #>15 string PGP\040SIGNATURE- signature
61 # Update: Joerg Jenderek
62 # URL: http://en.wikipedia.org/wiki/Pretty_Good_Privacy
63 # Reference: https://reposcope.com/mimetype/application/pgp-keys
64 2 string ---BEGIN\040PGP\040PRIVATE\040KEY\040BLOCK- PGP private key block
66 !:mime application/pgp-keys
68 2 string ---BEGIN\040PGP\040PUBLIC\040KEY\040BLOCK- PGP public key block
69 !:mime application/pgp-keys
73 0 string -----BEGIN\040PGP\040MESSAGE- PGP message
74 # https://reposcope.com/mimetype/application/pgp-encrypted
75 #!:mime application/pgp
76 !:mime application/pgp-encrypted
81 # Reference: https://www.gnupg.org/gph/en/manual/x135.html
82 0 string -----BEGIN\040PGP\040SIGNED\040MESSAGE- PGP signed message
85 #!:mime application/pgp
87 0 string -----BEGIN\040PGP\040SIGNATURE- PGP signature
88 # https://reposcope.com/mimetype/application/pgp-signature
89 !:mime application/pgp-signature
94 # Decode the type of the packet based on it's base64 encoding.
95 # Idea from Mark Martinec
96 # The specification is in RFC 4880, section 4.2 and 4.3:
97 # https://tools.ietf.org/html/rfc4880#section-4.2
100 >0 byte 0x67 Reserved (old)
101 >0 byte 0x68 Public-Key Encrypted Session Key (old)
102 >0 byte 0x69 Signature (old)
103 >0 byte 0x6a Symmetric-Key Encrypted Session Key (old)
104 >0 byte 0x6b One-Pass Signature (old)
105 >0 byte 0x6c Secret-Key (old)
106 >0 byte 0x6d Public-Key (old)
107 >0 byte 0x6e Secret-Subkey (old)
108 >0 byte 0x6f Compressed Data (old)
109 >0 byte 0x70 Symmetrically Encrypted Data (old)
110 >0 byte 0x71 Marker (old)
111 >0 byte 0x72 Literal Data (old)
112 >0 byte 0x73 Trust (old)
113 >0 byte 0x74 User ID (old)
114 >0 byte 0x75 Public-Subkey (old)
115 >0 byte 0x76 Unused (old)
117 >>1 byte&0xc0 0x00 Reserved
118 >>1 byte&0xc0 0x40 Public-Key Encrypted Session Key
119 >>1 byte&0xc0 0x80 Signature
120 >>1 byte&0xc0 0xc0 Symmetric-Key Encrypted Session Key
122 >>1 byte&0xc0 0x00 One-Pass Signature
123 >>1 byte&0xc0 0x40 Secret-Key
124 >>1 byte&0xc0 0x80 Public-Key
125 >>1 byte&0xc0 0xc0 Secret-Subkey
127 >>1 byte&0xc0 0x00 Compressed Data
128 >>1 byte&0xc0 0x40 Symmetrically Encrypted Data
129 >>1 byte&0xc0 0x80 Marker
130 >>1 byte&0xc0 0xc0 Literal Data
132 >>1 byte&0xc0 0x00 Trust
133 >>1 byte&0xc0 0x40 User ID
134 >>1 byte&0xc0 0x80 Public-Subkey
135 >>1 byte&0xc0 0xc0 Unused [z%x]
137 >>1 byte&0xc0 0x00 Unused [0%x]
138 >>1 byte&0xc0 0x40 User Attribute
139 >>1 byte&0xc0 0x80 Sym. Encrypted and Integrity Protected Data
140 >>1 byte&0xc0 0xc0 Modification Detection Code
142 # magic signatures to detect PGP crypto material (from stef)
143 # detects and extracts metadata from:
144 # - symmetric encrypted packet header
145 # - RSA (e=65537) secret (sub-)keys
147 # 1024b RSA encrypted data
149 0 string \x84\x8c\x03 PGP RSA encrypted session key -
150 >3 belong x keyid: %08X
152 >11 byte 0x01 RSA (Encrypt or Sign) 1024b
153 >11 byte 0x02 RSA Encrypt-Only 1024b
164 # 2048b RSA encrypted data
166 0 string \x85\x01\x0c\x03 PGP RSA encrypted session key -
167 >4 belong x keyid: %08X
169 >12 byte 0x01 RSA (Encrypt or Sign) 2048b
170 >12 byte 0x02 RSA Encrypt-Only 2048b
181 # 3072b RSA encrypted data
183 0 string \x85\x01\x8c\x03 PGP RSA encrypted session key -
184 >4 belong x keyid: %08X
186 >12 byte 0x01 RSA (Encrypt or Sign) 3072b
187 >12 byte 0x02 RSA Encrypt-Only 3072b
198 # 4096b RSA encrypted data
200 0 string \x85\x02\x0c\x03 PGP RSA encrypted session key -
201 >4 belong x keyid: %08X
203 >12 byte 0x01 RSA (Encrypt or Sign) 4096b
204 >12 byte 0x02 RSA Encrypt-Only 4096b
215 # 8192b RSA encrypted data
217 0 string \x85\x04\x0c\x03 PGP RSA encrypted session key -
218 >4 belong x keyid: %08X
220 >12 byte 0x01 RSA (Encrypt or Sign) 8192b
221 >12 byte 0x02 RSA Encrypt-Only 8192b
232 # 1024b Elgamal encrypted data
234 0 string \x85\x01\x0e\x03 PGP Elgamal encrypted session key -
235 >4 belong x keyid: %08X
237 >12 byte 0x10 Elgamal Encrypt-Only 1024b.
247 # 2048b Elgamal encrypted data
249 0 string \x85\x02\x0e\x03 PGP Elgamal encrypted session key -
250 >4 belong x keyid: %08X
252 >12 byte 0x10 Elgamal Encrypt-Only 2048b.
262 # 3072b Elgamal encrypted data
264 0 string \x85\x03\x0e\x03 PGP Elgamal encrypted session key -
265 >4 belong x keyid: %08X
267 >12 byte 0x10 Elgamal Encrypt-Only 3072b.
280 >0 byte 0x00 Plaintext or unencrypted data
282 >0 byte 0x02 TripleDES
283 >0 byte 0x03 CAST5 (128 bit key)
284 >0 byte 0x04 Blowfish (128 bit key, 16 rounds)
285 >0 byte 0x07 AES with 128-bit key
286 >0 byte 0x08 AES with 192-bit key
287 >0 byte 0x09 AES with 256-bit key
288 >0 byte 0x0a Twofish with 256-bit key
295 >0 byte 0x03 RIPE-MD/160
301 # display public key algorithms as human readable text
303 >0 byte 0x01 RSA (Encrypt or Sign)
304 # keep old look of version 5.28 without parentheses
305 >0 byte 0x02 RSA Encrypt-Only
306 >0 byte 0x03 RSA (Sign-Only)
307 >0 byte 16 ElGamal (Encrypt-Only)
309 >0 byte 18 Elliptic Curve
311 >0 byte 20 ElGamal (Encrypt or Sign)
312 >0 byte 21 Diffie-Hellman
314 >>0 ubyte <22 unknown (pub %d)
315 # this should never happen
316 >>0 ubyte >21 invalid (%d)
318 # pgp symmetric encrypted data
320 0 byte 0x8c PGP symmetric key encrypted data -
325 >4 byte 0x01 salted -
329 >4 byte 0x03 salted & iterated -
334 # encrypted keymaterial needs s2k & can be checksummed/hashed
338 >1 byte 0x00 Simple S2K
339 >1 byte 0x01 Salted S2K
340 >1 byte 0x03 Salted&Iterated S2K
343 # all PGP keys start with this prolog
344 # containing version, creation date, and purpose
348 >1 beldate x created on %s -
349 >5 byte 0x01 RSA (Encrypt or Sign)
350 >5 byte 0x02 RSA Encrypt-Only
352 # end of secret keys known signature
353 # contains e=65537 and the prolog to
354 # the encrypted parameters
357 >0 string \x00\x11\x01\x00\x01 e=65537
359 >5 byte 0xff checksummed
364 # PGP secret keys contain also the public parts
365 # these vary by bitsize of the key
395 # \x00|\x1f[\xfe\xff]).{1024})'
403 # depending on the size of the pkt
404 # we branch into the proper key size
405 # signatures defined as x{keysize}
408 >0 string \x01\xd8 1024b
410 >0 string \x01\xeb 1024b
412 >0 string \x01\xfb 1024b
414 >0 string \x01\xfd 1024b
416 >0 string \x01\xf3 1024b
418 >0 string \x01\xee 1024b
420 >0 string \x01\xfe 1024b
422 >0 string \x01\xf4 1024b
424 >0 string \x02\x0d 1024b
426 >0 string \x02\x03 1024b
428 >0 string \x02\x05 1024b
430 >0 string \x02\x15 1024b
432 >0 string \x02\x00 1024b
434 >0 string \x02\x10 1024b
436 >0 string \x02\x04 1024b
438 >0 string \x02\x06 1024b
440 >0 string \x02\x16 1024b
442 >0 string \x03\x98 2048b
444 >0 string \x03\xab 2048b
446 >0 string \x03\xbb 2048b
448 >0 string \x03\xbd 2048b
450 >0 string \x03\xcd 2048b
452 >0 string \x03\xb3 2048b
454 >0 string \x03\xc3 2048b
456 >0 string \x03\xc5 2048b
458 >0 string \x03\xd5 2048b
460 >0 string \x03\xae 2048b
462 >0 string \x03\xbe 2048b
464 >0 string \x03\xc0 2048b
466 >0 string \x03\xd0 2048b
468 >0 string \x03\xb4 2048b
470 >0 string \x03\xc4 2048b
472 >0 string \x03\xc6 2048b
474 >0 string \x03\xd6 2048b
476 >0 string \x05X 3072b
478 >0 string \x05k 3072b
480 >0 string \x05{ 3072b
482 >0 string \x05} 3072b
484 >0 string \x05\x8d 3072b
486 >0 string \x05s 3072b
488 >0 string \x05\x83 3072b
490 >0 string \x05\x85 3072b
492 >0 string \x05\x95 3072b
494 >0 string \x05n 3072b
496 >0 string \x05\x7e 3072b
498 >0 string \x05\x80 3072b
500 >0 string \x05\x90 3072b
502 >0 string \x05t 3072b
504 >0 string \x05\x84 3072b
506 >0 string \x05\x86 3072b
508 >0 string \x05\x96 3072b
510 >0 string \x07[ 4096b
512 >0 string \x07\x18 4096b
514 >0 string \x07+ 4096b
516 >0 string \x07; 4096b
518 >0 string \x07= 4096b
520 >0 string \x07M 4096b
522 >0 string \x073 4096b
524 >0 string \x07C 4096b
526 >0 string \x07E 4096b
528 >0 string \x07U 4096b
530 >0 string \x07. 4096b
532 >0 string \x07> 4096b
534 >0 string \x07@ 4096b
536 >0 string \x07P 4096b
538 >0 string \x074 4096b
540 >0 string \x07D 4096b
542 >0 string \x07F 4096b
544 >0 string \x07V 4096b
546 >0 string \x0e[ 8192b
548 >0 string \x0e\x18 8192b
550 >0 string \x0e+ 8192b
552 >0 string \x0e; 8192b
554 >0 string \x0e= 8192b
556 >0 string \x0eM 8192b
558 >0 string \x0e3 8192b
560 >0 string \x0eC 8192b
562 >0 string \x0eE 8192b
564 >0 string \x0eU 8192b
566 >0 string \x0e. 8192b
568 >0 string \x0e> 8192b
570 >0 string \x0e@ 8192b
572 >0 string \x0eP 8192b
574 >0 string \x0e4 8192b
576 >0 string \x0eD 8192b
578 >0 string \x0eF 8192b
580 >0 string \x0eV 8192b
583 # PGP RSA (e=65537) secret (sub-)key header
585 0 byte 0x95 PGP Secret Key -
587 0 byte 0x97 PGP Secret Sub-key -
590 # Update: Joerg Jenderek
591 # secret subkey packet (tag 7) with same structure as secret key packet (tag 5)
592 # skip Fetus.Sys16 CALIBUS.MAIN OrbFix.Sys16.Ex by looking for positive len
594 #>1 ubeshort x \b, body length 0x%x
595 # next packet type often 88h,89h~(tag 2)~Signature Packet
596 #>>(1.S+3) ubyte x \b, next packet type 0x%x
597 # skip Dragon.SHR DEMO.INIT by looking for positive version
599 # skip BUISSON.13 GUITAR1 by looking for low version number
600 >>>3 ubyte <5 PGP Secret Sub-key
601 # sub-key are normally part of secret key. So it does not occur as standalone file
603 # version 2,3~old 4~new . Comment following line for version 5.28 look
606 # old versions 2 or 3 but no real example found
608 # 2 byte for key bits in version 5.28 look
609 >>>>>11 ubeshort x %db
610 >>>>>4 beldate x created on %s -
611 # old versions use 2 additional bytes after time stamp
612 #>>>>>8 ubeshort x 0x%x
613 # display key algorithm 1~RSA Encrypt|Sign - 21~Diffie-Hellman
615 >>>>>(11.S/8) ubequad x
616 # look after first key
620 >>>>>9 ubeshort x %db
621 >>>>>4 beldate x created on %s -
622 # display key algorithm
624 >>>>>(9.S/8) ubequad x
625 # look after first key for something like s2k