1 2#------------------------------------------------------------------------------ 3# $File: pgp,v 1.21 2020/03/20 17:11:05 christos Exp $ 4# pgp: file(1) magic for Pretty Good Privacy 5# see https://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html 6# 7# Update: Joerg Jenderek 8# Note: verified by `gpg -v --debug 0x02 --list-packets < PUBRING263_10.PGP` 9#0 byte 0x99 MAYBE PGP 0x99 100 byte 0x99 11# 99h~10;0110;01~2=old packet type;tag 6=Public-Key Packet;1=two-octet length 12# A two-octet body header encodes packet lengths of 192~00C0h - 8383~20BFh 13#>1 ubeshort x \b, body length 0x%.4x 14# skip Basic.Image Beauty.320 Pic.Icons by looking for low version number 15#>3 ubyte x \b, V=%u 16#>3 ubyte <5 VERSION OK 17>3 ubyte <5 18# next packet type often b4h~(tag 13)~User ID Packet, b0h~(tag 12)~Trust packet 19#>>(1.S+3) ubyte x \b, next packet type 0x%x 20# skip 9900-v4.bin 9902-v4.bin by looking for valid second packet type (bit 7=1) 21#>>(1.S+3) ubyte >0x7F TYPE OK, 22>>(1.S+3) ubyte >0x7F 23# old versions 2,3 implies Pretty Good Privacy 24>>>3 ubyte <4 PGP key public ring (v%u) 25!:mime application/pgp-keys 26!:ext pgp/ASD 27>>>>4 beldate x created %s 28# days that this key is valid. If this number is zero, then it does not expire 29>>>>8 ubeshort >0 \b, %u days valid 30>>>>8 ubeshort =0 \b, not expire 31# display key algorithm 1~RSA (Encrypt or Sign) 32>>>>10 use key_algo 33# Multiprecision Integers (MPI) size 34>>>>11 ubeshort x %u bits 35# MPI 36>>>>13 ubequad x MPI=0x%16.16llx... 37# new version implies Pretty Good Privacy (PGP) >= 5.0 or Gnu Privacy Guard (GPG) 38>>>3 ubyte >3 PGP/GPG key public ring (v%u) 39!:mime application/pgp-keys 40!:ext pgp/gpg/pkr/asd 41>>>>4 beldate x created %s 42# display key algorithm 17~DSA 43>>>>8 use key_algo 44# Multiprecision Integers (MPI) size 45>>>>9 ubeshort x %u bits 46>>>>11 ubequad x MPI=0x%16.16llx... 47 480 beshort 0x9501 PGP key security ring 49!:mime application/x-pgp-keyring 500 beshort 0x9500 PGP key security ring 51!:mime application/x-pgp-keyring 520 beshort 0xa600 PGP encrypted data 53#!:mime application/pgp-encrypted 54#0 string -----BEGIN\040PGP text/PGP armored data 55!:mime text/PGP # encoding: armored data 56#>15 string PUBLIC\040KEY\040BLOCK- public key block 57#>15 string MESSAGE- message 58#>15 string SIGNED\040MESSAGE- signed message 59#>15 string PGP\040SIGNATURE- signature 60 61# Update: Joerg Jenderek 62# URL: http://en.wikipedia.org/wiki/Pretty_Good_Privacy 63# Reference: https://reposcope.com/mimetype/application/pgp-keys 642 string ---BEGIN\040PGP\040PRIVATE\040KEY\040BLOCK- PGP private key block 65#!:mime text/PGP 66!:mime application/pgp-keys 67!:ext asc 682 string ---BEGIN\040PGP\040PUBLIC\040KEY\040BLOCK- PGP public key block 69!:mime application/pgp-keys 70!:ext asc 71>10 search/100 \n\n 72>>&0 use pgp 730 string -----BEGIN\040PGP\040MESSAGE- PGP message 74# https://reposcope.com/mimetype/application/pgp-encrypted 75#!:mime application/pgp 76!:mime application/pgp-encrypted 77!:ext asc 78#!:ext asc/pgp/gpg 79>10 search/100 \n\n 80>>&0 use pgp 81# Reference: https://www.gnupg.org/gph/en/manual/x135.html 820 string -----BEGIN\040PGP\040SIGNED\040MESSAGE- PGP signed message 83#!:mime text/plain 84!:mime text/PGP 85#!:mime application/pgp 86!:ext asc 870 string -----BEGIN\040PGP\040SIGNATURE- PGP signature 88# https://reposcope.com/mimetype/application/pgp-signature 89!:mime application/pgp-signature 90!:ext asc 91>10 search/100 \n\n 92>>&0 use pgp 93 94# Decode the type of the packet based on it's base64 encoding. 95# Idea from Mark Martinec 96# The specification is in RFC 4880, section 4.2 and 4.3: 97# https://tools.ietf.org/html/rfc4880#section-4.2 98 990 name pgp 100>0 byte 0x67 Reserved (old) 101>0 byte 0x68 Public-Key Encrypted Session Key (old) 102>0 byte 0x69 Signature (old) 103>0 byte 0x6a Symmetric-Key Encrypted Session Key (old) 104>0 byte 0x6b One-Pass Signature (old) 105>0 byte 0x6c Secret-Key (old) 106>0 byte 0x6d Public-Key (old) 107>0 byte 0x6e Secret-Subkey (old) 108>0 byte 0x6f Compressed Data (old) 109>0 byte 0x70 Symmetrically Encrypted Data (old) 110>0 byte 0x71 Marker (old) 111>0 byte 0x72 Literal Data (old) 112>0 byte 0x73 Trust (old) 113>0 byte 0x74 User ID (old) 114>0 byte 0x75 Public-Subkey (old) 115>0 byte 0x76 Unused (old) 116>0 byte 0x77 117>>1 byte&0xc0 0x00 Reserved 118>>1 byte&0xc0 0x40 Public-Key Encrypted Session Key 119>>1 byte&0xc0 0x80 Signature 120>>1 byte&0xc0 0xc0 Symmetric-Key Encrypted Session Key 121>0 byte 0x78 122>>1 byte&0xc0 0x00 One-Pass Signature 123>>1 byte&0xc0 0x40 Secret-Key 124>>1 byte&0xc0 0x80 Public-Key 125>>1 byte&0xc0 0xc0 Secret-Subkey 126>0 byte 0x79 127>>1 byte&0xc0 0x00 Compressed Data 128>>1 byte&0xc0 0x40 Symmetrically Encrypted Data 129>>1 byte&0xc0 0x80 Marker 130>>1 byte&0xc0 0xc0 Literal Data 131>0 byte 0x7a 132>>1 byte&0xc0 0x00 Trust 133>>1 byte&0xc0 0x40 User ID 134>>1 byte&0xc0 0x80 Public-Subkey 135>>1 byte&0xc0 0xc0 Unused [z%x] 136>0 byte 0x30 137>>1 byte&0xc0 0x00 Unused [0%x] 138>>1 byte&0xc0 0x40 User Attribute 139>>1 byte&0xc0 0x80 Sym. Encrypted and Integrity Protected Data 140>>1 byte&0xc0 0xc0 Modification Detection Code 141 142# magic signatures to detect PGP crypto material (from stef) 143# detects and extracts metadata from: 144# - symmetric encrypted packet header 145# - RSA (e=65537) secret (sub-)keys 146 147# 1024b RSA encrypted data 148 1490 string \x84\x8c\x03 PGP RSA encrypted session key - 150>3 belong x keyid: %08X 151>7 belong x %08X 152>11 byte 0x01 RSA (Encrypt or Sign) 1024b 153>11 byte 0x02 RSA Encrypt-Only 1024b 154>12 string \x04\x00 155>12 string \x03\xff 156>12 string \x03\xfe 157>12 string \x03\xfd 158>12 string \x03\xfc 159>12 string \x03\xfb 160>12 string \x03\xfa 161>12 string \x03\xf9 162>142 byte 0xd2 . 163 164# 2048b RSA encrypted data 165 1660 string \x85\x01\x0c\x03 PGP RSA encrypted session key - 167>4 belong x keyid: %08X 168>8 belong x %08X 169>12 byte 0x01 RSA (Encrypt or Sign) 2048b 170>12 byte 0x02 RSA Encrypt-Only 2048b 171>13 string \x08\x00 172>13 string \x07\xff 173>13 string \x07\xfe 174>13 string \x07\xfd 175>13 string \x07\xfc 176>13 string \x07\xfb 177>13 string \x07\xfa 178>13 string \x07\xf9 179>271 byte 0xd2 . 180 181# 3072b RSA encrypted data 182 1830 string \x85\x01\x8c\x03 PGP RSA encrypted session key - 184>4 belong x keyid: %08X 185>8 belong x %08X 186>12 byte 0x01 RSA (Encrypt or Sign) 3072b 187>12 byte 0x02 RSA Encrypt-Only 3072b 188>13 string \x0c\x00 189>13 string \x0b\xff 190>13 string \x0b\xfe 191>13 string \x0b\xfd 192>13 string \x0b\xfc 193>13 string \x0b\xfb 194>13 string \x0b\xfa 195>13 string \x0b\xf9 196>399 byte 0xd2 . 197 198# 4096b RSA encrypted data 199 2000 string \x85\x02\x0c\x03 PGP RSA encrypted session key - 201>4 belong x keyid: %08X 202>8 belong x %08X 203>12 byte 0x01 RSA (Encrypt or Sign) 4096b 204>12 byte 0x02 RSA Encrypt-Only 4096b 205>13 string \x10\x00 206>13 string \x0f\xff 207>13 string \x0f\xfe 208>13 string \x0f\xfd 209>13 string \x0f\xfc 210>13 string \x0f\xfb 211>13 string \x0f\xfa 212>13 string \x0f\xf9 213>527 byte 0xd2 . 214 215# 8192b RSA encrypted data 216 2170 string \x85\x04\x0c\x03 PGP RSA encrypted session key - 218>4 belong x keyid: %08X 219>8 belong x %08X 220>12 byte 0x01 RSA (Encrypt or Sign) 8192b 221>12 byte 0x02 RSA Encrypt-Only 8192b 222>13 string \x20\x00 223>13 string \x1f\xff 224>13 string \x1f\xfe 225>13 string \x1f\xfd 226>13 string \x1f\xfc 227>13 string \x1f\xfb 228>13 string \x1f\xfa 229>13 string \x1f\xf9 230>1039 byte 0xd2 . 231 232# 1024b Elgamal encrypted data 233 2340 string \x85\x01\x0e\x03 PGP Elgamal encrypted session key - 235>4 belong x keyid: %08X 236>8 belong x %08X 237>12 byte 0x10 Elgamal Encrypt-Only 1024b. 238>13 string \x04\x00 239>13 string \x03\xff 240>13 string \x03\xfe 241>13 string \x03\xfd 242>13 string \x03\xfc 243>13 string \x03\xfb 244>13 string \x03\xfa 245>13 string \x03\xf9 246 247# 2048b Elgamal encrypted data 248 2490 string \x85\x02\x0e\x03 PGP Elgamal encrypted session key - 250>4 belong x keyid: %08X 251>8 belong x %08X 252>12 byte 0x10 Elgamal Encrypt-Only 2048b. 253>13 string \x08\x00 254>13 string \x07\xff 255>13 string \x07\xfe 256>13 string \x07\xfd 257>13 string \x07\xfc 258>13 string \x07\xfb 259>13 string \x07\xfa 260>13 string \x07\xf9 261 262# 3072b Elgamal encrypted data 263 2640 string \x85\x03\x0e\x03 PGP Elgamal encrypted session key - 265>4 belong x keyid: %08X 266>8 belong x %08X 267>12 byte 0x10 Elgamal Encrypt-Only 3072b. 268>13 string \x0c\x00 269>13 string \x0b\xff 270>13 string \x0b\xfe 271>13 string \x0b\xfd 272>13 string \x0b\xfc 273>13 string \x0b\xfb 274>13 string \x0b\xfa 275>13 string \x0b\xf9 276 277# crypto algo mapper 278 2790 name crypto 280>0 byte 0x00 Plaintext or unencrypted data 281>0 byte 0x01 IDEA 282>0 byte 0x02 TripleDES 283>0 byte 0x03 CAST5 (128 bit key) 284>0 byte 0x04 Blowfish (128 bit key, 16 rounds) 285>0 byte 0x07 AES with 128-bit key 286>0 byte 0x08 AES with 192-bit key 287>0 byte 0x09 AES with 256-bit key 288>0 byte 0x0a Twofish with 256-bit key 289 290# hash algo mapper 291 2920 name hash 293>0 byte 0x01 MD5 294>0 byte 0x02 SHA-1 295>0 byte 0x03 RIPE-MD/160 296>0 byte 0x08 SHA256 297>0 byte 0x09 SHA384 298>0 byte 0x0a SHA512 299>0 byte 0x0b SHA224 300 301# display public key algorithms as human readable text 3020 name key_algo 303>0 byte 0x01 RSA (Encrypt or Sign) 304# keep old look of version 5.28 without parentheses 305>0 byte 0x02 RSA Encrypt-Only 306>0 byte 0x03 RSA (Sign-Only) 307>0 byte 16 ElGamal (Encrypt-Only) 308>0 byte 17 DSA 309>0 byte 18 Elliptic Curve 310>0 byte 19 ECDSA 311>0 byte 20 ElGamal (Encrypt or Sign) 312>0 byte 21 Diffie-Hellman 313>0 default x 314>>0 ubyte <22 unknown (pub %d) 315# this should never happen 316>>0 ubyte >21 invalid (%d) 317 318# pgp symmetric encrypted data 319 3200 byte 0x8c PGP symmetric key encrypted data - 321>1 byte 0x0d 322>1 byte 0x0c 323>2 byte 0x04 324>3 use crypto 325>4 byte 0x01 salted - 326>>5 use hash 327>>14 byte 0xd2 . 328>>14 byte 0xc9 . 329>4 byte 0x03 salted & iterated - 330>>5 use hash 331>>15 byte 0xd2 . 332>>15 byte 0xc9 . 333 334# encrypted keymaterial needs s2k & can be checksummed/hashed 335 3360 name chkcrypto 337>0 use crypto 338>1 byte 0x00 Simple S2K 339>1 byte 0x01 Salted S2K 340>1 byte 0x03 Salted&Iterated S2K 341>2 use hash 342 343# all PGP keys start with this prolog 344# containing version, creation date, and purpose 345 3460 name keyprolog 347>0 byte 0x04 348>1 beldate x created on %s - 349>5 byte 0x01 RSA (Encrypt or Sign) 350>5 byte 0x02 RSA Encrypt-Only 351 352# end of secret keys known signature 353# contains e=65537 and the prolog to 354# the encrypted parameters 355 3560 name keyend 357>0 string \x00\x11\x01\x00\x01 e=65537 358>5 use crypto 359>5 byte 0xff checksummed 360>>6 use chkcrypto 361>5 byte 0xfe hashed 362>>6 use chkcrypto 363 364# PGP secret keys contain also the public parts 365# these vary by bitsize of the key 366 3670 name x1024 368>0 use keyprolog 369>6 string \x03\xfe 370>6 string \x03\xff 371>6 string \x04\x00 372>136 use keyend 373 3740 name x2048 375>0 use keyprolog 376>6 string \x80\x00 377>6 string \x07\xfe 378>6 string \x07\xff 379>264 use keyend 380 3810 name x3072 382>0 use keyprolog 383>6 string \x0b\xfe 384>6 string \x0b\xff 385>6 string \x0c\x00 386>392 use keyend 387 3880 name x4096 389>0 use keyprolog 390>6 string \x10\x00 391>6 string \x0f\xfe 392>6 string \x0f\xff 393>520 use keyend 394 395# \x00|\x1f[\xfe\xff]).{1024})' 3960 name x8192 397>0 use keyprolog 398>6 string \x20\x00 399>6 string \x1f\xfe 400>6 string \x1f\xff 401>1032 use keyend 402 403# depending on the size of the pkt 404# we branch into the proper key size 405# signatures defined as x{keysize} 406 407>0 name pgpkey 408>0 string \x01\xd8 1024b 409>>2 use x1024 410>0 string \x01\xeb 1024b 411>>2 use x1024 412>0 string \x01\xfb 1024b 413>>2 use x1024 414>0 string \x01\xfd 1024b 415>>2 use x1024 416>0 string \x01\xf3 1024b 417>>2 use x1024 418>0 string \x01\xee 1024b 419>>2 use x1024 420>0 string \x01\xfe 1024b 421>>2 use x1024 422>0 string \x01\xf4 1024b 423>>2 use x1024 424>0 string \x02\x0d 1024b 425>>2 use x1024 426>0 string \x02\x03 1024b 427>>2 use x1024 428>0 string \x02\x05 1024b 429>>2 use x1024 430>0 string \x02\x15 1024b 431>>2 use x1024 432>0 string \x02\x00 1024b 433>>2 use x1024 434>0 string \x02\x10 1024b 435>>2 use x1024 436>0 string \x02\x04 1024b 437>>2 use x1024 438>0 string \x02\x06 1024b 439>>2 use x1024 440>0 string \x02\x16 1024b 441>>2 use x1024 442>0 string \x03\x98 2048b 443>>2 use x2048 444>0 string \x03\xab 2048b 445>>2 use x2048 446>0 string \x03\xbb 2048b 447>>2 use x2048 448>0 string \x03\xbd 2048b 449>>2 use x2048 450>0 string \x03\xcd 2048b 451>>2 use x2048 452>0 string \x03\xb3 2048b 453>>2 use x2048 454>0 string \x03\xc3 2048b 455>>2 use x2048 456>0 string \x03\xc5 2048b 457>>2 use x2048 458>0 string \x03\xd5 2048b 459>>2 use x2048 460>0 string \x03\xae 2048b 461>>2 use x2048 462>0 string \x03\xbe 2048b 463>>2 use x2048 464>0 string \x03\xc0 2048b 465>>2 use x2048 466>0 string \x03\xd0 2048b 467>>2 use x2048 468>0 string \x03\xb4 2048b 469>>2 use x2048 470>0 string \x03\xc4 2048b 471>>2 use x2048 472>0 string \x03\xc6 2048b 473>>2 use x2048 474>0 string \x03\xd6 2048b 475>>2 use x2048 476>0 string \x05X 3072b 477>>2 use x3072 478>0 string \x05k 3072b 479>>2 use x3072 480>0 string \x05{ 3072b 481>>2 use x3072 482>0 string \x05} 3072b 483>>2 use x3072 484>0 string \x05\x8d 3072b 485>>2 use x3072 486>0 string \x05s 3072b 487>>2 use x3072 488>0 string \x05\x83 3072b 489>>2 use x3072 490>0 string \x05\x85 3072b 491>>2 use x3072 492>0 string \x05\x95 3072b 493>>2 use x3072 494>0 string \x05n 3072b 495>>2 use x3072 496>0 string \x05\x7e 3072b 497>>2 use x3072 498>0 string \x05\x80 3072b 499>>2 use x3072 500>0 string \x05\x90 3072b 501>>2 use x3072 502>0 string \x05t 3072b 503>>2 use x3072 504>0 string \x05\x84 3072b 505>>2 use x3072 506>0 string \x05\x86 3072b 507>>2 use x3072 508>0 string \x05\x96 3072b 509>>2 use x3072 510>0 string \x07[ 4096b 511>>2 use x4096 512>0 string \x07\x18 4096b 513>>2 use x4096 514>0 string \x07+ 4096b 515>>2 use x4096 516>0 string \x07; 4096b 517>>2 use x4096 518>0 string \x07= 4096b 519>>2 use x4096 520>0 string \x07M 4096b 521>>2 use x4096 522>0 string \x073 4096b 523>>2 use x4096 524>0 string \x07C 4096b 525>>2 use x4096 526>0 string \x07E 4096b 527>>2 use x4096 528>0 string \x07U 4096b 529>>2 use x4096 530>0 string \x07. 4096b 531>>2 use x4096 532>0 string \x07> 4096b 533>>2 use x4096 534>0 string \x07@ 4096b 535>>2 use x4096 536>0 string \x07P 4096b 537>>2 use x4096 538>0 string \x074 4096b 539>>2 use x4096 540>0 string \x07D 4096b 541>>2 use x4096 542>0 string \x07F 4096b 543>>2 use x4096 544>0 string \x07V 4096b 545>>2 use x4096 546>0 string \x0e[ 8192b 547>>2 use x8192 548>0 string \x0e\x18 8192b 549>>2 use x8192 550>0 string \x0e+ 8192b 551>>2 use x8192 552>0 string \x0e; 8192b 553>>2 use x8192 554>0 string \x0e= 8192b 555>>2 use x8192 556>0 string \x0eM 8192b 557>>2 use x8192 558>0 string \x0e3 8192b 559>>2 use x8192 560>0 string \x0eC 8192b 561>>2 use x8192 562>0 string \x0eE 8192b 563>>2 use x8192 564>0 string \x0eU 8192b 565>>2 use x8192 566>0 string \x0e. 8192b 567>>2 use x8192 568>0 string \x0e> 8192b 569>>2 use x8192 570>0 string \x0e@ 8192b 571>>2 use x8192 572>0 string \x0eP 8192b 573>>2 use x8192 574>0 string \x0e4 8192b 575>>2 use x8192 576>0 string \x0eD 8192b 577>>2 use x8192 578>0 string \x0eF 8192b 579>>2 use x8192 580>0 string \x0eV 8192b 581>>2 use x8192 582 583# PGP RSA (e=65537) secret (sub-)key header 584 5850 byte 0x95 PGP Secret Key - 586>1 use pgpkey 5870 byte 0x97 PGP Secret Sub-key - 588>1 use pgpkey 5890 byte 0x9d 590# Update: Joerg Jenderek 591# secret subkey packet (tag 7) with same structure as secret key packet (tag 5) 592# skip Fetus.Sys16 CALIBUS.MAIN OrbFix.Sys16.Ex by looking for positive len 593>1 ubeshort >0 594#>1 ubeshort x \b, body length 0x%x 595# next packet type often 88h,89h~(tag 2)~Signature Packet 596#>>(1.S+3) ubyte x \b, next packet type 0x%x 597# skip Dragon.SHR DEMO.INIT by looking for positive version 598>>3 ubyte >0 599# skip BUISSON.13 GUITAR1 by looking for low version number 600>>>3 ubyte <5 PGP Secret Sub-key 601# sub-key are normally part of secret key. So it does not occur as standalone file 602#!:ext bin 603# version 2,3~old 4~new . Comment following line for version 5.28 look 604>>>>3 ubyte x (v%d) 605>>>>3 ubyte x - 606# old versions 2 or 3 but no real example found 607>>>>3 ubyte <4 608# 2 byte for key bits in version 5.28 look 609>>>>>11 ubeshort x %db 610>>>>>4 beldate x created on %s - 611# old versions use 2 additional bytes after time stamp 612#>>>>>8 ubeshort x 0x%x 613# display key algorithm 1~RSA Encrypt|Sign - 21~Diffie-Hellman 614>>>>>10 use key_algo 615>>>>>(11.S/8) ubequad x 616# look after first key 617>>>>>>&5 use keyend 618# new version 619>>>>3 ubyte >3 620>>>>>9 ubeshort x %db 621>>>>>4 beldate x created on %s - 622# display key algorithm 623>>>>>8 use key_algo 624>>>>>(9.S/8) ubequad x 625# look after first key for something like s2k 626>>>>>>&3 use keyend 627