diff options
| author | Christos Zoulas <christos@zoulas.com> | 2016-10-07 20:22:12 +0000 |
|---|---|---|
| committer | Christos Zoulas <christos@zoulas.com> | 2016-10-07 20:22:12 +0000 |
| commit | 749845496e8a8ca8cafe030d3989d62488bb12e1 (patch) | |
| tree | 3231bdd31aeb4ff992ecf22cb57d334695724584 | |
| parent | c52f5df893e0cef025debbb2deb8c54c4980a167 (diff) | |
| download | file-git-749845496e8a8ca8cafe030d3989d62488bb12e1.tar.gz | |
improve pgp magic (Joerg Jenderek)
| -rw-r--r-- | magic/Magdir/pgp | 59 |
1 files changed, 56 insertions, 3 deletions
diff --git a/magic/Magdir/pgp b/magic/Magdir/pgp index 95a67660..6e685fcf 100644 --- a/magic/Magdir/pgp +++ b/magic/Magdir/pgp @@ -1,6 +1,6 @@ #------------------------------------------------------------------------------ -# $File: pgp,v 1.11 2014/11/11 21:32:38 christos Exp $ +# $File: pgp,v 1.12 2016/10/07 20:22:12 christos Exp $ # pgp: file(1) magic for Pretty Good Privacy # see http://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html # @@ -194,6 +194,23 @@ >0 byte 0x0a SHA512 >0 byte 0x0b SHA224 +# display public key algorithms as human readable text +0 name key_algo +>0 byte 0x01 RSA (Encrypt or Sign) +# keep old look of version 5.28 without parentheses +>0 byte 0x02 RSA Encrypt-Only +>0 byte 0x03 RSA (Sign-Only) +>0 byte 16 ElGamal (Encrypt-Only) +>0 byte 17 DSA +>0 byte 18 Elliptic Curve +>0 byte 19 ECDSA +>0 byte 20 ElGamal (Encrypt or Sign) +>0 byte 21 Diffie-Hellman +>0 default x +>>0 ubyte <22 unknown (pub %d) +# this should never happen +>>0 ubyte >21 invalid (%d) + # pgp symmetric encrypted data 0 byte 0x8c PGP symmetric key encrypted data - @@ -465,5 +482,41 @@ >1 use pgpkey 0 byte 0x97 PGP Secret Sub-key - >1 use pgpkey -0 byte 0x9d PGP Secret Sub-key - ->1 use pgpkey +0 byte 0x9d +# Update: Joerg Jenderek +# secret subkey packet (tag 7) with same structure as secret key packet (tag 5) +# skip Fetus.Sys16 CALIBUS.MAIN OrbFix.Sys16.Ex by looking for positive len +>1 ubeshort >0 +#>1 ubeshort x \b, body length 0x%x +# next packet type often 88h,89h~(tag 2)~Signature Packet +#>>(1.S+3) ubyte x \b, next packet type 0x%x +# skip Dragon.SHR DEMO.INIT by looking for positive version +>>3 ubyte >0 +# skip BUISSON.13 GUITAR1 by looking for low version number +>>>3 ubyte <5 PGP Secret Sub-key +# sub-key are normally part of secret key. So it does not occur as standalone file +#!:ext bin +# version 2,3~old 4~new . Comment following line for version 5.28 look +>>>>3 ubyte x (v%d) +>>>>3 ubyte x - +# old versions 2 or 3 but no real example found +>>>>3 ubyte <4 +# 2 byte for key bits in version 5.28 look +>>>>>11 ubeshort x %db +>>>>>4 beldate x created on %s - +# old versions use 2 additional bytes after time stamp +#>>>>>8 ubeshort x 0x%x +# display key algorithm 1~RSA Encrypt|Sign - 21~Diffie-Hellman +>>>>>10 use key_algo +>>>>>(11.S/8) ubequad x +# look after first key +>>>>>>&5 use keyend +# new version +>>>>3 ubyte >3 +>>>>>9 ubeshort x %db +>>>>>4 beldate x created on %s - +# display key algorithm +>>>>>8 use key_algo +>>>>>(9.S/8) ubequad x +# look after first key for something like s2k +>>>>>>&3 use keyend |