diff options
author | Christophe Grenier <grenier@cgsecurity.org> | 2008-05-14 21:31:42 +0200 |
---|---|---|
committer | Christophe Grenier <grenier@cgsecurity.org> | 2008-05-14 21:31:42 +0200 |
commit | 3c903300a3fdcebf0028520b705914308117ac6f (patch) | |
tree | 0bffd8d704e7bbc74d7cc0f0c952118add6ffb5e /src/file_gpg.c | |
parent | a5858ff5864d67e556b813ae510630772c00d32b (diff) |
PhotoRec: partial support for GPG/OpenPGP file recovery
Diffstat (limited to 'src/file_gpg.c')
-rw-r--r-- | src/file_gpg.c | 216 |
1 files changed, 216 insertions, 0 deletions
diff --git a/src/file_gpg.c b/src/file_gpg.c new file mode 100644 index 0000000..213daed --- /dev/null +++ b/src/file_gpg.c @@ -0,0 +1,216 @@ +/* + + File: file_gpg.c + + Copyright (C) 2008 Christophe GRENIER <grenier@cgsecurity.org> + + This software is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write the Free Software Foundation, Inc., 51 + Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#ifdef HAVE_STRING_H +#include <string.h> +#endif +#include <stdio.h> +#include "types.h" +#include "common.h" +#include "filegen.h" +#include "log.h" + +static void register_header_check_gpg(file_stat_t *file_stat); +static int header_check_gpg(const unsigned char *buffer, const unsigned int buffer_size, const unsigned int safe_header_only, const file_recovery_t *file_recovery, file_recovery_t *file_recovery_new); +static int data_check_gpg(const unsigned char *buffer, const unsigned int buffer_size, file_recovery_t *file_recovery); +static unsigned int openpgp_packet_tag(const unsigned char *buf); +static unsigned int openpgp_length_type(const unsigned char *buf, unsigned int *length_type); + +const file_hint_t file_hint_gpg= { + .extension="gpg", + .description="OpenPGP (Partial support)", + .min_header_distance=0, + .max_filesize=PHOTOREC_MAX_FILE_SIZE, + .recover=1, + .enable_by_default=1, + .register_header_check=®ister_header_check_gpg +}; + +static const unsigned char gpg_header_pkey_enc[1]= {0x85}; +static const unsigned char gpg_header_seckey[1]= {0x95}; +#if 0 +static const unsigned char gpg_header_pkey[1]= {0x99}; +#endif + +static void register_header_check_gpg(file_stat_t *file_stat) +{ + register_header_check(0, gpg_header_seckey, sizeof(gpg_header_seckey), &header_check_gpg, file_stat); + register_header_check(0, gpg_header_pkey_enc, sizeof(gpg_header_pkey_enc), &header_check_gpg, file_stat); +#if 0 + register_header_check(0, gpg_header_pkey, sizeof(gpg_header_pkey), &header_check_gpg, file_stat); +#endif +} + + +static unsigned int openpgp_packet_tag(const unsigned char *buf) +{ + /* Bit 7 -- Always one */ + if((buf[0]&0x80)==0) + return 0; /* Invalid */ + return ((buf[0]&0x40)==0?((buf[0]>>2)&0x0f):(buf[0]&0x3f)); +} + +static unsigned int openpgp_length_type(const unsigned char *buf, unsigned int *length_type) +{ + /* Bit 7 -- Always one */ + if((buf[0]&0x80)==0) + { + /* Invalid */ + *length_type=0; + return 0; + } + log_debug("%02x %02x %02x %02x %02x %02x", buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]); + if((buf[0]&0x40)==0) + { + /* Old format */ + log_debug(" old_format\n"); + switch(buf[0]&0x3) + { + case 0: + *length_type=2; + return buf[1]; + case 1: + *length_type=3; + return (buf[1] << 8) + buf[2]; + case 2: + *length_type=5; + return (buf[1] << 24) +(buf[2] << 16) + (buf[3] << 8) + buf[4]; + default: + *length_type=1; + return 0; + } + } + log_debug(" new_format\n"); + /* One-Octet Lengths */ + if(buf[1]<=191) + { + *length_type=1; + return buf[1]; + } + /* Two-Octet Lengths */ + if(buf[1]<=223) + { + *length_type=2; + return ((buf[1] - 192) << 8) + buf[2] + 192; + } + /* Five-Octet Lengths */ + if(buf[1]==255) + { + *length_type=5; + return (buf[2] << 24) | (buf[3] << 16) | (buf[4] << 8) | buf[5]; + } + /* Partial Body Lengths */ + *length_type=1; + return 1 << (buf[1]& 0x1F); +} + +static int header_check_gpg(const unsigned char *buffer, const unsigned int buffer_size, const unsigned int safe_header_only, const file_recovery_t *file_recovery, file_recovery_t *file_recovery_new) +{ + unsigned int potential_frame_offset=0; + unsigned int packet_tag[5]; + unsigned int length_type[5]; + unsigned int length[5]; + unsigned int nbr=0; + unsigned int i; + int start_recovery=0; + memset(packet_tag, 0, sizeof(packet_tag)); + memset(length_type, 0, sizeof(length_type)); + memset(length, 0, sizeof(length)); + while(nbr<5 && potential_frame_offset+5< buffer_size) + { + packet_tag[nbr]=openpgp_packet_tag(&buffer[potential_frame_offset]); + if(packet_tag[nbr]==0) /* Reserved */ + break; + length[nbr]=openpgp_length_type(&buffer[potential_frame_offset], &length_type[nbr]); + if(length_type[nbr]==0) + break; /* Don't know how to find the size */ + potential_frame_offset+=length_type[nbr]; + potential_frame_offset+=length[nbr]; + nbr++; + } + if(nbr<2) + return 0; + for(i=0;i<nbr;i++) + { + log_debug("%02u gpg tag %u, size=%u (0x%x - %u)\n", + i, packet_tag[i], length[i], length[i], length_type[i]); + } + /* Public-Key Encrypted Session Key Packet v3 */ + if(buffer[0]==0x85 && buffer[3]==0x03) + { + for(i=1;i<nbr;i++) + { + /* Sym. Encrypted and Integrity Protected Data Packet */ + if(packet_tag[i]==18) + { + start_recovery=1; + break; + } + /* Public-Key Encrypted Session Key Packet */ + else if(packet_tag[i]!=1) + return 0; + } + } + /* Secret-Key Packet v4 followed by User ID Packet */ + if(buffer[0]==0x95 && buffer[3]==0x04 && packet_tag[1]==13) + start_recovery=1; + /* Public-Key Packet + User ID Packet */ +#if 0 + if(buffer[0]==0x99 && packet_tag[1]==13) + start_recovery=1; +#endif + if(start_recovery==0) + return 0; + reset_file_recovery(file_recovery_new); + file_recovery_new->calculated_file_size=0; + file_recovery_new->min_filesize=0; + file_recovery_new->data_check=&data_check_gpg; + file_recovery_new->extension=file_hint_gpg.extension; + //file_recovery_new->file_check=&file_check_size; + return 1; +} + +static int data_check_gpg(const unsigned char *buffer, const unsigned int buffer_size, file_recovery_t *file_recovery) +{ + log_debug("data_check_gpg\n"); + while(file_recovery->calculated_file_size + 6 < file_recovery->file_size + buffer_size/2) + { + unsigned int packet_tag; + unsigned int length_type; + unsigned int length; + unsigned int i=file_recovery->calculated_file_size - file_recovery->file_size + buffer_size/2; + packet_tag=openpgp_packet_tag(&buffer[i]); + if(packet_tag==0) /* Reserved */ + return 2; + length=openpgp_length_type(&buffer[i], &length_type); + if(length_type==0) + return 2; /* Don't know how to find the size */ + log_debug("gpg tag %u, size=%u\n", packet_tag, length); + file_recovery->calculated_file_size+=length_type; + file_recovery->calculated_file_size+=length; + } + return 1; +} + |