summaryrefslogtreecommitdiffstats
path: root/src/file_gpg.c
diff options
context:
space:
mode:
authorChristophe Grenier <grenier@cgsecurity.org>2008-05-14 21:31:42 +0200
committerChristophe Grenier <grenier@cgsecurity.org>2008-05-14 21:31:42 +0200
commit3c903300a3fdcebf0028520b705914308117ac6f (patch)
tree0bffd8d704e7bbc74d7cc0f0c952118add6ffb5e /src/file_gpg.c
parenta5858ff5864d67e556b813ae510630772c00d32b (diff)
PhotoRec: partial support for GPG/OpenPGP file recovery
Diffstat (limited to 'src/file_gpg.c')
-rw-r--r--src/file_gpg.c216
1 files changed, 216 insertions, 0 deletions
diff --git a/src/file_gpg.c b/src/file_gpg.c
new file mode 100644
index 0000000..213daed
--- /dev/null
+++ b/src/file_gpg.c
@@ -0,0 +1,216 @@
+/*
+
+ File: file_gpg.c
+
+ Copyright (C) 2008 Christophe GRENIER <grenier@cgsecurity.org>
+
+ This software is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write the Free Software Foundation, Inc., 51
+ Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#ifdef HAVE_STRING_H
+#include <string.h>
+#endif
+#include <stdio.h>
+#include "types.h"
+#include "common.h"
+#include "filegen.h"
+#include "log.h"
+
+static void register_header_check_gpg(file_stat_t *file_stat);
+static int header_check_gpg(const unsigned char *buffer, const unsigned int buffer_size, const unsigned int safe_header_only, const file_recovery_t *file_recovery, file_recovery_t *file_recovery_new);
+static int data_check_gpg(const unsigned char *buffer, const unsigned int buffer_size, file_recovery_t *file_recovery);
+static unsigned int openpgp_packet_tag(const unsigned char *buf);
+static unsigned int openpgp_length_type(const unsigned char *buf, unsigned int *length_type);
+
+const file_hint_t file_hint_gpg= {
+ .extension="gpg",
+ .description="OpenPGP (Partial support)",
+ .min_header_distance=0,
+ .max_filesize=PHOTOREC_MAX_FILE_SIZE,
+ .recover=1,
+ .enable_by_default=1,
+ .register_header_check=&register_header_check_gpg
+};
+
+static const unsigned char gpg_header_pkey_enc[1]= {0x85};
+static const unsigned char gpg_header_seckey[1]= {0x95};
+#if 0
+static const unsigned char gpg_header_pkey[1]= {0x99};
+#endif
+
+static void register_header_check_gpg(file_stat_t *file_stat)
+{
+ register_header_check(0, gpg_header_seckey, sizeof(gpg_header_seckey), &header_check_gpg, file_stat);
+ register_header_check(0, gpg_header_pkey_enc, sizeof(gpg_header_pkey_enc), &header_check_gpg, file_stat);
+#if 0
+ register_header_check(0, gpg_header_pkey, sizeof(gpg_header_pkey), &header_check_gpg, file_stat);
+#endif
+}
+
+
+static unsigned int openpgp_packet_tag(const unsigned char *buf)
+{
+ /* Bit 7 -- Always one */
+ if((buf[0]&0x80)==0)
+ return 0; /* Invalid */
+ return ((buf[0]&0x40)==0?((buf[0]>>2)&0x0f):(buf[0]&0x3f));
+}
+
+static unsigned int openpgp_length_type(const unsigned char *buf, unsigned int *length_type)
+{
+ /* Bit 7 -- Always one */
+ if((buf[0]&0x80)==0)
+ {
+ /* Invalid */
+ *length_type=0;
+ return 0;
+ }
+ log_debug("%02x %02x %02x %02x %02x %02x", buf[0], buf[1], buf[2], buf[3], buf[4], buf[5]);
+ if((buf[0]&0x40)==0)
+ {
+ /* Old format */
+ log_debug(" old_format\n");
+ switch(buf[0]&0x3)
+ {
+ case 0:
+ *length_type=2;
+ return buf[1];
+ case 1:
+ *length_type=3;
+ return (buf[1] << 8) + buf[2];
+ case 2:
+ *length_type=5;
+ return (buf[1] << 24) +(buf[2] << 16) + (buf[3] << 8) + buf[4];
+ default:
+ *length_type=1;
+ return 0;
+ }
+ }
+ log_debug(" new_format\n");
+ /* One-Octet Lengths */
+ if(buf[1]<=191)
+ {
+ *length_type=1;
+ return buf[1];
+ }
+ /* Two-Octet Lengths */
+ if(buf[1]<=223)
+ {
+ *length_type=2;
+ return ((buf[1] - 192) << 8) + buf[2] + 192;
+ }
+ /* Five-Octet Lengths */
+ if(buf[1]==255)
+ {
+ *length_type=5;
+ return (buf[2] << 24) | (buf[3] << 16) | (buf[4] << 8) | buf[5];
+ }
+ /* Partial Body Lengths */
+ *length_type=1;
+ return 1 << (buf[1]& 0x1F);
+}
+
+static int header_check_gpg(const unsigned char *buffer, const unsigned int buffer_size, const unsigned int safe_header_only, const file_recovery_t *file_recovery, file_recovery_t *file_recovery_new)
+{
+ unsigned int potential_frame_offset=0;
+ unsigned int packet_tag[5];
+ unsigned int length_type[5];
+ unsigned int length[5];
+ unsigned int nbr=0;
+ unsigned int i;
+ int start_recovery=0;
+ memset(packet_tag, 0, sizeof(packet_tag));
+ memset(length_type, 0, sizeof(length_type));
+ memset(length, 0, sizeof(length));
+ while(nbr<5 && potential_frame_offset+5< buffer_size)
+ {
+ packet_tag[nbr]=openpgp_packet_tag(&buffer[potential_frame_offset]);
+ if(packet_tag[nbr]==0) /* Reserved */
+ break;
+ length[nbr]=openpgp_length_type(&buffer[potential_frame_offset], &length_type[nbr]);
+ if(length_type[nbr]==0)
+ break; /* Don't know how to find the size */
+ potential_frame_offset+=length_type[nbr];
+ potential_frame_offset+=length[nbr];
+ nbr++;
+ }
+ if(nbr<2)
+ return 0;
+ for(i=0;i<nbr;i++)
+ {
+ log_debug("%02u gpg tag %u, size=%u (0x%x - %u)\n",
+ i, packet_tag[i], length[i], length[i], length_type[i]);
+ }
+ /* Public-Key Encrypted Session Key Packet v3 */
+ if(buffer[0]==0x85 && buffer[3]==0x03)
+ {
+ for(i=1;i<nbr;i++)
+ {
+ /* Sym. Encrypted and Integrity Protected Data Packet */
+ if(packet_tag[i]==18)
+ {
+ start_recovery=1;
+ break;
+ }
+ /* Public-Key Encrypted Session Key Packet */
+ else if(packet_tag[i]!=1)
+ return 0;
+ }
+ }
+ /* Secret-Key Packet v4 followed by User ID Packet */
+ if(buffer[0]==0x95 && buffer[3]==0x04 && packet_tag[1]==13)
+ start_recovery=1;
+ /* Public-Key Packet + User ID Packet */
+#if 0
+ if(buffer[0]==0x99 && packet_tag[1]==13)
+ start_recovery=1;
+#endif
+ if(start_recovery==0)
+ return 0;
+ reset_file_recovery(file_recovery_new);
+ file_recovery_new->calculated_file_size=0;
+ file_recovery_new->min_filesize=0;
+ file_recovery_new->data_check=&data_check_gpg;
+ file_recovery_new->extension=file_hint_gpg.extension;
+ //file_recovery_new->file_check=&file_check_size;
+ return 1;
+}
+
+static int data_check_gpg(const unsigned char *buffer, const unsigned int buffer_size, file_recovery_t *file_recovery)
+{
+ log_debug("data_check_gpg\n");
+ while(file_recovery->calculated_file_size + 6 < file_recovery->file_size + buffer_size/2)
+ {
+ unsigned int packet_tag;
+ unsigned int length_type;
+ unsigned int length;
+ unsigned int i=file_recovery->calculated_file_size - file_recovery->file_size + buffer_size/2;
+ packet_tag=openpgp_packet_tag(&buffer[i]);
+ if(packet_tag==0) /* Reserved */
+ return 2;
+ length=openpgp_length_type(&buffer[i], &length_type);
+ if(length_type==0)
+ return 2; /* Don't know how to find the size */
+ log_debug("gpg tag %u, size=%u\n", packet_tag, length);
+ file_recovery->calculated_file_size+=length_type;
+ file_recovery->calculated_file_size+=length;
+ }
+ return 1;
+}
+