openpgp.scm 43 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089
  1. ;; -*- mode: scheme; coding: utf-8 -*-
  2. ;; Copyright © 2010, 2012 Göran Weinholt <goran@weinholt.se>
  3. ;; Copyright © 2020 Ludovic Courtès <ludo@gnu.org>
  4. ;; Permission is hereby granted, free of charge, to any person obtaining a
  5. ;; copy of this software and associated documentation files (the "Software"),
  6. ;; to deal in the Software without restriction, including without limitation
  7. ;; the rights to use, copy, modify, merge, publish, distribute, sublicense,
  8. ;; and/or sell copies of the Software, and to permit persons to whom the
  9. ;; Software is furnished to do so, subject to the following conditions:
  10. ;; The above copyright notice and this permission notice shall be included in
  11. ;; all copies or substantial portions of the Software.
  12. ;; THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  13. ;; IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  14. ;; FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
  15. ;; THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  16. ;; LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
  17. ;; FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
  18. ;; DEALINGS IN THE SOFTWARE.
  19. ;;; This code was originally written by Göran Weinholt for Industria and
  20. ;;; released under the Expat license shown above. It was then modified by
  21. ;;; Ludovic Courtès for use in GNU Guix: turned into a native Guile module,
  22. ;;; ported to Guile-Gcrypt, and extended and simplified in other ways.
  23. (define-module (guix openpgp)
  24. #:export (get-openpgp-detached-signature/ascii
  25. (get-packet . get-openpgp-packet)
  26. verify-openpgp-signature
  27. port-ascii-armored?
  28. openpgp-error?
  29. openpgp-unrecognized-packet-error?
  30. openpgp-unrecognized-packet-error-port
  31. openpgp-unrecognized-packet-error-type
  32. openpgp-invalid-signature-error?
  33. openpgp-invalid-signature-error-port
  34. openpgp-signature?
  35. openpgp-signature-issuer-key-id
  36. openpgp-signature-issuer-fingerprint
  37. openpgp-signature-public-key-algorithm
  38. openpgp-signature-hash-algorithm
  39. openpgp-signature-creation-time
  40. openpgp-signature-expiration-time
  41. openpgp-user-id?
  42. openpgp-user-id-value
  43. openpgp-user-attribute?
  44. openpgp-public-key?
  45. openpgp-public-key-subkey?
  46. openpgp-public-key-value
  47. openpgp-public-key-fingerprint openpgp-format-fingerprint
  48. openpgp-public-key-id
  49. openpgp-keyring?
  50. %empty-keyring
  51. lookup-key-by-id
  52. lookup-key-by-fingerprint
  53. get-openpgp-keyring
  54. read-radix-64
  55. string->openpgp-packet)
  56. #:use-module (rnrs bytevectors)
  57. #:use-module (rnrs io ports)
  58. #:use-module (srfi srfi-1)
  59. #:use-module (srfi srfi-9)
  60. #:use-module (srfi srfi-11)
  61. #:use-module (srfi srfi-19)
  62. #:use-module (srfi srfi-26)
  63. #:use-module (srfi srfi-34)
  64. #:use-module (srfi srfi-35)
  65. #:use-module (srfi srfi-60)
  66. #:use-module (ice-9 match)
  67. #:use-module ((ice-9 rdelim) #:select (read-line))
  68. #:use-module (ice-9 vlist)
  69. #:use-module (gcrypt hash)
  70. #:use-module (gcrypt pk-crypto)
  71. #:use-module (gcrypt base64)
  72. #:use-module (gcrypt base16)
  73. #:use-module ((guix build utils) #:select (dump-port)))
  74. ;;; Commentary:
  75. ;;;
  76. ;;; This module contains code to read OpenPGP messages as described in
  77. ;;; <https://tools.ietf.org/html/rfc4880>, with extensions from
  78. ;;; <https://tools.ietf.org/html/draft-ietf-openpgp-rfc4880bis-06> (notably
  79. ;;; EdDSA support and extra signature sub-packets).
  80. ;;;
  81. ;;; Currently this module does enough to verify detached signatures of binary
  82. ;;; data. It does _not_ perform sanity checks on self-signatures, subkey
  83. ;;; binding signatures, etc., among others. Use only in a context where this
  84. ;;; limitations are acceptable!
  85. ;;;
  86. ;;; Code:
  87. (define-syntax print
  88. (syntax-rules ()
  89. ;; ((_ args ...) (pk 'openpgp args))
  90. ((_ args ...) (values))))
  91. (define-syntax-rule (define-alias new old)
  92. (define-syntax new (identifier-syntax old)))
  93. (define-alias fx+ +)
  94. (define-alias fx- -)
  95. (define-alias fx* *)
  96. (define-alias fx/ /)
  97. (define-alias fxdiv quotient)
  98. (define-alias fxand logand)
  99. (define-inlinable (fxbit-set? n index) (bit-set? index n))
  100. (define-alias fxbit-field bit-field)
  101. (define-alias bitwise-bit-field bit-field)
  102. (define-alias fxarithmetic-shift-left ash)
  103. (define-inlinable (fxarithmetic-shift-right i n) (ash i (- n)))
  104. (define-inlinable (port-eof? port) (eof-object? (lookahead-u8 port)))
  105. (define (string-hex-pad str)
  106. (if (odd? (string-length str))
  107. (string-append "0" str)
  108. str))
  109. (define (unixtime n)
  110. (time-monotonic->date (make-time 'time-monotonic 0 n)))
  111. ;; Root of the error hierarchy.
  112. (define-condition-type &openpgp-error &error
  113. openpgp-error?)
  114. ;; Error raised when reading an unsupported or unrecognized packet tag.
  115. (define-condition-type &openpgp-unrecognized-packet-error &openpgp-error
  116. openpgp-unrecognized-packet-error?
  117. (type openpgp-unrecognized-packet-error-type)
  118. (port openpgp-unrecognized-packet-error-port))
  119. ;; Error raised when reading an invalid signature packet.
  120. (define-condition-type &openpgp-invalid-signature-error &openpgp-error
  121. openpgp-invalid-signature-error?
  122. (port openpgp-invalid-signature-error-port))
  123. ;;;
  124. ;;; Bitwise I/O.
  125. ;;;
  126. ;;; TODO: Use Bytestructures instead.
  127. ;;;
  128. (define-syntax-rule (integer-read size)
  129. (lambda (port)
  130. "Read from PORT a big-endian integer of SIZE bytes. Return the EOF object
  131. on end-of-file."
  132. (let ((buf (make-bytevector size)))
  133. (match (get-bytevector-n! port buf 0 size)
  134. (size (bytevector-uint-ref buf 0 (endianness big) size))
  135. (_ (eof-object))))))
  136. (define get-u16 (integer-read 2))
  137. (define get-u32 (integer-read 4))
  138. (define get-u64 (integer-read 8))
  139. (define-syntax get-integers
  140. (syntax-rules ()
  141. "Read from PORT integers of the given TYPE, in big endian encoding. Each
  142. TYPE must be one of u8, u16, u32, u64, or _, as in this example:
  143. (get-integers port u8 _ _ _ u32 u16)
  144. In the case of _ (wildcard), one byte is read and discarded. Return as many
  145. values as there are TYPEs."
  146. ((_ port type ...)
  147. (letrec-syntax ((get-integer (syntax-rules (u8 u16 u32 u64)
  148. ((x u8) (get-u8 port))
  149. ((x u16) (get-u16 port))
  150. ((x u32) (get-u32 port))
  151. ((x u64) (get-u64 port))))
  152. (values* (syntax-rules (_)
  153. ((x (result (... ...)))
  154. (values result (... ...)))
  155. ((x (result (... ...)) _ rest (... ...))
  156. (let ((x (get-u8 port)))
  157. (values* (result (... ...))
  158. rest (... ...))))
  159. ((x (result (... ...)) t rest (... ...))
  160. (let ((x (get-integer t)))
  161. (values* (result (... ...) x)
  162. rest (... ...)))))))
  163. (values* () type ...)))))
  164. (define (bytevector->uint bv)
  165. (bytevector-uint-ref bv 0 (endianness big)
  166. (bytevector-length bv)))
  167. (define-syntax-rule (integer-write size)
  168. (lambda (port integer)
  169. "Write INTEGER to PORT as a SIZE-byte integer and as big endian."
  170. (let ((bv (make-bytevector size)))
  171. (bytevector-uint-set! bv 0 integer (endianness big) size)
  172. (put-bytevector port bv))))
  173. (define put-u16 (integer-write 2))
  174. (define put-u32 (integer-write 4))
  175. (define put-u64 (integer-write 8))
  176. (define-syntax put-integers
  177. (syntax-rules ()
  178. "Write the given integers as big endian to PORT. For example:
  179. (put-integers port u8 42 u32 #x7777)
  180. writes to PORT the value 42 as an 8-bit integer and the value #x7777 as a
  181. 32-bit integer."
  182. ((_ port)
  183. #t)
  184. ((_ port type value rest ...)
  185. (let-syntax ((put (syntax-rules (u8 u16 u32 u64)
  186. ((_ u8 port integer)
  187. (put-u8 port integer))
  188. ((_ u16 port integer)
  189. (put-u16 port integer))
  190. ((_ u32 port integer)
  191. (put-u32 port integer))
  192. ((_ u64 port integer)
  193. (put-u64 port integer)))))
  194. (begin
  195. (put type port value)
  196. (put-integers port rest ...))))))
  197. (define-syntax-rule (integers->bytevector type value rest ...)
  198. "Return the the TYPE/VALUE integers representation as a bytevector."
  199. (let-values (((port get) (open-bytevector-output-port)))
  200. (put-integers port type value rest ...)
  201. (force-output port)
  202. (get)))
  203. (define (bytevector->bitnames bv names)
  204. (define (bit-set? bv i)
  205. (let ((idx (fxarithmetic-shift-right i 3))
  206. (bit (fxand i #b111)))
  207. (and (< idx (bytevector-length bv))
  208. (fxbit-set? (bytevector-u8-ref bv idx) bit))))
  209. (do ((names names (cdr names))
  210. (i 0 (fx+ i 1))
  211. (bits '()
  212. (if (bit-set? bv i)
  213. (cons (car names) bits)
  214. bits)))
  215. ((null? names) (reverse bits))))
  216. (define (openpgp-format-fingerprint bv)
  217. "Return a string representing BV, a bytevector, in the conventional OpenPGP
  218. hexadecimal format for fingerprints."
  219. (define (h i)
  220. (string-pad (string-upcase
  221. (number->string
  222. (bytevector-u16-ref bv (* i 2) (endianness big))
  223. 16))
  224. 4 #\0))
  225. (string-append (h 0) " " (h 1) " " (h 2) " " (h 3) " " (h 4)
  226. " "
  227. (h 5) " " (h 6) " " (h 7) " " (h 8) " " (h 9)))
  228. ;;; Constants
  229. (define PACKET-SESSION-KEY 1)
  230. (define PACKET-SIGNATURE 2)
  231. (define PACKET-SYMMETRIC-SESSION-KEY 3)
  232. (define PACKET-ONE-PASS-SIGNATURE 4)
  233. (define PACKET-SECRET-KEY 5)
  234. (define PACKET-PUBLIC-KEY 6)
  235. (define PACKET-SECRET-SUBKEY 7)
  236. (define PACKET-COMPRESSED-DATA 8)
  237. (define PACKET-SYMMETRIC-ENCRYPTED-DATA 9)
  238. (define PACKET-MARKER 10)
  239. (define PACKET-LITERAL-DATA 11)
  240. (define PACKET-TRUST 12)
  241. (define PACKET-USER-ID 13)
  242. (define PACKET-PUBLIC-SUBKEY 14)
  243. (define PACKET-USER-ATTRIBUTE 17)
  244. (define PACKET-SYMMETRIC-ENCRYPTED/PROTECTED-DATA 18)
  245. (define PACKET-MDC 19)
  246. (define PUBLIC-KEY-RSA 1)
  247. (define PUBLIC-KEY-RSA-ENCRYPT-ONLY 2)
  248. (define PUBLIC-KEY-RSA-SIGN-ONLY 3)
  249. (define PUBLIC-KEY-ELGAMAL-ENCRYPT-ONLY 16)
  250. (define PUBLIC-KEY-DSA 17)
  251. (define PUBLIC-KEY-ECDH 18) ;RFC-6637
  252. (define PUBLIC-KEY-ECDSA 19) ;RFC-6639
  253. (define PUBLIC-KEY-ELGAMAL 20) ;encrypt + sign (legacy)
  254. (define PUBLIC-KEY-EDDSA 22) ;"not yet assigned" says GPG
  255. (define (public-key-algorithm id)
  256. (cond ((= id PUBLIC-KEY-RSA) 'rsa)
  257. ((= id PUBLIC-KEY-DSA) 'dsa)
  258. ((= id PUBLIC-KEY-ELGAMAL-ENCRYPT-ONLY) 'elgamal)
  259. ((= id PUBLIC-KEY-EDDSA) 'eddsa)
  260. (else id)))
  261. (define SYMMETRIC-KEY-PLAINTEXT 0)
  262. (define SYMMETRIC-KEY-IDEA 1)
  263. (define SYMMETRIC-KEY-TRIPLE-DES 2)
  264. (define SYMMETRIC-KEY-CAST5-128 3)
  265. (define SYMMETRIC-KEY-BLOWFISH-128 4)
  266. (define SYMMETRIC-KEY-AES-128 7)
  267. (define SYMMETRIC-KEY-AES-192 8)
  268. (define SYMMETRIC-KEY-AES-256 9)
  269. (define SYMMETRIC-KEY-TWOFISH-256 10)
  270. (define SYMMETRIC-KEY-CAMELLIA-128 11) ;RFC-5581
  271. (define SYMMETRIC-KEY-CAMELLIA-192 12)
  272. (define SYMMETRIC-KEY-CAMELLIA-256 13)
  273. (define (symmetric-key-algorithm id)
  274. (cond ((= id SYMMETRIC-KEY-PLAINTEXT) 'plaintext)
  275. ((= id SYMMETRIC-KEY-IDEA) 'idea)
  276. ((= id SYMMETRIC-KEY-TRIPLE-DES) 'tdea)
  277. ((= id SYMMETRIC-KEY-CAST5-128) 'cast5-128)
  278. ((= id SYMMETRIC-KEY-BLOWFISH-128) 'blowfish-128)
  279. ((= id SYMMETRIC-KEY-AES-128) 'aes-128)
  280. ((= id SYMMETRIC-KEY-AES-192) 'aes-192)
  281. ((= id SYMMETRIC-KEY-AES-256) 'aes-256)
  282. ((= id SYMMETRIC-KEY-TWOFISH-256) 'twofish-256)
  283. (else id)))
  284. (define HASH-MD5 1)
  285. (define HASH-SHA-1 2)
  286. (define HASH-RIPE-MD160 3)
  287. (define HASH-SHA-256 8)
  288. (define HASH-SHA-384 9)
  289. (define HASH-SHA-512 10)
  290. (define HASH-SHA-224 11)
  291. (define (openpgp-hash-algorithm id signature-port)
  292. (cond ((= id HASH-MD5) 'md5)
  293. ((= id HASH-SHA-1) 'sha1)
  294. ((= id HASH-RIPE-MD160) 'rmd160)
  295. ((= id HASH-SHA-256) 'sha256)
  296. ((= id HASH-SHA-384) 'sha384)
  297. ((= id HASH-SHA-512) 'sha512)
  298. ((= id HASH-SHA-224) 'sha224)
  299. (else
  300. (raise (condition
  301. (&openpgp-invalid-signature-error (port signature-port)))))))
  302. (define COMPRESSION-UNCOMPRESSED 0)
  303. (define COMPRESSION-ZIP 1) ;deflate
  304. (define COMPRESSION-ZLIB 2)
  305. (define COMPRESSION-BZIP2 3)
  306. (define (compression-algorithm id)
  307. (cond ((= id COMPRESSION-UNCOMPRESSED) 'uncompressed)
  308. ((= id COMPRESSION-ZIP) 'deflate)
  309. ((= id COMPRESSION-ZLIB) 'zlib)
  310. ((= id COMPRESSION-BZIP2) 'bzip2)
  311. (else id)))
  312. (define SUBPACKET-SIGNATURE-CTIME 2)
  313. (define SUBPACKET-SIGNATURE-ETIME 3)
  314. ;; 4 = Exportable Certification
  315. (define SUBPACKET-TRUST-SIGNATURE 5)
  316. ;; 6 = Regular Expression
  317. (define SUBPACKET-REVOCABLE 7)
  318. (define SUBPACKET-KEY-ETIME 9)
  319. (define SUBPACKET-PREFERRED-SYMMETRIC-ALGORITHMS 11)
  320. ;; 12 = Revocation Key
  321. (define SUBPACKET-ISSUER 16)
  322. (define SUBPACKET-NOTATION-DATA 20)
  323. (define SUBPACKET-PREFERRED-HASH-ALGORITHMS 21)
  324. (define SUBPACKET-PREFERRED-COMPRESSION-ALGORITHMS 22)
  325. (define SUBPACKET-KEY-SERVER-PREFERENCES 23)
  326. (define SUBPACKET-PREFERRED-KEY-SERVER 24)
  327. (define SUBPACKET-PRIMARY-USER-ID 25)
  328. (define SUBPACKET-POLICY-URI 26)
  329. (define SUBPACKET-KEY-FLAGS 27)
  330. (define SUBPACKET-SIGNER-USER-ID 28)
  331. (define SUBPACKET-REASON-FOR-REVOCATION 29)
  332. (define SUBPACKET-FEATURES 30)
  333. ;; 31 = Signature Target
  334. (define SUBPACKET-EMBEDDED-SIGNATURE 32)
  335. (define SUBPACKET-ISSUER-FINGERPRINT 33) ;defined in RFC4880bis
  336. (define SIGNATURE-BINARY #x00)
  337. (define SIGNATURE-TEXT #x01)
  338. (define SIGNATURE-STANDALONE #x02)
  339. (define SIGNATURE-GENERIC-CERT #x10)
  340. (define SIGNATURE-PERSONA-CERT #x11)
  341. (define SIGNATURE-CASUAL-CERT #x12)
  342. (define SIGNATURE-POSITIVE-CERT #x13)
  343. (define SIGNATURE-SUBKEY-BINDING #x18)
  344. (define SIGNATURE-PRIMARY-KEY-BINDING #x19)
  345. (define SIGNATURE-DIRECT #x1f)
  346. (define SIGNATURE-KEY-REVOCATION #x20)
  347. (define SIGNATURE-SUBKEY-REVOCATION #x28)
  348. (define SIGNATURE-CERT-REVOCATION #x30)
  349. (define SIGNATURE-TIMESTAMP #x40)
  350. (define SIGNATURE-THIRD-PARTY #x50)
  351. ;;; Parsing
  352. ;; Look at the tag byte and see if it looks reasonable, if it does
  353. ;; then the file is likely not armored. Does not move the port
  354. ;; position.
  355. (define (port-ascii-armored? p)
  356. (let ((tag (lookahead-u8 p)))
  357. (cond ((eof-object? tag) #f)
  358. ((not (fxbit-set? tag 7)) #t)
  359. (else
  360. (let ((type (if (fxbit-set? tag 6)
  361. (fxbit-field tag 0 6)
  362. (fxbit-field tag 2 6))))
  363. (not (<= PACKET-SESSION-KEY type PACKET-MDC)))))))
  364. (define (get-mpi/bytevector p)
  365. (let* ((bitlen (get-u16 p))
  366. (bytelen (fxdiv (fx+ bitlen 7) 8)))
  367. (get-bytevector-n p bytelen)))
  368. (define (get-mpi p)
  369. (bytevector->uint (get-mpi/bytevector p)))
  370. (define (get-v4-length p)
  371. ;; TODO: indeterminate length (only for data packets)
  372. (let ((o1 (get-u8 p)))
  373. (cond ((< o1 192) o1)
  374. ((< o1 255)
  375. (+ (fxarithmetic-shift-left (fx- o1 192) 8)
  376. (get-u8 p)
  377. 192))
  378. ((= o1 255)
  379. (get-u32 p)))))
  380. (define (get-packet p)
  381. (if (port-eof? p)
  382. (eof-object)
  383. (get-packet* p get-data)))
  384. (define (get-packet* p get-data)
  385. (let ((tag (get-u8 p)))
  386. ;; (unless (fxbit-set? tag 7) (error 'get-packet "Invalid tag" tag))
  387. (cond ((fxbit-set? tag 6) ;New packet format
  388. (let ((tag (fxbit-field tag 0 6))
  389. (len (get-v4-length p)))
  390. (get-data p tag len)))
  391. (else ;Old packet format
  392. (let ((tag (fxbit-field tag 2 6))
  393. (len (case (fxbit-field tag 0 2)
  394. ((0) (get-u8 p))
  395. ((1) (get-u16 p))
  396. ((2) (get-u32 p))
  397. ((3) #f))))
  398. (get-data p tag len))))))
  399. (define (get-data p tag len)
  400. (let ((pp (if len
  401. (open-bytevector-input-port (get-bytevector-n p len))
  402. p))) ;indeterminate length
  403. (cond
  404. ((= tag PACKET-SIGNATURE)
  405. (get-signature pp))
  406. ((= tag PACKET-PUBLIC-KEY)
  407. (get-public-key pp #f))
  408. ((= tag PACKET-TRUST)
  409. 'openpgp-trust) ;XXX: non-standard format?
  410. ((= tag PACKET-USER-ID)
  411. (get-user-id pp len))
  412. ((= tag PACKET-PUBLIC-SUBKEY)
  413. (get-public-key pp #t))
  414. ((= tag PACKET-USER-ATTRIBUTE)
  415. (get-user-attribute pp len))
  416. ((= tag PACKET-ONE-PASS-SIGNATURE)
  417. 'one-pass-signature) ;TODO: implement
  418. (else
  419. (raise (condition (&openpgp-unrecognized-packet-error (type tag)
  420. (port p))))))))
  421. (define-record-type <openpgp-public-key>
  422. (make-openpgp-public-key version subkey? time value fingerprint)
  423. openpgp-public-key?
  424. (version openpgp-public-key-version)
  425. (subkey? openpgp-public-key-subkey?)
  426. (time openpgp-public-key-time)
  427. (value openpgp-public-key-value)
  428. (fingerprint openpgp-public-key-fingerprint))
  429. ;;; Signatures
  430. (define-record-type <openpgp-signature>
  431. (make-openpgp-signature version type pk-algorithm hash-algorithm hashl16
  432. append-data hashed-subpackets unhashed-subpackets
  433. value issuer issuer-fingerprint)
  434. openpgp-signature?
  435. (version openpgp-signature-version)
  436. (type openpgp-signature-type)
  437. (pk-algorithm openpgp-signature-public-key-algorithm)
  438. (hash-algorithm openpgp-signature-hash-algorithm)
  439. (hashl16 openpgp-signature-hashl16) ;left 16 bits of signed hash
  440. (append-data openpgp-signature-append-data) ;append to data when hashing
  441. (hashed-subpackets openpgp-signature-hashed-subpackets)
  442. (unhashed-subpackets openpgp-signature-unhashed-subpackets)
  443. (value openpgp-signature-value)
  444. (issuer openpgp-signature-issuer-key-id) ;integer | #f
  445. (issuer-fingerprint openpgp-signature-issuer-fingerprint)) ;bytevector | #f
  446. (define (openpgp-signature-creation-time sig)
  447. (cond ((assq 'signature-ctime (openpgp-signature-hashed-subpackets sig))
  448. => (lambda (x) (unixtime (cdr x))))
  449. ;; XXX: should be an error?
  450. (else #f)))
  451. (define (openpgp-signature-expiration-time sig)
  452. (cond ((assq 'signature-etime (openpgp-signature-hashed-subpackets sig))
  453. => (lambda (x)
  454. (unixtime (+ (cdr x)
  455. (openpgp-signature-creation-time sig)))))
  456. (else #f)))
  457. (define (get-openpgp-detached-signature/ascii port)
  458. "Read from PORT an ASCII-armored detached signature. Return an
  459. <openpgp-signature> record or the end-of-file object. Raise an error if the
  460. data read from PORT does is invalid or does not correspond to a detached
  461. signature."
  462. (let-values (((data type) (read-radix-64 port)))
  463. (cond ((eof-object? data) data)
  464. ((string=? type "PGP SIGNATURE")
  465. (get-packet (open-bytevector-input-port data)))
  466. (else
  467. (print "expected PGP SIGNATURE" type)
  468. (raise (condition
  469. (&openpgp-invalid-signature-error (port port))))))))
  470. (define (verify-openpgp-signature sig keyring dataport)
  471. "Verify that the data read from DATAPORT matches SIG, an
  472. <openpgp-signature>. Fetch the public key of the issuer of SIG from KEYRING,
  473. a keyring as returned by 'get-openpgp-keyring'. Return two values: a status
  474. symbol, such as 'bad-signature or 'missing-key, and additional info, such as
  475. the issuer's OpenPGP public key extracted from KEYRING."
  476. (define (check key sig)
  477. (let*-values (((hash-algorithm) (lookup-hash-algorithm
  478. (openpgp-signature-hash-algorithm sig)))
  479. ((port get-hash) (open-hash-port hash-algorithm)))
  480. (dump-port dataport port)
  481. ;; As per RFC4880 Section 5.2.4 ("Computing Signatures"), hash some of
  482. ;; the fields from the signature packet.
  483. (for-each (cut put-bytevector port <>)
  484. (openpgp-signature-append-data sig))
  485. (close-port port)
  486. (let* ((signature (openpgp-signature-value sig))
  487. (public-key (openpgp-public-key-value key))
  488. (hash (get-hash))
  489. (key-type (key-type public-key))
  490. (data
  491. ;; See "(gcrypt) Cryptographic Functions".
  492. (sexp->canonical-sexp
  493. (if (eq? key-type 'ecc)
  494. `(data
  495. (flags eddsa)
  496. (hash-algo sha512)
  497. (value ,hash))
  498. `(data
  499. (flags ,(match key-type
  500. ('rsa 'pkcs1)
  501. ('dsa 'rfc6979)))
  502. (hash ,(hash-algorithm-name hash-algorithm)
  503. ,hash))))))
  504. (values (if (verify signature data public-key)
  505. 'good-signature
  506. 'bad-signature)
  507. key))))
  508. ;; TODO: Support SIGNATURE-TEXT.
  509. (if (= (openpgp-signature-type sig) SIGNATURE-BINARY)
  510. (let* ((id (openpgp-signature-issuer-key-id sig))
  511. (fingerprint (openpgp-signature-issuer-fingerprint sig))
  512. (key (if fingerprint
  513. (lookup-key-by-fingerprint keyring fingerprint)
  514. (lookup-key-by-id keyring id))))
  515. (if key
  516. (check key sig)
  517. (values 'missing-key (or fingerprint id))))
  518. (values 'unsupported-signature sig)))
  519. (define (key-id-matches-fingerprint? key-id fingerprint)
  520. "Return true if KEY-ID, a number, corresponds to the low 8 bytes of
  521. FINGERPRINT, a bytevector."
  522. (let* ((len (bytevector-length fingerprint))
  523. (low (make-bytevector 8)))
  524. (bytevector-copy! fingerprint (- len 8) low 0 8)
  525. (= (bytevector->uint low) key-id)))
  526. (define (get-signature p)
  527. (define (->hex n)
  528. (string-hex-pad (number->string n 16)))
  529. (define (get-sig p pkalg)
  530. (cond ((= pkalg PUBLIC-KEY-RSA)
  531. (print "RSA signature")
  532. (string->canonical-sexp
  533. (format #f "(sig-val (rsa (s #~a#)))"
  534. (->hex (get-mpi p)))))
  535. ((= pkalg PUBLIC-KEY-DSA)
  536. (print "DSA signature")
  537. (let ((r (get-mpi p)) (s (get-mpi p)))
  538. (string->canonical-sexp
  539. (format #f "(sig-val (dsa (r #~a#) (s #~a#)))"
  540. (->hex r) (->hex s)))))
  541. ((= pkalg PUBLIC-KEY-EDDSA)
  542. (print "EdDSA signature")
  543. (let ((r (get-mpi/bytevector p))
  544. (s (get-mpi/bytevector p)))
  545. ;; XXX: 'verify' fails down the road with GPG_ERR_INV_LENGTH if
  546. ;; we provide a 31-byte R or S below, hence the second argument
  547. ;; to '->hex' ensuring the MPIs are represented as two-byte
  548. ;; multiples, with leading zeros.
  549. (define (bytevector->hex bv)
  550. (let ((str (bytevector->base16-string bv)))
  551. (if (odd? (bytevector-length bv))
  552. (string-append "00" str)
  553. str)))
  554. (string->canonical-sexp
  555. (format #f "(sig-val (eddsa (r #~a#) (s #~a#)))"
  556. (bytevector->hex r) (bytevector->hex s)))))
  557. (else
  558. (list 'unsupported-algorithm
  559. (public-key-algorithm pkalg)
  560. (get-bytevector-all p)))))
  561. (let ((version (get-u8 p)))
  562. (case version
  563. ((3)
  564. (let-values (((hmlen type ctime keyid pkalg halg hashl16)
  565. (get-integers p u8 u8 u32 u64 u8 u8 u16)))
  566. (unless (= hmlen 5)
  567. (raise (condition
  568. (&openpgp-invalid-signature-error (port p)))))
  569. (print "Signature type: " type " creation time: " (unixtime ctime))
  570. (print "Hash algorithm: " (openpgp-hash-algorithm halg p))
  571. (let ((value (get-sig p pkalg)))
  572. (unless (port-eof? p)
  573. (print "Trailing data in signature: " (get-bytevector-all p)))
  574. (make-openpgp-signature version type
  575. (public-key-algorithm pkalg)
  576. (openpgp-hash-algorithm halg p) hashl16
  577. (list (integers->bytevector u8 type
  578. u32 ctime))
  579. ;; Emulate hashed subpackets
  580. (list (cons 'signature-ctime ctime))
  581. ;; Unhashed subpackets
  582. (list (cons 'issuer keyid))
  583. value
  584. keyid #f))))
  585. ((4)
  586. (let*-values (((type pkalg halg) (get-integers p u8 u8 u8))
  587. ((hashed-subpackets)
  588. (get-bytevector-n p (get-u16 p)))
  589. ((unhashed-subpackets)
  590. (get-bytevector-n p (get-u16 p)))
  591. ((hashl16) (get-u16 p)))
  592. (print "Signature type: " type)
  593. (print "Hash algorithm: " (openpgp-hash-algorithm halg p))
  594. (let ((value (get-sig p pkalg)))
  595. (unless (port-eof? p)
  596. (print "Trailing data in signature: " (get-bytevector-all p)))
  597. (let* ((subpacket-len (bytevector-length hashed-subpackets))
  598. (append-data
  599. (list
  600. (integers->bytevector u8 version
  601. u8 type
  602. u8 pkalg
  603. u8 halg
  604. u16 subpacket-len)
  605. hashed-subpackets
  606. ;; http://www.rfc-editor.org/errata_search.php?rfc=4880
  607. ;; Errata ID: 2214.
  608. (integers->bytevector u8 #x04
  609. u8 #xff
  610. u32 (+ 6 subpacket-len))))
  611. (unhashed-subpackets
  612. (parse-subpackets unhashed-subpackets p))
  613. (hashed-subpackets (parse-subpackets hashed-subpackets p))
  614. (subpackets (append hashed-subpackets
  615. unhashed-subpackets))
  616. (issuer-key-id (assoc-ref subpackets 'issuer))
  617. (issuer (assoc-ref subpackets
  618. 'issuer-fingerprint)))
  619. (unless (or (not issuer) (not issuer-key-id)
  620. (key-id-matches-fingerprint? issuer-key-id issuer))
  621. (print "issuer key id does not match fingerprint"
  622. issuer-key-id issuer)
  623. (raise (condition
  624. (&openpgp-invalid-signature-error (port p)))))
  625. (make-openpgp-signature version type
  626. (public-key-algorithm pkalg)
  627. (openpgp-hash-algorithm halg p)
  628. hashl16
  629. append-data
  630. hashed-subpackets
  631. unhashed-subpackets
  632. value
  633. issuer-key-id issuer)))))
  634. (else
  635. (print "Unsupported signature version: " version)
  636. 'unsupported-signature-version))))
  637. (define (parse-subpackets bv signature-port)
  638. (define (parse tag data)
  639. (let ((type (fxbit-field tag 0 7))
  640. (critical? (fxbit-set? tag 7)))
  641. (cond
  642. ((= type SUBPACKET-SIGNATURE-CTIME)
  643. (cons 'signature-ctime
  644. (bytevector-u32-ref data 0 (endianness big))))
  645. ((= type SUBPACKET-SIGNATURE-ETIME)
  646. (cons 'signature-etime
  647. (bytevector-u32-ref data 0 (endianness big))))
  648. ((= type SUBPACKET-TRUST-SIGNATURE)
  649. (cons 'trust-signature
  650. (bytevector-u8-ref data 0)))
  651. ((= type SUBPACKET-REVOCABLE)
  652. (cons 'revocable
  653. (= (bytevector-u8-ref data 0) 1)))
  654. ((= type SUBPACKET-KEY-ETIME)
  655. (cons 'key-etime
  656. (bytevector-u32-ref data 0 (endianness big))))
  657. ((= type SUBPACKET-PREFERRED-SYMMETRIC-ALGORITHMS)
  658. (cons 'preferred-symmetric-algorithms
  659. (map symmetric-key-algorithm (bytevector->u8-list data))))
  660. ((= type SUBPACKET-ISSUER)
  661. (cons 'issuer
  662. (bytevector-u64-ref data 0 (endianness big))))
  663. ((= type SUBPACKET-ISSUER-FINGERPRINT) ;v4+ only, RFC4880bis
  664. (cons 'issuer-fingerprint
  665. (let* ((version (bytevector-u8-ref data 0))
  666. (len (match version (4 20) (5 32)) )
  667. (fingerprint (make-bytevector len)))
  668. (bytevector-copy! data 1 fingerprint 0 len)
  669. fingerprint)))
  670. ((= type SUBPACKET-NOTATION-DATA)
  671. (let ((p (open-bytevector-input-port data)))
  672. (let-values (((f1 nlen vlen)
  673. (get-integers p u8 _ _ _ u16 u16)))
  674. (let* ((name (get-bytevector-n p nlen))
  675. (value (get-bytevector-n p vlen)))
  676. (cons 'notation-data
  677. (list (utf8->string name)
  678. (if (fxbit-set? f1 7)
  679. (utf8->string value)
  680. value)))))))
  681. ((= type SUBPACKET-PREFERRED-HASH-ALGORITHMS)
  682. (cons 'preferred-hash-algorithms
  683. (map (cut openpgp-hash-algorithm <> signature-port)
  684. (bytevector->u8-list data))))
  685. ((= type SUBPACKET-PREFERRED-COMPRESSION-ALGORITHMS)
  686. (cons 'preferred-compression-algorithms
  687. (map compression-algorithm (bytevector->u8-list data))))
  688. ((= type SUBPACKET-KEY-SERVER-PREFERENCES)
  689. (cons 'key-server-preferences
  690. (if (and (>= (bytevector-length data) 1)
  691. (fxbit-set? (bytevector-u8-ref data 0) 7))
  692. (list 'no-modify)
  693. (list))))
  694. ((= type SUBPACKET-PREFERRED-KEY-SERVER)
  695. (cons 'preferred-key-server (utf8->string data)))
  696. ((= type SUBPACKET-PRIMARY-USER-ID)
  697. (cons 'primary-user-id (not (zero? (bytevector-u8-ref data 0)))))
  698. ((= type SUBPACKET-POLICY-URI)
  699. (cons 'policy-uri (utf8->string data)))
  700. ((= type SUBPACKET-KEY-FLAGS)
  701. (cons 'key-flags (bytevector->bitnames
  702. data
  703. '(certification sign-data
  704. communications-encryption
  705. storage-encryption
  706. split-key authentication
  707. group-key))))
  708. ((= type SUBPACKET-SIGNER-USER-ID)
  709. (cons 'signer-user-id (utf8->string data)))
  710. ((= type SUBPACKET-REASON-FOR-REVOCATION)
  711. (let* ((p (open-bytevector-input-port data))
  712. (revocation-code (get-u8 p)))
  713. (cons 'reason-for-revocation
  714. (list revocation-code
  715. (if (port-eof? p)
  716. ""
  717. (utf8->string (get-bytevector-all p)))))))
  718. ((= type SUBPACKET-FEATURES)
  719. (cons 'features (bytevector->bitnames
  720. data '(modification-detection))))
  721. ((= type SUBPACKET-EMBEDDED-SIGNATURE)
  722. (cons 'embedded-signature
  723. (get-signature (open-bytevector-input-port data))))
  724. (else
  725. ;; Unknown subpacket type. If it is critical, then the signature
  726. ;; should be considered invalid.
  727. (print "Unknown subpacket type: " type)
  728. (if critical?
  729. (raise (condition
  730. (&openpgp-unrecognized-packet-error
  731. (type type)
  732. (port signature-port))))
  733. (list 'unsupported-subpacket type data))))))
  734. (let ((p (open-bytevector-input-port bv)))
  735. (let lp ((subpackets '()))
  736. ;; In case of multiple subpackets of the same type, the last
  737. ;; one should be used. Therefore the list is not reversed
  738. ;; here.
  739. (if (port-eof? p)
  740. (reverse subpackets)
  741. (let* ((len (- (get-v4-length p) 1))
  742. (tag (get-u8 p))
  743. (sp (parse tag (get-bytevector-n p len))))
  744. (print "#;Subpacket " sp)
  745. (lp (cons sp subpackets)))))))
  746. ;;; Public keys
  747. (define (openpgp-public-key-id k)
  748. (let ((bv (openpgp-public-key-fingerprint k)))
  749. (bytevector-u64-ref bv
  750. (- (bytevector-length bv) 8)
  751. (endianness big))))
  752. (define (get-public-key p subkey?)
  753. (define (fingerprint p)
  754. (let ((len (port-position p)))
  755. (set-port-position! p 0)
  756. (let-values (((sha1-port get)
  757. (open-hash-port (hash-algorithm sha1))))
  758. (put-u8 sha1-port #x99)
  759. (put-u16 sha1-port len)
  760. (dump-port p sha1-port)
  761. (close-port sha1-port)
  762. (get))))
  763. (define (get-key p alg)
  764. (define (->hex n)
  765. (string-hex-pad (number->string n 16)))
  766. (cond ((= alg PUBLIC-KEY-RSA)
  767. (print "Public RSA key")
  768. (let* ((n (get-mpi p)) (e (get-mpi p)))
  769. (string->canonical-sexp
  770. (format #f "(public-key (rsa (n #~a#) (e #~a#)))"
  771. (->hex n) (->hex e)))))
  772. ((= alg PUBLIC-KEY-DSA)
  773. (print "Public DSA key")
  774. (let* ((p* (get-mpi p)) (q (get-mpi p))
  775. (g (get-mpi p)) (y (get-mpi p)))
  776. (string->canonical-sexp
  777. (format #f "(public-key (dsa (p #~a#)(q #~a#)(g #~a#)(y #~a#)))"
  778. (->hex p*) (->hex q) (->hex g) (->hex y)))))
  779. #;
  780. ((= alg PUBLIC-KEY-ELGAMAL-ENCRYPT-ONLY) ; ; ; ;
  781. (print "Public El-Gamal Key") ; ; ; ;
  782. (let* ((p* (get-mpi p)) (g (get-mpi p)) (y (get-mpi p))) ; ; ; ;
  783. (make-public-elgamal-key p* g y)))
  784. ((= alg PUBLIC-KEY-EDDSA)
  785. ;; See
  786. ;; <https://tools.ietf.org/html/draft-koch-eddsa-for-openpgp-04>
  787. ;; and openpgp-oid.c in GnuPG.
  788. (print "Public EdDSA key")
  789. (let* ((len (get-u8 p))
  790. (oid (bytevector->uint (get-bytevector-n p len)))
  791. (q (get-mpi p)))
  792. (define curve
  793. (match oid
  794. (#x2b06010401da470f01 'Ed25519)
  795. (#x2b060104019755010501 'Curve25519)))
  796. (string->canonical-sexp
  797. (format #f "(public-key (ecc (curve ~a)(flags ~a)(q #~a#)))"
  798. curve
  799. (if (eq? curve 'Curve25519) 'djb-tweak 'eddsa)
  800. (->hex q)))))
  801. (else
  802. (list 'unsupported-algorithm ;FIXME: throw
  803. (public-key-algorithm alg)
  804. (get-bytevector-all p)))))
  805. (let ((version (get-u8 p)))
  806. (case version
  807. ((4)
  808. (let-values (((ctime alg) (get-integers p u32 u8)))
  809. (print "Key creation time: " (unixtime ctime))
  810. (let ((key (get-key p alg)))
  811. (unless (port-eof? p)
  812. ;; Probably an error? Gonna cause trouble anyway.
  813. (print "Trailing data in public key: " (get-bytevector-all p)))
  814. (let ((digest (fingerprint p)))
  815. (make-openpgp-public-key version subkey? ctime key
  816. digest)))))
  817. (else
  818. (print "Unsupported public key version: " version)
  819. 'unsupported-public-key-version))))
  820. (define (openpgp-public-key-primary? key)
  821. (and (openpgp-public-key? key)
  822. (not (openpgp-public-key-subkey? key))))
  823. ;;; User IDs and User attributes
  824. (define-record-type <openpgp-user-id>
  825. (make-openpgp-user-id value unparsed)
  826. openpgp-user-id?
  827. (value openpgp-user-id-value)
  828. (unparsed openpgp-user-id-unparsed))
  829. (define (get-user-id p len)
  830. (let ((unparsed (get-bytevector-n p len)))
  831. (make-openpgp-user-id (utf8->string unparsed) unparsed)))
  832. (define-record-type <openpgp-user-attribute>
  833. (make-openpgp-user-attribute unparsed)
  834. openpgp-user-attribute?
  835. (unparsed openpgp-user-attribute-unparsed))
  836. (define (get-user-attribute p len)
  837. (let ((bv (get-bytevector-n p len)))
  838. ;; TODO: bv contains subpackets. Type 1 is JFIF.
  839. (make-openpgp-user-attribute bv)))
  840. ;;; Keyring management
  841. (define-record-type <openpgp-keyring>
  842. (openpgp-keyring ids fingerprints)
  843. openpgp-keyring?
  844. (ids openpgp-keyring-ids) ;vhash mapping key id to packets
  845. (fingerprints openpgp-keyring-fingerprints)) ;mapping fingerprint to packets
  846. (define* (keyring-insert key keyring #:optional (packets '()))
  847. "Insert the KEY/PACKETS association into KEYRING and return the resulting
  848. keyring. PACKETS typically contains KEY, an <openpgp-public-key>, alongside
  849. with additional <openpgp-public-key> records for sub-keys, <openpgp-user-id>
  850. records, and so on."
  851. (openpgp-keyring (vhash-consv (openpgp-public-key-id key)
  852. (cons key packets)
  853. (openpgp-keyring-ids keyring))
  854. (vhash-cons (openpgp-public-key-fingerprint key)
  855. (cons key packets)
  856. (openpgp-keyring-fingerprints keyring))))
  857. (define (lookup-key-by-id keyring id)
  858. "Return two values: the first key with ID in KEYRING, and a list of
  859. associated packets (user IDs, signatures, etc.). Return #f and the empty list
  860. of ID was not found. ID must be the 64-bit key ID of the key, an integer."
  861. (match (vhash-assv id (openpgp-keyring-ids keyring))
  862. ((_ key packets ...) (values key packets))
  863. (#f (values #f '()))))
  864. (define (lookup-key-by-fingerprint keyring fingerprint)
  865. "Return two values: the key with FINGERPRINT in KEYRING, and a list of
  866. associated packets (user IDs, signatures, etc.). Return #f and the empty list
  867. of FINGERPRINT was not found. FINGERPRINT must be a bytevector."
  868. (match (vhash-assoc fingerprint (openpgp-keyring-fingerprints keyring))
  869. ((_ key packets ...) (values key packets))
  870. (#f (values #f '()))))
  871. ;; Reads a keyring from the binary input port p. It must not be
  872. ;; ASCII armored.
  873. (define %empty-keyring
  874. ;; The empty keyring.
  875. (openpgp-keyring vlist-null vlist-null))
  876. (define* (get-openpgp-keyring port
  877. #:optional (keyring %empty-keyring)
  878. #:key (limit -1))
  879. "Read from PORT an OpenPGP keyring in binary format; return a keyring based
  880. on all the OpenPGP primary keys that were read. The returned keyring
  881. complements KEYRING. LIMIT is the maximum number of keys to read, or -1 if
  882. there is no limit."
  883. (let lp ((pkt (get-packet port))
  884. (limit limit)
  885. (keyring keyring))
  886. (print "#;key " pkt)
  887. (cond ((or (zero? limit) (eof-object? pkt))
  888. keyring)
  889. ((openpgp-public-key-primary? pkt)
  890. ;; Read signatures, user id's, subkeys
  891. (let lp* ((pkt (get-packet port))
  892. (pkts (list pkt))
  893. (keys (list pkt)))
  894. (print "#;keydata " pkt)
  895. (cond ((or (eof-object? pkt)
  896. (eq? pkt 'unsupported-public-key-version)
  897. (openpgp-public-key-primary? pkt))
  898. ;; KEYRING is indexed by key-id. Key ids for both the
  899. ;; primary key and subkeys all point to the list of
  900. ;; packets.
  901. (lp pkt
  902. (- limit 1)
  903. (fold (cute keyring-insert <> <> (reverse pkts))
  904. keyring keys)))
  905. ((openpgp-public-key? pkt) ;subkey
  906. (lp* (get-packet port) (cons pkt pkts)
  907. (cons pkt keys)))
  908. (else
  909. (lp* (get-packet port) (cons pkt pkts) keys)))))
  910. (else
  911. ;; Skip until there's a primary key. Ignore errors...
  912. (lp (get-packet port) limit keyring)))))
  913. ;;;
  914. ;;; Radix-64 (RFC4880).
  915. ;;;
  916. (define (crc24 bv)
  917. "Compute a CRC24 as described in RFC4880, Section 6.1."
  918. ;; We used to have it implemented in Scheme but the C version here makes
  919. ;; 'load-keyring-from-reference' 18% faster when loading the 72
  920. ;; ASCII-armored files of today's Guix keyring.
  921. (bytevector->uint (bytevector-hash bv (hash-algorithm crc24-rfc2440))))
  922. (define %begin-block-prefix "-----BEGIN ")
  923. (define %begin-block-suffix "-----")
  924. (define %end-block-prefix "-----END ")
  925. (define %end-block-suffix "-----")
  926. (define (read-radix-64 port)
  927. "Read from PORT an ASCII-armored Radix-64 stream, decode it, and return the
  928. result as a bytevector as well as the type, a string such as \"PGP MESSAGE\".
  929. Return #f if PORT does not contain a valid Radix-64 stream, and the
  930. end-of-file object if the Radix-64 sequence was truncated."
  931. ;; This is the same as 'get-delimited-base64', except that it implements the
  932. ;; CRC24 check.
  933. (define (skip-headers port)
  934. ;; Skip the Radix-64 "armor headers".
  935. (match (read-line port)
  936. ((? eof-object? eof) eof)
  937. ((= string-trim-both "") "")
  938. (_ (skip-headers port))))
  939. (let ((line (string-trim-right (read-line port))))
  940. (if (and (string-prefix? %begin-block-prefix line)
  941. (string-suffix? %begin-block-suffix line))
  942. (let* ((kind (string-drop-right
  943. (string-drop line (string-length %begin-block-prefix))
  944. (string-length %begin-block-suffix)))
  945. (end (string-append %end-block-prefix kind
  946. %end-block-suffix)))
  947. (skip-headers port)
  948. (let loop ((lines '()))
  949. (let ((line (read-line port)))
  950. (match line
  951. ((? eof-object? eof)
  952. (values eof kind))
  953. ((= string-trim-both "")
  954. (loop lines))
  955. ((= string-trim-both str)
  956. (if (string=? str end)
  957. (match lines
  958. ((crc lines ...)
  959. ;; The last line should be the CRC, starting with an
  960. ;; "=" sign.
  961. (let ((crc (and (string-prefix? "=" crc)
  962. (base64-decode (string-drop crc 1))))
  963. (data (base64-decode
  964. (string-concatenate-reverse lines))))
  965. (if (and crc (= (bytevector->uint crc) (crc24 data)))
  966. (values data kind)
  967. (values #f kind))))
  968. (_
  969. (values #f kind)))
  970. (loop (cons str lines))))))))
  971. (values #f #f))))
  972. (define (string->openpgp-packet str)
  973. "Read STR, an ASCII-armored OpenPGP packet, and return the corresponding
  974. OpenPGP record."
  975. (get-packet
  976. (open-bytevector-input-port (call-with-input-string str read-radix-64))))