summaryrefslogtreecommitdiff
path: root/magic/Magdir/pgp
diff options
context:
space:
mode:
Diffstat (limited to 'magic/Magdir/pgp')
-rw-r--r--magic/Magdir/pgp67
1 files changed, 60 insertions, 7 deletions
diff --git a/magic/Magdir/pgp b/magic/Magdir/pgp
index 95a6766..585475d 100644
--- a/magic/Magdir/pgp
+++ b/magic/Magdir/pgp
@@ -1,6 +1,6 @@
#------------------------------------------------------------------------------
-# $File: pgp,v 1.11 2014/11/11 21:32:38 christos Exp $
+# $File: pgp,v 1.14 2017/03/17 21:35:28 christos Exp $
# pgp: file(1) magic for Pretty Good Privacy
# see http://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html
#
@@ -19,15 +19,15 @@
#>15 string SIGNED\040MESSAGE- signed message
#>15 string PGP\040SIGNATURE- signature
-2 string ---BEGIN\ PGP\ PUBLIC\ KEY\ BLOCK- PGP public key block
+2 string ---BEGIN\040PGP\040PUBLIC\040KEY\040BLOCK- PGP public key block
!:mime application/pgp-keys
>10 search/100 \n\n
>>&0 use pgp
-0 string -----BEGIN\040PGP\40MESSAGE- PGP message
+0 string -----BEGIN\040PGP\040MESSAGE- PGP message
!:mime application/pgp
>10 search/100 \n\n
>>&0 use pgp
-0 string -----BEGIN\040PGP\40SIGNATURE- PGP signature
+0 string -----BEGIN\040PGP\040SIGNATURE- PGP signature
!:mime application/pgp-signature
>10 search/100 \n\n
>>&0 use pgp
@@ -77,7 +77,7 @@
>0 byte 0x30
>>1 byte&0xc0 0x00 Unused [0%x]
>>1 byte&0xc0 0x40 User Attribute
->>1 byte&0xc0 0x80 Sym. Encrypted and Integrity Protected Data
+>>1 byte&0xc0 0x80 Sym. Encrypted and Integrity Protected Data
>>1 byte&0xc0 0xc0 Modification Detection Code
# magic signatures to detect PGP crypto material (from stef)
@@ -194,6 +194,23 @@
>0 byte 0x0a SHA512
>0 byte 0x0b SHA224
+# display public key algorithms as human readable text
+0 name key_algo
+>0 byte 0x01 RSA (Encrypt or Sign)
+# keep old look of version 5.28 without parentheses
+>0 byte 0x02 RSA Encrypt-Only
+>0 byte 0x03 RSA (Sign-Only)
+>0 byte 16 ElGamal (Encrypt-Only)
+>0 byte 17 DSA
+>0 byte 18 Elliptic Curve
+>0 byte 19 ECDSA
+>0 byte 20 ElGamal (Encrypt or Sign)
+>0 byte 21 Diffie-Hellman
+>0 default x
+>>0 ubyte <22 unknown (pub %d)
+# this should never happen
+>>0 ubyte >21 invalid (%d)
+
# pgp symmetric encrypted data
0 byte 0x8c PGP symmetric key encrypted data -
@@ -465,5 +482,41 @@
>1 use pgpkey
0 byte 0x97 PGP Secret Sub-key -
>1 use pgpkey
-0 byte 0x9d PGP Secret Sub-key -
->1 use pgpkey
+0 byte 0x9d
+# Update: Joerg Jenderek
+# secret subkey packet (tag 7) with same structure as secret key packet (tag 5)
+# skip Fetus.Sys16 CALIBUS.MAIN OrbFix.Sys16.Ex by looking for positive len
+>1 ubeshort >0
+#>1 ubeshort x \b, body length 0x%x
+# next packet type often 88h,89h~(tag 2)~Signature Packet
+#>>(1.S+3) ubyte x \b, next packet type 0x%x
+# skip Dragon.SHR DEMO.INIT by looking for positive version
+>>3 ubyte >0
+# skip BUISSON.13 GUITAR1 by looking for low version number
+>>>3 ubyte <5 PGP Secret Sub-key
+# sub-key are normally part of secret key. So it does not occur as standalone file
+#!:ext bin
+# version 2,3~old 4~new . Comment following line for version 5.28 look
+>>>>3 ubyte x (v%d)
+>>>>3 ubyte x -
+# old versions 2 or 3 but no real example found
+>>>>3 ubyte <4
+# 2 byte for key bits in version 5.28 look
+>>>>>11 ubeshort x %db
+>>>>>4 beldate x created on %s -
+# old versions use 2 additional bytes after time stamp
+#>>>>>8 ubeshort x 0x%x
+# display key algorithm 1~RSA Encrypt|Sign - 21~Diffie-Hellman
+>>>>>10 use key_algo
+>>>>>(11.S/8) ubequad x
+# look after first key
+>>>>>>&5 use keyend
+# new version
+>>>>3 ubyte >3
+>>>>>9 ubeshort x %db
+>>>>>4 beldate x created on %s -
+# display key algorithm
+>>>>>8 use key_algo
+>>>>>(9.S/8) ubequad x
+# look after first key for something like s2k
+>>>>>>&3 use keyend
View Lorry Controller Status