LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Need to analyze a GPG payload
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 10-29-2009, 06:03 PM   #1
jgombos
Member
 
Registered: Jul 2003
Posts: 256

Rep: Reputation: 32
Need to analyze a GPG payload

I used to know a webpage that would give all detail about a gpg key or message, such as algorithm used and key id, after pasting the ascii armored payload into the textbox.

Now I can't find the webpage again. Anyone know of a page or tool capable of this?
 
Old 10-31-2009, 05:26 AM   #2
neonsignal
Senior Member
 
Registered: Jan 2005
Location: Melbourne, Australia
Distribution: Debian Squeeze (Fluxbox WM)
Posts: 1,324
Blog Entries: 43

Rep: Reputation: 331Reputation: 331Reputation: 331Reputation: 331
There is a javascript one at hanewin.net but it doesn't seem to work in my browser.
 
Old 10-31-2009, 07:22 PM   #3
abefroman
Senior Member
 
Registered: Feb 2004
Location: Chicago
Distribution: CentOS w/Cpanel
Posts: 1,122

Rep: Reputation: 51
Doesn't work for me either, I just got:
function getkey() { var pu = new getPublicKey(document.t.pubkey.value); if (pu.vers == -1) { return; } document.t.vers.value = pu.vers; document.t.user.value = pu.user; document.t.keyfp.value = pu.fp; document.t.keyid.value = pu.keyid; var pubkey = pu.pkey.replace(/\n/g, ""); document.t.pktype.value = pu.type; document.t.pkey.value = pubkey; }

Here is the javascript he is using though:
Code:
/* OpenPGP public key extraction
 * Copyright 2005 Herbert Hanewinkel, www.haneWIN.de
 * version 1.1, check www.haneWIN.de for the latest version

 * This software is provided as-is, without express or implied warranty.  
 * Permission to use, copy, modify, distribute or sell this software, with or
 * without fee, for any purpose and by any individual or organization, is hereby
 * granted, provided that the above copyright notice and this paragraph appear 
 * in all copies. Distribution as a part of an application or binary must
 * include the above copyright notice in the documentation and/or other materials
 * provided with the application or distribution.
 */

function s2hex(s)
{
  var result = '';
  for(var i=0; i<s.length; i++)
  {
    c = s.charCodeAt(i);
    result += ((c<16) ? "0" : "") + c.toString(16);
  }
  return result;
}

function getPublicKey(text)
{
  var found = 0;
  var i= text.indexOf('-----BEGIN PGP PUBLIC KEY BLOCK-----');

  if(i == -1)
  {
    alert('No PGP Public Key Block');
    this.vers = '';
    this.fp = '';
    this.keyid = '';
    this.user = '';
    this.pkey = '';
    return;
  }
 
  var a=text.indexOf('\n\n',i);
  if(a>0) a += 2;
  else
  {
    a = text.indexOf('\n\r\n', i);
    if(a>0) a += 3;
  }

  var e=text.indexOf('\n=',i); 
  if(a>0 && e>0) text = text.slice(a,e); 
  else
  {
    alert('Invalid PGP Public Key Block');
    this.vers = '';
    this.fp = '';
    this.keyid = '';
    this.user = '';
    this.pkey = '';
    return;
  }
 
  var s=r2s(text);

  for(var i=0; i < s.length;)
  {
    var tag = s.charCodeAt(i++);

    if((tag&128) == 0) break;

    if(tag&64)
    {
      tag&=63;
      len=s.charCodeAt(i++);
      if(len >191 && len <224) len=((len-192)<<8) + s.charCodeAt(i++);
      else if(len==255) len = (s.charCodeAt(i++)<<24) + (s.charCodeAt(i++)<<16) + (s.charCodeAt(i++)<<8) + s.charCodeAt(i++);
      else if(len>223 &&len<255) len = (1<<(len&0x1f)); 
    }
    else
    {
      len = tag&3;
      tag = (tag>>2)&15;
      if(len==0) len = s.charCodeAt(i++);
      else if(len==1) len = (s.charCodeAt(i++)<<8) + s.charCodeAt(i++);
      else if(len==2) len = (s.charCodeAt(i++)<<24) + (s.charCodeAt(i++)<<16) + (s.charCodeAt(i++)<<8) + s.charCodeAt(i++);
      else len = s.length-1;
    }

    if(tag==6 || tag==14)  //  public key/subkey packet
    {
      var k = i;
      var vers=s.charCodeAt(i++);

      found = 1;
      this.vers=vers;

      var time=(s.charCodeAt(i++)<<24) + (s.charCodeAt(i++)<<16) + (s.charCodeAt(i++)<<8) + s.charCodeAt(i++);
      
      if(vers==2 || vers==3) var valid=s.charCodeAt(i++)<<8 + s.charCodeAt(i++);

      var algo=s.charCodeAt(i++);

      if(algo == 1 || algo == 2)
      {
        var m = i;
        var lm = Math.floor((s.charCodeAt(i)*256 + s.charCodeAt(i+1)+7)/8);
        i+=lm+2;

        var mod = s.substr(m,lm+2);
        var le = Math.floor((s.charCodeAt(i)*256 + s.charCodeAt(i+1)+7)/8);
        i+=le+2;

        this.pkey=s2r(s.substr(m,lm+le+4));
        this.type="RSA";

        if(vers==3)
        {
           this.fp='';
           this.keyid=s2hex(mod.substr(mod.length-8, 8));
        }
        else if(vers==4)
        {
          var pkt = String.fromCharCode(0x99) + String.fromCharCode(len>>8) 
                    + String.fromCharCode(len&255)+s.substr(k, len);
          var fp = str_sha1(pkt);
          this.fp=s2hex(fp);
          this.keyid=s2hex(fp.substr(fp.length-8,8));
        }
        else
        {
          this.fp='';
          this.keyid='';
        }
        found = 2;
      }
      else if((algo == 16 || algo == 20) && vers == 4)
      {
        var m = i;

        var lp = Math.floor((s.charCodeAt(i)*256 + s.charCodeAt(i+1)+7)/8);
        i+=lp+2;

        var lg = Math.floor((s.charCodeAt(i)*256 + s.charCodeAt(i+1)+7)/8);
        i+=lg+2;

        var ly = Math.floor((s.charCodeAt(i)*256 + s.charCodeAt(i+1)+7)/8);
        i+=ly+2;

        this.pkey=s2r(s.substr(m,lp+lg+ly+6));

        var pkt = String.fromCharCode(0x99) + String.fromCharCode(len>>8) 
                    + String.fromCharCode(len&255)+s.substr(k, len);
        var fp = str_sha1(pkt);
        this.fp=s2hex(fp);
        this.keyid=s2hex(fp.substr(fp.length-8,8));
        this.type="ELGAMAL";
        found = 3;
      } 
      else
      {
        i = k + len;
      }
    }
    else if(tag==13)   // user id
    {
      this.user=s.substr(i,len);
      i+=len;
    }
    else
    {
      i+=len;
    }
  }
  if(found < 2)
  {  
      this.vers = '';
      this.fp = '';
      this.keyid = '';
      if(found == 0)
          this.user = "No public key packet found."; 
      else if(found == 1)
      {
          this.user = "public key algorithm is " + algo + " not RSA or ELGAMAL.";
      }
      this.pkey = "";
  }
}
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
gpg / gpg-agent -- Can't connect to /root/.gnupg/S.gpg-agent jrtayloriv Linux - Security 5 11-30-2011 11:32 AM
[SOLVED] gpg: WARNING: unsafe permissions on configuration file `/home/b/.gnupg/options' gpg: widda Mandriva 8 09-05-2009 10:37 AM
GPG: Bad session key gpg between gpg on linux and gpg gui on windows XP konqi Linux - Software 1 07-21-2009 10:37 AM
Difference between FTP payload Data and simply chopping a file into payload size ahm_irf Programming 1 11-07-2007 09:58 AM
Extracting Payload kharshadm Linux - Software 1 05-23-2007 08:49 PM


All times are GMT -5. The time now is 02:29 PM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration