From 749845496e8a8ca8cafe030d3989d62488bb12e1 Mon Sep 17 00:00:00 2001
From: Christos Zoulas <christos@zoulas.com>
Date: Fri, 7 Oct 2016 20:22:12 +0000
Subject: [PATCH] improve pgp magic (Joerg Jenderek)

---
 magic/Magdir/pgp | 59 +++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 56 insertions(+), 3 deletions(-)

diff --git a/magic/Magdir/pgp b/magic/Magdir/pgp
index 95a67660..6e685fcf 100644
--- a/magic/Magdir/pgp
+++ b/magic/Magdir/pgp
@@ -1,6 +1,6 @@
 
 #------------------------------------------------------------------------------
-# $File: pgp,v 1.11 2014/11/11 21:32:38 christos Exp $
+# $File: pgp,v 1.12 2016/10/07 20:22:12 christos Exp $
 # pgp:  file(1) magic for Pretty Good Privacy
 # see http://lists.gnupg.org/pipermail/gnupg-devel/1999-September/016052.html
 #
@@ -194,6 +194,23 @@
 >0	byte	0x0a			SHA512
 >0	byte	0x0b			SHA224
 
+# display public key algorithms as human readable text
+0	name	key_algo
+>0	byte	0x01			RSA (Encrypt or Sign)
+# keep old look of version 5.28 without parentheses
+>0	byte	0x02			RSA Encrypt-Only
+>0	byte	0x03			RSA (Sign-Only)
+>0	byte	16			ElGamal (Encrypt-Only)
+>0	byte	17			DSA
+>0	byte	18			Elliptic Curve
+>0	byte	19			ECDSA
+>0	byte	20			ElGamal (Encrypt or Sign)
+>0	byte	21			Diffie-Hellman
+>0	default	x			
+>>0	ubyte	<22			unknown (pub %d)
+# this should never happen
+>>0	ubyte	>21			invalid (%d)
+
 # pgp symmetric encrypted data
 
 0	byte	0x8c			PGP symmetric key encrypted data -
@@ -465,5 +482,41 @@
 >1	use	pgpkey
 0	byte	0x97			PGP	Secret Sub-key -
 >1	use	pgpkey
-0	byte	0x9d			PGP	Secret Sub-key -
->1	use	pgpkey
+0	byte	0x9d			
+# Update: Joerg Jenderek
+# secret subkey packet (tag 7) with same structure as secret key packet (tag 5)
+# skip Fetus.Sys16 CALIBUS.MAIN OrbFix.Sys16.Ex by looking for positive len
+>1	ubeshort	>0		
+#>1	ubeshort	x		\b, body length 0x%x
+# next packet type often 88h,89h~(tag 2)~Signature Packet
+#>>(1.S+3)	ubyte	x		\b, next packet type 0x%x
+# skip Dragon.SHR DEMO.INIT by looking for positive version
+>>3	ubyte		>0	
+# skip BUISSON.13 GUITAR1 by looking for low version number
+>>>3	ubyte		<5		PGP Secret Sub-key
+# sub-key are normally part of secret key. So it does not occur as standalone file
+#!:ext	bin
+# version 2,3~old 4~new . Comment following line for version 5.28 look
+>>>>3	ubyte		x		(v%d)
+>>>>3	ubyte		x		-
+# old versions 2 or 3 but no real example found
+>>>>3	ubyte		<4		
+# 2 byte for key bits in version 5.28 look
+>>>>>11		ubeshort	x	%db
+>>>>>4		beldate		x	created on %s -
+# old versions use 2 additional bytes after time stamp
+#>>>>>8		ubeshort	x	0x%x
+# display key algorithm 1~RSA Encrypt|Sign - 21~Diffie-Hellman
+>>>>>10	  	use		key_algo
+>>>>>(11.S/8)	ubequad		x	
+# look after first key
+>>>>>>&5	use		keyend
+# new version
+>>>>3	ubyte		>3		
+>>>>>9		ubeshort	x	%db
+>>>>>4		beldate		x	created on %s -
+# display key algorithm
+>>>>>8		use		key_algo
+>>>>>(9.S/8)	ubequad		x	
+# look after first key for something like s2k
+>>>>>>&3	use		keyend
-- 
2.40.0