static void p5_crypto_pgp_keys_private_list(ApplicationContext context, ActiveEventArgs e)
{
// Using common helper to iterate all secret keyrings matching filter.
PGPKeyIterator.Find(context, e.Args, delegate(OpenPgpContext ctx, PgpSecretKeyRing keyring) {
// Retrieving fingerprint of currently iterated key, and returning to caller.
var fingerprint = Fingerprint.FingerprintString(keyring.GetPublicKey().GetFingerprint());
e.Args.Add(fingerprint);
}, false);
}
public static void p5_crypto_pgp_keys_create(ApplicationContext context, ActiveEventArgs e)
{
// Making sure we clean up after ourselves.
using (new ArgsRemover(e.Args, true)) {
// Retrieving identity (normally a name + email address), in addition to password.
string identity = e.Args.GetExChildValue <string> ("identity", context);
string password = e.Args.GetExChildValue <string> ("password", context);
if (string.IsNullOrEmpty(identity) || string.IsNullOrEmpty(password))
{
throw new LambdaException(
"Minimum [identity] and [password] needs to be supplied to create a PGP keypair",
e.Args,
context);
}
// Retrieving other parameters to PGP keypair creation, giving them sane defaults if not supplied.
DateTime expires = e.Args.GetExChildValue("expires", context, DateTime.Now.AddYears(3));
int strength = e.Args.GetExChildValue <int> ("strength", context, 4096);
long publicExponent = e.Args.GetExChildValue("public-exponent", context, 65537L);
int certainty = e.Args.GetExChildValue("certainty", context, 5);
// Creating our key generator.
PgpKeyRingGenerator generator = GetKeyRingGenerator(
context,
identity,
password,
expires,
strength,
publicExponent,
certainty);
// Generating public keyrign.
PgpPublicKeyRing publicRing = generator.GeneratePublicKeyRing();
// Generating secret keyring. "Secret key" is BC's name for private key.
PgpSecretKeyRing secretRing = generator.GenerateSecretKeyRing();
/*
* Retrieving PGP context to let MimeKit import keys into PGP storage.
* Making sure we retrieve it in "write mode".
*/
using (var ctx = context.RaiseEvent(".p5.crypto.pgp-keys.context.create", new Node("", true)).Get <OpenPgpContext> (context)) {
// Saves public keyring.
ctx.Import(publicRing);
// Saves secret keyring (private key, BC uses different naming convention).
ctx.Import(secretRing);
}
// Returning fingerprint and key-id to caller.
e.Args.Add("fingerprint", Fingerprint.FingerprintString(publicRing.GetPublicKey().GetFingerprint()));
e.Args.Add("key-id", ((int)publicRing.GetPublicKey().KeyId).ToString("X"));
}
}
static void p5_crypto_pgp_keys_sign(ApplicationContext context, ActiveEventArgs e)
{
// Used as buffer to hold secret signing key.
PgpSecretKey secretKey = null;
// Retrieving fingerprint of key to use for signing.
var fingerprint = e.Args.GetExChildValue <string> ("fingerprint", context, null);
if (string.IsNullOrEmpty(fingerprint))
{
throw new LambdaException("No [fingerprint] supplied to [p5.crypto.pgp-keys.sign]", e.Args, context);
}
// Retrieving password for signing key.
var password = e.Args ["fingerprint"].GetExChildValue <string> ("password", context, null);
if (string.IsNullOrEmpty(password))
{
throw new LambdaException("No [fingerprint]/[password] supplied to [p5.crypto.pgp-keys.sign]", e.Args, context);
}
// Using common helper to iterate all secret keys.
PGPKeyIterator.Find(context, e.Args, delegate(OpenPgpContext ctx, PgpPublicKeyRing keyring) {
/*
* Checking if we have previously found the private signing key.
* This little trick allows us to sign multiple public keys while still postpone the lookup of the private
* signing key, until we know we actually have a match.
*/
if (secretKey == null)
{
// Finding secret key to use for signing the currently iterated public key.
foreach (PgpSecretKeyRing idxRing in ctx.SecretKeyRingBundle.GetKeyRings())
{
// Checking that this is our key.
var cur = idxRing.GetSecretKey();
if (Fingerprint.FingerprintString(cur.PublicKey.GetFingerprint()) == fingerprint)
{
// This is the signing key.
secretKey = cur;
break;
}
}
}
// Signing key.
ctx.SignKey(secretKey, keyring.GetPublicKey());
}, false, false, password, fingerprint);
}
static void p5_crypto_pgp_keys_private_delete(ApplicationContext context, ActiveEventArgs e)
{
// Retrieving server's main PGP key to make sure caller doesn't accidentally delete that key.
var serverKey = context.RaiseEvent("p5.auth.pgp.get-fingerprint").Get <string> (context);
// Using common helper to iterate all secret keys.
PGPKeyIterator.Find(context, e.Args, delegate(OpenPgpContext ctx, PgpSecretKeyRing keyRing) {
/*
* Notice, since server would effectively become useless if we allowed the caller to
* accidentally delete the main server PGP key, we check that the currently iterated key
* is not the server's main key.
*/
if (Fingerprint.FingerprintString(keyRing.GetPublicKey().GetFingerprint()) != serverKey)
{
// Deleting key.
ctx.Delete(keyRing);
}
}, true, false);
}
static void p5_crypto_pgp_keys_get_details(ApplicationContext context, ActiveEventArgs e)
{
/*
* Using common helper to iterate all public keys, assuming that if caller
* has supplied a fingerprint or key-id to a private key, the public key
* will also exist in PGP context.
*/
PGPKeyIterator.Find(context, e.Args, delegate(OpenPgpContext ctx, PgpPublicKeyRing keyring) {
// This key is matching specified filter criteria.
var key = keyring.GetPublicKey();
var fingerprint = Fingerprint.FingerprintString(key.GetFingerprint());
var node = e.Args.Add(fingerprint).LastChild;
node.Add("id", ((int)key.KeyId).ToString("X"));
node.Add("algorithm", key.Algorithm.ToString());
node.Add("strength", key.BitStrength);
node.Add("creation-time", key.CreationTime);
node.Add("is-encryption-key", key.IsEncryptionKey);
node.Add("is-master-key", key.IsMasterKey);
node.Add("is-revoked", key.IsRevoked());
node.Add("version", key.Version);
DateTime expires = key.CreationTime.AddSeconds(key.GetValidSeconds());
node.Add("expires", expires);
// Returning all user IDs that are strings to caller.
foreach (var idxUserId in key.GetUserIds())
{
if (idxUserId is string)
{
node.FindOrInsert("user-ids").Add("", idxUserId);
}
}
// Adding key IDs of all keys that have signed this key.
foreach (PgpSignature signature in key.GetSignatures())
{
node.FindOrInsert("signed-by").Add(((int)signature.KeyId).ToString("X"), signature.CreationTime);
}
}, false);
}
static void p5_crypto_pgp_keys_public_get(ApplicationContext context, ActiveEventArgs e)
{
// Using common helper to iterate all public keyrings matching filter.
PGPKeyIterator.Find(context, e.Args, delegate(OpenPgpContext ctx, PgpPublicKeyRing keyring) {
// Retrieving fingerprint of currently iterated key, and returning to caller.
var key = keyring.GetPublicKey();
var fingerprint = Fingerprint.FingerprintString(key.GetFingerprint());
var node = e.Args.Add(fingerprint).LastChild;
// Returning public key as armored ASCII.
using (var memStream = new MemoryStream()) {
using (var armored = new ArmoredOutputStream(memStream)) {
key.Encode(armored);
armored.Flush();
}
memStream.Flush();
memStream.Position = 0;
var sr = new StreamReader(memStream);
node.Value = sr.ReadToEnd();
}
}, false);
}
static void p5_crypto_pgp_keys_private_import(ApplicationContext context, ActiveEventArgs e)
{
// House cleaning.
using (new ArgsRemover(e.Args, true)) {
// Creating new PGP context.
using (var ctx = context.RaiseEvent(".p5.crypto.pgp-keys.context.create", new Node("", true)).Get <OpenPgpContext> (context)) {
// Looping through each private key (in ascii armored format) and importing into context.
foreach (var idxKey in XUtil.Iterate <string> (context, e.Args))
{
// Creating armored input stream to wrap key.
using (var memStream = new MemoryStream(Encoding.UTF8.GetBytes(idxKey.Replace("\r\n", "\n")))) {
using (var armored = new ArmoredInputStream(memStream)) {
var key = new PgpSecretKeyRing(armored);
ctx.Import(key);
// Returning fingerprint of key that was successfully imported to caller.
e.Args.Add(Fingerprint.FingerprintString(key.GetPublicKey().GetFingerprint()));
}
}
}
}
}
}
