/**
* verify the signature in in against the file fileName.
*/
private static bool VerifySignature(
string OriginalMessage,
string EncodedMessage,
Stream keyIn)
{
byte[] bytes = Convert.FromBase64String(EncodedMessage);
using (Stream inputStream = new MemoryStream(bytes))
{
PgpObjectFactory pgpFact = new PgpObjectFactory(PgpUtilities.GetDecoderStream(inputStream));
PgpSignatureList p3 = null;
PgpObject o = pgpFact.NextPgpObject();
if (o is PgpCompressedData)
{
PgpCompressedData c1 = (PgpCompressedData)o;
pgpFact = new PgpObjectFactory(c1.GetDataStream());
p3 = (PgpSignatureList)pgpFact.NextPgpObject();
}
else
{
p3 = (PgpSignatureList)o;
}
PgpPublicKeyRingBundle pgpPubRingCollection = new PgpPublicKeyRingBundle(
PgpUtilities.GetDecoderStream(keyIn));
PgpSignature sig = p3[0];
PgpPublicKey key = pgpPubRingCollection.GetPublicKey(sig.KeyId);
sig.InitVerify(key);
sig.Update(System.Text.Encoding.UTF8.GetBytes(OriginalMessage));
return(sig.Verify());
}
}
private void DoTestEncMessage()
{
PgpObjectFactory pgpFact = new PgpObjectFactory(encMessage);
PgpEncryptedDataList encList = (PgpEncryptedDataList)pgpFact.NextPgpObject();
PgpPublicKeyEncryptedData encP = (PgpPublicKeyEncryptedData)encList[0];
PgpPublicKey publicKey = new PgpPublicKeyRing(testPubKey).GetPublicKey(encP.KeyId);
PgpSecretKey secretKey = PgpSecretKey.ParseSecretKeyFromSExpr(new MemoryStream(sExprKeySub, false),
"test".ToCharArray(), publicKey);
Stream clear = encP.GetDataStream(secretKey.ExtractPrivateKey(null));
PgpObjectFactory plainFact = new PgpObjectFactory(clear);
PgpCompressedData cData = (PgpCompressedData)plainFact.NextPgpObject();
PgpObjectFactory compFact = new PgpObjectFactory(cData.GetDataStream());
PgpLiteralData lData = (PgpLiteralData)compFact.NextPgpObject();
if (!"test.txt".Equals(lData.FileName))
{
Fail("wrong file name detected");
}
}
private void doSigVerifyTest(
string publicKeyFile,
string sigFile)
{
PgpPublicKeyRing publicKey = loadPublicKey(publicKeyFile);
PgpObjectFactory pgpFact = loadSig(sigFile);
PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject();
pgpFact = new PgpObjectFactory(c1.GetDataStream());
PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
PgpOnePassSignature ops = p1[0];
PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject();
Stream dIn = p2.GetInputStream();
ops.InitVerify(publicKey.GetPublicKey());
int ch;
while ((ch = dIn.ReadByte()) >= 0)
{
ops.Update((byte)ch);
}
PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject();
Assert.IsTrue(ops.Verify(p3[0]));
}
/// <summary>
/// Verifies the specified signature using the specified public key.
/// </summary>
/// <param name="input">The signature to verify.</param>
/// <param name="publicKey">The public key with which to decode the signature.</param>
/// <returns>A byte array containing the message contained within the signature.</returns>
/// <exception cref="PgpDataValidationException">
/// Thrown when the specified signature is invalid, or if an exception is encountered while validating.
/// </exception>
public static byte[] Verify(string input, string publicKey)
{
// create input streams from
Stream inputStream = new MemoryStream(Encoding.UTF8.GetBytes(input ?? string.Empty));
Stream publicKeyStream = new MemoryStream(Encoding.UTF8.GetBytes(publicKey ?? string.Empty));
// enclose all operations in a try/catch. if we encounter any exceptions verification fails.
try
{
// lines taken pretty much verbatim from the bouncycastle example. not sure what it all does.
inputStream = PgpUtilities.GetDecoderStream(inputStream);
PgpObjectFactory pgpFact = new PgpObjectFactory(inputStream);
PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject();
pgpFact = new PgpObjectFactory(c1.GetDataStream());
PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
PgpOnePassSignature ops = p1[0];
PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject();
Stream dIn = p2.GetInputStream();
PgpPublicKeyRingBundle pgpRing = new PgpPublicKeyRingBundle(PgpUtilities.GetDecoderStream(publicKeyStream));
PgpPublicKey key = pgpRing.GetPublicKey(ops.KeyId);
// set up a memorystream to contain the message contained within the signature
MemoryStream memoryStream = new MemoryStream();
ops.InitVerify(key);
int ch;
while ((ch = dIn.ReadByte()) >= 0)
{
ops.Update((byte)ch);
memoryStream.WriteByte((byte)ch);
}
// save the contents of the memorystream to a byte array
byte[] retVal = memoryStream.ToArray();
memoryStream.Close();
PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject();
PgpSignature firstSig = p3[0];
// verify.
if (ops.Verify(firstSig))
{
return(retVal);
}
else
{
throw new PgpDataValidationException();
}
}
catch (Exception)
{
throw new PgpDataValidationException();
}
}
public void decrypt(Stream input, string outputpath)
{
input = PgpUtilities.GetDecoderStream(input);
try
{
PgpObjectFactory pgpObjF = new PgpObjectFactory(input);
PgpEncryptedDataList enc;
PgpObject obj = pgpObjF.NextPgpObject();
if (obj is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)obj;
}
else
{
enc = (PgpEncryptedDataList)pgpObjF.NextPgpObject();
}
PgpPrivateKey privKey = pgpKeys.PrivateKey;
PgpPublicKeyEncryptedData pbe = null;
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
if (privKey != null)
{
pbe = pked;
break;
}
}
Stream clear = pbe.GetDataStream(privKey);
PgpObjectFactory plainFact = new PgpObjectFactory(clear);
PgpObject message = plainFact.NextPgpObject();
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
Stream compDataIn = cData.GetDataStream();
PgpObjectFactory o = new PgpObjectFactory(compDataIn);
message = o.NextPgpObject();
if (message is PgpOnePassSignatureList)
{
message = o.NextPgpObject();
PgpLiteralData Ld = null;
Ld = (PgpLiteralData)message;
Stream output = File.Create(outputpath + "\\" + Ld.FileName);
Stream unc = Ld.GetInputStream();
Streams.PipeAll(unc, output);
}
else
{
PgpLiteralData Ld = null;
Ld = (PgpLiteralData)message;
Stream output = File.Create(outputpath + "\\" + Ld.FileName);
Stream unc = Ld.GetInputStream();
Streams.PipeAll(unc, output);
}
}
}
catch (Exception e)
{
throw new Exception(e.Message);
}
}
private static PgpObject processCompressedMessage(PgpObject message)
{
PgpCompressedData compressedData = (PgpCompressedData)message;
Stream compressedDataStream = compressedData.GetDataStream();
PgpObjectFactory compressedFactory = new PgpObjectFactory(compressedDataStream);
message = checkforOnePassSignatureList(message, compressedFactory);
return(message);
}
private void DoTestSignedEncMessage()
{
PgpObjectFactory pgpFact = new PgpObjectFactory(signedEncMessage);
PgpEncryptedDataList encList = (PgpEncryptedDataList)pgpFact.NextPgpObject();
PgpPublicKeyEncryptedData encP = (PgpPublicKeyEncryptedData)encList[0];
PgpPublicKeyRing publicKeyRing = new PgpPublicKeyRing(testPubKey);
PgpPublicKey publicKey = publicKeyRing.GetPublicKey(encP.KeyId);
PgpSecretKey secretKey = PgpSecretKey.ParseSecretKeyFromSExpr(new MemoryStream(sExprKeySub, false),
"test".ToCharArray(), publicKey);
Stream clear = encP.GetDataStream(secretKey.ExtractPrivateKey(null));
PgpObjectFactory plainFact = new PgpObjectFactory(clear);
PgpCompressedData cData = (PgpCompressedData)plainFact.NextPgpObject();
PgpObjectFactory compFact = new PgpObjectFactory(cData.GetDataStream());
PgpOnePassSignatureList sList = (PgpOnePassSignatureList)compFact.NextPgpObject();
PgpOnePassSignature ops = sList[0];
PgpLiteralData lData = (PgpLiteralData)compFact.NextPgpObject();
if (!"test.txt".Equals(lData.FileName))
{
Fail("wrong file name detected");
}
Stream dIn = lData.GetInputStream();
ops.InitVerify(publicKeyRing.GetPublicKey(ops.KeyId));
int ch;
while ((ch = dIn.ReadByte()) >= 0)
{
ops.Update((byte)ch);
}
PgpSignatureList p3 = (PgpSignatureList)compFact.NextPgpObject();
if (!ops.Verify(p3[0]))
{
Fail("Failed signature check");
}
}
/**
* verify the signature in in against the file fileName.
*/
private static void VerifySignature(
string fileName,
Stream inputStream,
Stream keyIn)
{
inputStream = PgpUtilities.GetDecoderStream(inputStream);
PgpObjectFactory pgpFact = new PgpObjectFactory(inputStream);
PgpSignatureList p3 = null;
PgpObject o = pgpFact.NextPgpObject();
if (o is PgpCompressedData)
{
PgpCompressedData c1 = (PgpCompressedData)o;
pgpFact = new PgpObjectFactory(c1.GetDataStream());
p3 = (PgpSignatureList)pgpFact.NextPgpObject();
}
else
{
p3 = (PgpSignatureList)o;
}
PgpPublicKeyRingBundle pgpPubRingCollection = new PgpPublicKeyRingBundle(
PgpUtilities.GetDecoderStream(keyIn));
Stream dIn = File.OpenRead(fileName);
PgpSignature sig = p3[0];
PgpPublicKey key = pgpPubRingCollection.GetPublicKey(sig.KeyId);
sig.InitVerify(key);
int ch;
while ((ch = dIn.ReadByte()) >= 0)
{
sig.Update((byte)ch);
}
dIn.Close();
if (sig.Verify())
{
Console.WriteLine("signature verified.");
}
else
{
Console.WriteLine("signature verification failed.");
}
}
private void ValidateData(
byte[] compressed)
{
PgpObjectFactory pgpFact = new PgpObjectFactory(compressed);
PgpCompressedData c1 = (PgpCompressedData) pgpFact.NextPgpObject();
Stream pIn = c1.GetDataStream();
byte[] bytes = Streams.ReadAll(pIn);
pIn.Close();
if (!AreEqual(bytes, Data))
{
Fail("compression test failed");
}
}
private static void Decrypt(PgpCompressedData objCompressed, Stream outputStream)
{
using (var compressedStream = objCompressed.GetDataStream())
{
var factory = new PgpObjectFactory(compressedStream);
var obj = factory.NextPgpObject();
if (obj is PgpOnePassSignatureList)
{
Decrypt((PgpLiteralData)factory.NextPgpObject(), outputStream);
}
else
{
Decrypt((PgpLiteralData)obj, outputStream);
}
}
}
private byte[] DecryptMessageBuffered(
byte[] message)
{
PgpObjectFactory pgpF = new PgpObjectFactory(message);
PgpEncryptedDataList enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
PgpPbeEncryptedData pbe = (PgpPbeEncryptedData)enc[0];
Stream clear = pbe.GetDataStream(pass);
PgpObjectFactory pgpFact = new PgpObjectFactory(clear);
PgpCompressedData cData = (PgpCompressedData)pgpFact.NextPgpObject();
pgpFact = new PgpObjectFactory(cData.GetDataStream());
PgpLiteralData ld = (PgpLiteralData)pgpFact.NextPgpObject();
MemoryStream bOut = new MemoryStream();
if (!ld.FileName.Equals("test.txt") &&
!ld.FileName.Equals("_CONSOLE"))
{
Fail("wrong filename in packet");
}
if (!ld.ModificationTime.Equals(TestDateTime))
{
Fail("wrong modification time in packet: " + ld.ModificationTime.Ticks + " " + TestDateTime.Ticks);
}
Stream unc = ld.GetInputStream();
byte[] buf = new byte[1024];
int len;
while ((len = unc.Read(buf, 0, buf.Length)) > 0)
{
bOut.Write(buf, 0, len);
}
if (pbe.IsIntegrityProtected() && !pbe.Verify())
{
Fail("integrity check failed");
}
return(bOut.ToArray());
}
/*.......................................................................檔案數認證開始*/
/*首先傳送端將訊息經過雜湊演算法計算後得到一個雜湊值,再利用它的私有鑰匙向雜湊值加密成為一個數位簽章(DS),接著,再將數位簽章附加在訊息後面一併傳送出去;
* 接收端收到訊息之後,以同樣的雜湊演算計算出雜湊值(H’),並利用傳送端的公開鑰匙將 DS 解密,得到另一端的雜湊值(H)。
* 接著,比較兩個雜湊值,如果相同的話,則可以確定該訊息的『完整性』(雜湊值相同),此外也可以確定其『不可否認性』(私有鑰匙與公開鑰匙配對)。*/
/*
* 簽章後的hash值 -> 公鑰(對方)解密 -> hash值
* 解密後的文章 -> hash -> 解密後文章的hash值
*/
private static void VerifyFile(
Stream inputStream, //預計數位認證原始檔案的資料流
Stream keyIn, //簽名方(對方)公鑰的資料流
string outputFileName //預計匯出(數位認證後檔案)的完整路徑
)
{
inputStream = PgpUtilities.GetDecoderStream(inputStream); //串流陣列化 byte Array
PgpObjectFactory pgpFact = new PgpObjectFactory(inputStream);
PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject();
pgpFact = new PgpObjectFactory(c1.GetDataStream()); //解壓縮
PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
PgpOnePassSignature ops = p1[0];
PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject();
Stream dIn = p2.GetInputStream();
PgpPublicKeyRingBundle pgpRing = new PgpPublicKeyRingBundle(PgpUtilities.GetDecoderStream(keyIn));
PgpPublicKey key = pgpRing.GetPublicKey(ops.KeyId); //取出公鑰
Stream fileOutput = File.Create(outputFileName); //預計匯出檔案建立
ops.InitVerify(key); //驗證公鑰是否符合
int ch;
while ((ch = dIn.ReadByte()) >= 0)
{
ops.Update((byte)ch); //進行解密
fileOutput.WriteByte((byte)ch); //寫入預計匯出檔案
}
fileOutput.Close();
fileOutput.Dispose();
PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject();
PgpSignature firstSig = p3[0];
if (ops.Verify(firstSig)) //Hash值比較
{
Console.Out.WriteLine("signature verified.");
}
else
{
Console.Out.WriteLine("signature verification failed.");
}
}
private static void DecryptCompressedData(PgpObject message, string outputFile)
{
PgpCompressedData cData = (PgpCompressedData)message;
PgpObjectFactory objectFactory;
using (Stream compDataIn = cData.GetDataStream())
{
objectFactory = new PgpObjectFactory(compDataIn);
}
message = objectFactory.NextPgpObject();
if (message is PgpOnePassSignatureList)
{
message = objectFactory.NextPgpObject();
}
PipeStreamToFile(outputFile, (PgpLiteralData)message);
}
private string Decrypt(Stream input, PgpSecretKey secretKey, string passPhrase)
{
input = PgpUtilities.GetDecoderStream(input);
PgpObjectFactory pgpObjF = new PgpObjectFactory(input);
PgpEncryptedDataList enc;
PgpObject obj = pgpObjF.NextPgpObject();
if (obj is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)obj;
}
else
{
enc = (PgpEncryptedDataList)pgpObjF.NextPgpObject();
}
PgpPublicKeyEncryptedData pbe = enc.GetEncryptedDataObjects().Cast <PgpPublicKeyEncryptedData>().First();
Stream clear;
PgpPrivateKey privateKey = secretKey.ExtractPrivateKey(passPhrase.ToCharArray());
clear = pbe.GetDataStream(privateKey);
PgpObjectFactory plainFact = new PgpObjectFactory(clear);
PgpObject message = plainFact.NextPgpObject();
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
Stream compDataIn = cData.GetDataStream();
PgpObjectFactory o = new PgpObjectFactory(compDataIn);
message = o.NextPgpObject();
if (message is PgpOnePassSignatureList)
{
message = o.NextPgpObject();
}
var ld = (PgpLiteralData)message;
var unc = ld.GetInputStream();
var reader = new StreamReader(unc);
return(reader.ReadToEnd());
}
throw new NotImplementedException();
}
/**
* verify the passed in file as being correctly signed.
*/
private static void VerifyFile(
Stream inputStream,
Stream keyIn)
{
inputStream = PgpUtilities.GetDecoderStream(inputStream);
PgpObjectFactory pgpFact = new PgpObjectFactory(inputStream);
PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject();
pgpFact = new PgpObjectFactory(c1.GetDataStream());
PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
PgpOnePassSignature ops = p1[0];
PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject();
Stream dIn = p2.GetInputStream();
PgpPublicKeyRingBundle pgpRing = new PgpPublicKeyRingBundle(PgpUtilities.GetDecoderStream(keyIn));
IPgpPublicKey key = pgpRing.GetPublicKey(ops.KeyId);
Stream fos = File.Create(p2.FileName);
ops.InitVerify(key);
int ch;
while ((ch = dIn.ReadByte()) >= 0)
{
ops.Update((byte)ch);
fos.WriteByte((byte)ch);
}
fos.Close();
PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject();
PgpSignature firstSig = p3[0];
if (ops.Verify(firstSig))
{
Console.Out.WriteLine("signature verified.");
}
else
{
Console.Out.WriteLine("signature verification failed.");
}
}
/**
* decrypt the passed in message stream
*
* @param encrypted The message to be decrypted.
* @param passPhrase Pass phrase (key)
*
* @return Clear text as a byte array. I18N considerations are
* not handled by this routine
* @exception IOException
* @exception PgpException
*/
public static byte[] Decrypt(
byte[] encrypted,
char[] passPhrase)
{
Stream inputStream = new MemoryStream(encrypted);
inputStream = PgpUtilities.GetDecoderStream(inputStream);
PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
PgpEncryptedDataList enc = null;
PgpObject o = pgpF.NextPgpObject();
//
// the first object might be a PGP marker packet.
//
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
PgpPbeEncryptedData pbe = (PgpPbeEncryptedData)enc[0];
Stream clear = pbe.GetDataStream(passPhrase);
PgpObjectFactory pgpFact = new PgpObjectFactory(clear);
PgpCompressedData cData = (PgpCompressedData)pgpFact.NextPgpObject();
pgpFact = new PgpObjectFactory(cData.GetDataStream());
PgpLiteralData ld = (PgpLiteralData)pgpFact.NextPgpObject();
Stream unc = ld.GetInputStream();
return(Streams.ReadAll(unc));
}
public static bool VerifyDetachedSignature(string filePath, Stream signatureStream, Stream publicKeyStream)
{
signatureStream = PgpUtilities.GetDecoderStream(signatureStream);
PgpObjectFactory pgpFactory = new PgpObjectFactory(signatureStream);
PgpObject pgpObject = pgpFactory.NextPgpObject();
PgpSignatureList signatureList;
if (pgpObject is PgpCompressedData pgpCompressedData)
{
PgpCompressedData compressedData = pgpCompressedData;
pgpFactory = new PgpObjectFactory(compressedData.GetDataStream());
signatureList = (PgpSignatureList)pgpFactory.NextPgpObject();
}
else
{
signatureList = (PgpSignatureList)pgpObject;
}
PgpPublicKeyRingBundle keyRingBundle = new PgpPublicKeyRingBundle(PgpUtilities.GetDecoderStream(publicKeyStream));
using (Stream inputFileStream = File.OpenRead(filePath))
{
PgpSignature signature = signatureList[0];
PgpPublicKey publicKey = keyRingBundle.GetPublicKey(signature.KeyId);
signature.InitVerify(publicKey);
int ch;
while ((ch = inputFileStream.ReadByte()) >= 0)
{
signature.Update((byte)ch);
}
return(signature.Verify());
}
}
/**
* decrypt the passed in message stream
*/
private byte[] DecryptMessage(
byte[] message)
{
PgpObjectFactory pgpF = new PgpObjectFactory(message);
PgpEncryptedDataList enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
PgpPbeEncryptedData pbe = (PgpPbeEncryptedData)enc[0];
Stream clear = pbe.GetDataStream(pass);
PgpObjectFactory pgpFact = new PgpObjectFactory(clear);
PgpCompressedData cData = (PgpCompressedData)pgpFact.NextPgpObject();
pgpFact = new PgpObjectFactory(cData.GetDataStream());
PgpLiteralData ld = (PgpLiteralData)pgpFact.NextPgpObject();
if (!ld.FileName.Equals("test.txt") &&
!ld.FileName.Equals("_CONSOLE"))
{
Fail("wrong filename in packet");
}
if (!ld.ModificationTime.Equals(TestDateTime))
{
Fail("wrong modification time in packet: " + ld.ModificationTime + " vs " + TestDateTime);
}
Stream unc = ld.GetInputStream();
byte[] bytes = Streams.ReadAll(unc);
if (pbe.IsIntegrityProtected() && !pbe.Verify())
{
Fail("integrity check failed");
}
return(bytes);
}
private static Stream DecryptFileAsStream(
Stream inputStream,
Stream keyIn,
char[] passwd)
{
inputStream = PgpUtilities.GetDecoderStream(inputStream);
MemoryStream outputStream = new MemoryStream();
try
{
PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
PgpEncryptedDataList enc;
PgpObject o = pgpF.NextPgpObject();
// the first object might be a PGP marker packet.
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
// find the secret key
PgpPrivateKey sKey = null;
PgpPublicKeyEncryptedData pbe = null;
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
sKey = FindSecretKey(keyIn, pked.KeyId, passwd);
if (sKey != null)
{
pbe = pked;
break;
}
}
// Iterator it = enc.GetEncryptedDataObjects();
//
// while (sKey == null && it.hasNext())
// {
// pbe = (PgpPublicKeyEncryptedData)it.next();
//
// sKey = FindSecretKey(keyIn, pbe.KeyID, passwd);
// }
if (sKey == null)
{
throw new ArgumentException("secret key for message not found.");
}
Stream clear = pbe.GetDataStream(sKey);
PgpObjectFactory plainFact = new PgpObjectFactory(clear);
PgpObject message = plainFact.NextPgpObject();
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
PgpObjectFactory pgpFact = new PgpObjectFactory(cData.GetDataStream());
message = pgpFact.NextPgpObject();
if (message is PgpOnePassSignatureList)
{
//throw new PgpException("encrypted message contains a signed message - not literal data.");
// file is signed!
// verify signature here if you want.
PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)message;
PgpOnePassSignature ops = p1[0];
// etc…
message = pgpFact.NextPgpObject();
}
}
if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
Stream unc = ld.GetInputStream();
int ch;
while ((ch = unc.ReadByte()) >= 0)
{
outputStream.WriteByte((byte)ch);
}
outputStream.Seek(0, SeekOrigin.Begin);
}
else
{
throw new PgpException("message is not a simple encrypted file - type unknown.");
}
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
Console.Error.WriteLine("message failed integrity check");
}
else
{
Console.Error.WriteLine("message integrity check passed");
}
}
else
{
Console.Error.WriteLine("no message integrity check");
}
return(outputStream);
}
catch (PgpException e)
{
Console.Error.WriteLine(e);
Exception underlyingException = e.InnerException;
if (underlyingException != null)
{
Console.Error.WriteLine(underlyingException.Message);
Console.Error.WriteLine(underlyingException.StackTrace);
}
throw;
}
}
public override void PerformTest()
{
//
// Read the public key
//
PgpObjectFactory pgpFact = new PgpObjectFactory(testPubKeyRing);
PgpPublicKeyRing pgpPub = (PgpPublicKeyRing)pgpFact.NextPgpObject();
var pubKey = pgpPub.GetPublicKey();
if (pubKey.BitStrength != 1024)
{
Fail("failed - key strength reported incorrectly.");
}
//
// Read the private key
//
PgpSecretKeyRing sKey = new PgpSecretKeyRing(testPrivKeyRing);
IPgpSecretKey secretKey = sKey.GetSecretKey();
IPgpPrivateKey pgpPrivKey = secretKey.ExtractPrivateKey(pass);
//
// signature generation
//
const string data = "hello world!";
byte[] dataBytes = Encoding.ASCII.GetBytes(data);
MemoryStream bOut = new MemoryStream();
MemoryStream testIn = new MemoryStream(dataBytes, false);
PgpSignatureGenerator sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.Dsa,
HashAlgorithmTag.Sha1);
sGen.InitSign(PgpSignature.BinaryDocument, pgpPrivKey);
PgpCompressedDataGenerator cGen = new PgpCompressedDataGenerator(
CompressionAlgorithmTag.Zip);
BcpgOutputStream bcOut = new BcpgOutputStream(
cGen.Open(new UncloseableStream(bOut)));
sGen.GenerateOnePassVersion(false).Encode(bcOut);
PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator();
DateTime testDateTime = new DateTime(1973, 7, 27);
Stream lOut = lGen.Open(
new UncloseableStream(bcOut),
PgpLiteralData.Binary,
"_CONSOLE",
dataBytes.Length,
testDateTime);
int ch;
while ((ch = testIn.ReadByte()) >= 0)
{
lOut.WriteByte((byte)ch);
sGen.Update((byte)ch);
}
lGen.Close();
sGen.Generate().Encode(bcOut);
cGen.Close();
//
// verify Generated signature
//
pgpFact = new PgpObjectFactory(bOut.ToArray());
PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject();
pgpFact = new PgpObjectFactory(c1.GetDataStream());
PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
PgpOnePassSignature ops = p1[0];
PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject();
if (!p2.ModificationTime.Equals(testDateTime))
{
Fail("Modification time not preserved");
}
Stream dIn = p2.GetInputStream();
ops.InitVerify(pubKey);
while ((ch = dIn.ReadByte()) >= 0)
{
ops.Update((byte)ch);
}
PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject();
if (!ops.Verify(p3[0]))
{
Fail("Failed Generated signature check");
}
//
// test encryption
//
//
// find a key sutiable for encryption
//
long pgpKeyID = 0;
IAsymmetricKeyParameter pKey = null;
foreach (PgpPublicKey pgpKey in pgpPub.GetPublicKeys())
{
if (pgpKey.Algorithm == PublicKeyAlgorithmTag.ElGamalEncrypt ||
pgpKey.Algorithm == PublicKeyAlgorithmTag.ElGamalGeneral)
{
pKey = pgpKey.GetKey();
pgpKeyID = pgpKey.KeyId;
if (pgpKey.BitStrength != 1024)
{
Fail("failed - key strength reported incorrectly.");
}
//
// verify the key
//
}
}
IBufferedCipher c = CipherUtilities.GetCipher("ElGamal/None/PKCS1Padding");
c.Init(true, pKey);
byte[] inBytes = Encoding.ASCII.GetBytes("hello world");
byte[] outBytes = c.DoFinal(inBytes);
pgpPrivKey = sKey.GetSecretKey(pgpKeyID).ExtractPrivateKey(pass);
c.Init(false, pgpPrivKey.Key);
outBytes = c.DoFinal(outBytes);
if (!Arrays.AreEqual(inBytes, outBytes))
{
Fail("decryption failed.");
}
//
// encrypted message
//
byte[] text = { (byte)'h', (byte)'e', (byte)'l', (byte)'l', (byte)'o',
(byte)' ', (byte)'w', (byte)'o', (byte)'r', (byte)'l',(byte)'d', (byte)'!', (byte)'\n' };
PgpObjectFactory pgpF = new PgpObjectFactory(encMessage);
PgpEncryptedDataList encList = (PgpEncryptedDataList)pgpF.NextPgpObject();
PgpPublicKeyEncryptedData encP = (PgpPublicKeyEncryptedData)encList[0];
Stream clear = encP.GetDataStream(pgpPrivKey);
pgpFact = new PgpObjectFactory(clear);
c1 = (PgpCompressedData)pgpFact.NextPgpObject();
pgpFact = new PgpObjectFactory(c1.GetDataStream());
PgpLiteralData ld = (PgpLiteralData)pgpFact.NextPgpObject();
if (!ld.FileName.Equals("test.txt"))
{
throw new Exception("wrong filename in packet");
}
Stream inLd = ld.GetDataStream();
byte[] bytes = Streams.ReadAll(inLd);
if (!Arrays.AreEqual(bytes, text))
{
Fail("wrong plain text in decrypted packet");
}
//
// signed and encrypted message
//
pgpF = new PgpObjectFactory(signedAndEncMessage);
encList = (PgpEncryptedDataList)pgpF.NextPgpObject();
encP = (PgpPublicKeyEncryptedData)encList[0];
clear = encP.GetDataStream(pgpPrivKey);
pgpFact = new PgpObjectFactory(clear);
c1 = (PgpCompressedData)pgpFact.NextPgpObject();
pgpFact = new PgpObjectFactory(c1.GetDataStream());
p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
ops = p1[0];
ld = (PgpLiteralData)pgpFact.NextPgpObject();
bOut = new MemoryStream();
if (!ld.FileName.Equals("test.txt"))
{
throw new Exception("wrong filename in packet");
}
inLd = ld.GetDataStream();
//
// note: we use the DSA public key here.
//
ops.InitVerify(pgpPub.GetPublicKey());
while ((ch = inLd.ReadByte()) >= 0)
{
ops.Update((byte)ch);
bOut.WriteByte((byte)ch);
}
p3 = (PgpSignatureList)pgpFact.NextPgpObject();
if (!ops.Verify(p3[0]))
{
Fail("Failed signature check");
}
if (!Arrays.AreEqual(bOut.ToArray(), text))
{
Fail("wrong plain text in decrypted packet");
}
//
// encrypt
//
MemoryStream cbOut = new MemoryStream();
PgpEncryptedDataGenerator cPk = new PgpEncryptedDataGenerator(
SymmetricKeyAlgorithmTag.TripleDes, random);
IPgpPublicKey puK = sKey.GetSecretKey(pgpKeyID).PublicKey;
cPk.AddMethod(puK);
Stream cOut = cPk.Open(new UncloseableStream(cbOut), bOut.ToArray().Length);
cOut.Write(text, 0, text.Length);
cOut.Close();
pgpF = new PgpObjectFactory(cbOut.ToArray());
encList = (PgpEncryptedDataList)pgpF.NextPgpObject();
encP = (PgpPublicKeyEncryptedData)encList[0];
pgpPrivKey = sKey.GetSecretKey(pgpKeyID).ExtractPrivateKey(pass);
clear = encP.GetDataStream(pgpPrivKey);
outBytes = Streams.ReadAll(clear);
if (!Arrays.AreEqual(outBytes, text))
{
Fail("wrong plain text in Generated packet");
}
//
// use of PgpKeyPair
//
IBigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
IBigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
ElGamalParameters elParams = new ElGamalParameters(p, g);
IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("ELGAMAL");
kpg.Init(new ElGamalKeyGenerationParameters(random, elParams));
IAsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
PgpKeyPair pgpKp = new PgpKeyPair(PublicKeyAlgorithmTag.ElGamalGeneral,
kp.Public, kp.Private, DateTime.UtcNow);
PgpPublicKey k1 = pgpKp.PublicKey;
PgpPrivateKey k2 = pgpKp.PrivateKey;
// Test bug with ElGamal P size != 0 mod 8 (don't use these sizes at home!)
for (int pSize = 257; pSize < 264; ++pSize)
{
// Generate some parameters of the given size
ElGamalParametersGenerator epg = new ElGamalParametersGenerator();
epg.Init(pSize, 2, random);
elParams = epg.GenerateParameters();
kpg = GeneratorUtilities.GetKeyPairGenerator("ELGAMAL");
kpg.Init(new ElGamalKeyGenerationParameters(random, elParams));
// Run a short encrypt/decrypt test with random key for the given parameters
kp = kpg.GenerateKeyPair();
PgpKeyPair elGamalKeyPair = new PgpKeyPair(
PublicKeyAlgorithmTag.ElGamalGeneral, kp, DateTime.UtcNow);
cPk = new PgpEncryptedDataGenerator(SymmetricKeyAlgorithmTag.Cast5, random);
puK = elGamalKeyPair.PublicKey;
cPk.AddMethod(puK);
cbOut = new MemoryStream();
cOut = cPk.Open(new UncloseableStream(cbOut), text.Length);
cOut.Write(text, 0, text.Length);
cOut.Close();
pgpF = new PgpObjectFactory(cbOut.ToArray());
encList = (PgpEncryptedDataList)pgpF.NextPgpObject();
encP = (PgpPublicKeyEncryptedData)encList[0];
pgpPrivKey = elGamalKeyPair.PrivateKey;
// Note: This is where an exception would be expected if the P size causes problems
clear = encP.GetDataStream(pgpPrivKey);
byte[] decText = Streams.ReadAll(clear);
if (!Arrays.AreEqual(text, decText))
{
Fail("decrypted message incorrect");
}
}
// check sub key encoding
foreach (PgpPublicKey pgpKey in pgpPub.GetPublicKeys())
{
if (!pgpKey.IsMasterKey)
{
byte[] kEnc = pgpKey.GetEncoded();
PgpObjectFactory objF = new PgpObjectFactory(kEnc);
// TODO Make PgpPublicKey a PgpObject or return a PgpPublicKeyRing
// PgpPublicKey k = (PgpPublicKey)objF.NextPgpObject();
//
// pKey = k.GetKey();
// pgpKeyID = k.KeyId;
// if (k.BitStrength != 1024)
// {
// Fail("failed - key strength reported incorrectly.");
// }
//
// if (objF.NextPgpObject() != null)
// {
// Fail("failed - stream not fully parsed.");
// }
}
}
}
/*
* PGP decrypt a given stream.
*/
public void Decrypt(Stream inputStream, Stream outputStream, Stream privateKeyStream, string passPhrase)
{
if (inputStream == null)
{
throw new ArgumentException(nameof(inputStream));
}
if (outputStream == null)
{
throw new ArgumentException(nameof(outputStream));
}
if (privateKeyStream == null)
{
throw new ArgumentException(nameof(privateKeyStream));
}
if (passPhrase == null)
{
passPhrase = String.Empty;
}
PgpObjectFactory objFactory = new PgpObjectFactory(PgpUtilities.GetDecoderStream(inputStream));
// find secret key
PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle(PgpUtilities.GetDecoderStream(privateKeyStream));
PgpObject obj = null;
if (objFactory != null)
{
obj = objFactory.NextPgpObject();
}
// the first object might be a PGP marker packet.
PgpEncryptedDataList enc = null;
if (obj is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)obj;
}
else
{
enc = (PgpEncryptedDataList)objFactory.NextPgpObject();
}
// decrypt
PgpPrivateKey privateKey = null;
PgpPublicKeyEncryptedData pbe = null;
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
privateKey = FindSecretKey(pgpSec, pked.KeyId, passPhrase.ToCharArray());
if (privateKey != null)
{
pbe = pked;
break;
}
}
if (privateKey == null)
{
throw new ArgumentException("Secret key for message not found.");
}
PgpObjectFactory plainFact = null;
using (Stream clear = pbe.GetDataStream(privateKey))
{
plainFact = new PgpObjectFactory(clear);
}
PgpObject message = plainFact.NextPgpObject();
if (message is PgpOnePassSignatureList)
{
message = plainFact.NextPgpObject();
}
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
PgpObjectFactory of = null;
using (Stream compDataIn = cData.GetDataStream())
{
of = new PgpObjectFactory(compDataIn);
}
message = of.NextPgpObject();
if (message is PgpOnePassSignatureList)
{
message = of.NextPgpObject();
PgpLiteralData Ld = null;
Ld = (PgpLiteralData)message;
Stream unc = Ld.GetInputStream();
Streams.PipeAll(unc, outputStream);
}
else
{
PgpLiteralData Ld = null;
Ld = (PgpLiteralData)message;
Stream unc = Ld.GetInputStream();
Streams.PipeAll(unc, outputStream);
}
}
else if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
string outFileName = ld.FileName;
Stream unc = ld.GetInputStream();
Streams.PipeAll(unc, outputStream);
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("Encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("Message is not a simple encrypted file.");
}
}
private static void DecryptPgp(Stream input, Stream output, Stream key, char[] password)
{
try
{
PgpObjectFactory pgpObjectFactory = new PgpObjectFactory(PgpUtilities.GetDecoderStream(input));
PgpObject pgpObject = pgpObjectFactory.NextPgpObject();
// The first object might be a PGP marker packet
PgpEncryptedDataList pgpEncryptedDataList;
if (pgpObject is PgpEncryptedDataList)
{
pgpEncryptedDataList = (PgpEncryptedDataList)pgpObject;
}
else
{
pgpEncryptedDataList = (PgpEncryptedDataList)pgpObjectFactory.NextPgpObject();
}
// Find private key for decryption
PgpPrivateKey privateKey = null;
PgpSecretKeyRingBundle pgpSecretKeyRing = new PgpSecretKeyRingBundle(PgpUtilities.GetDecoderStream(key));
PgpPublicKeyEncryptedData pgpPublicKeyEncryptedData = null;
foreach (PgpPublicKeyEncryptedData pked in pgpEncryptedDataList.GetEncryptedDataObjects())
{
PgpSecretKey pgpDescretKey = pgpSecretKeyRing.GetSecretKey(pked.KeyId);
privateKey = pgpDescretKey.ExtractPrivateKey(password);
if (privateKey != null)
{
pgpPublicKeyEncryptedData = pked;
break;
}
}
if (privateKey == null)
{
throw new ArgumentException("Private key for decryption not found.");
}
Stream decrypted = pgpPublicKeyEncryptedData.GetDataStream(privateKey);
pgpObjectFactory = new PgpObjectFactory(decrypted);
pgpObject = pgpObjectFactory.NextPgpObject();
if (pgpObject is PgpCompressedData)
{
PgpCompressedData pgpCompressedData = (PgpCompressedData)pgpObject;
pgpObjectFactory = new PgpObjectFactory(pgpCompressedData.GetDataStream());
pgpObject = pgpObjectFactory.NextPgpObject();
}
if (pgpObject is PgpLiteralData)
{
PgpLiteralData pgpLiteralData = (PgpLiteralData)pgpObject;
Stream literal = pgpLiteralData.GetInputStream();
Streams.PipeAll(literal, output);
}
else if (pgpObject is PgpOnePassSignatureList)
{
throw new PgpException("Encrypted message contains a signed message, not a literal data.");
}
else
{
throw new PgpException("Message is not a simple encrypted file, type is unknown.");
}
if (pgpPublicKeyEncryptedData.IsIntegrityProtected())
{
if (!pgpPublicKeyEncryptedData.Verify())
{
Console.Error.WriteLine("Message failed integrity check.");
}
else
{
Console.Error.WriteLine("Message integrity check passed.");
}
}
else
{
Console.Error.WriteLine("No message integrity check.");
}
Console.WriteLine("OpenPGP decryption successfull.");
}
catch (PgpException ex)
{
Console.Error.WriteLine(ex);
Exception pgpInnerException = ex.InnerException;
if (pgpInnerException != null)
{
Console.Error.WriteLine(pgpInnerException.Message);
Console.Error.WriteLine(pgpInnerException.StackTrace);
}
}
}
public byte[] Decrypt(byte[] cipherText)
{
MemoryStream ms = new MemoryStream(cipherText);
Stream inputStream = PgpUtilities.GetDecoderStream(ms);
PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
PgpEncryptedDataList enc;
PgpObject o = pgpF.NextPgpObject();
// the first object might be a PGP marker packet.
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
PgpPublicKeyEncryptedData pbe = null;
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
pbe = pked;
break;
}
Stream clear = pbe.GetDataStream(SecretKey.ExtractPrivateKey(password.ToCharArray()));
PgpObjectFactory plainFact = new PgpObjectFactory(clear);
PgpObject message = plainFact.NextPgpObject();
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
PgpObjectFactory pgpFact = new PgpObjectFactory(cData.GetDataStream());
message = pgpFact.NextPgpObject();
}
MemoryStream clearStream = new MemoryStream();
if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
Stream unc = ld.GetInputStream();
byte[] buffer = new byte[4096];
int read;
while ((read = unc.Read(buffer, 0, buffer.Length)) > 0)
{
clearStream.Write(buffer, 0, read);
}
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("message is not a simple encrypted file - type unknown.");
}
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
throw new InvalidDataException("message failed integrity check");
}
else
{
Console.Error.WriteLine("message integrity check passed");
}
}
else
{
Console.Error.WriteLine("no message integrity check");
}
return(clearStream.ToArray());
}
/// <summary>
/// Initializes a new instance of the <see cref="PgpFileDecryptingStream"/> class.
/// </summary>
/// <param name="inputStream">The encrypted input stream.</param>
/// <param name="secretKeyRingBundle">The secret key ring bundle.</param>
/// <param name="passPhrase">The pass phrase.</param>
/// <exception cref="System.ArgumentException">Secret key for message not found.</exception>
/// <exception cref="PgpException">
/// Encrypted message contains a signed message - not literal data.
/// or
/// Message is not a simple encrypted file - type unknown.
/// </exception>
public PgpFileDecryptingStream(
Stream inputStream,
PgpSecretKeyRingBundle secretKeyRingBundle,
string passPhrase)
{
inputStream = PgpUtilities.GetDecoderStream(inputStream);
PgpObjectFactory encryptedObjectFactory = new PgpObjectFactory(inputStream);
// the first object might be a PGP marker packet.
PgpEncryptedDataList encryptedList = encryptedObjectFactory.NextPgpObject() as PgpEncryptedDataList;
if (encryptedList == null)
{
encryptedList = (PgpEncryptedDataList)encryptedObjectFactory.NextPgpObject();
}
// decrypt
PgpPrivateKey privateKey = null;
PgpPublicKeyEncryptedData encryptedData = null;
foreach (PgpPublicKeyEncryptedData pked in encryptedList.GetEncryptedDataObjects())
{
privateKey = PgpHelper.FindSecretKey(secretKeyRingBundle, pked.KeyId, passPhrase.ToCharArray());
if (privateKey != null)
{
encryptedData = pked;
break;
}
}
if (privateKey == null)
{
throw new ArgumentException("Secret key for message not found.");
}
PgpObjectFactory decryptedObjectFactory = null;
using (Stream decryptedStream = encryptedData.GetDataStream(privateKey))
{
decryptedObjectFactory = new PgpObjectFactory(decryptedStream);
}
PgpObject message = decryptedObjectFactory.NextPgpObject();
if (message is PgpCompressedData)
{
PgpCompressedData compressedData = (PgpCompressedData)message;
PgpObjectFactory decompressedObjectFactory = null;
using (Stream decompressedStream = compressedData.GetDataStream())
{
decompressedObjectFactory = new PgpObjectFactory(decompressedStream);
}
message = decompressedObjectFactory.NextPgpObject();
if (message is PgpOnePassSignatureList)
{
message = decompressedObjectFactory.NextPgpObject();
}
}
if (message is PgpOnePassSignatureList)
{
throw new PgpException("Encrypted message contains a signed message - not literal data.");
}
else if (!(message is PgpLiteralData))
{
throw new PgpException("Message is not a simple encrypted file - type unknown.");
}
PgpLiteralData ld = (PgpLiteralData)message;
this.WrappedFileName = ld.FileName;
this.WrappedFileModifiedTime = ld.ModificationTime;
this.wrappedStream = ld.GetInputStream();
}
/*
* decrypt a given stream.
*/
public static void Decrypt(Stream inputStream, Stream privateKeyStream, string passPhrase, string outputFile)
{
try
{
PgpObjectFactory pgpF = null;
PgpEncryptedDataList enc = null;
PgpObject o = null;
PgpPrivateKey sKey = null;
PgpPublicKeyEncryptedData pbe = null;
PgpSecretKeyRingBundle pgpSec = null;
pgpF = new PgpObjectFactory(PgpUtilities.GetDecoderStream(inputStream));
// find secret key
pgpSec = new PgpSecretKeyRingBundle(PgpUtilities.GetDecoderStream(privateKeyStream));
if (pgpF != null)
{
o = pgpF.NextPgpObject();
}
// the first object might be a PGP marker packet.
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
// decrypt
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
sKey = FindSecretKey(pgpSec, pked.KeyId, passPhrase.ToCharArray());
if (sKey != null)
{
pbe = pked;
break;
}
}
if (sKey == null)
{
throw new ArgumentException("Secret key for message not found.");
}
PgpObjectFactory plainFact = null;
using (Stream clear = pbe.GetDataStream(sKey))
{
plainFact = new PgpObjectFactory(clear);
}
PgpObject message = plainFact.NextPgpObject();
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
PgpObjectFactory of = null;
using (Stream compDataIn = cData.GetDataStream())
{
of = new PgpObjectFactory(compDataIn);
}
message = of.NextPgpObject();
if (message is PgpOnePassSignatureList)
{
message = of.NextPgpObject();
PgpLiteralData Ld = null;
Ld = (PgpLiteralData)message;
using (Stream output = File.Create(outputFile))
{
Stream unc = Ld.GetInputStream();
Streams.PipeAll(unc, output);
}
}
else
{
PgpLiteralData Ld = null;
Ld = (PgpLiteralData)message;
using (Stream output = File.Create(outputFile))
{
Stream unc = Ld.GetInputStream();
Streams.PipeAll(unc, output);
}
}
}
else if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
string outFileName = ld.FileName;
using (Stream fOut = File.Create(outputFile))
{
Stream unc = ld.GetInputStream();
Streams.PipeAll(unc, fOut);
}
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("Encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("Message is not a simple encrypted file - type unknown.");
}
#region commented code
//if (pbe.IsIntegrityProtected())
//{
// if (!pbe.Verify())
// msg = "message failed integrity check.";
// //Console.Error.WriteLine("message failed integrity check");
// else
// msg = "message integrity check passed.";
// //Console.Error.WriteLine("message integrity check passed");
//}
//else
//{
// msg = "no message integrity check.";
// //Console.Error.WriteLine("no message integrity check");
//}
#endregion commented code
}
catch (PgpException ex)
{
throw;
}
}
public override void PerformTest()
{
PgpPublicKey pubKey = null;
//
// Read the public key
//
PgpPublicKeyRing pgpPub = new PgpPublicKeyRing(testPubKey);
pubKey = pgpPub.GetPublicKey();
//
// Read the private key
//
PgpSecretKeyRing sKey = new PgpSecretKeyRing(testPrivKey);
PgpSecretKey secretKey = sKey.GetSecretKey();
PgpPrivateKey pgpPrivKey = secretKey.ExtractPrivateKey(pass);
//
// test signature message
//
PgpObjectFactory pgpFact = new PgpObjectFactory(sig1);
PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject();
pgpFact = new PgpObjectFactory(c1.GetDataStream());
PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
PgpOnePassSignature ops = p1[0];
PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject();
Stream dIn = p2.GetInputStream();
ops.InitVerify(pubKey);
int ch;
while ((ch = dIn.ReadByte()) >= 0)
{
ops.Update((byte)ch);
}
PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject();
if (!ops.Verify(p3[0]))
{
Fail("Failed signature check");
}
//
// signature generation
//
GenerateTest(sKey, pubKey, pgpPrivKey);
//
// signature generation - canonical text
//
const string data = "hello world!";
byte[] dataBytes = Encoding.ASCII.GetBytes(data);
MemoryStream bOut = new MemoryStream();
MemoryStream testIn = new MemoryStream(dataBytes, false);
PgpSignatureGenerator sGen = new PgpSignatureGenerator(
PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1);
sGen.InitSign(PgpSignature.CanonicalTextDocument, pgpPrivKey);
PgpCompressedDataGenerator cGen = new PgpCompressedDataGenerator(
CompressionAlgorithmTag.Zip);
BcpgOutputStream bcOut = new BcpgOutputStream(cGen.Open(new UncloseableStream(bOut)));
sGen.GenerateOnePassVersion(false).Encode(bcOut);
PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator();
DateTime testDateTime = new DateTime(1973, 7, 27);
Stream lOut = lGen.Open(
new UncloseableStream(bcOut),
PgpLiteralData.Text,
"_CONSOLE",
dataBytes.Length,
testDateTime);
while ((ch = testIn.ReadByte()) >= 0)
{
lOut.WriteByte((byte)ch);
sGen.Update((byte)ch);
}
lGen.Close();
sGen.Generate().Encode(bcOut);
cGen.Close();
//
// verify Generated signature - canconical text
//
pgpFact = new PgpObjectFactory(bOut.ToArray());
c1 = (PgpCompressedData)pgpFact.NextPgpObject();
pgpFact = new PgpObjectFactory(c1.GetDataStream());
p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
ops = p1[0];
p2 = (PgpLiteralData)pgpFact.NextPgpObject();
if (!p2.ModificationTime.Equals(testDateTime))
{
Fail("Modification time not preserved");
}
dIn = p2.GetInputStream();
ops.InitVerify(pubKey);
while ((ch = dIn.ReadByte()) >= 0)
{
ops.Update((byte)ch);
}
p3 = (PgpSignatureList)pgpFact.NextPgpObject();
if (!ops.Verify(p3[0]))
{
Fail("Failed generated signature check");
}
//
// Read the public key with user attributes
//
pgpPub = new PgpPublicKeyRing(testPubWithUserAttr);
pubKey = pgpPub.GetPublicKey();
int count = 0;
foreach (PgpUserAttributeSubpacketVector attributes in pubKey.GetUserAttributes())
{
int sigCount = 0;
foreach (object sigs in pubKey.GetSignaturesForUserAttribute(attributes))
{
if (sigs == null)
{
Fail("null signature found");
}
sigCount++;
}
if (sigCount != 1)
{
Fail("Failed user attributes signature check");
}
count++;
}
if (count != 1)
{
Fail("Failed user attributes check");
}
byte[] pgpPubBytes = pgpPub.GetEncoded();
pgpPub = new PgpPublicKeyRing(pgpPubBytes);
pubKey = pgpPub.GetPublicKey();
count = 0;
foreach (object ua in pubKey.GetUserAttributes())
{
if (ua == null)
{
Fail("null user attribute found");
}
count++;
}
if (count != 1)
{
Fail("Failed user attributes reread");
}
//
// reading test extra data - key with edge condition for DSA key password.
//
char[] passPhrase = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9' };
sKey = new PgpSecretKeyRing(testPrivKey2);
pgpPrivKey = sKey.GetSecretKey().ExtractPrivateKey(passPhrase);
//
// reading test - aes256 encrypted passphrase.
//
sKey = new PgpSecretKeyRing(aesSecretKey);
pgpPrivKey = sKey.GetSecretKey().ExtractPrivateKey(pass);
//
// reading test - twofish encrypted passphrase.
//
sKey = new PgpSecretKeyRing(twofishSecretKey);
pgpPrivKey = sKey.GetSecretKey().ExtractPrivateKey(pass);
//
// use of PgpKeyPair
//
DsaParametersGenerator pGen = new DsaParametersGenerator();
pGen.Init(512, 80, new SecureRandom()); // TODO Is the certainty okay?
DsaParameters dsaParams = pGen.GenerateParameters();
DsaKeyGenerationParameters kgp = new DsaKeyGenerationParameters(new SecureRandom(), dsaParams);
IAsymmetricCipherKeyPairGenerator kpg = GeneratorUtilities.GetKeyPairGenerator("DSA");
kpg.Init(kgp);
AsymmetricCipherKeyPair kp = kpg.GenerateKeyPair();
PgpKeyPair pgpKp = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa,
kp.Public, kp.Private, DateTime.UtcNow);
PgpPublicKey k1 = pgpKp.PublicKey;
PgpPrivateKey k2 = pgpKp.PrivateKey;
}
/**
* decrypt the passed in message stream
*/
private static void DecryptFile(
Stream inputStream,
char[] passPhrase)
{
inputStream = PgpUtilities.GetDecoderStream(inputStream);
PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
PgpObject o = pgpF.NextPgpObject();
//
// the first object might be a PGP marker packet.
//
PgpEncryptedDataList enc = o as PgpEncryptedDataList;
if (enc == null)
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
PgpPbeEncryptedData pbe = (PgpPbeEncryptedData)enc[0];
Stream clear = pbe.GetDataStream(passPhrase);
PgpObjectFactory pgpFact = new PgpObjectFactory(clear);
//
// if we're trying to read a file generated by someone other than us
// the data might not be compressed, so we check the return type from
// the factory and behave accordingly.
//
o = pgpFact.NextPgpObject();
if (o is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)o;
pgpFact = new PgpObjectFactory(cData.GetDataStream());
o = pgpFact.NextPgpObject();
}
PgpLiteralData ld = (PgpLiteralData)o;
Stream unc = ld.GetInputStream();
Stream fOut = File.Create(ld.FileName);
Streams.PipeAll(unc, fOut);
fOut.Close();
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
Console.Error.WriteLine("message failed integrity check");
}
else
{
Console.Error.WriteLine("message integrity check passed");
}
}
else
{
Console.Error.WriteLine("no message integrity check");
}
}
/**
* decrypt the passed in message stream
*/
private static void DecryptFile(
Stream inputStream,
Stream keyIn,
char[] passwd,
string pathToDecryptedFile) //DC
{
try
{
inputStream = PgpUtilities.GetDecoderStream(inputStream);
try
{
PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
PgpEncryptedDataList enc;
PgpObject o = pgpF.NextPgpObject();
//
// the first object might be a PGP marker packet.
//
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
//
// find the secret key
//
PgpPrivateKey sKey = null;
PgpPublicKeyEncryptedData pbe = null;
PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle(
PgpUtilities.GetDecoderStream(keyIn));
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
sKey = OpenPgp_HelperMethods.FindSecretKey(pgpSec, pked.KeyId, passwd);
if (sKey != null)
{
pbe = pked;
break;
}
}
if (sKey == null)
{
throw new ArgumentException("secret key for message not found.");
}
Stream clear = pbe.GetDataStream(sKey);
PgpObjectFactory plainFact = new PgpObjectFactory(clear);
PgpObject message = plainFact.NextPgpObject();
PgpObjectFactory pgpFact = null;
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
pgpFact = new PgpObjectFactory(cData.GetDataStream());
message = pgpFact.NextPgpObject();
}
if (message is PgpOnePassSignatureList) // DC
{ // DC
message = pgpFact.NextPgpObject(); // DC
} // DC
if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
Stream fOut = File.Create(pathToDecryptedFile); //DC (modified to use the name provided in pathToDecryptedFile
Stream unc = ld.GetInputStream();
Streams.PipeAll(unc, fOut);
fOut.Close();
}
else if (message is PgpOnePassSignatureList)
{
"[API_OpenPgp][DecryptFile] encrypted message contains a signed message - not literal data.".error();
return;
}
else
{
"[API_OpenPgp][DecryptFile] message is not a simple encrypted file - type unknown.".error();
return;
}
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
"[API_OpenPgp][DecryptFile] message failed integrity check".error();
}
else
{
"[API_OpenPgp][DecryptFile] message integrity check passed".debug();
}
}
else
{
"[API_OpenPgp][DecryptFile] no message integrity check".error();
}
}
catch (PgpException e)
{
e.log("[API_OpenPgp] in DecryptFile: " + e.StackTrace);
/*Console.Error.WriteLine(e);
*
* Exception underlyingException = e.InnerException;
* if (underlyingException != null)
* {
* Console.Error.WriteLine(underlyingException.Message);
* Console.Error.WriteLine(underlyingException.StackTrace);
* }*/
}
}
catch (Exception ex)
{
ex.log("[API_OpenPgp] in DecryptFile : " + ex.StackTrace);
}
}
/**
* decrypt the passed in message stream
*/
private static String DecryptFile(
Stream inputStream,
Stream keyIn,
char[] passwd,
string defaultFileName)
{
inputStream = PgpUtilities.GetDecoderStream(inputStream);
try
{
PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
PgpEncryptedDataList enc;
PgpObject o = pgpF.NextPgpObject();
//
// the first object might be a PGP marker packet.
//
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
//
// find the secret key
//
PgpPrivateKey sKey = null;
PgpPublicKeyEncryptedData pbe = null;
PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle(
PgpUtilities.GetDecoderStream(keyIn));
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
sKey = FindSecretKey(pgpSec, pked.KeyId, passwd);
if (sKey != null)
{
pbe = pked;
break;
}
}
if (sKey == null)
{
throw new ArgumentException("secret key for message not found.");
}
Stream clear = pbe.GetDataStream(sKey);
PgpObjectFactory plainFact = new PgpObjectFactory(clear);
PgpObject message = plainFact.NextPgpObject();
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
PgpObjectFactory pgpFact = new PgpObjectFactory(cData.GetDataStream());
message = pgpFact.NextPgpObject();
}
String decryptedstring;
if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
Stream unc = ld.GetInputStream();
//string outFileName = ld.FileName;
//if (outFileName.Length == 0)
//{
// outFileName = defaultFileName;
//}
//Stream fos = File.Create("C:\\test.epdf");
//Streams.PipeAll(unc, fos);
//fos.Close();
StreamReader reader = new StreamReader(unc);
decryptedstring = reader.ReadToEnd();
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("message is not a simple encrypted file - type unknown.");
}
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
Console.Error.WriteLine("message failed integrity check");
}
else
{
Console.Error.WriteLine("message integrity check passed");
}
}
else
{
Console.Error.WriteLine("no message integrity check");
}
return(decryptedstring);
}
catch (PgpException e)
{
Console.Error.WriteLine(e);
Exception underlyingException = e.InnerException;
if (underlyingException != null)
{
Console.Error.WriteLine(underlyingException.Message);
Console.Error.WriteLine(underlyingException.StackTrace);
}
return(null);
}
}
/**
* Generated signature test
*
* @param sKey
* @param pgpPrivKey
* @return test result
*/
public void GenerateTest(
PgpSecretKeyRing sKey,
PgpPublicKey pgpPubKey,
PgpPrivateKey pgpPrivKey)
{
string data = "hello world!";
MemoryStream bOut = new MemoryStream();
byte[] dataBytes = Encoding.ASCII.GetBytes(data);
MemoryStream testIn = new MemoryStream(dataBytes, false);
PgpSignatureGenerator sGen = new PgpSignatureGenerator(PublicKeyAlgorithmTag.Dsa, HashAlgorithmTag.Sha1);
sGen.InitSign(PgpSignature.BinaryDocument, pgpPrivKey);
PgpSignatureSubpacketGenerator spGen = new PgpSignatureSubpacketGenerator();
IEnumerator enumerator = sKey.GetSecretKey().PublicKey.GetUserIds().GetEnumerator();
enumerator.MoveNext();
string primaryUserId = (string)enumerator.Current;
spGen.SetSignerUserId(true, primaryUserId);
sGen.SetHashedSubpackets(spGen.Generate());
PgpCompressedDataGenerator cGen = new PgpCompressedDataGenerator(
CompressionAlgorithmTag.Zip);
BcpgOutputStream bcOut = new BcpgOutputStream(cGen.Open(new UncloseableStream(bOut)));
sGen.GenerateOnePassVersion(false).Encode(bcOut);
PgpLiteralDataGenerator lGen = new PgpLiteralDataGenerator();
DateTime testDateTime = new DateTime(1973, 7, 27);
Stream lOut = lGen.Open(
new UncloseableStream(bcOut),
PgpLiteralData.Binary,
"_CONSOLE",
dataBytes.Length,
testDateTime);
int ch;
while ((ch = testIn.ReadByte()) >= 0)
{
lOut.WriteByte((byte)ch);
sGen.Update((byte)ch);
}
lGen.Close();
sGen.Generate().Encode(bcOut);
cGen.Close();
PgpObjectFactory pgpFact = new PgpObjectFactory(bOut.ToArray());
PgpCompressedData c1 = (PgpCompressedData)pgpFact.NextPgpObject();
pgpFact = new PgpObjectFactory(c1.GetDataStream());
PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)pgpFact.NextPgpObject();
PgpOnePassSignature ops = p1[0];
PgpLiteralData p2 = (PgpLiteralData)pgpFact.NextPgpObject();
if (!p2.ModificationTime.Equals(testDateTime))
{
Fail("Modification time not preserved");
}
Stream dIn = p2.GetInputStream();
ops.InitVerify(pgpPubKey);
while ((ch = dIn.ReadByte()) >= 0)
{
ops.Update((byte)ch);
}
PgpSignatureList p3 = (PgpSignatureList)pgpFact.NextPgpObject();
if (!ops.Verify(p3[0]))
{
Fail("Failed generated signature check");
}
}