Ejemplo n.º 1
0
        private void output_keys(RopBind rop)
        {
            int alt = rop.tagging();

            try {
                // initialize
                RopSession ses = rop.create_session(RopBind.KEYSTORE_GPG, RopBind.KEYSTORE_GPG);

                RopInput keyfile = null;
                try {
                    // load keyrings
                    keyfile = rop.create_input("pubring.pgp");
                    // actually, we may exclude the public  to not check key types
                    ses.load_keys_public(RopBind.KEYSTORE_GPG, keyfile);
                } catch (RopError ex) {
                    Console.WriteLine("Failed to read pubring");
                    throw ex;
                } finally {
                    rop.drop(keyfile);
                }

                keyfile = null;
                try {
                    keyfile = rop.create_input("secring.pgp");
                    ses.load_keys_secret(RopBind.KEYSTORE_GPG, keyfile);
                } catch (RopError ex) {
                    Console.WriteLine("Failed to read secring");
                    throw ex;
                } finally {
                    rop.drop(keyfile);
                }

                try {
                    // print armored keys to the stdout
                    print_key(rop, ses, "rsa@key", false);
                    print_key(rop, ses, "rsa@key", true);
                    print_key(rop, ses, "25519@key", false);
                    print_key(rop, ses, "25519@key", true);
                } catch (Exception ex) {
                    Console.WriteLine("Failed to print armored key(s)");
                    throw ex;
                }

                try {
                    // write armored keys to the files, named key-<keyid>-pub.asc/named key-<keyid>-sec.asc
                    export_key(rop, ses, "rsa@key", false);
                    export_key(rop, ses, "rsa@key", true);
                    export_key(rop, ses, "25519@key", false);
                    export_key(rop, ses, "25519@key", true);
                } catch (Exception ex) {
                    Console.WriteLine("Failed to write armored key(s) to file");
                    throw ex;
                }
            } finally {
                rop.drop_from(alt);
            }
        }
Ejemplo n.º 2
0
        private void encrypt(RopBind rop)
        {
            int alt = rop.tagging();

            try {
                // initialize
                RopSession ses = rop.create_session(RopBind.KEYSTORE_GPG, RopBind.KEYSTORE_GPG);

                RopInput keyfile = null;
                try {
                    // load public keyring - we do not need secret for encryption
                    keyfile = rop.create_input("pubring.pgp");
                    // we may use secret=True and public=True as well
                    ses.load_keys_public(RopBind.KEYSTORE_GPG, keyfile);
                } catch (RopError ex) {
                    Console.WriteLine("Failed to read pubring");
                    throw ex;
                } finally {
                    rop.drop(keyfile);
                }

                try {
                    // create memory input and file output objects for the message and encrypted message
                    RopInput  input  = rop.create_input(new RopData(message), false);
                    RopOutput output = rop.create_output("encrypted.asc");
                    // create encryption operation
                    RopOpEncrypt encrpt = ses.op_encrypt_create(input, output);

                    // setup encryption parameters
                    encrpt.set_armor(true);
                    encrpt.set_file_name("message.txt");
                    encrpt.set_file_mtime(DateTime.Now);
                    encrpt.set_compression("ZIP", 6);
                    encrpt.set_cipher(RopBind.ALG_SYMM_AES_256);
                    encrpt.set_aead("None");

                    // locate recipient's key and add it to the operation context. While we search by userid
                    // (which is easier), you can search by keyid, fingerprint or grip.
                    RopKey key = ses.locate_key("userid", "rsa@key");
                    encrpt.add_recipient(key);
                    // add encryption password as well
                    encrpt.add_password("encpassword", RopBind.ALG_HASH_SHA256, 0, RopBind.ALG_SYMM_AES_256);

                    // execute encryption operation
                    encrpt.execute();

                    Console.WriteLine("Encryption succeded. Encrypted message written to file encrypted.asc");
                } catch (RopError ex) {
                    Console.WriteLine("Encryption failed");
                    throw ex;
                }
            } finally {
                rop.drop_from(alt);
            }
        }
Ejemplo n.º 3
0
        private void decrypt(RopBind rop, bool usekeys)
        {
            int alt = rop.tagging();

            try {
                // initialize FFI object
                RopSession ses = rop.create_session(RopBind.KEYSTORE_GPG, RopBind.KEYSTORE_GPG);

                // check whether we want to use key or password for decryption
                if (usekeys)
                {
                    RopInput keyfile = null;
                    try {
                        // load secret keyring, as it is required for public-key decryption. However, you may
                        // need to load public keyring as well to validate key's signatures.
                        keyfile = rop.create_input("secring.pgp");
                        // we may use secret=True and public=True as well
                        ses.load_keys_secret(RopBind.KEYSTORE_GPG, keyfile);
                    } catch (RopError ex) {
                        Console.WriteLine("Failed to read secring");
                        throw ex;
                    } finally {
                        rop.drop(keyfile);
                    }
                }

                // set the password provider
                ses.set_pass_provider(this, null);
                String buf = null;
                try {
                    // create file input and memory output objects for the encrypted message and decrypted
                    // message
                    RopInput  input  = rop.create_input("encrypted.asc");
                    RopOutput output = rop.create_output(0);
                    ses.decrypt(input, output);
                    // get the decrypted message from the output structure
                    buf = output.memory_get_buf(false).getString();
                } catch (RopError ex) {
                    Console.WriteLine("Public-key decryption failed");
                    throw ex;
                }

                Console.WriteLine(String.Format("Decrypted message ({0}):\n{1}\n", usekeys? "with key" : "with password", buf));
                Decrypt.message = buf;
            } finally {
                rop.drop_from(alt);
            }
        }
Ejemplo n.º 4
0
        private void verify(RopBind rop)
        {
            int alt = rop.tagging();

            try {
                // initialize
                RopSession ses = rop.create_session(RopBind.KEYSTORE_GPG, RopBind.KEYSTORE_GPG);

                // we do not load any keys here since we'll use key provider
                ses.set_key_provider(this, null);

                String    err_desc = null;
                RopOutput output   = null;
                try {
                    // create file input and memory output objects for the signed message
                    // and verified message
                    err_desc = "Failed to open file 'signed.asc'. Did you run the sign example?";
                    RopInput input = rop.create_input("signed.asc");

                    err_desc = "Failed to create output object";
                    output   = rop.create_output(0);

                    err_desc = "Failed to create verification context";
                    RopOpVerify verify = ses.op_verify_create(input, output);

                    err_desc = "Failed to execute verification operation";
                    verify.execute();

                    // now check signatures and get some info about them
                    err_desc = "Failed to get signature count";
                    int sigcount = verify.signature_count();

                    for (int idx = 0; idx < sigcount; idx++)
                    {
                        rop.tagging();

                        err_desc = String.Format("Failed to get signature {0}", idx);
                        RopVeriSignature sig = verify.get_signature_at(idx);

                        err_desc = String.Format("failed to get signature's {0} key", idx);
                        RopKey key = sig.get_key();

                        err_desc = String.Format("failed to get key id {0}", idx);

                        Console.WriteLine(String.Format("Status for signature from key {0} : {1}", key.keyid(), sig.status()));
                        rop.drop();
                    }
                } catch (RopError ex) {
                    Console.WriteLine(err_desc);
                    throw ex;
                }

                // get the verified message from the output structure
                RopData buf = output.memory_get_buf(false);
                Console.WriteLine(String.Format("Verified message: {0}", buf.getString()));
            } finally {
                rop.drop_from(alt);
            }
        }
Ejemplo n.º 5
0
        private void sign(RopBind rop)
        {
            string message = "ROP signing sample message";

            int alt = rop.tagging();

            try {
                // initialize
                RopSession ses = rop.create_session(RopBind.KEYSTORE_GPG, RopBind.KEYSTORE_GPG);

                RopInput keyfile  = null;
                string   err_desc = null;
                try {
                    // load secret keyring, as it is required for signing. However, you may need
                    // to load public keyring as well to validate key's signatures.
                    err_desc = "Failed to open secring.pgp. Did you run Generate.java sample?";
                    keyfile  = rop.create_input("secring.pgp");

                    // we may use public=True and secret=True as well
                    err_desc = "Failed to read secring.pgp";
                    ses.load_keys_secret(RopBind.KEYSTORE_GPG, keyfile);
                } catch (RopError ex) {
                    Console.WriteLine(err_desc);
                    throw ex;
                } finally {
                    rop.drop(keyfile);
                }

                // set the password provider - we'll need password to unlock secret keys
                ses.set_pass_provider(this, null);

                // create file input and memory output objects for the encrypted message
                // and decrypted message
                RopOpSign sign = null;
                try {
                    err_desc = "Failed to create input object";
                    RopInput input = rop.create_input(new RopData(message), false);

                    err_desc = "Failed to create output object";
                    RopOutput output = rop.create_output("signed.asc");

                    // initialize and configure sign operation, use op_sign_create(cleartext/detached)
                    // for cleartext or detached signature
                    err_desc = "Failed to create sign operation";
                    sign     = ses.op_sign_create(input, output);
                } catch (RopError ex) {
                    Console.WriteLine(err_desc);
                    throw ex;
                }

                // armor, file name, compression
                sign.set_armor(true);
                sign.set_file_name("message.txt");
                sign.set_file_mtime(DateTime.Now);
                sign.set_compression("ZIP", 6);
                // signatures creation time - by default will be set to the current time as well
                sign.set_creation_time(DateTime.Now);
                // signatures expiration time - by default will be 0, i.e. never expire
                sign.set_expiration(TimeSpan.FromDays(365));
                // set hash algorithm - should be compatible for all signatures
                sign.set_hash(RopBind.ALG_HASH_SHA256);

                try {
                    // now add signatures. First locate the signing key, then add and setup signature
                    // RSA signature
                    err_desc = "Failed to locate signing key rsa@key.";
                    RopKey key = ses.locate_key("userid", "rsa@key");
                    Sign.key_ids[0]     = key.keyid();
                    Sign.key_fprints[0] = key.fprint();

                    err_desc = "Failed to add signature for key rsa@key.";
                    sign.add_signature(key);

                    // EdDSA signature
                    err_desc            = "Failed to locate signing key 25519@key.";
                    key                 = ses.locate_key("userid", "25519@key");
                    Sign.key_ids[1]     = key.keyid();
                    Sign.key_fprints[1] = key.fprint();

                    err_desc = "Failed to add signature for key 25519@key.";
                    sign.add_signature(key);

                    // finally do signing
                    err_desc = "Failed to add signature for key 25519@key.";
                    sign.execute();

                    Console.WriteLine("Signing succeeded. See file signed.asc.");
                } catch (RopError ex) {
                    Console.WriteLine(err_desc);
                    throw ex;
                }
            } finally {
                rop.drop_from(alt);
            }
        }
Ejemplo n.º 6
0
        public void execute(string[] argv, string[] json_out)
        {
            string input_file = null;
            bool   raw        = false;
            bool   mpi        = false;
            bool   grip       = false;
            bool   json       = false;
            bool   help       = (argv.Length < 2);

            /* Parse command line options:
             *  -i input_file [mandatory]: specifies name of the file with PGP packets
             *  -d : indicates wether to dump whole packet content
             *  -m : dump mpi contents
             *  -g : dump key grips and fingerprints
             *  -j : JSON output
             *  -h : prints help and exists
             */
            List <string> opts = new List <string>(), args = new List <string>();

            for (int idx = 1; idx < argv.Length; idx++)
            {
                if (argv[idx].Length >= 2 && argv[idx][0] == '-' && "dmgjh".IndexOf(argv[idx][1]) >= 0)
                {
                    opts.Add(argv[idx]);
                }
                else
                {
                    args.Add(argv[idx]);
                }
            }
            foreach (string opt in opts)
            {
                if (opt.CompareTo("-d") == 0)
                {
                    raw = true;
                }
                else if (opt.CompareTo("-m") == 0)
                {
                    mpi = true;
                }
                else if (opt.CompareTo("-g") == 0)
                {
                    grip = true;
                }
                else if (opt.CompareTo("-j") == 0)
                {
                    json = true;
                }
                else if (opt.Length > 0)
                {
                    help = true;
                }
            }
            if (!help)
            {
                if (args.Count > 0)
                {
                    input_file = args[0];
                }

                RopBind rop = new RopBind();
                try {
                    RopInput  input  = null;
                    RopOutput output = null;
                    try {
                        if (input_file != null)
                        {
                            input = rop.create_input(input_file);
                        }
                        else
                        {
                            input = rop.create_input(this, null);
                        }
                    } catch (RopError err) {
                        Console.WriteLine(String.Format("Failed to open source: error {0}", err.getErrCode()));
                        throw err;
                    }

                    if (!json)
                    {
                        try {
                            output = rop.create_output(this, null);
                        } catch (RopError err) {
                            Console.WriteLine(String.Format("Failed to open stdout: error {0}", err.getErrCode()));
                            throw err;
                        }
                        input.dump_packets_to_output(output, mpi, raw, grip);
                    }
                    else
                    {
                        string jsn = input.dump_packets_to_json(mpi, raw, grip).getString();
                        if (json_out == null)
                        {
                            Console.WriteLine(jsn);
                            Console.WriteLine("");
                        }
                        else
                        {
                            json_out[0] = jsn;
                        }
                    }
                } catch (RopError err) {
                    // Inform in case of error occured during parsing
                    Console.WriteLine(String.Format("Operation failed [error code: {0}]", err.getErrCode()));
                    throw err;
                } finally {
                    rop.Close();
                }
            }
            else
            {
                print_usage(argv[0]);
            }
        }