/// <summary> /// Create a new key ring generator using old style checksumming. It is recommended to use /// SHA1 checksumming where possible. /// </summary> /// <param name="certificationLevel">The certification level for keys on this ring.</param> /// <param name="masterKey">The master key pair.</param> /// <param name="id">The id to be associated with the ring.</param> /// <param name="encAlgorithm">The algorithm to be used to protect secret keys.</param> /// <param name="passPhrase">The passPhrase to be used to protect secret keys.</param> /// <param name="hashedPackets">Packets to be included in the certification hash.</param> /// <param name="unhashedPackets">Packets to be attached unhashed to the certification.</param> /// <param name="rand">input secured random.</param> public PgpKeyRingGenerator( int certificationLevel, PgpKeyPair masterKey, string id, SymmetricKeyAlgorithmTag encAlgorithm, char[] passPhrase, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) : this(certificationLevel, masterKey, id, encAlgorithm, passPhrase, false, hashedPackets, unhashedPackets, rand) { }
public PgpSecretKey( int certificationLevel, PgpKeyPair keyPair, string id, SymmetricKeyAlgorithmTag encAlgorithm, char[] passPhrase, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, ISecureRandom rand) : this(certificationLevel, keyPair, id, encAlgorithm, passPhrase, false, hashedPackets, unhashedPackets, rand) { }
public PgpSecretKey( int certificationLevel, PgpKeyPair keyPair, string id, SymmetricKeyAlgorithmTag encAlgorithm, char[] passPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) : this(keyPair.PrivateKey, certifiedPublicKey(certificationLevel, keyPair, id, hashedPackets, unhashedPackets), encAlgorithm, passPhrase, useSha1, rand, true) { }
public PgpKeyRingGenerator( int certificationLevel, PgpKeyPair masterKey, string id, SymmetricKeyAlgorithmTag encAlgorithm, char[] passPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, ISecureRandom rand) : this(certificationLevel, masterKey, id, encAlgorithm, HashAlgorithmTag.Sha1, passPhrase, useSha1, hashedPackets, unhashedPackets, rand) { }
public PgpKeyRingGenerator(int certificationLevel, PgpKeyPair masterKey, string id, SymmetricKeyAlgorithmTag encAlgorithm, byte[] rawPassPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) { this.certificationLevel = certificationLevel; this.masterKey = masterKey; this.id = id; this.encAlgorithm = encAlgorithm; this.rawPassPhrase = rawPassPhrase; this.useSha1 = useSha1; hashedPacketVector = hashedPackets; unhashedPacketVector = unhashedPackets; this.rand = rand; keys.Add((object)new PgpSecretKey(certificationLevel, masterKey, id, encAlgorithm, rawPassPhrase, clearPassPhrase: false, useSha1, hashedPackets, unhashedPackets, rand)); }
public PgpSecretKey( int certificationLevel, PgpKeyPair keyPair, string id, SymmetricKeyAlgorithmTag encAlgorithm, char[] passPhrase, bool useSHA1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) : this(keyPair, encAlgorithm, passPhrase, useSHA1, rand) { try { this.trust = null; this.ids = new ArrayList(); ids.Add(id); this.idTrusts = new ArrayList(); idTrusts.Add(null); this.idSigs = new ArrayList(); PgpSignatureGenerator sGen = new PgpSignatureGenerator( keyPair.PublicKey.Algorithm, HashAlgorithmTag.Sha1); // // Generate the certification // sGen.InitSign(certificationLevel, keyPair.PrivateKey); sGen.SetHashedSubpackets(hashedPackets); sGen.SetUnhashedSubpackets(unhashedPackets); PgpSignature certification = sGen.GenerateCertification(id, keyPair.PublicKey); this.pub = PgpPublicKey.AddCertification(keyPair.PublicKey, id, certification); ArrayList sigList = new ArrayList(); sigList.Add(certification); idSigs.Add(sigList); } catch (PgpException e) { throw e; } catch (Exception e) { throw new PgpException("Exception encrypting key", e); } }
public PgpSecretKey( int certificationLevel, PgpKeyPair keyPair, string id, SymmetricKeyAlgorithmTag encAlgorithm, char[] passPhrase, bool useSHA1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) : this(keyPair, encAlgorithm, passPhrase, useSHA1, rand) { try { this.trust = null; this.ids = new ArrayList(); ids.Add(id); this.idTrusts = new ArrayList(); idTrusts.Add(null); this.idSigs = new ArrayList(); PgpSignatureGenerator sGen = new PgpSignatureGenerator( keyPair.PublicKey.Algorithm, HashAlgorithmTag.Sha1); // // Generate the certification // sGen.InitSign(certificationLevel, keyPair.PrivateKey); sGen.SetHashedSubpackets(hashedPackets); sGen.SetUnhashedSubpackets(unhashedPackets); PgpSignature certification = sGen.GenerateCertification(id, keyPair.PublicKey); this.pub = PgpPublicKey.AddCertification(keyPair.PublicKey, id, certification); ArrayList sigList = new ArrayList(); sigList.Add(certification); idSigs.Add(sigList); } catch (PgpException e) { throw e; } catch (Exception e) { throw new PgpException("Exception encrypting key", e); } }
public PgpSecretKey( int certificationLevel, PgpKeyPair keyPair, string id, SymmetricKeyAlgorithmTag encAlgorithm, HashAlgorithmTag hashAlgorithm, char[] passPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, ISecureRandom rand) : this(keyPair.PrivateKey, CertifiedPublicKey(certificationLevel, keyPair, id, hashedPackets, unhashedPackets, hashAlgorithm), encAlgorithm, passPhrase, useSha1, rand, true) { }
/// <summary> /// Add a signing subkey with specific hashed and unhashed packets associated with it and /// default certifications, including the primary-key binding signature. /// </summary> /// <param name="keyPair">Public/private key pair.</param> /// <param name="hashedPackets">Hashed packet values to be included in certification.</param> /// <param name="unhashedPackets">Unhashed packets values to be included in certification.</param> /// <param name="hashAlgorithm">The hash algorithm.</param> /// <param name="primaryKeyBindingHashAlgorithm">The primary-key binding hash algorithm.</param> /// <exception cref="Org.BouncyCastle.Bcpg.OpenPgp.PgpException">exception adding subkey: </exception> /// <exception cref="PgpException"></exception> public void AddSubKey( PgpKeyPair keyPair, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, HashAlgorithmTag hashAlgorithm, HashAlgorithmTag primaryKeyBindingHashAlgorithm) { try { PgpSignatureGenerator sGen = new PgpSignatureGenerator(masterKey.PublicKey.Algorithm, hashAlgorithm); // // Generate the certification // sGen.InitSign(PgpSignature.SubkeyBinding, masterKey.PrivateKey); // add primary key binding sub packet PgpSignatureGenerator pGen = new PgpSignatureGenerator(keyPair.PublicKey.Algorithm, primaryKeyBindingHashAlgorithm); pGen.InitSign(PgpSignature.PrimaryKeyBinding, keyPair.PrivateKey); PgpSignatureSubpacketGenerator spGen = new PgpSignatureSubpacketGenerator(hashedPackets); spGen.SetEmbeddedSignature(false, pGen.GenerateCertification(masterKey.PublicKey, keyPair.PublicKey)); sGen.SetHashedSubpackets(spGen.Generate()); sGen.SetUnhashedSubpackets(unhashedPackets); IList subSigs = Platform.CreateArrayList(); subSigs.Add(sGen.GenerateCertification(masterKey.PublicKey, keyPair.PublicKey)); keys.Add(new PgpSecretKey(keyPair.PrivateKey, new PgpPublicKey(keyPair.PublicKey, null, subSigs), encAlgorithm, rawPassPhrase, false, useSha1, rand, false)); } catch (PgpException) { throw; } catch (Exception e) { throw new PgpException("exception adding subkey: ", e); } }
public void AddSubKey(PgpKeyPair keyPair, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets) { try { PgpSignatureGenerator pgpSignatureGenerator = new PgpSignatureGenerator(masterKey.PublicKey.Algorithm, HashAlgorithmTag.Sha1); pgpSignatureGenerator.InitSign(24, masterKey.PrivateKey); pgpSignatureGenerator.SetHashedSubpackets(hashedPackets); pgpSignatureGenerator.SetUnhashedSubpackets(unhashedPackets); global::System.Collections.IList list = Platform.CreateArrayList(); list.Add((object)pgpSignatureGenerator.GenerateCertification(masterKey.PublicKey, keyPair.PublicKey)); keys.Add((object)new PgpSecretKey(keyPair.PrivateKey, new PgpPublicKey(keyPair.PublicKey, null, list), encAlgorithm, rawPassPhrase, clearPassPhrase: false, useSha1, rand, isMasterKey: false)); } catch (PgpException ex) { throw ex; } catch (global::System.Exception exception) { throw new PgpException("exception adding subkey: ", exception); } }
/// <summary>Create a subkey</summary> internal PgpSecretKey( PgpKeyPair keyPair, TrustPacket trust, ArrayList subSigs, SymmetricKeyAlgorithmTag encAlgorithm, char[] passPhrase, bool useSHA1, SecureRandom rand) : this(keyPair, encAlgorithm, passPhrase, useSHA1, rand) { this.secret = new SecretSubkeyPacket( secret.PublicKeyPacket, secret.EncAlgorithm, secret.S2kUsage, secret.S2k, secret.GetIV(), secret.GetSecretKeyData()); this.trust = trust; this.subSigs = subSigs; this.pub = new PgpPublicKey(keyPair.PublicKey, trust, subSigs); }
/// <summary> /// Create a new key ring generator. /// </summary> /// <param name="certificationLevel">The certification level for keys on this ring.</param> /// <param name="masterKey">The master key pair.</param> /// <param name="id">The id to be associated with the ring.</param> /// <param name="encAlgorithm">The algorithm to be used to protect secret keys.</param> /// <param name="hashAlgorithm">The hash algorithm.</param> /// <param name="passPhrase">The passPhrase to be used to protect secret keys.</param> /// <param name="useSha1">Checksum the secret keys with SHA1 rather than the older 16 bit checksum.</param> /// <param name="hashedPackets">Packets to be included in the certification hash.</param> /// <param name="unhashedPackets">Packets to be attached unhashed to the certification.</param> /// <param name="rand">input secured random.</param> public PgpKeyRingGenerator( int certificationLevel, PgpKeyPair masterKey, string id, SymmetricKeyAlgorithmTag encAlgorithm, HashAlgorithmTag hashAlgorithm, char[] passPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, ISecureRandom rand) { _masterKey = masterKey; _encAlgorithm = encAlgorithm; _passPhrase = passPhrase; _useSha1 = useSha1; _hashedPacketVector = hashedPackets; _unhashedPacketVector = unhashedPackets; _rand = rand; _hashAlgorithm = hashAlgorithm; _keys.Add(new PgpSecretKey(certificationLevel, masterKey, id, encAlgorithm, hashAlgorithm, passPhrase, useSha1, hashedPackets, unhashedPackets, rand)); }
/// <summary> /// Create a new key ring generator. /// </summary> /// <param name="certificationLevel">The certification level for keys on this ring.</param> /// <param name="masterKey">The master key pair.</param> /// <param name="id">The id to be associated with the ring.</param> /// <param name="encAlgorithm">The algorithm to be used to protect secret keys.</param> /// <param name="passPhrase">The passPhrase to be used to protect secret keys.</param> /// <param name="useSha1">Checksum the secret keys with SHA1 rather than the older 16 bit checksum.</param> /// <param name="hashedPackets">Packets to be included in the certification hash.</param> /// <param name="unhashedPackets">Packets to be attached unhashed to the certification.</param> /// <param name="rand">input secured random.</param> public PgpKeyRingGenerator( int certificationLevel, PgpKeyPair masterKey, string id, SymmetricKeyAlgorithmTag encAlgorithm, char[] passPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) { this.certificationLevel = certificationLevel; this.masterKey = masterKey; this.id = id; this.encAlgorithm = encAlgorithm; this.passPhrase = passPhrase; this.useSha1 = useSha1; this.hashedPackets = hashedPackets; this.unhashedPackets = unhashedPackets; this.rand = rand; keys.Add(new PgpSecretKey(certificationLevel, masterKey, id, encAlgorithm, passPhrase, useSha1, hashedPackets, unhashedPackets, rand)); }
/// <summary> /// Create a new key ring generator. /// </summary> /// <param name="certificationLevel">The certification level for keys on this ring.</param> /// <param name="masterKey">The master key pair.</param> /// <param name="id">The id to be associated with the ring.</param> /// <param name="encAlgorithm">The algorithm to be used to protect secret keys.</param> /// <param name="passPhrase">The passPhrase to be used to protect secret keys.</param> /// <param name="useSha1">Checksum the secret keys with SHA1 rather than the older 16 bit checksum.</param> /// <param name="hashedPackets">Packets to be included in the certification hash.</param> /// <param name="unhashedPackets">Packets to be attached unhashed to the certification.</param> /// <param name="rand">input secured random.</param> public PgpKeyRingGenerator( int certificationLevel, PgpKeyPair masterKey, string id, SymmetricKeyAlgorithmTag encAlgorithm, char[] passPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) { this.certificationLevel = certificationLevel; this.masterKey = masterKey; this.id = id; this.encAlgorithm = encAlgorithm; this.passPhrase = passPhrase; this.useSha1 = useSha1; this.hashedPacketVector = hashedPackets; this.unhashedPacketVector = unhashedPackets; this.rand = rand; keys.Add(new PgpSecretKey(certificationLevel, masterKey, id, encAlgorithm, passPhrase, useSha1, hashedPackets, unhashedPackets, rand)); }
/// <summary> /// Create a new key ring generator. /// </summary> /// <param name="certificationLevel">The certification level for keys on this ring.</param> /// <param name="masterKey">The master key pair.</param> /// <param name="id">The id to be associated with the ring.</param> /// <param name="encAlgorithm">The algorithm to be used to protect secret keys.</param> /// <param name="hashAlgorithm">The hash algorithm.</param> /// <param name="passPhrase">The passPhrase to be used to protect secret keys.</param> /// <param name="useSha1">Checksum the secret keys with SHA1 rather than the older 16 bit checksum.</param> /// <param name="hashedPackets">Packets to be included in the certification hash.</param> /// <param name="unhashedPackets">Packets to be attached unhashed to the certification.</param> /// <param name="rand">input secured random.</param> public PgpKeyRingGenerator( int certificationLevel, PgpKeyPair masterKey, string id, SymmetricKeyAlgorithmTag encAlgorithm, HashAlgorithmTag hashAlgorithm, char[] passPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, ISecureRandom rand) { _masterKey = masterKey; _encAlgorithm = encAlgorithm; _passPhrase = passPhrase; _useSha1 = useSha1; _hashedPacketVector = hashedPackets; _unhashedPacketVector = unhashedPackets; _rand = rand; _hashAlgorithm = hashAlgorithm; _keys.Add(new PgpSecretKey(certificationLevel, masterKey, id, encAlgorithm, hashAlgorithm, passPhrase, useSha1, hashedPackets, unhashedPackets, rand)); }
private static void ExportKeyPair( Stream secretOut, Stream publicOut, AsymmetricCipherKeyPair dsaKp, AsymmetricCipherKeyPair elgKp, string identity, char[] passPhrase, bool armor) { if (armor) { secretOut = new ArmoredOutputStream(secretOut); } PgpKeyPair dsaKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa, dsaKp, DateTime.UtcNow); PgpKeyPair elgKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ElGamalEncrypt, elgKp, DateTime.UtcNow); PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, dsaKeyPair, identity, SymmetricKeyAlgorithmTag.Aes256, passPhrase, true, null, null, new SecureRandom()); keyRingGen.AddSubKey(elgKeyPair); keyRingGen.GenerateSecretKeyRing().Encode(secretOut); if (armor) { secretOut.Close(); publicOut = new ArmoredOutputStream(publicOut); } keyRingGen.GeneratePublicKeyRing().Encode(publicOut); if (armor) { publicOut.Close(); } }
private static PgpPublicKey CertifiedPublicKey( int certificationLevel, PgpKeyPair keyPair, string id, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, HashAlgorithmTag hashAlgorithm) { PgpSignatureGenerator sGen; try { sGen = new PgpSignatureGenerator(keyPair.PublicKey.Algorithm, hashAlgorithm); } catch (Exception e) { throw new PgpException("Creating signature generator: " + e.Message, e); } // // Generate the certification // sGen.InitSign(certificationLevel, keyPair.PrivateKey); sGen.SetHashedSubpackets(hashedPackets); sGen.SetUnhashedSubpackets(unhashedPackets); try { PgpSignature certification = sGen.GenerateCertification(id, keyPair.PublicKey); return(PgpPublicKey.AddCertification(keyPair.PublicKey, id, certification)); } catch (Exception e) { throw new PgpException("Exception doing certification: " + e.Message, e); } }
public PgpSecretKey(int certificationLevel, PgpKeyPair keyPair, string id, SymmetricKeyAlgorithmTag encAlgorithm, HashAlgorithmTag hashAlgorithm, byte[] rawPassPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) : this(certificationLevel, keyPair, id, encAlgorithm, hashAlgorithm, rawPassPhrase, clearPassPhrase : false, useSha1, hashedPackets, unhashedPackets, rand) { }
/// <summary> /// Add a subkey to the key ring to be generated with default certification. /// </summary> /// <param name="keyPair">The key pair.</param> /// <param name="hashAlgorithm">The hash algorithm.</param> public void AddSubKey(PgpKeyPair keyPair, HashAlgorithmTag hashAlgorithm) { this.AddSubKey(keyPair, this.hashedPacketVector, this.unhashedPacketVector, hashAlgorithm); }
/// <summary> /// Add a subkey with specific hashed and unhashed packets associated with it and /// default certification. /// </summary> /// <param name="keyPair">Public/private key pair.</param> /// <param name="hashedPackets">Hashed packet values to be included in certification.</param> /// <param name="unhashedPackets">Unhashed packets values to be included in certification.</param> /// <param name="hashAlgorithm">The hash algorithm.</param> /// <exception cref="Org.BouncyCastle.Bcpg.OpenPgp.PgpException">exception adding subkey: </exception> /// <exception cref="PgpException"></exception> public void AddSubKey( PgpKeyPair keyPair, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, HashAlgorithmTag hashAlgorithm) { try { var sGen = new PgpSignatureGenerator(masterKey.PublicKey.Algorithm, hashAlgorithm); // // Generate the certification // sGen.InitSign(PgpSignature.SubkeyBinding, masterKey.PrivateKey); sGen.SetHashedSubpackets(hashedPackets); sGen.SetUnhashedSubpackets(unhashedPackets); IList subSigs = Platform.CreateArrayList(); subSigs.Add(sGen.GenerateCertification(masterKey.PublicKey, keyPair.PublicKey)); keys.Add(new PgpSecretKey(keyPair.PrivateKey, new PgpPublicKey(keyPair.PublicKey, null, subSigs), encAlgorithm, passPhrase, useSha1, rand)); } catch (PgpException) { throw; } catch (Exception e) { throw new PgpException("exception adding subkey: ", e); } }
internal PgpSecretKey( PgpKeyPair keyPair, SymmetricKeyAlgorithmTag encAlgorithm, char[] passPhrase, bool useSHA1, SecureRandom rand) { PublicKeyPacket pubPk = keyPair.PublicKey.publicPk; BcpgObject secKey; switch (keyPair.PublicKey.Algorithm) { case PublicKeyAlgorithmTag.RsaEncrypt: case PublicKeyAlgorithmTag.RsaSign: case PublicKeyAlgorithmTag.RsaGeneral: RsaPrivateCrtKeyParameters rsK = (RsaPrivateCrtKeyParameters) keyPair.PrivateKey.Key; secKey = new RsaSecretBcpgKey(rsK.Exponent, rsK.P, rsK.Q); break; case PublicKeyAlgorithmTag.Dsa: DsaPrivateKeyParameters dsK = (DsaPrivateKeyParameters) keyPair.PrivateKey.Key; secKey = new DsaSecretBcpgKey(dsK.X); break; case PublicKeyAlgorithmTag.ElGamalEncrypt: case PublicKeyAlgorithmTag.ElGamalGeneral: ElGamalPrivateKeyParameters esK = (ElGamalPrivateKeyParameters) keyPair.PrivateKey.Key; secKey = new ElGamalSecretBcpgKey(esK.X); break; default: throw new PgpException("unknown key class"); } string cName = PgpUtilities.GetSymmetricCipherName(encAlgorithm); IBufferedCipher c = null; if (cName != null) { try { c = CipherUtilities.GetCipher(cName + "/CFB/NoPadding"); } catch (Exception e) { throw new PgpException("Exception creating cipher", e); } } try { MemoryStream bOut = new MemoryStream(); BcpgOutputStream pOut = new BcpgOutputStream(bOut); pOut.WriteObject(secKey); byte[] keyData = bOut.ToArray(); byte[] checksumBytes = Checksum(useSHA1, keyData, keyData.Length); pOut.Write(checksumBytes); byte[] bOutData = bOut.ToArray(); if (c != null) { byte[] iv = new byte[8]; rand.NextBytes(iv); S2k s2k = new S2k(HashAlgorithmTag.Sha1, iv, 0x60); KeyParameter key = PgpUtilities.MakeKeyFromPassPhrase(encAlgorithm, s2k, passPhrase); iv = new byte[c.GetBlockSize()]; rand.NextBytes(iv); c.Init(true, new ParametersWithIV(key, iv)); byte[] encData = c.DoFinal(bOutData); int usage = useSHA1 ? SecretKeyPacket.UsageSha1 : SecretKeyPacket.UsageChecksum; this.secret = new SecretKeyPacket(pubPk, encAlgorithm, usage, s2k, iv, encData); } else { this.secret = new SecretKeyPacket(pubPk, encAlgorithm, null, null, bOutData); } this.trust = null; } catch (PgpException e) { throw e; } catch (Exception e) { throw new PgpException("Exception encrypting key", e); } this.keySigs = new ArrayList(); }
/// <summary>Create a subkey</summary> internal PgpSecretKey( PgpKeyPair keyPair, TrustPacket trust, ArrayList subSigs, SymmetricKeyAlgorithmTag encAlgorithm, char[] passPhrase, bool useSHA1, SecureRandom rand) : this(keyPair, encAlgorithm, passPhrase, useSHA1, rand) { this.secret = new SecretSubkeyPacket( secret.PublicKeyPacket, secret.EncAlgorithm, secret.S2kUsage, secret.S2k, secret.GetIV(), secret.GetSecretKeyData()); this.trust = trust; this.subSigs = subSigs; this.pub = new PgpPublicKey(keyPair.PublicKey, trust, subSigs); }
//src: http://stackoverflow.com/questions/17953852/generating-pgp-key-ring-using-bouncy-castle-c-results-in-key-id-ffffffff public static PgpKeyRingGenerator generateKeyRingGenerator(String identity, String password) { KeyRingParams keyRingParams = new KeyRingParams(); keyRingParams.Password = password; keyRingParams.Identity = identity; keyRingParams.PrivateKeyEncryptionAlgorithm = SymmetricKeyAlgorithmTag.Aes128; keyRingParams.SymmetricAlgorithms = new SymmetricKeyAlgorithmTag[] { SymmetricKeyAlgorithmTag.Aes256/*, SymmetricKeyAlgorithmTag.Aes192, SymmetricKeyAlgorithmTag.Aes128*/ //TODO: delete ? }; keyRingParams.HashAlgorithms = new HashAlgorithmTag[] { HashAlgorithmTag.Sha256, //TODO: delete ? + check Parameters //HashAlgorithmTag.Sha1, //HashAlgorithmTag.Sha384, HashAlgorithmTag.Sha512, //HashAlgorithmTag.Sha224, }; IAsymmetricCipherKeyPairGenerator generator = GeneratorUtilities.GetKeyPairGenerator("RSA"); generator.Init(keyRingParams.RsaParams); /* Create the master (signing-only) key. */ PgpKeyPair masterKeyPair = new PgpKeyPair( PublicKeyAlgorithmTag.RsaSign, generator.GenerateKeyPair(), DateTime.UtcNow ); PgpSignatureSubpacketGenerator masterSubpckGen = new PgpSignatureSubpacketGenerator(); masterSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanSign | PgpKeyFlags.CanCertify); //create var for preferred symmetric algorithms int [] iPreferedSymmetricAlgorithms = new int[keyRingParams.SymmetricAlgorithms.Length]; for (int i = 0; i < keyRingParams.SymmetricAlgorithms.Length; i++) { iPreferedSymmetricAlgorithms[i] = (int) keyRingParams.SymmetricAlgorithms[i]; } masterSubpckGen.SetPreferredSymmetricAlgorithms (false, iPreferedSymmetricAlgorithms); //create var for preferred hash algorithms int [] iPreferedHashAlgorithms = new int[keyRingParams.HashAlgorithms.Length]; for (int i = 0; i < keyRingParams.HashAlgorithms.Length; i++) { iPreferedHashAlgorithms[i] = (int) keyRingParams.HashAlgorithms[i]; } masterSubpckGen.SetPreferredHashAlgorithms (false, iPreferedHashAlgorithms); /* Create a signing and encryption key for daily use. */ PgpKeyPair encKeyPair = new PgpKeyPair( PublicKeyAlgorithmTag.RsaGeneral, generator.GenerateKeyPair(), DateTime.UtcNow); PgpSignatureSubpacketGenerator encSubpckGen = new PgpSignatureSubpacketGenerator(); encSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanEncryptCommunications | PgpKeyFlags.CanEncryptStorage); masterSubpckGen.SetPreferredSymmetricAlgorithms(false, iPreferedSymmetricAlgorithms); masterSubpckGen.SetPreferredHashAlgorithms (false, iPreferedHashAlgorithms); /* Create the key ring. */ PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator( PgpSignature.DefaultCertification, masterKeyPair, keyRingParams.Identity, keyRingParams.PrivateKeyEncryptionAlgorithm.Value, keyRingParams.GetPassword(), true, masterSubpckGen.Generate(), null, new SecureRandom()); /* Add encryption subkey. */ keyRingGen.AddSubKey(encKeyPair, encSubpckGen.Generate(), null); return keyRingGen; }
public PgpSecretKey(int certificationLevel, PgpKeyPair keyPair, string id, SymmetricKeyAlgorithmTag encAlgorithm, char[] passPhrase, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) : this(certificationLevel, keyPair, id, encAlgorithm, passPhrase, useSha1 : false, hashedPackets, unhashedPackets, rand) { }
internal PgpSecretKey( PgpKeyPair keyPair, SymmetricKeyAlgorithmTag encAlgorithm, char[] passPhrase, bool useSHA1, SecureRandom rand) { PublicKeyPacket pubPk = keyPair.PublicKey.publicPk; BcpgObject secKey; switch (keyPair.PublicKey.Algorithm) { case PublicKeyAlgorithmTag.RsaEncrypt: case PublicKeyAlgorithmTag.RsaSign: case PublicKeyAlgorithmTag.RsaGeneral: RsaPrivateCrtKeyParameters rsK = (RsaPrivateCrtKeyParameters)keyPair.PrivateKey.Key; secKey = new RsaSecretBcpgKey(rsK.Exponent, rsK.P, rsK.Q); break; case PublicKeyAlgorithmTag.Dsa: DsaPrivateKeyParameters dsK = (DsaPrivateKeyParameters)keyPair.PrivateKey.Key; secKey = new DsaSecretBcpgKey(dsK.X); break; case PublicKeyAlgorithmTag.ElGamalEncrypt: case PublicKeyAlgorithmTag.ElGamalGeneral: ElGamalPrivateKeyParameters esK = (ElGamalPrivateKeyParameters)keyPair.PrivateKey.Key; secKey = new ElGamalSecretBcpgKey(esK.X); break; default: throw new PgpException("unknown key class"); } string cName = PgpUtilities.GetSymmetricCipherName(encAlgorithm); IBufferedCipher c = null; if (cName != null) { try { c = CipherUtilities.GetCipher(cName + "/CFB/NoPadding"); } catch (Exception e) { throw new PgpException("Exception creating cipher", e); } } try { MemoryStream bOut = new MemoryStream(); BcpgOutputStream pOut = new BcpgOutputStream(bOut); pOut.WriteObject(secKey); byte[] keyData = bOut.ToArray(); byte[] checksumBytes = Checksum(useSHA1, keyData, keyData.Length); pOut.Write(checksumBytes); byte[] bOutData = bOut.ToArray(); if (c != null) { byte[] iv = new byte[8]; rand.NextBytes(iv); S2k s2k = new S2k(HashAlgorithmTag.Sha1, iv, 0x60); KeyParameter key = PgpUtilities.MakeKeyFromPassPhrase(encAlgorithm, s2k, passPhrase); iv = new byte[c.GetBlockSize()]; rand.NextBytes(iv); c.Init(true, new ParametersWithIV(key, iv)); byte[] encData = c.DoFinal(bOutData); int usage = useSHA1 ? SecretKeyPacket.UsageSha1 : SecretKeyPacket.UsageChecksum; this.secret = new SecretKeyPacket(pubPk, encAlgorithm, usage, s2k, iv, encData); } else { this.secret = new SecretKeyPacket(pubPk, encAlgorithm, null, null, bOutData); } this.trust = null; } catch (PgpException e) { throw e; } catch (Exception e) { throw new PgpException("Exception encrypting key", e); } this.keySigs = new ArrayList(); }
internal PgpSecretKey(int certificationLevel, PgpKeyPair keyPair, string id, SymmetricKeyAlgorithmTag encAlgorithm, HashAlgorithmTag hashAlgorithm, byte[] rawPassPhrase, bool clearPassPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) : this(keyPair.PrivateKey, CertifiedPublicKey(certificationLevel, keyPair, id, hashedPackets, unhashedPackets, hashAlgorithm), encAlgorithm, rawPassPhrase, clearPassPhrase, useSha1, rand, isMasterKey : true) { }
/// <summary> /// Add a signing subkey to the key ring to be generated with default certification and a primary key binding signature. /// </summary> /// <param name="keyPair">The key pair.</param> /// <param name="hashAlgorithm">The hash algorithm.</param> /// <param name="primaryKeyBindingHashAlgorithm">The primary-key binding hash algorithm.</param> public void AddSubKey(PgpKeyPair keyPair, HashAlgorithmTag hashAlgorithm, HashAlgorithmTag primaryKeyBindingHashAlgorithm) { this.AddSubKey(keyPair, this.hashedPacketVector, this.unhashedPacketVector, hashAlgorithm, primaryKeyBindingHashAlgorithm); }
public static PgpKeyRingGenerator CreateKeyRingGenerator(string identity, string password) { var dateTimeNowUtc = DateTime.UtcNow; KeyRingParams keyRingParams = new KeyRingParams(); keyRingParams.Password = password; keyRingParams.Identity = identity; keyRingParams.PrivateKeyEncryptionAlgorithm = SymmetricKeyAlgorithmTag.Aes256; keyRingParams.SymmetricAlgorithms = new SymmetricKeyAlgorithmTag[] { SymmetricKeyAlgorithmTag.Aes256, SymmetricKeyAlgorithmTag.Aes192, SymmetricKeyAlgorithmTag.Aes128 }; keyRingParams.HashAlgorithms = new HashAlgorithmTag[] { HashAlgorithmTag.Sha256, HashAlgorithmTag.Sha1, HashAlgorithmTag.Sha384, HashAlgorithmTag.Sha512, HashAlgorithmTag.Sha224, }; IAsymmetricCipherKeyPairGenerator generator = GeneratorUtilities.GetKeyPairGenerator("RSA"); generator.Init(keyRingParams.RsaParams); /* Create the master (signing-only) key. */ PgpKeyPair masterKeyPair = new PgpKeyPair( PublicKeyAlgorithmTag.RsaSign, generator.GenerateKeyPair(), dateTimeNowUtc); Debug.WriteLine("Generated master key with ID " + masterKeyPair.KeyId.ToString("X")); PgpSignatureSubpacketGenerator masterSubpckGen = new PgpSignatureSubpacketGenerator(); var secondsUntilExpires = (long)(dateTimeNowUtc.AddDays(2) - dateTimeNowUtc).TotalSeconds; masterSubpckGen.SetKeyExpirationTime(false, secondsUntilExpires); masterSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanSign | PgpKeyFlags.CanCertify | PgpKeyFlags.CanEncryptCommunications | PgpKeyFlags.CanEncryptStorage); masterSubpckGen.SetPreferredSymmetricAlgorithms(false, (from a in keyRingParams.SymmetricAlgorithms select (int)a).ToArray()); masterSubpckGen.SetPreferredHashAlgorithms(false, (from a in keyRingParams.HashAlgorithms select (int)a).ToArray()); /* Create a signing and encryption key for daily use. */ PgpKeyPair encKeyPair = new PgpKeyPair( PublicKeyAlgorithmTag.RsaGeneral, generator.GenerateKeyPair(), dateTimeNowUtc); Debug.WriteLine("Generated encryption key with ID " + encKeyPair.KeyId.ToString("X")); PgpSignatureSubpacketGenerator encSubpckGen = new PgpSignatureSubpacketGenerator(); encSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanEncryptCommunications | PgpKeyFlags.CanEncryptStorage); encSubpckGen.SetKeyExpirationTime(false, secondsUntilExpires); masterSubpckGen.SetPreferredSymmetricAlgorithms(false, (from a in keyRingParams.SymmetricAlgorithms select (int)a).ToArray()); masterSubpckGen.SetPreferredHashAlgorithms(false, (from a in keyRingParams.HashAlgorithms select (int)a).ToArray()); /* Create the key ring. */ PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator( PgpSignature.DefaultCertification, masterKeyPair, keyRingParams.Identity, keyRingParams.PrivateKeyEncryptionAlgorithm.Value, keyRingParams.GetPassword(), true, masterSubpckGen.Generate(), null, new SecureRandom()); /* Add encryption subkey. */ keyRingGen.AddSubKey(encKeyPair, encSubpckGen.Generate(), null); return keyRingGen; }
/// <summary> /// Create a new key ring generator. /// </summary> /// <param name="certificationLevel">The certification level for keys on this ring.</param> /// <param name="masterKey">The master key pair.</param> /// <param name="id">The id to be associated with the ring.</param> /// <param name="encAlgorithm">The algorithm to be used to protect secret keys.</param> /// <param name="utf8PassPhrase"> /// If true, conversion of the passphrase to bytes uses Encoding.UTF8.GetBytes(), otherwise the conversion /// is performed using Convert.ToByte(), which is the historical behaviour of the library (1.7 and earlier). /// </param> /// <param name="passPhrase">The passPhrase to be used to protect secret keys.</param> /// <param name="useSha1">Checksum the secret keys with SHA1 rather than the older 16 bit checksum.</param> /// <param name="hashedPackets">Packets to be included in the certification hash.</param> /// <param name="unhashedPackets">Packets to be attached unhashed to the certification.</param> /// <param name="rand">input secured random.</param> public PgpKeyRingGenerator( int certificationLevel, PgpKeyPair masterKey, string id, SymmetricKeyAlgorithmTag encAlgorithm, bool utf8PassPhrase, char[] passPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) : this(certificationLevel, masterKey, id, encAlgorithm, PgpUtilities.EncodePassPhrase(passPhrase, utf8PassPhrase), useSha1, hashedPackets, unhashedPackets, rand) { }
/// <remarks> /// If utf8PassPhrase is true, conversion of the passphrase to bytes uses Encoding.UTF8.GetBytes(), otherwise the conversion /// is performed using Convert.ToByte(), which is the historical behaviour of the library (1.7 and earlier). /// </remarks> public PgpSecretKey( int certificationLevel, PgpKeyPair keyPair, string id, SymmetricKeyAlgorithmTag encAlgorithm, HashAlgorithmTag hashAlgorithm, bool utf8PassPhrase, char[] passPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) : this(certificationLevel, keyPair, id, encAlgorithm, hashAlgorithm, PgpUtilities.EncodePassPhrase(passPhrase, utf8PassPhrase), true, useSha1, hashedPackets, unhashedPackets, rand) { }
/// <summary> /// Adds the sub key. /// </summary> /// <param name="keyPair">The key pair.</param> public void AddSubKey(PgpKeyPair keyPair) { this.AddSubKey(keyPair, _hashAlgorithm); }
internal PgpSecretKey( int certificationLevel, PgpKeyPair keyPair, string id, SymmetricKeyAlgorithmTag encAlgorithm, byte[] rawPassPhrase, bool clearPassPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) : this(keyPair.PrivateKey, CertifiedPublicKey(certificationLevel, keyPair, id, hashedPackets, unhashedPackets), encAlgorithm, rawPassPhrase, clearPassPhrase, useSha1, rand, true) { }
/// <summary> /// Adds the sub key. /// </summary> /// <param name="keyPair">The key pair.</param> public void AddSubKey(PgpKeyPair keyPair) { this.AddSubKey(keyPair, _hashAlgorithm); }
/// <remarks> /// Allows the caller to handle the encoding of the passphrase to bytes. /// </remarks> public PgpSecretKey( int certificationLevel, PgpKeyPair keyPair, string id, SymmetricKeyAlgorithmTag encAlgorithm, HashAlgorithmTag hashAlgorithm, byte[] rawPassPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) : this(certificationLevel, keyPair, id, encAlgorithm, hashAlgorithm, rawPassPhrase, false, useSha1, hashedPackets, unhashedPackets, rand) { }
/// <summary> /// Adds the sub key. /// </summary> /// <param name="keyPair">The key pair.</param> /// <param name="hashedPackets">The hashed packets.</param> /// <param name="unhashedPackets">The unhashed packets.</param> public void AddSubKey( PgpKeyPair keyPair, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets) { this.AddSubKey(keyPair, hashedPackets, unhashedPackets, _hashAlgorithm); }
public PgpSecretKey(int certificationLevel, PgpKeyPair keyPair, string id, SymmetricKeyAlgorithmTag encAlgorithm, HashAlgorithmTag hashAlgorithm, bool utf8PassPhrase, char[] passPhrase, bool useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) : this(certificationLevel, keyPair, id, encAlgorithm, hashAlgorithm, PgpUtilities.EncodePassPhrase(passPhrase, utf8PassPhrase), clearPassPhrase : true, useSha1, hashedPackets, unhashedPackets, rand) { }
/// <summary>Add a subkey to the key ring to be generated with default certification.</summary> public void AddSubKey( PgpKeyPair keyPair) { AddSubKey(keyPair, this.hashedPacketVector, this.unhashedPacketVector); }
private static PgpPublicKey CertifiedPublicKey( int certificationLevel, PgpKeyPair keyPair, string id, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, HashAlgorithmTag hashAlgorithm) { PgpSignatureGenerator sGen; try { sGen = new PgpSignatureGenerator(keyPair.PublicKey.Algorithm, hashAlgorithm); } catch (Exception e) { throw new PgpException("Creating signature generator: " + e.Message, e); } // // Generate the certification // sGen.InitSign(certificationLevel, keyPair.PrivateKey); sGen.SetHashedSubpackets(hashedPackets); sGen.SetUnhashedSubpackets(unhashedPackets); try { PgpSignature certification = sGen.GenerateCertification(id, keyPair.PublicKey); return PgpPublicKey.AddCertification(keyPair.PublicKey, id, certification); } catch (Exception e) { throw new PgpException("Exception doing certification: " + e.Message, e); } }
/// <summary>Add a subkey to the key ring to be generated with default certification.</summary> public void AddSubKey( PgpKeyPair keyPair) { AddSubKey(keyPair, this.hashedPacketVector, this.unhashedPacketVector); }
/// <summary>Add a subkey to the key ring to be generated with default certification.</summary> public void AddSubKey( PgpKeyPair keyPair) { AddSubKey(keyPair, hashedPackets, unhashedPackets); }
/// <summary> /// Add a subkey to the key ring to be generated with default certification. /// </summary> /// <param name="keyPair">The key pair.</param> /// <param name="hashAlgorithm">The hash algorithm.</param> public void AddSubKey(PgpKeyPair keyPair, HashAlgorithmTag hashAlgorithm) { this.AddSubKey(keyPair, _hashedPacketVector, _unhashedPacketVector, hashAlgorithm); }