| public SetPreferredSymmetricAlgorithms ( bool isCritical, int algorithms ) : void | ||
| isCritical | bool | |
| algorithms | int | |
| return | void | |
/// <summary>
/// Build a PGP key pair
/// </summary>
/// <param name="bits">number of bits in key, e.g. 2048</param>
/// <param name="identifier">key identifier, e.g. "Your Name <*****@*****.**>" </param>
/// <param name="password">key password or null</param>
/// <param name="privateKey">returned ascii private key</param>
/// <param name="publicKey">returned ascii public key</param>
public static void PGPGenerateKey(int bits, string identifier, string password, out string privateKey, out string publicKey)
{
// generate a new RSA keypair
RsaKeyPairGenerator gen = new RsaKeyPairGenerator();
gen.Init(new RsaKeyGenerationParameters(BigInteger.ValueOf(0x101), new Org.BouncyCastle.Security.SecureRandom(), bits, 80));
AsymmetricCipherKeyPair pair = gen.GenerateKeyPair();
// create PGP subpacket
PgpSignatureSubpacketGenerator hashedGen = new PgpSignatureSubpacketGenerator();
hashedGen.SetKeyFlags(true, PgpKeyFlags.CanCertify | PgpKeyFlags.CanSign | PgpKeyFlags.CanEncryptCommunications | PgpKeyFlags.CanEncryptStorage);
hashedGen.SetPreferredCompressionAlgorithms(false, new int[] { (int)CompressionAlgorithmTag.Zip });
hashedGen.SetPreferredHashAlgorithms(false, new int[] { (int)HashAlgorithmTag.Sha1 });
hashedGen.SetPreferredSymmetricAlgorithms(false, new int[] { (int)SymmetricKeyAlgorithmTag.Cast5 });
PgpSignatureSubpacketVector sv = hashedGen.Generate();
PgpSignatureSubpacketGenerator unhashedGen = new PgpSignatureSubpacketGenerator();
// create the PGP key
PgpSecretKey secretKey = new PgpSecretKey(
PgpSignature.DefaultCertification,
PublicKeyAlgorithmTag.RsaGeneral,
pair.Public,
pair.Private,
DateTime.Now,
identifier,
SymmetricKeyAlgorithmTag.Cast5,
(password != null ? password.ToCharArray() : null),
hashedGen.Generate(),
unhashedGen.Generate(),
new Org.BouncyCastle.Security.SecureRandom());
// extract the keys
using (MemoryStream ms = new MemoryStream())
{
using (ArmoredOutputStream ars = new ArmoredOutputStream(ms))
{
secretKey.Encode(ars);
}
privateKey = Encoding.ASCII.GetString(ms.ToArray());
}
using (MemoryStream ms = new MemoryStream())
{
using (ArmoredOutputStream ars = new ArmoredOutputStream(ms))
{
secretKey.PublicKey.Encode(ars);
}
publicKey = Encoding.ASCII.GetString(ms.ToArray());
}
}
//src: http://stackoverflow.com/questions/17953852/generating-pgp-key-ring-using-bouncy-castle-c-results-in-key-id-ffffffff
public static PgpKeyRingGenerator generateKeyRingGenerator(String identity, String password)
{
KeyRingParams keyRingParams = new KeyRingParams();
keyRingParams.Password = password;
keyRingParams.Identity = identity;
keyRingParams.PrivateKeyEncryptionAlgorithm = SymmetricKeyAlgorithmTag.Aes128;
keyRingParams.SymmetricAlgorithms = new SymmetricKeyAlgorithmTag[] {
SymmetricKeyAlgorithmTag.Aes256/*,
SymmetricKeyAlgorithmTag.Aes192,
SymmetricKeyAlgorithmTag.Aes128*/
//TODO: delete ?
};
keyRingParams.HashAlgorithms = new HashAlgorithmTag[] {
HashAlgorithmTag.Sha256,
//TODO: delete ? + check Parameters
//HashAlgorithmTag.Sha1,
//HashAlgorithmTag.Sha384,
HashAlgorithmTag.Sha512,
//HashAlgorithmTag.Sha224,
};
IAsymmetricCipherKeyPairGenerator generator = GeneratorUtilities.GetKeyPairGenerator("RSA");
generator.Init(keyRingParams.RsaParams);
/* Create the master (signing-only) key. */
PgpKeyPair masterKeyPair = new PgpKeyPair(
PublicKeyAlgorithmTag.RsaSign,
generator.GenerateKeyPair(),
DateTime.UtcNow
);
PgpSignatureSubpacketGenerator masterSubpckGen
= new PgpSignatureSubpacketGenerator();
masterSubpckGen.SetKeyFlags(false,
PgpKeyFlags.CanSign
| PgpKeyFlags.CanCertify);
//create var for preferred symmetric algorithms
int [] iPreferedSymmetricAlgorithms = new int[keyRingParams.SymmetricAlgorithms.Length];
for (int i = 0; i < keyRingParams.SymmetricAlgorithms.Length; i++) {
iPreferedSymmetricAlgorithms[i] = (int) keyRingParams.SymmetricAlgorithms[i];
}
masterSubpckGen.SetPreferredSymmetricAlgorithms (false, iPreferedSymmetricAlgorithms);
//create var for preferred hash algorithms
int [] iPreferedHashAlgorithms = new int[keyRingParams.HashAlgorithms.Length];
for (int i = 0; i < keyRingParams.HashAlgorithms.Length; i++) {
iPreferedHashAlgorithms[i] = (int) keyRingParams.HashAlgorithms[i];
}
masterSubpckGen.SetPreferredHashAlgorithms (false, iPreferedHashAlgorithms);
/* Create a signing and encryption key for daily use. */
PgpKeyPair encKeyPair = new PgpKeyPair(
PublicKeyAlgorithmTag.RsaGeneral,
generator.GenerateKeyPair(),
DateTime.UtcNow);
PgpSignatureSubpacketGenerator encSubpckGen = new PgpSignatureSubpacketGenerator();
encSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanEncryptCommunications | PgpKeyFlags.CanEncryptStorage);
masterSubpckGen.SetPreferredSymmetricAlgorithms(false, iPreferedSymmetricAlgorithms);
masterSubpckGen.SetPreferredHashAlgorithms (false, iPreferedHashAlgorithms);
/* Create the key ring. */
PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(
PgpSignature.DefaultCertification,
masterKeyPair,
keyRingParams.Identity,
keyRingParams.PrivateKeyEncryptionAlgorithm.Value,
keyRingParams.GetPassword(),
true,
masterSubpckGen.Generate(),
null,
new SecureRandom());
/* Add encryption subkey. */
keyRingGen.AddSubKey(encKeyPair, encSubpckGen.Generate(), null);
return keyRingGen;
}
public static PgpKeyRingGenerator CreateKeyRingGenerator(string identity, string password)
{
var dateTimeNowUtc = DateTime.UtcNow;
KeyRingParams keyRingParams = new KeyRingParams();
keyRingParams.Password = password;
keyRingParams.Identity = identity;
keyRingParams.PrivateKeyEncryptionAlgorithm = SymmetricKeyAlgorithmTag.Aes256;
keyRingParams.SymmetricAlgorithms = new SymmetricKeyAlgorithmTag[] {
SymmetricKeyAlgorithmTag.Aes256,
SymmetricKeyAlgorithmTag.Aes192,
SymmetricKeyAlgorithmTag.Aes128
};
keyRingParams.HashAlgorithms = new HashAlgorithmTag[] {
HashAlgorithmTag.Sha256,
HashAlgorithmTag.Sha1,
HashAlgorithmTag.Sha384,
HashAlgorithmTag.Sha512,
HashAlgorithmTag.Sha224,
};
IAsymmetricCipherKeyPairGenerator generator
= GeneratorUtilities.GetKeyPairGenerator("RSA");
generator.Init(keyRingParams.RsaParams);
/* Create the master (signing-only) key. */
PgpKeyPair masterKeyPair = new PgpKeyPair(
PublicKeyAlgorithmTag.RsaSign,
generator.GenerateKeyPair(),
dateTimeNowUtc);
Debug.WriteLine("Generated master key with ID "
+ masterKeyPair.KeyId.ToString("X"));
PgpSignatureSubpacketGenerator masterSubpckGen
= new PgpSignatureSubpacketGenerator();
var secondsUntilExpires = (long)(dateTimeNowUtc.AddDays(2) - dateTimeNowUtc).TotalSeconds;
masterSubpckGen.SetKeyExpirationTime(false, secondsUntilExpires);
masterSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanSign
| PgpKeyFlags.CanCertify | PgpKeyFlags.CanEncryptCommunications | PgpKeyFlags.CanEncryptStorage);
masterSubpckGen.SetPreferredSymmetricAlgorithms(false,
(from a in keyRingParams.SymmetricAlgorithms
select (int)a).ToArray());
masterSubpckGen.SetPreferredHashAlgorithms(false,
(from a in keyRingParams.HashAlgorithms
select (int)a).ToArray());
/* Create a signing and encryption key for daily use. */
PgpKeyPair encKeyPair = new PgpKeyPair(
PublicKeyAlgorithmTag.RsaGeneral,
generator.GenerateKeyPair(),
dateTimeNowUtc);
Debug.WriteLine("Generated encryption key with ID "
+ encKeyPair.KeyId.ToString("X"));
PgpSignatureSubpacketGenerator encSubpckGen = new PgpSignatureSubpacketGenerator();
encSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanEncryptCommunications | PgpKeyFlags.CanEncryptStorage);
encSubpckGen.SetKeyExpirationTime(false, secondsUntilExpires);
masterSubpckGen.SetPreferredSymmetricAlgorithms(false,
(from a in keyRingParams.SymmetricAlgorithms
select (int)a).ToArray());
masterSubpckGen.SetPreferredHashAlgorithms(false,
(from a in keyRingParams.HashAlgorithms
select (int)a).ToArray());
/* Create the key ring. */
PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(
PgpSignature.DefaultCertification,
masterKeyPair,
keyRingParams.Identity,
keyRingParams.PrivateKeyEncryptionAlgorithm.Value,
keyRingParams.GetPassword(),
true,
masterSubpckGen.Generate(),
null,
new SecureRandom());
/* Add encryption subkey. */
keyRingGen.AddSubKey(encKeyPair, encSubpckGen.Generate(), null);
return keyRingGen;
}