private void output_keys(RopBind rop)
{
int alt = rop.tagging();
try {
// initialize
RopSession ses = rop.create_session(RopBind.KEYSTORE_GPG, RopBind.KEYSTORE_GPG);
RopInput keyfile = null;
try {
// load keyrings
keyfile = rop.create_input("pubring.pgp");
// actually, we may exclude the public to not check key types
ses.load_keys_public(RopBind.KEYSTORE_GPG, keyfile);
} catch (RopError ex) {
Console.WriteLine("Failed to read pubring");
throw ex;
} finally {
rop.drop(keyfile);
}
keyfile = null;
try {
keyfile = rop.create_input("secring.pgp");
ses.load_keys_secret(RopBind.KEYSTORE_GPG, keyfile);
} catch (RopError ex) {
Console.WriteLine("Failed to read secring");
throw ex;
} finally {
rop.drop(keyfile);
}
try {
// print armored keys to the stdout
print_key(rop, ses, "rsa@key", false);
print_key(rop, ses, "rsa@key", true);
print_key(rop, ses, "25519@key", false);
print_key(rop, ses, "25519@key", true);
} catch (Exception ex) {
Console.WriteLine("Failed to print armored key(s)");
throw ex;
}
try {
// write armored keys to the files, named key-<keyid>-pub.asc/named key-<keyid>-sec.asc
export_key(rop, ses, "rsa@key", false);
export_key(rop, ses, "rsa@key", true);
export_key(rop, ses, "25519@key", false);
export_key(rop, ses, "25519@key", true);
} catch (Exception ex) {
Console.WriteLine("Failed to write armored key(s) to file");
throw ex;
}
} finally {
rop.drop_from(alt);
}
}
private void decrypt(RopBind rop, bool usekeys)
{
int alt = rop.tagging();
try {
// initialize FFI object
RopSession ses = rop.create_session(RopBind.KEYSTORE_GPG, RopBind.KEYSTORE_GPG);
// check whether we want to use key or password for decryption
if (usekeys)
{
RopInput keyfile = null;
try {
// load secret keyring, as it is required for public-key decryption. However, you may
// need to load public keyring as well to validate key's signatures.
keyfile = rop.create_input("secring.pgp");
// we may use secret=True and public=True as well
ses.load_keys_secret(RopBind.KEYSTORE_GPG, keyfile);
} catch (RopError ex) {
Console.WriteLine("Failed to read secring");
throw ex;
} finally {
rop.drop(keyfile);
}
}
// set the password provider
ses.set_pass_provider(this, null);
String buf = null;
try {
// create file input and memory output objects for the encrypted message and decrypted
// message
RopInput input = rop.create_input("encrypted.asc");
RopOutput output = rop.create_output(0);
ses.decrypt(input, output);
// get the decrypted message from the output structure
buf = output.memory_get_buf(false).getString();
} catch (RopError ex) {
Console.WriteLine("Public-key decryption failed");
throw ex;
}
Console.WriteLine(String.Format("Decrypted message ({0}):\n{1}\n", usekeys? "with key" : "with password", buf));
Decrypt.message = buf;
} finally {
rop.drop_from(alt);
}
}
private void sign(RopBind rop)
{
string message = "ROP signing sample message";
int alt = rop.tagging();
try {
// initialize
RopSession ses = rop.create_session(RopBind.KEYSTORE_GPG, RopBind.KEYSTORE_GPG);
RopInput keyfile = null;
string err_desc = null;
try {
// load secret keyring, as it is required for signing. However, you may need
// to load public keyring as well to validate key's signatures.
err_desc = "Failed to open secring.pgp. Did you run Generate.java sample?";
keyfile = rop.create_input("secring.pgp");
// we may use public=True and secret=True as well
err_desc = "Failed to read secring.pgp";
ses.load_keys_secret(RopBind.KEYSTORE_GPG, keyfile);
} catch (RopError ex) {
Console.WriteLine(err_desc);
throw ex;
} finally {
rop.drop(keyfile);
}
// set the password provider - we'll need password to unlock secret keys
ses.set_pass_provider(this, null);
// create file input and memory output objects for the encrypted message
// and decrypted message
RopOpSign sign = null;
try {
err_desc = "Failed to create input object";
RopInput input = rop.create_input(new RopData(message), false);
err_desc = "Failed to create output object";
RopOutput output = rop.create_output("signed.asc");
// initialize and configure sign operation, use op_sign_create(cleartext/detached)
// for cleartext or detached signature
err_desc = "Failed to create sign operation";
sign = ses.op_sign_create(input, output);
} catch (RopError ex) {
Console.WriteLine(err_desc);
throw ex;
}
// armor, file name, compression
sign.set_armor(true);
sign.set_file_name("message.txt");
sign.set_file_mtime(DateTime.Now);
sign.set_compression("ZIP", 6);
// signatures creation time - by default will be set to the current time as well
sign.set_creation_time(DateTime.Now);
// signatures expiration time - by default will be 0, i.e. never expire
sign.set_expiration(TimeSpan.FromDays(365));
// set hash algorithm - should be compatible for all signatures
sign.set_hash(RopBind.ALG_HASH_SHA256);
try {
// now add signatures. First locate the signing key, then add and setup signature
// RSA signature
err_desc = "Failed to locate signing key rsa@key.";
RopKey key = ses.locate_key("userid", "rsa@key");
Sign.key_ids[0] = key.keyid();
Sign.key_fprints[0] = key.fprint();
err_desc = "Failed to add signature for key rsa@key.";
sign.add_signature(key);
// EdDSA signature
err_desc = "Failed to locate signing key 25519@key.";
key = ses.locate_key("userid", "25519@key");
Sign.key_ids[1] = key.keyid();
Sign.key_fprints[1] = key.fprint();
err_desc = "Failed to add signature for key 25519@key.";
sign.add_signature(key);
// finally do signing
err_desc = "Failed to add signature for key 25519@key.";
sign.execute();
Console.WriteLine("Signing succeeded. See file signed.asc.");
} catch (RopError ex) {
Console.WriteLine(err_desc);
throw ex;
}
} finally {
rop.drop_from(alt);
}
}
