/// <summary> /// Finds a key /// </summary> /// <param name="lKeyID"the key to be found></param> /// <returns>the found key</returns> public TransportableSecretKey Find(ulong lKeyID) { IEnumerator ieKeys = SecretKeys.GetEnumerator(); while (ieKeys.MoveNext()) { TransportableSecretKey tskKey = (TransportableSecretKey)ieKeys.Current; if (tskKey.PrimaryKey.PublicKey.KeyID == lKeyID) { return(tskKey); } IEnumerator ieSubkeys = tskKey.SubKeys.GetEnumerator(); while (ieSubkeys.MoveNext()) { if (!(ieSubkeys.Current is SecretKeyPacket)) { throw new Exception("Expected a secret key packet, but did not find one."); } SecretKeyPacket skpKey = (SecretKeyPacket)ieSubkeys.Current; if (skpKey.PublicKey.KeyID == lKeyID) { return(tskKey); } } } return(null); }
public string SignText(string strMessage, ulong lSignatureKeyID, string strPassphrase) { SignaturePacket spSign = new SignaturePacket(); strMessage = Radix64.TrimMessage(strMessage); TransportableSecretKey tskKey = skrKeyRing.Find(lSignatureKeyID); SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign); spSign.HashAlgorithm = HashAlgorithms.SHA1; spSign.Format = PacketFormats.New; spSign.KeyID = skpKey.PublicKey.KeyID; spSign.TimeCreated = DateTime.Now; spSign.SignatureAlgorithm = skpKey.PublicKey.Algorithm; spSign.SignatureType = SignatureTypes.TextSignature; spSign.Version = SignaturePacketVersionNumbers.v4; byte[] bMessage = System.Text.Encoding.UTF8.GetBytes(strMessage); spSign.Sign(bMessage, skpKey, strPassphrase); byte[] bSignature = spSign.Generate(); string strSignature = Radix64.Encode(bSignature, true); string strFinal = Armor.WrapCleartextSignature(strMessage, strSignature); return(strFinal); }
/// <summary> /// Loads a keyring file /// </summary> /// <param name="strPath">The keyring file location</param> public void Load(string strPath) { strLoadingPath = strPath; System.IO.StreamReader srInput = new StreamReader(strPath); string strKeys = srInput.ReadToEnd(); srInput.Close(); this.SecretKeys = new ArrayList(); ArmorTypes atType = new ArmorTypes(); string strKey = Armor.RemoveArmor(strKeys, ref atType, ref strKeys); while (strKey.Length > 0) { TransportableSecretKey[] tskKeys = TransportableSecretKey.SplitKeys(strKey); foreach (TransportableSecretKey tskKey in tskKeys) { this.SecretKeys.Add(tskKey); } strKey = Armor.RemoveArmor(strKeys, ref atType, ref strKeys); } bIsUpdated = false; }
public static string ClearTextSign(string strMessage, SecretKeyRing skrKeyRing) { SignaturePacket spSign = new SignaturePacket(); strMessage = Radix64.TrimMessage(strMessage); QueryPassphrase qpPassphrase = new QueryPassphrase(); qpPassphrase.ShowMyDialog(skrKeyRing); string strPassphrase = qpPassphrase.Passphrase; TransportableSecretKey tskKey = qpPassphrase.SelectedKey; SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign); Working wWorking = new Working(); wWorking.Show(); spSign.HashAlgorithm = HashAlgorithms.SHA1; spSign.Format = PacketFormats.New; wWorking.Progress(10); SignatureSubPacket sspCreator = new SignatureSubPacket(); sspCreator.Type = SignatureSubPacketTypes.IssuerKeyID; sspCreator.KeyID = skpKey.PublicKey.KeyID; SignatureSubPacket sspCreationTime = new SignatureSubPacket(); sspCreationTime.Type = SignatureSubPacketTypes.SignatureCreationTime; sspCreationTime.TimeCreated = DateTime.Now; spSign.HashedSubPackets = new SignatureSubPacket[2]; spSign.HashedSubPackets[0] = sspCreator; spSign.HashedSubPackets[1] = sspCreationTime; wWorking.Progress(20); //spSign.KeyID = skpKey.PublicKey.KeyID; //spSign.TimeCreated = DateTime.Now; spSign.SignatureAlgorithm = skpKey.PublicKey.Algorithm; spSign.SignatureType = SignatureTypes.TextSignature; spSign.Version = SignaturePacketVersionNumbers.v4; wWorking.Progress(10); byte[] bMessage = System.Text.Encoding.UTF8.GetBytes(strMessage); spSign.Sign(bMessage, skpKey, strPassphrase); wWorking.Progress(40); byte[] bSignature = spSign.Generate(); string strSignature = Radix64.Encode(bSignature, true); wWorking.Progress(20); string strFinal = Armor.WrapCleartextSignature(strMessage, strSignature); wWorking.Hide(); return(strFinal); }
public string GetSecretKey(ulong lKeyID, string strPassphrase) { TransportableSecretKey tskKey = skrKeyRing.Find(lKeyID); tskKey.PrimaryKey.GetDecryptedKeyMaterial(strPassphrase); byte[] bKey = tskKey.Generate(); return(Armor.WrapPrivateKey(bKey)); }
/// <summary> /// Private method to add a key doing checks /// </summary> /// <param name="tspk">key to be added</param> public void AddSecretKey(TransportableSecretKey tspk) { if (tspk != null) { if (this.Find(tspk.PrimaryKey.PublicKey.KeyID) == null) { this.Add(tspk); } } }
/// <summary> /// Saves a key to a location /// </summary> /// <param name="strPath">file path</param> /// <param name="KeyID">key to save</param> public void Save(string strPath, ulong KeyID) { System.IO.StreamWriter swOutput = new StreamWriter(strPath); try { TransportableSecretKey tskKey = this.Find(KeyID); byte[] bKey = tskKey.Generate(); string strKey = Armor.WrapPrivateKey(bKey); swOutput.Write(strKey); } catch (Exception e) { throw new Exception("Error while trying to save a private key: " + e.Message); } swOutput.Close(); bIsUpdated = false; }
public string GetSecretKeysProperties() { string strReturn = "<SecretKeyRing>"; IEnumerator ieKeys = skrKeyRing.SecretKeys.GetEnumerator(); while (ieKeys.MoveNext()) { if (!(ieKeys.Current is TransportableSecretKey)) { continue; } TransportableSecretKey tskKey = (TransportableSecretKey)ieKeys.Current; strReturn += "\n" + GetSecretKeyProperties(tskKey.PrimaryKey.PublicKey.KeyID); } return(strReturn + "</SecretKeyRing>"); }
private SignedMessage SignMessage(LiteralMessage lmToBeSigned, ulong lSignatureKeyID, string strPassphrase) { TransportableSecretKey tskKey = skrKeyRing.Find(lSignatureKeyID); SignedMessage smMessage = new SignedMessage(); smMessage.MessageSigned = lmToBeSigned; SignaturePacket spPacket = new SignaturePacket(); spPacket.Version = SignaturePacketVersionNumbers.v3; SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign); spPacket.KeyID = skpKey.PublicKey.KeyID; spPacket.HashAlgorithm = HashAlgorithms.SHA1; spPacket.SignatureAlgorithm = skpKey.PublicKey.Algorithm; spPacket.TimeCreated = DateTime.Now; spPacket.SignatureType = SignatureTypes.TextSignature; spPacket.Sign(lmToBeSigned.Binary, skpKey, strPassphrase); smMessage.Signature = spPacket; return(smMessage); }
public void Save(string strPath) { System.IO.StreamWriter swOutput = new StreamWriter(strPath); IEnumerator ieKeys = this.SecretKeys.GetEnumerator(); while (ieKeys.MoveNext()) { if (ieKeys.Current is TransportableSecretKey) { try { TransportableSecretKey tskKey = (TransportableSecretKey)ieKeys.Current; byte[] bKey = tskKey.Generate(); string strKey = Armor.WrapPrivateKey(bKey); swOutput.Write(strKey); } catch (Exception e) { MessageBox.Show("Error while trying to save a private key: " + e.Message, "Error...", MessageBoxButtons.OK, MessageBoxIcon.Warning); } } } swOutput.Close(); bIsUpdated = false; }
public void AddUserID(ulong lKeyID, string strName, string strEmail, string strPassphrase) { TransportableSecretKey tskKey = skrKeyRing.Find(lKeyID); TransportablePublicKey tpkKey = pkrKeyRing.Find(lKeyID, false); CertifiedUserID cuiUID = new CertifiedUserID(); UserIDPacket uipUID = new UserIDPacket(); uipUID.UserID = strName.Trim() + " <" + strEmail.Trim() + ">"; cuiUID.UserID = uipUID; SecretKeyPacket skpSignatureKey = tskKey.FindKey(AsymActions.Sign); SignaturePacket spSelfSig = new SignaturePacket(); spSelfSig.Version = SignaturePacketVersionNumbers.v4; spSelfSig.HashAlgorithm = HashAlgorithms.SHA1; spSelfSig.KeyID = skpSignatureKey.PublicKey.KeyID; spSelfSig.TimeCreated = DateTime.Now; cuiUID.Certificates = new System.Collections.ArrayList(); cuiUID.Sign(spSelfSig, skpSignatureKey, strPassphrase, tpkKey.PrimaryKey); tpkKey.Certifications.Add(cuiUID); tskKey.UserIDs.Add(uipUID); }
/// <summary> /// Revoke a subkey /// </summary> /// <param name="KeyID">subkey ID</param> /// <param name="skpKeySigner">revoker secret key</param> /// <param name="strPassphrase">revoker passphrase</param> /// <param name="exportable">exportable revocation</param> public void RevokeSubKey(ulong KeyID, TransportableSecretKey skpKeySigner, string strPassphrase, bool exportable) { TransportablePublicKey tspKey = this.PublicRing.Find(KeyID,false); if(tspKey == null) throw new Exception("Public Key not found"); if(tspKey.PrimaryKey.KeyID == KeyID) throw new Exception("This is a primary key... use RevokeKey method instead."); CertifiedPublicSubkey cps = null; foreach(CertifiedPublicSubkey cpsi in tspKey.SubKeys) { if(cpsi.Subkey.KeyID == KeyID) cps = cpsi; } bool allowed = false; ulong issuer = skpKeySigner.PrimaryKey.PublicKey.KeyID; if(issuer == tspKey.PrimaryKey.KeyID) { allowed = true; } else { foreach (SignaturePacket spPacket in tspKey.RevocationKeys) { foreach (BigInteger revoker in spPacket.FindRevokerKeys()) { if (revoker.ToString() == skpKeySigner.PrimaryKey.PublicKey.Fingerprint.ToString()) { allowed = true; } } } } if (allowed && cps.KeyBindingSignature.isRevocable()) { if (this.PublicRing.isRevoked(KeyID)) throw new Exception("Public SubKey alreadyRevoked"); SignaturePacket spSig = new SignaturePacket(); spSig.Version = SignaturePacketVersionNumbers.v4; spSig.HashAlgorithm = HashAlgorithms.SHA1; spSig.KeyID = skpKeySigner.PrimaryKey.PublicKey.KeyID; spSig.TimeCreated = DateTime.Now; SignatureSubPacket sspExportableSignature = new SignatureSubPacket(); sspExportableSignature.Type = SignatureSubPacketTypes.ExportableSignature; sspExportableSignature.ExportableSignature = exportable; spSig.AddSubPacket(sspExportableSignature, false); byte[] subkey = new byte[cps.Subkey.Length]; cps.Subkey.Header.CopyTo(subkey,0); cps.Subkey.Body.CopyTo(subkey,cps.Subkey.Header.Length); subkey[0]=0x99; byte[] mainkey = new byte[tspKey.PrimaryKey.Length]; tspKey.PrimaryKey.Header.CopyTo(mainkey,0); tspKey.PrimaryKey.Body.CopyTo(mainkey,tspKey.PrimaryKey.Header.Length); byte[] key = new byte[subkey.Length+mainkey.Length]; mainkey.CopyTo(key,0); subkey.CopyTo(key,mainkey.Length); spSig.SignatureType = SignatureTypes.SubkeyRevocationSignature; spSig.Sign(key, skpKeySigner.PrimaryKey, strPassphrase); cps.RevocationSignature=spSig; } else throw new Exception("Not allowed to revoke this subkey"); }
public void GenerateKey(string strName, string strEmail, string strKeyType, int iKeySize, long lExpiration, string strPassphrase) { if (strKeyType == "ElGamal/DSA") { System.Security.Cryptography.RandomNumberGenerator rngRand = System.Security.Cryptography.RandomNumberGenerator.Create(); // let's first create the encryption key BigInteger[][] biEncryptionKey = GenerateEncryptionKey(iKeySize); // now the signature key BigInteger[][] biSignatureKey = GenerateSignatureKey(); PublicKeyPacket pkpSignatureKey = new PublicKeyPacket(false); pkpSignatureKey.Algorithm = AsymAlgorithms.DSA; pkpSignatureKey.KeyMaterial = biSignatureKey[0]; pkpSignatureKey.TimeCreated = DateTime.Now; pkpSignatureKey.Version = PublicKeyPacketVersionNumbers.v4; SecretKeyPacket skpSignatureKey = new SecretKeyPacket(false); skpSignatureKey.SymmetricalAlgorithm = SymAlgorithms.AES256; skpSignatureKey.PublicKey = pkpSignatureKey; skpSignatureKey.InitialVector = new byte[CipherHelper.CipherBlockSize(SymAlgorithms.AES256)]; rngRand.GetBytes(skpSignatureKey.InitialVector); skpSignatureKey.EncryptKeyMaterial(biSignatureKey[1], strPassphrase); skpSignatureKey.PublicKey = pkpSignatureKey; PublicKeyPacket pkpEncryptionKey = new PublicKeyPacket(true); pkpEncryptionKey.Algorithm = AsymAlgorithms.ElGamal_Encrypt_Only; pkpEncryptionKey.KeyMaterial = biEncryptionKey[0]; pkpEncryptionKey.TimeCreated = DateTime.Now; pkpEncryptionKey.Version = PublicKeyPacketVersionNumbers.v4; SecretKeyPacket skpEncryptionKey = new SecretKeyPacket(true); skpEncryptionKey.SymmetricalAlgorithm = SymAlgorithms.AES256; skpEncryptionKey.PublicKey = pkpEncryptionKey; skpEncryptionKey.InitialVector = new byte[CipherHelper.CipherBlockSize(SymAlgorithms.AES256)]; rngRand.GetBytes(skpEncryptionKey.InitialVector); skpEncryptionKey.EncryptKeyMaterial(biEncryptionKey[1], strPassphrase); skpEncryptionKey.PublicKey = pkpEncryptionKey; CertifiedUserID cuiUID = new CertifiedUserID(); UserIDPacket uipUID = new UserIDPacket(); uipUID.UserID = strName.Trim() + " <" + strEmail.Trim() + ">"; cuiUID.UserID = uipUID; SignaturePacket spSelfSig = new SignaturePacket(); spSelfSig.Version = SignaturePacketVersionNumbers.v4; spSelfSig.HashAlgorithm = HashAlgorithms.SHA1; spSelfSig.KeyID = pkpSignatureKey.KeyID; spSelfSig.TimeCreated = DateTime.Now; SignatureSubPacket sspPrimaryUserID = new SignatureSubPacket(); sspPrimaryUserID.Type = SignatureSubPacketTypes.PrimaryUserID; sspPrimaryUserID.PrimaryUserID = true; spSelfSig.AddSubPacket(sspPrimaryUserID, true); SignatureSubPacket sspPreferedSymAlgos = new SignatureSubPacket(); sspPreferedSymAlgos.Type = SignatureSubPacketTypes.PreferedSymmetricAlgorithms; sspPreferedSymAlgos.PreferedSymAlgos = new SymAlgorithms[] {SymAlgorithms.AES256, SymAlgorithms.AES192, SymAlgorithms.AES256, SymAlgorithms.CAST5, SymAlgorithms.Triple_DES}; spSelfSig.AddSubPacket(sspPreferedSymAlgos, true); SignatureSubPacket sspPreferedHashAlgos = new SignatureSubPacket(); sspPreferedHashAlgos.Type = SignatureSubPacketTypes.PreferedHashAlgorithms; sspPreferedHashAlgos.PreferedHashAlgos = new HashAlgorithms[] {HashAlgorithms.SHA1}; spSelfSig.AddSubPacket(sspPreferedHashAlgos, true); if (lExpiration != 0) { SignatureSubPacket sspExpiration = new SignatureSubPacket(); sspExpiration.Type = SignatureSubPacketTypes.SignatureExpirationTime; sspExpiration.SignatureExpirationTime = new DateTime(lExpiration); spSelfSig.AddSubPacket(sspExpiration, true); } cuiUID.Certificates = new System.Collections.ArrayList(); cuiUID.Sign(spSelfSig, skpSignatureKey, strPassphrase, pkpSignatureKey); CertifiedPublicSubkey cpsEncryptionKey = new CertifiedPublicSubkey(); cpsEncryptionKey.Subkey = pkpEncryptionKey; cpsEncryptionKey.SignKeyBindingSignature(pkpSignatureKey, skpSignatureKey, strPassphrase, new DateTime(lExpiration), true); TransportablePublicKey tpkPublicKey = new TransportablePublicKey(); tpkPublicKey.PrimaryKey = pkpSignatureKey; tpkPublicKey.SubKeys.Add(cpsEncryptionKey); tpkPublicKey.Certifications.Add(cuiUID); TransportableSecretKey tskSecretKey = new TransportableSecretKey(); tskSecretKey.PrimaryKey = skpSignatureKey; tskSecretKey.SubKeys.Add(skpEncryptionKey); tskSecretKey.UserIDs.Add(uipUID); this.pkrKeyRing.AddPublicKey(tpkPublicKey); this.skrKeyRing.AddSecretKey(tskSecretKey); pkrKeyRing.Save(); skrKeyRing.Save(); // it's an RSA key } else if (strKeyType == "RSA") { } }
public void SignKey(ulong lSignedKeyID, ulong lSigningKeyID, string strUserID, int nIntroducerDepth, bool bIsExportable, int nType, string strPassphrase) { TransportableSecretKey tskKey = skrKeyRing.Find(lSigningKeyID); SecretKeyPacket skpSignatureKey = tskKey.FindKey(AsymActions.Sign); TransportablePublicKey tpkKey = pkrKeyRing.Find(lSignedKeyID, false); SignaturePacket spCertificate = new SignaturePacket(); spCertificate.SignatureType = (SignatureTypes)nType; spCertificate.Version = SignaturePacketVersionNumbers.v4; spCertificate.HashAlgorithm = HashAlgorithms.SHA1; spCertificate.KeyID = skpSignatureKey.PublicKey.KeyID; spCertificate.TimeCreated = DateTime.Now; CertifiedUserID cuiID = null; IEnumerator ieUserIDs = tpkKey.Certifications.GetEnumerator(); while (ieUserIDs.MoveNext()) { if (!(ieUserIDs.Current is CertifiedUserID)) { continue; } CertifiedUserID cuiThisID = (CertifiedUserID)ieUserIDs.Current; if (cuiThisID.ToString() == strUserID) { cuiID = cuiThisID; } } if (cuiID == null) { throw new Exception("UserID could not be found!"); } if (bIsExportable == false) { SignatureSubPacket sspNotExportable = new SignatureSubPacket(); sspNotExportable.Type = SignatureSubPacketTypes.ExportableSignature; sspNotExportable.ExportableSignature = false; spCertificate.AddSubPacket(sspNotExportable, true); } if (nIntroducerDepth > 0) { SignatureSubPacket sspTrust = new SignatureSubPacket(); sspTrust.Type = SignatureSubPacketTypes.TrustSignature; sspTrust.TrustLevel = (byte)nIntroducerDepth; sspTrust.TrustAmount = 120; spCertificate.AddSubPacket(sspTrust, true); } cuiID.Sign(spCertificate, skpSignatureKey, strPassphrase, tpkKey.PrimaryKey); tpkKey.Certifications.Remove(cuiID); tpkKey.Certifications.Add(cuiID); pkrKeyRing.Delete(lSignedKeyID); pkrKeyRing.AddPublicKey(tpkKey); pkrKeyRing.Save(); }
public static string EncryptText(string strMessage, PublicKeyRing pkrPublicKeyRing, SecretKeyRing skrSecretKeyRing, bool bSign) { PublicKeySelector pksSelectKeys = new PublicKeySelector(pkrPublicKeyRing); pksSelectKeys.ShowDialog(); TransportableSecretKey tskKey = new TransportableSecretKey(); string strPassphrase = ""; if (bSign) { QueryPassphrase qpPassphrase = new QueryPassphrase(); qpPassphrase.ShowMyDialog(skrSecretKeyRing); tskKey = qpPassphrase.SelectedKey; strPassphrase = qpPassphrase.Passphrase; } if (pksSelectKeys.SelectedKeys.Count == 0) return strMessage; Working wWorking = new Working(); wWorking.Show(); LiteralMessage lmMessage = new LiteralMessage(DataFormatTypes.Text); lmMessage.Text = strMessage; lmMessage.TimeCreated = DateTime.Now; lmMessage.Filename = ""; SharpPrivacy.OpenPGP.Messages.Message mEncryptionMessage = lmMessage; if (bSign) { SignedMessage smMessage = new SignedMessage(); smMessage.MessageSigned = lmMessage; SignaturePacket spPacket = new SignaturePacket(); spPacket.Version = SignaturePacketVersionNumbers.v3; SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign); spPacket.KeyID = skpKey.PublicKey.KeyID; spPacket.HashAlgorithm = HashAlgorithms.SHA1; spPacket.SignatureAlgorithm = skpKey.PublicKey.Algorithm; spPacket.TimeCreated = DateTime.Now; spPacket.SignatureType = SignatureTypes.TextSignature; spPacket.Sign(lmMessage.Binary, skpKey, strPassphrase); smMessage.Signature = spPacket; mEncryptionMessage = smMessage; } CompressedMessage cmMessage = new CompressedMessage(); cmMessage.Compress(mEncryptionMessage); wWorking.Progress(20); SymAlgorithms saAlgo = GetSymAlgorithmPreferences(pksSelectKeys.SelectedKeys); SymmetricallyEncryptedDataPacket sedpEncrypted = new SymmetricallyEncryptedDataPacket(); SymmetricAlgorithm saEncrypt = CipherHelper.CreateSymAlgorithm(saAlgo); saEncrypt.Mode = CipherMode.OpenPGP_CFB; saEncrypt.GenerateKey(); byte[] bKey = saEncrypt.Key; wWorking.Progress(10); ESKSequence esksKeys = new ESKSequence(); try { esksKeys = CreateESKSequence(pksSelectKeys.SelectedKeys, AsymActions.Encrypt, saAlgo, bKey); } catch (Exception e) { wWorking.Hide(); MessageBox.Show("The following error occured: " + e.Message, "Error..."); return strMessage; } wWorking.Progress(50); ICryptoTransform ictEncryptor = saEncrypt.CreateEncryptor(); byte[] bMessage = cmMessage.GetEncoded(); byte[] bOutput = new byte[bMessage.Length]; ictEncryptor.TransformBlock(bMessage, 0, bMessage.Length, ref bOutput, 0); bKey.Initialize(); wWorking.Progress(10); int iOutLength = (saEncrypt.BlockSize >> 3) + 2 + bMessage.Length; sedpEncrypted.Body = new byte[iOutLength]; Array.Copy(bOutput, 0, sedpEncrypted.Body, 0, iOutLength); byte[] bESK = esksKeys.GetEncoded(); byte[] bEncrypted = sedpEncrypted.Generate(); byte[] bReturn = new byte[bESK.Length + bEncrypted.Length]; bESK.CopyTo(bReturn, 0); bEncrypted.CopyTo(bReturn, bESK.Length); wWorking.Progress(10); string strReturn = Radix64.Encode(bReturn, true); strReturn = Armor.WrapMessage(strReturn); wWorking.Hide(); return strReturn; }
/// <summary> /// Text signing /// </summary> /// <param name="strMessage">text to be signed</param> /// <param name="tskKey">secret key for signing purpose</param> /// <param name="strPassphrase">passphrase for the secret key</param> /// <returns>the signed text</returns> public string ClearTextSign(string strMessage, TransportableSecretKey tskKey, string strPassphrase, bool embedMessage) { SignaturePacket spSign = new SignaturePacket(); strMessage = Radix64.TrimMessage(strMessage); SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign); spSign.HashAlgorithm = HashAlgorithms.SHA1; spSign.Format = PacketFormats.New; SignatureSubPacket sspCreator = new SignatureSubPacket(); sspCreator.Type = SignatureSubPacketTypes.IssuerKeyID; sspCreator.KeyID = skpKey.PublicKey.KeyID; SignatureSubPacket sspCreationTime = new SignatureSubPacket(); sspCreationTime.Type = SignatureSubPacketTypes.SignatureCreationTime; sspCreationTime.TimeCreated = DateTime.Now; spSign.HashedSubPackets = new SignatureSubPacket[2]; spSign.HashedSubPackets[0] = sspCreator; spSign.HashedSubPackets[1] = sspCreationTime; //spSign.KeyID = skpKey.PublicKey.KeyID; //spSign.TimeCreated = DateTime.Now; spSign.SignatureAlgorithm = skpKey.PublicKey.Algorithm; spSign.SignatureType = SignatureTypes.TextSignature; spSign.Version = SignaturePacketVersionNumbers.v4; byte[] bMessage = System.Text.Encoding.UTF8.GetBytes(strMessage); spSign.Sign(bMessage, skpKey, strPassphrase); byte[] bSignature = spSign.Generate(); string strSignature = Radix64.Encode(bSignature, true); string strFinal; if(embedMessage) strFinal = Armor.WrapCleartextSignature(strMessage, strSignature); else strFinal = Armor.WrapCleartextSignature(strSignature); return strFinal; }
/// <summary> /// Signs a key /// </summary> /// <param name="tspKey">key to be signed</param> /// <param name="cuidTobeSigned">user id to be signed</param> /// <param name="skpKeySigner">signer private key</param> /// <param name="strPassphrase">signer passphrase</param> /// <param name="exportable">exportable signature</param> /// <param name="expirationTime">expiration time (new DateTime(0) == never)</param> /// <param name="isRevocable"></param> public void SignKey(TransportablePublicKey tspKey, CertifiedUserID cuidTobeSigned, TransportableSecretKey skpKeySigner, string strPassphrase, bool exportable, DateTime expirationTime, bool isRevocable) { SignaturePacket spSig = new SignaturePacket(); spSig.Version = SignaturePacketVersionNumbers.v4; spSig.HashAlgorithm = HashAlgorithms.SHA1; spSig.KeyID = skpKeySigner.PrimaryKey.PublicKey.KeyID; spSig.TimeCreated = DateTime.Now; SignatureSubPacket sspExportableSignature = new SignatureSubPacket(); sspExportableSignature.Type = SignatureSubPacketTypes.ExportableSignature; sspExportableSignature.ExportableSignature = exportable; spSig.AddSubPacket(sspExportableSignature, false); if (!isRevocable) { SignatureSubPacket sspRevocable = new SignatureSubPacket(); sspRevocable.Type = SignatureSubPacketTypes.Revocable; sspRevocable.Revocable = isRevocable; spSig.AddSubPacket(sspRevocable, true); } if (expirationTime.Ticks != 0) { SignatureSubPacket sspExpiration = new SignatureSubPacket(); sspExpiration.Type = SignatureSubPacketTypes.KeyExpirationTime; sspExpiration.KeyExpirationTime = new DateTime(expirationTime.Ticks + (new DateTime(1970,1,2)).Ticks - tspKey.PrimaryKey.TimeCreated.Ticks); spSig.AddSubPacket(sspExpiration, true); } cuidTobeSigned.Sign(spSig, skpKeySigner.PrimaryKey, strPassphrase, tspKey.PrimaryKey); }
/// <summary> /// Decrypts the session key stored in the EncryptedSessionKey /// property and saves the decrypted key in the EncodedSessionKey /// property. /// </summary> /// <remarks>This function also calls DecodeSessionKey so that the /// decrypted and decoded sessionkey is stored in the /// SessionKey property.</remarks> /// <param name="tskKey">A transportable secret key that is used to /// decrypt the encrypted session key.</param> /// <param name="strPassphrase">The passphrase used to decrypt the /// encrypted key material of the given transportable secret /// key.</param> public void DecryptSessionKey(TransportableSecretKey tskKey, string strPassphrase) { AsymmetricCipher acCipher = new RSA(); switch (aaPublicAlgorithm) { case AsymAlgorithms.ElGama_Encrypt_Sign: case AsymAlgorithms.ElGamal_Encrypt_Only: acCipher = new ElGamal(); break; case AsymAlgorithms.RSA_Encrypt_Only: case AsymAlgorithms.RSA_Encrypt_Sign: acCipher = new RSA(); break; default: throw new System.Exception("The chosen public key algorithm is not yet implemented!"); } bool bFound = false; SecretKeyPacket skpKey = new SecretKeyPacket(); IEnumerator ieSubkeys = tskKey.SubKeys.GetEnumerator(); while (ieSubkeys.MoveNext()) { if (!(ieSubkeys.Current is SecretKeyPacket)) { throw new System.Exception("Expected a secret key packet, but did not find one!"); } skpKey = (SecretKeyPacket)ieSubkeys.Current; if (skpKey.PublicKey.KeyID == lKeyID) { bFound = true; continue; } } // check if the message was encrypted with the primary key if (!bFound) { if (tskKey.PrimaryKey.PublicKey.KeyID == lKeyID) { skpKey = tskKey.PrimaryKey; } else { //theoretically we should never see this exception, as //encrytped message makes sure we only get fitting secret //keys, but just in case someone calls this directly, we //throw an exception throw new System.Exception("No fitting secret key found!"); } } BigInteger biKey = acCipher.Decrypt(this.biEncryptedSessionKey, skpKey, strPassphrase); this.bEncodedSessionKey = biKey.getBytes(); DecodeSessionKey(); }
/// <summary> /// Add a key to the keyring /// </summary> /// <param name="tskKey">the key to be added</param> private void Add(TransportableSecretKey tskKey) { bIsUpdated = true; SecretKeys.Add(tskKey); }
public static void EncryptFiles(String[] strFiles, PublicKeyRing pkrPublicKeyRing, SecretKeyRing skrSecretKeyRing, bool bEncrypt, bool bSign) { PublicKeySelector pksSelectKeys = new PublicKeySelector(pkrPublicKeyRing); if (bEncrypt) { pksSelectKeys.ShowDialog(); if (pksSelectKeys.SelectedKeys.Count == 0) { MessageBox.Show("You did not select a public key to encrypt to. Doing nothing...", "Nothing Done..."); return; } } TransportableSecretKey tskKey = new TransportableSecretKey(); string strPassphrase = ""; if (bSign) { QueryPassphrase qpPassphrase = new QueryPassphrase(); qpPassphrase.ShowMyDialog(skrSecretKeyRing); tskKey = qpPassphrase.SelectedKey; strPassphrase = qpPassphrase.Passphrase; } Working wWorking = new Working(); wWorking.Show(); for (int i = 0; i < strFiles.Length; i++) { byte[] bFileContent = new byte[0]; try { System.IO.FileStream fsFile = new FileStream(strFiles[i], FileMode.Open); BinaryReader brReader = new BinaryReader(fsFile); bFileContent = brReader.ReadBytes((int)fsFile.Length); brReader.Close(); fsFile.Close(); } catch (Exception e) { wWorking.Hide(); MessageBox.Show("An error occured while opening the file " + strFiles[i] + ": " + e.Message, "Error..."); return; } LiteralMessage lmMessage = new LiteralMessage(DataFormatTypes.Binary); lmMessage.Binary = bFileContent; lmMessage.TimeCreated = DateTime.Now; int iLastBackslash = strFiles[i].LastIndexOf("\\"); lmMessage.Filename = strFiles[i].Substring(iLastBackslash + 1, strFiles[i].Length - iLastBackslash - 1); SharpPrivacy.OpenPGP.Messages.Message mEncryptionMessage = lmMessage; if (bSign) { SignedMessage smMessage = new SignedMessage(); smMessage.MessageSigned = lmMessage; SignaturePacket spPacket = new SignaturePacket(); spPacket.Version = SignaturePacketVersionNumbers.v3; SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign); spPacket.KeyID = skpKey.PublicKey.KeyID; spPacket.HashAlgorithm = HashAlgorithms.SHA1; spPacket.SignatureAlgorithm = skpKey.PublicKey.Algorithm; spPacket.TimeCreated = DateTime.Now; spPacket.SignatureType = SignatureTypes.TextSignature; spPacket.Sign(lmMessage.Binary, skpKey, strPassphrase); smMessage.Signature = spPacket; mEncryptionMessage = smMessage; } CompressedMessage cmMessage = new CompressedMessage(); cmMessage.Compress(mEncryptionMessage); wWorking.Progress(20 / strFiles.Length); SymAlgorithms saAlgo = GetSymAlgorithmPreferences(pksSelectKeys.SelectedKeys); wWorking.Progress(10 / strFiles.Length); byte[] bReturn = new byte[0]; if (bEncrypt) { SymmetricallyEncryptedDataPacket sedpEncrypted = new SymmetricallyEncryptedDataPacket(); SymmetricAlgorithm saEncrypt = CipherHelper.CreateSymAlgorithm(saAlgo); saEncrypt.Mode = CipherMode.OpenPGP_CFB; saEncrypt.GenerateKey(); byte[] bKey = saEncrypt.Key; ESKSequence esksKeys = new ESKSequence(); try { esksKeys = CreateESKSequence(pksSelectKeys.SelectedKeys, AsymActions.Encrypt, saAlgo, bKey); } catch (Exception e) { wWorking.Hide(); MessageBox.Show("The following error occured: " + e.Message, "Error..."); return; } wWorking.Progress(50 / strFiles.Length); ICryptoTransform ictEncryptor = saEncrypt.CreateEncryptor(); byte[] bMessage = cmMessage.GetEncoded(); byte[] bOutput = new byte[bMessage.Length]; ictEncryptor.TransformBlock(bMessage, 0, bMessage.Length, ref bOutput, 0); bKey.Initialize(); wWorking.Progress(10 / strFiles.Length); int iOutLength = (saEncrypt.BlockSize >> 3) + 2 + bMessage.Length; sedpEncrypted.Body = new byte[iOutLength]; Array.Copy(bOutput, 0, sedpEncrypted.Body, 0, iOutLength); byte[] bESK = esksKeys.GetEncoded(); byte[] bEncrypted = sedpEncrypted.Generate(); bReturn = new byte[bESK.Length + bEncrypted.Length]; bESK.CopyTo(bReturn, 0); bEncrypted.CopyTo(bReturn, bESK.Length); } else { wWorking.Progress(60 / strFiles.Length); bReturn = cmMessage.GetEncoded(); } wWorking.Progress(10 / strFiles.Length); try { FileStream fsOut = new FileStream(strFiles[i] + ".asc", FileMode.CreateNew); BinaryWriter bwWrite = new BinaryWriter(fsOut); bwWrite.Write(bReturn); bwWrite.Close(); fsOut.Close(); } catch (IOException io) { MessageBox.Show("Could not write to file. The following error occured: " + io.Message, "Error..."); } } wWorking.Hide(); }
public static string EncryptText(string strMessage, PublicKeyRing pkrPublicKeyRing, SecretKeyRing skrSecretKeyRing, bool bSign) { PublicKeySelector pksSelectKeys = new PublicKeySelector(pkrPublicKeyRing); pksSelectKeys.ShowDialog(); TransportableSecretKey tskKey = new TransportableSecretKey(); string strPassphrase = ""; if (bSign) { QueryPassphrase qpPassphrase = new QueryPassphrase(); qpPassphrase.ShowMyDialog(skrSecretKeyRing); tskKey = qpPassphrase.SelectedKey; strPassphrase = qpPassphrase.Passphrase; } if (pksSelectKeys.SelectedKeys.Count == 0) { return(strMessage); } Working wWorking = new Working(); wWorking.Show(); LiteralMessage lmMessage = new LiteralMessage(DataFormatTypes.Text); lmMessage.Text = strMessage; lmMessage.TimeCreated = DateTime.Now; lmMessage.Filename = ""; SharpPrivacy.OpenPGP.Messages.Message mEncryptionMessage = lmMessage; if (bSign) { SignedMessage smMessage = new SignedMessage(); smMessage.MessageSigned = lmMessage; SignaturePacket spPacket = new SignaturePacket(); spPacket.Version = SignaturePacketVersionNumbers.v3; SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign); spPacket.KeyID = skpKey.PublicKey.KeyID; spPacket.HashAlgorithm = HashAlgorithms.SHA1; spPacket.SignatureAlgorithm = skpKey.PublicKey.Algorithm; spPacket.TimeCreated = DateTime.Now; spPacket.SignatureType = SignatureTypes.TextSignature; spPacket.Sign(lmMessage.Binary, skpKey, strPassphrase); smMessage.Signature = spPacket; mEncryptionMessage = smMessage; } CompressedMessage cmMessage = new CompressedMessage(); cmMessage.Compress(mEncryptionMessage); wWorking.Progress(20); SymAlgorithms saAlgo = GetSymAlgorithmPreferences(pksSelectKeys.SelectedKeys); SymmetricallyEncryptedDataPacket sedpEncrypted = new SymmetricallyEncryptedDataPacket(); SymmetricAlgorithm saEncrypt = CipherHelper.CreateSymAlgorithm(saAlgo); saEncrypt.Mode = CipherMode.OpenPGP_CFB; saEncrypt.GenerateKey(); byte[] bKey = saEncrypt.Key; wWorking.Progress(10); ESKSequence esksKeys = new ESKSequence(); try { esksKeys = CreateESKSequence(pksSelectKeys.SelectedKeys, AsymActions.Encrypt, saAlgo, bKey); } catch (Exception e) { wWorking.Hide(); MessageBox.Show("The following error occured: " + e.Message, "Error..."); return(strMessage); } wWorking.Progress(50); ICryptoTransform ictEncryptor = saEncrypt.CreateEncryptor(); byte[] bMessage = cmMessage.GetEncoded(); byte[] bOutput = new byte[bMessage.Length]; ictEncryptor.TransformBlock(bMessage, 0, bMessage.Length, ref bOutput, 0); bKey.Initialize(); wWorking.Progress(10); int iOutLength = (saEncrypt.BlockSize >> 3) + 2 + bMessage.Length; sedpEncrypted.Body = new byte[iOutLength]; Array.Copy(bOutput, 0, sedpEncrypted.Body, 0, iOutLength); byte[] bESK = esksKeys.GetEncoded(); byte[] bEncrypted = sedpEncrypted.Generate(); byte[] bReturn = new byte[bESK.Length + bEncrypted.Length]; bESK.CopyTo(bReturn, 0); bEncrypted.CopyTo(bReturn, bESK.Length); wWorking.Progress(10); string strReturn = Radix64.Encode(bReturn, true); strReturn = Armor.WrapMessage(strReturn); wWorking.Hide(); return(strReturn); }
/// <summary> /// Decrypts the session key stored in the EncryptedSessionKey /// property and saves the decrypted key in the EncodedSessionKey /// property. /// </summary> /// <remarks>This function also calls DecodeSessionKey so that the /// decrypted and decoded sessionkey is stored in the /// SessionKey property.</remarks> /// <param name="tskKey">A transportable secret key that is used to /// decrypt the encrypted session key.</param> /// <param name="strPassphrase">The passphrase used to decrypt the /// encrypted key material of the given transportable secret /// key.</param> public void DecryptSessionKey(TransportableSecretKey tskKey, string strPassphrase) { AsymmetricCipher acCipher = new RSA(); switch (aaPublicAlgorithm) { case AsymAlgorithms.ElGama_Encrypt_Sign: case AsymAlgorithms.ElGamal_Encrypt_Only: acCipher = new ElGamal(); break; case AsymAlgorithms.RSA_Encrypt_Only: case AsymAlgorithms.RSA_Encrypt_Sign: acCipher = new RSA(); break; default: throw new System.Exception("The chosen public key algorithm is not yet implemented!"); } bool bFound = false; SecretKeyPacket skpKey = new SecretKeyPacket(); IEnumerator ieSubkeys = tskKey.SubKeys.GetEnumerator(); while (ieSubkeys.MoveNext()) { if (!(ieSubkeys.Current is SecretKeyPacket)) throw new System.Exception("Expected a secret key packet, but did not find one!"); skpKey = (SecretKeyPacket)ieSubkeys.Current; if (skpKey.PublicKey.KeyID == lKeyID) { bFound = true; continue; } } // check if the message was encrypted with the primary key if (!bFound) { if (tskKey.PrimaryKey.PublicKey.KeyID == lKeyID) { skpKey = tskKey.PrimaryKey; } else { //theoretically we should never see this exception, as //encrytped message makes sure we only get fitting secret //keys, but just in case someone calls this directly, we //throw an exception throw new System.Exception("No fitting secret key found!"); } } BigInteger biKey = acCipher.Decrypt(this.biEncryptedSessionKey, skpKey, strPassphrase); this.bEncodedSessionKey = biKey.getBytes(); DecodeSessionKey(); }
public void AddKey(string strKey) { bool bNotImported = false; bool bError = false; string strRest = ""; ArmorTypes atType = new ArmorTypes(); do { strKey = Armor.RemoveArmor(strKey, ref atType, ref strRest); if (atType == ArmorTypes.PrivateKeyBlock) { try { TransportableSecretKey[] tskKeys = TransportableSecretKey.SplitKeys(strKey); for (int i = 0; i < tskKeys.Length; i++) { TransportableSecretKey tskKey = tskKeys[i]; TransportableSecretKey tskTestKey = skrKeyRing.Find(tskKey.PrimaryKey.PublicKey.KeyID); if (tskTestKey != null) { bNotImported = true; continue; } skrKeyRing.AddSecretKey(tskKey); } } catch (Exception) { bError = true; } } else if (atType == ArmorTypes.PublicKeyBlock) { try { TransportablePublicKey[] tpkKeys = TransportablePublicKey.SplitKeys(strKey); for (int i = 0; i < tpkKeys.Length; i++) { TransportablePublicKey tpkKey = tpkKeys[i]; TransportablePublicKey tpkTestKey = pkrKeyRing.Find(tpkKey.PrimaryKey.KeyID, true); if (tpkTestKey != null) { bNotImported = true; continue; } pkrKeyRing.AddPublicKey(tpkKey); } } catch (Exception) { bError = true; } } strKey = strRest; } while (strKey.Length > 0); pkrKeyRing.Save(); skrKeyRing.Save(); if (bError) { throw new Exception("Some keys could not be imported, because there were errors!"); } if (bNotImported) { throw new Exception("Some keys could not be imported, because they were already in your keyring!"); } }
/// <summary> /// Methond handling encryption/signing /// </summary> /// <param name="strFiles">file list to be encrypted</param> /// <param name="tskKey">secret key needed for encyption purpose</param> /// <param name="tpkKeys">public key needed for signing purpose</param> /// <param name="strPassphrase">passphrase for secret key</param> /// <param name="bEncrypt">encrypt files?</param> /// <param name="bSign">sign files?</param> public void EncryptFiles(String[] strFiles, TransportableSecretKey tskKey, ArrayList tpkKeys, string strPassphrase, bool bEncrypt, bool bSign, bool embedMsg) { if(this.pkrPublicKeyRing == null || this.skrSecretKeyRing == null) { throw new Exception("<ERROR code=\"5\">"); } if (bSign && tskKey == null) { throw new Exception("Need a Private Key To Sign!"); } if (bEncrypt && (tpkKeys == null || tpkKeys.Count < 1)) { throw new Exception("Need Public Keys To Encrypt!"); } for (int i=0; i<strFiles.Length; i++) { byte[] bFileContent = new byte[0]; try { System.IO.FileStream fsFile = new FileStream(strFiles[i], FileMode.Open); BinaryReader brReader = new BinaryReader(fsFile); bFileContent = brReader.ReadBytes((int)fsFile.Length); brReader.Close(); fsFile.Close(); } catch (Exception e) { throw new Exception("An error occured while opening the file " + strFiles[i] + ": " + e.Message); } LiteralMessage lmMessage = new LiteralMessage(DataFormatTypes.Binary); lmMessage.Binary = bFileContent; lmMessage.TimeCreated = DateTime.Now; int iLastBackslash = strFiles[i].LastIndexOf("\\"); lmMessage.Filename = strFiles[i].Substring(iLastBackslash + 1, strFiles[i].Length - iLastBackslash - 1); SharpPrivacy.SharpPrivacyLib.OpenPGP.Messages.Message mEncryptionMessage = lmMessage; if (bSign) { SignedMessage smMessage = new SignedMessage(); smMessage.MessageSigned = lmMessage; SignaturePacket spPacket = new SignaturePacket(); spPacket.Version = SignaturePacketVersionNumbers.v3; SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign); spPacket.KeyID = skpKey.PublicKey.KeyID; spPacket.HashAlgorithm = HashAlgorithms.SHA1; spPacket.SignatureAlgorithm = skpKey.PublicKey.Algorithm; spPacket.TimeCreated = DateTime.Now; spPacket.SignatureType = SignatureTypes.TextSignature; spPacket.Sign(lmMessage.Binary, skpKey, strPassphrase); smMessage.Signature = spPacket; mEncryptionMessage = smMessage; } CompressedMessage cmMessage = new CompressedMessage(); cmMessage.Compress(mEncryptionMessage); byte[] bReturn = new byte[0]; if (bEncrypt) { SymAlgorithms saAlgo = GetSymAlgorithmPreferences(tpkKeys); SymmetricallyEncryptedDataPacket sedpEncrypted = new SymmetricallyEncryptedDataPacket(); SymmetricAlgorithm saEncrypt = CipherHelper.CreateSymAlgorithm(saAlgo); saEncrypt.Mode = CipherMode.OpenPGP_CFB; saEncrypt.GenerateKey(); byte[] bKey = saEncrypt.Key; ESKSequence esksKeys = new ESKSequence(); try { esksKeys = CreateESKSequence(tpkKeys, AsymActions.Encrypt, saAlgo, bKey); } catch (Exception e) { throw new Exception("The following error occured: " + e.Message); } ICryptoTransform ictEncryptor = saEncrypt.CreateEncryptor(); byte[] bMessage = cmMessage.GetEncoded(); byte[] bOutput = new byte[bMessage.Length]; ictEncryptor.TransformBlock(bMessage, 0, bMessage.Length, ref bOutput, 0); bKey.Initialize(); int iOutLength = (saEncrypt.BlockSize >> 3) + 2 + bMessage.Length; sedpEncrypted.Body = new byte[iOutLength]; Array.Copy(bOutput, 0, sedpEncrypted.Body, 0, iOutLength); byte[] bESK = esksKeys.GetEncoded(); byte[] bEncrypted = sedpEncrypted.Generate(); bReturn = new byte[bESK.Length + bEncrypted.Length]; bESK.CopyTo(bReturn, 0); bEncrypted.CopyTo(bReturn, bESK.Length); } else { if(embedMsg) { bReturn = cmMessage.GetEncoded(); } else { byte[] bSignature = ((SignedMessage)mEncryptionMessage).Signature.Generate(); string strSignature = Radix64.Encode(bSignature, true); string strFinal = Armor.WrapCleartextSignature(strSignature); try { FileStream fsOut = new FileStream(strFiles[i] + ".asc", FileMode.Create); StreamWriter bwWrite = new StreamWriter(fsOut); bwWrite.Write(strFinal); bwWrite.Close(); fsOut.Close(); return; } catch (IOException io) { throw new Exception("Could not write to file. The following error occured: " + io.Message); } } } try { FileStream fsOut = new FileStream(strFiles[i] + ".asc", FileMode.Create); BinaryWriter bwWrite = new BinaryWriter(fsOut); bwWrite.Write(bReturn); bwWrite.Close(); fsOut.Close(); } catch (IOException io) { throw new Exception("Could not write to file. The following error occured: " + io.Message); } } }
public string GetSecretKeyProperties(ulong lKeyID) { TransportableSecretKey tskKey = skrKeyRing.Find(lKeyID); SecretKeyPacket skpKey = tskKey.PrimaryKey; XmlDocument xmlDoc = new XmlDocument(); XmlElement xmlSecretKey = xmlDoc.CreateElement("SecretKey"); xmlSecretKey.SetAttribute("keyid", "0x" + skpKey.PublicKey.KeyID.ToString("x")); xmlSecretKey.SetAttribute("fingerprint", skpKey.PublicKey.Fingerprint.ToString(16)); xmlSecretKey.SetAttribute("size", skpKey.PublicKey.KeyMaterial[0].bitCount().ToString()); xmlSecretKey.SetAttribute("algorithm", skpKey.PublicKey.Algorithm.ToString()); xmlSecretKey.SetAttribute("timecreated", skpKey.PublicKey.TimeCreated.Ticks.ToString()); XmlElement xmlUserIDs = xmlDoc.CreateElement("UserIDs"); XmlElement xmlUserID; IEnumerator ieUserIDs = tskKey.UserIDs.GetEnumerator(); while (ieUserIDs.MoveNext()) { if (!(ieUserIDs.Current is UserIDPacket)) { continue; } UserIDPacket uipUID = (UserIDPacket)ieUserIDs.Current; xmlUserID = xmlDoc.CreateElement("UserID"); xmlUserID.SetAttribute("name", uipUID.UserID); xmlUserIDs.AppendChild(xmlUserID); } xmlSecretKey.AppendChild(xmlUserIDs); XmlElement xmlSubkeys = xmlDoc.CreateElement("Subkeys"); XmlElement xmlSubkey; IEnumerator ieSubkeys = tskKey.SubKeys.GetEnumerator(); while (ieSubkeys.MoveNext()) { if (!(ieSubkeys.Current is SecretKeyPacket)) { continue; } SecretKeyPacket skpSubkey = (SecretKeyPacket)ieSubkeys.Current; xmlSubkey = xmlDoc.CreateElement("Subkey"); xmlSubkey.SetAttribute("keyid", "0x" + skpSubkey.PublicKey.KeyID.ToString("x")); xmlSubkey.SetAttribute("fingerprint", skpSubkey.PublicKey.Fingerprint.ToString(16)); xmlSubkey.SetAttribute("size", skpSubkey.PublicKey.KeyMaterial[0].bitCount().ToString()); xmlSubkey.SetAttribute("algorithm", skpSubkey.PublicKey.Algorithm.ToString()); xmlSubkeys.AppendChild(xmlSubkey); } xmlSecretKey.AppendChild(xmlSubkeys); xmlDoc.AppendChild(xmlSecretKey); return(xmlDoc.OuterXml); }
/// <summary> /// Removes the specified key from the ring /// </summary> /// <param name="tskKey">the key to remove</param> public void Delete(TransportableSecretKey tskKey) { bIsUpdated = true; SecretKeys.Remove(tskKey); }
public static void EncryptFiles(String[] strFiles, PublicKeyRing pkrPublicKeyRing, SecretKeyRing skrSecretKeyRing, bool bEncrypt, bool bSign) { PublicKeySelector pksSelectKeys = new PublicKeySelector(pkrPublicKeyRing); if (bEncrypt) { pksSelectKeys.ShowDialog(); if (pksSelectKeys.SelectedKeys.Count == 0) { MessageBox.Show("You did not select a public key to encrypt to. Doing nothing...", "Nothing Done..."); return; } } TransportableSecretKey tskKey = new TransportableSecretKey(); string strPassphrase = ""; if (bSign) { QueryPassphrase qpPassphrase = new QueryPassphrase(); qpPassphrase.ShowMyDialog(skrSecretKeyRing); tskKey = qpPassphrase.SelectedKey; strPassphrase = qpPassphrase.Passphrase; } Working wWorking = new Working(); wWorking.Show(); for (int i=0; i<strFiles.Length; i++) { byte[] bFileContent = new byte[0]; try { System.IO.FileStream fsFile = new FileStream(strFiles[i], FileMode.Open); BinaryReader brReader = new BinaryReader(fsFile); bFileContent = brReader.ReadBytes((int)fsFile.Length); brReader.Close(); fsFile.Close(); } catch (Exception e) { wWorking.Hide(); MessageBox.Show("An error occured while opening the file " + strFiles[i] + ": " + e.Message, "Error..."); return; } LiteralMessage lmMessage = new LiteralMessage(DataFormatTypes.Binary); lmMessage.Binary = bFileContent; lmMessage.TimeCreated = DateTime.Now; int iLastBackslash = strFiles[i].LastIndexOf("\\"); lmMessage.Filename = strFiles[i].Substring(iLastBackslash + 1, strFiles[i].Length - iLastBackslash - 1); SharpPrivacy.OpenPGP.Messages.Message mEncryptionMessage = lmMessage; if (bSign) { SignedMessage smMessage = new SignedMessage(); smMessage.MessageSigned = lmMessage; SignaturePacket spPacket = new SignaturePacket(); spPacket.Version = SignaturePacketVersionNumbers.v3; SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign); spPacket.KeyID = skpKey.PublicKey.KeyID; spPacket.HashAlgorithm = HashAlgorithms.SHA1; spPacket.SignatureAlgorithm = skpKey.PublicKey.Algorithm; spPacket.TimeCreated = DateTime.Now; spPacket.SignatureType = SignatureTypes.TextSignature; spPacket.Sign(lmMessage.Binary, skpKey, strPassphrase); smMessage.Signature = spPacket; mEncryptionMessage = smMessage; } CompressedMessage cmMessage = new CompressedMessage(); cmMessage.Compress(mEncryptionMessage); wWorking.Progress(20/strFiles.Length); SymAlgorithms saAlgo = GetSymAlgorithmPreferences(pksSelectKeys.SelectedKeys); wWorking.Progress(10/strFiles.Length); byte[] bReturn = new byte[0]; if (bEncrypt) { SymmetricallyEncryptedDataPacket sedpEncrypted = new SymmetricallyEncryptedDataPacket(); SymmetricAlgorithm saEncrypt = CipherHelper.CreateSymAlgorithm(saAlgo); saEncrypt.Mode = CipherMode.OpenPGP_CFB; saEncrypt.GenerateKey(); byte[] bKey = saEncrypt.Key; ESKSequence esksKeys = new ESKSequence(); try { esksKeys = CreateESKSequence(pksSelectKeys.SelectedKeys, AsymActions.Encrypt, saAlgo, bKey); } catch (Exception e) { wWorking.Hide(); MessageBox.Show("The following error occured: " + e.Message, "Error..."); return; } wWorking.Progress(50/strFiles.Length); ICryptoTransform ictEncryptor = saEncrypt.CreateEncryptor(); byte[] bMessage = cmMessage.GetEncoded(); byte[] bOutput = new byte[bMessage.Length]; ictEncryptor.TransformBlock(bMessage, 0, bMessage.Length, ref bOutput, 0); bKey.Initialize(); wWorking.Progress(10/strFiles.Length); int iOutLength = (saEncrypt.BlockSize >> 3) + 2 + bMessage.Length; sedpEncrypted.Body = new byte[iOutLength]; Array.Copy(bOutput, 0, sedpEncrypted.Body, 0, iOutLength); byte[] bESK = esksKeys.GetEncoded(); byte[] bEncrypted = sedpEncrypted.Generate(); bReturn = new byte[bESK.Length + bEncrypted.Length]; bESK.CopyTo(bReturn, 0); bEncrypted.CopyTo(bReturn, bESK.Length); } else { wWorking.Progress(60/strFiles.Length); bReturn = cmMessage.GetEncoded(); } wWorking.Progress(10/strFiles.Length); try { FileStream fsOut = new FileStream(strFiles[i] + ".asc", FileMode.CreateNew); BinaryWriter bwWrite = new BinaryWriter(fsOut); bwWrite.Write(bReturn); bwWrite.Close(); fsOut.Close(); } catch (IOException io) { MessageBox.Show("Could not write to file. The following error occured: " + io.Message, "Error..."); } } wWorking.Hide(); }
public void GenerateKey(string strName, string strEmail, string strKeyType, int iKeySize, long lExpiration, string strPassphrase) { if (strKeyType == "ElGamal/DSA") { System.Security.Cryptography.RandomNumberGenerator rngRand = System.Security.Cryptography.RandomNumberGenerator.Create(); // let's first create the encryption key BigInteger[][] biEncryptionKey = GenerateEncryptionKey(iKeySize); // now the signature key BigInteger[][] biSignatureKey = GenerateSignatureKey(); PublicKeyPacket pkpSignatureKey = new PublicKeyPacket(false); pkpSignatureKey.Algorithm = AsymAlgorithms.DSA; pkpSignatureKey.KeyMaterial = biSignatureKey[0]; pkpSignatureKey.TimeCreated = DateTime.Now; pkpSignatureKey.Version = PublicKeyPacketVersionNumbers.v4; SecretKeyPacket skpSignatureKey = new SecretKeyPacket(false); skpSignatureKey.SymmetricalAlgorithm = SymAlgorithms.AES256; skpSignatureKey.PublicKey = pkpSignatureKey; skpSignatureKey.InitialVector = new byte[CipherHelper.CipherBlockSize(SymAlgorithms.AES256)]; rngRand.GetBytes(skpSignatureKey.InitialVector); skpSignatureKey.EncryptKeyMaterial(biSignatureKey[1], strPassphrase); skpSignatureKey.PublicKey = pkpSignatureKey; PublicKeyPacket pkpEncryptionKey = new PublicKeyPacket(true); pkpEncryptionKey.Algorithm = AsymAlgorithms.ElGamal_Encrypt_Only; pkpEncryptionKey.KeyMaterial = biEncryptionKey[0]; pkpEncryptionKey.TimeCreated = DateTime.Now; pkpEncryptionKey.Version = PublicKeyPacketVersionNumbers.v4; SecretKeyPacket skpEncryptionKey = new SecretKeyPacket(true); skpEncryptionKey.SymmetricalAlgorithm = SymAlgorithms.AES256; skpEncryptionKey.PublicKey = pkpEncryptionKey; skpEncryptionKey.InitialVector = new byte[CipherHelper.CipherBlockSize(SymAlgorithms.AES256)]; rngRand.GetBytes(skpEncryptionKey.InitialVector); skpEncryptionKey.EncryptKeyMaterial(biEncryptionKey[1], strPassphrase); skpEncryptionKey.PublicKey = pkpEncryptionKey; CertifiedUserID cuiUID = new CertifiedUserID(); UserIDPacket uipUID = new UserIDPacket(); uipUID.UserID = strName.Trim() + " <" + strEmail.Trim() + ">"; cuiUID.UserID = uipUID; SignaturePacket spSelfSig = new SignaturePacket(); spSelfSig.Version = SignaturePacketVersionNumbers.v4; spSelfSig.HashAlgorithm = HashAlgorithms.SHA1; spSelfSig.KeyID = pkpSignatureKey.KeyID; spSelfSig.TimeCreated = DateTime.Now; SignatureSubPacket sspPrimaryUserID = new SignatureSubPacket(); sspPrimaryUserID.Type = SignatureSubPacketTypes.PrimaryUserID; sspPrimaryUserID.PrimaryUserID = true; spSelfSig.AddSubPacket(sspPrimaryUserID, true); SignatureSubPacket sspPreferedSymAlgos = new SignatureSubPacket(); sspPreferedSymAlgos.Type = SignatureSubPacketTypes.PreferedSymmetricAlgorithms; sspPreferedSymAlgos.PreferedSymAlgos = new SymAlgorithms[] { SymAlgorithms.AES256, SymAlgorithms.AES192, SymAlgorithms.AES256, SymAlgorithms.CAST5, SymAlgorithms.Triple_DES }; spSelfSig.AddSubPacket(sspPreferedSymAlgos, true); SignatureSubPacket sspPreferedHashAlgos = new SignatureSubPacket(); sspPreferedHashAlgos.Type = SignatureSubPacketTypes.PreferedHashAlgorithms; sspPreferedHashAlgos.PreferedHashAlgos = new HashAlgorithms[] { HashAlgorithms.SHA1 }; spSelfSig.AddSubPacket(sspPreferedHashAlgos, true); if (lExpiration != 0) { SignatureSubPacket sspExpiration = new SignatureSubPacket(); sspExpiration.Type = SignatureSubPacketTypes.SignatureExpirationTime; sspExpiration.SignatureExpirationTime = new DateTime(lExpiration); spSelfSig.AddSubPacket(sspExpiration, true); } cuiUID.Certificates = new System.Collections.ArrayList(); cuiUID.Sign(spSelfSig, skpSignatureKey, strPassphrase, pkpSignatureKey); CertifiedPublicSubkey cpsEncryptionKey = new CertifiedPublicSubkey(); cpsEncryptionKey.Subkey = pkpEncryptionKey; cpsEncryptionKey.SignKeyBindingSignature(pkpSignatureKey, skpSignatureKey, strPassphrase, new DateTime(lExpiration), true); TransportablePublicKey tpkPublicKey = new TransportablePublicKey(); tpkPublicKey.PrimaryKey = pkpSignatureKey; tpkPublicKey.SubKeys.Add(cpsEncryptionKey); tpkPublicKey.Certifications.Add(cuiUID); TransportableSecretKey tskSecretKey = new TransportableSecretKey(); tskSecretKey.PrimaryKey = skpSignatureKey; tskSecretKey.SubKeys.Add(skpEncryptionKey); tskSecretKey.UserIDs.Add(uipUID); this.pkrKeyRing.AddPublicKey(tpkPublicKey); this.skrKeyRing.AddSecretKey(tskSecretKey); pkrKeyRing.Save(); skrKeyRing.Save(); // it's an RSA key } else if (strKeyType == "RSA") { } }
/// <summary> /// Revokes a key certified userID /// </summary> /// <param name="KeyID">key containing the certified user id</param> /// <param name="cuidTobeSigned">certified user id to be revoked</param> /// <param name="skpKeySigner">revoker secret key</param> /// <param name="strPassphrase">revoker passphrase</param> /// <param name="exportable">exportable revocation</param> public void RevokeKeyCertificate(ulong KeyID, CertifiedUserID cuidTobeSigned, TransportableSecretKey skpKeySigner, string strPassphrase, bool exportable) { TransportablePublicKey tspKey = this.PublicRing.Find(KeyID,false); if(tspKey == null) throw new Exception("Public Key not found"); bool found = false; CertifiedUserID toBeVerified = null; foreach(CertifiedUserID cui in tspKey.Certifications) { if(cui==cuidTobeSigned) { found=true; toBeVerified = cui; break; } } if (!found) throw new Exception("UserId not found among Key certificates"); found = false; foreach(SignaturePacket sign in toBeVerified.Certificates) { if(sign.KeyID == skpKeySigner.PrimaryKey.PublicKey.KeyID && sign.isRevocable()) found = true; } if (!found) throw new Exception("UserId not certified by this private key or not revocable"); SignaturePacket spSig = new SignaturePacket(); spSig.Version = SignaturePacketVersionNumbers.v4; spSig.HashAlgorithm = HashAlgorithms.SHA1; spSig.KeyID = skpKeySigner.PrimaryKey.PublicKey.KeyID; spSig.TimeCreated = DateTime.Now; SignatureSubPacket sspExportableSignature = new SignatureSubPacket(); sspExportableSignature.Type = SignatureSubPacketTypes.ExportableSignature; sspExportableSignature.ExportableSignature = exportable; spSig.AddSubPacket(sspExportableSignature, false); cuidTobeSigned.Revoke(spSig, skpKeySigner.PrimaryKey, strPassphrase, tspKey.PrimaryKey); }
/// <summary> /// Method handling encryption/signing /// </summary> /// <param name="strMessage">text to be encrypted</param> /// <param name="tskKey">secret key needed for encyption purpose</param> /// <param name="tpkKeys">public key needed for signing purpose</param> /// <param name="bSign">sign text?</param> /// <param name="strPassphrase">passphrase for the secret key</param> /// <returns>the encrypted text</returns> public string EncryptText(string strMessage, TransportableSecretKey tskKey, ArrayList tpkKeys, bool bSign, string strPassphrase) { if(this.pkrPublicKeyRing == null || this.skrSecretKeyRing == null) { throw new Exception("<ERROR code=\"5\">"); } if(bSign && tskKey == null) { throw new Exception("Need a Private Key To Sign!"); } LiteralMessage lmMessage = new LiteralMessage(DataFormatTypes.Text); lmMessage.Text = strMessage; lmMessage.TimeCreated = DateTime.Now; lmMessage.Filename = ""; SharpPrivacy.SharpPrivacyLib.OpenPGP.Messages.Message mEncryptionMessage = lmMessage; if (bSign) { SignedMessage smMessage = new SignedMessage(); smMessage.MessageSigned = lmMessage; SignaturePacket spPacket = new SignaturePacket(); spPacket.Version = SignaturePacketVersionNumbers.v3; SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign); spPacket.KeyID = skpKey.PublicKey.KeyID; spPacket.HashAlgorithm = HashAlgorithms.SHA1; spPacket.SignatureAlgorithm = skpKey.PublicKey.Algorithm; spPacket.TimeCreated = DateTime.Now; spPacket.SignatureType = SignatureTypes.TextSignature; spPacket.Sign(lmMessage.Binary, skpKey, strPassphrase); smMessage.Signature = spPacket; mEncryptionMessage = smMessage; } CompressedMessage cmMessage = new CompressedMessage(); cmMessage.Compress(mEncryptionMessage); SymAlgorithms saAlgo = GetSymAlgorithmPreferences(tpkKeys); SymmetricallyEncryptedDataPacket sedpEncrypted = new SymmetricallyEncryptedDataPacket(); SymmetricAlgorithm saEncrypt = CipherHelper.CreateSymAlgorithm(saAlgo); saEncrypt.Mode = CipherMode.OpenPGP_CFB; saEncrypt.GenerateKey(); byte[] bKey = saEncrypt.Key; ESKSequence esksKeys = new ESKSequence(); try { esksKeys = CreateESKSequence(tpkKeys, AsymActions.Encrypt, saAlgo, bKey); } catch (Exception e) { throw new Exception("The following error occured: " + e.Message); } ICryptoTransform ictEncryptor = saEncrypt.CreateEncryptor(); byte[] bMessage = cmMessage.GetEncoded(); byte[] bOutput = new byte[bMessage.Length]; ictEncryptor.TransformBlock(bMessage, 0, bMessage.Length, ref bOutput, 0); bKey.Initialize(); int iOutLength = (saEncrypt.BlockSize >> 3) + 2 + bMessage.Length; sedpEncrypted.Body = new byte[iOutLength]; Array.Copy(bOutput, 0, sedpEncrypted.Body, 0, iOutLength); byte[] bESK = esksKeys.GetEncoded(); byte[] bEncrypted = sedpEncrypted.Generate(); byte[] bReturn = new byte[bESK.Length + bEncrypted.Length]; bESK.CopyTo(bReturn, 0); bEncrypted.CopyTo(bReturn, bESK.Length); string strReturn = Radix64.Encode(bReturn, true); strReturn = Armor.WrapMessage(strReturn); return strReturn; }
/// <summary> /// Private method to add a key doing checks /// </summary> /// <param name="tspk">key to be added</param> public void AddSecretKey(TransportableSecretKey tspk) { if(tspk != null) { if(this.Find(tspk.PrimaryKey.PublicKey.KeyID) == null) { this.Add(tspk); } } }
/// <summary> /// Generate a key pair /// </summary> /// <param name="iKeySize">Encription key size</param> /// <param name="strPassphrase">passhrase for the key pair</param> /// <param name="userID">primary user id</param> /// <param name="email">user email</param> /// <param name="notation">xml encoded user info</param> /// <param name="expirationTime">expiration date of the primary key (new DateTime(0) == never)</param> /// <param name="keyType">1: RSA/DSA 0:Elgamal/DSA(DEFAULT)</param> /// <param name="isRevocableKey">revocable?</param> /// <param name="isRevocableSubkey">revocable subkey?</param> public void GenerateKey(int iKeySize, string strPassphrase, string userID, string email, string notation, DateTime expirationTime, int keyType, bool isRevocableKey, bool isRevocableSubkey) { if(iKeySize % 1024 != 0) throw new Exception("Keysize must be a 1024 multiple"); System.Security.Cryptography.RandomNumberGenerator rngRand; // let's first create the encryption key BigInteger[][] biEncryptionKey; if (keyType == 1) { // it's a RSA/DSA key biEncryptionKey = GenerateRSAEncryptionKey(iKeySize); } else { // it's an elgamal/DSA key DEFAULF biEncryptionKey = GenerateElGamalEncryptionKey(iKeySize); } // now the signature key BigInteger[][] biSignatureKey = GenerateDSASignatureKey(); PublicKeyPacket pkpSignatureKey = new PublicKeyPacket(false); pkpSignatureKey.Algorithm = AsymAlgorithms.DSA; pkpSignatureKey.KeyMaterial = biSignatureKey[0]; pkpSignatureKey.TimeCreated = DateTime.Now; pkpSignatureKey.Version = PublicKeyPacketVersionNumbers.v4; SecretKeyPacket skpSignatureKey = new SecretKeyPacket(false); skpSignatureKey.SymmetricalAlgorithm = SymAlgorithms.AES256; skpSignatureKey.PublicKey = pkpSignatureKey; skpSignatureKey.InitialVector = new byte[CipherHelper.CipherBlockSize(SymAlgorithms.AES256)]; rngRand = System.Security.Cryptography.RandomNumberGenerator.Create(); rngRand.GetBytes(skpSignatureKey.InitialVector); skpSignatureKey.EncryptKeyMaterial(biSignatureKey[1], strPassphrase); skpSignatureKey.PublicKey = pkpSignatureKey; PublicKeyPacket pkpEncryptionKey = new PublicKeyPacket(true); if (keyType == 0) { // it's an elgamal/DSA key pkpEncryptionKey.Algorithm = AsymAlgorithms.ElGamal_Encrypt_Only; } else if (keyType == 1) { // it's a RSA/DSA key pkpEncryptionKey.Algorithm = AsymAlgorithms.RSA_Encrypt_Only; } pkpEncryptionKey.KeyMaterial = biEncryptionKey[0]; pkpEncryptionKey.TimeCreated = DateTime.Now; pkpEncryptionKey.Version = PublicKeyPacketVersionNumbers.v4; SecretKeyPacket skpEncryptionKey = new SecretKeyPacket(true); skpEncryptionKey.SymmetricalAlgorithm = SymAlgorithms.AES256; skpEncryptionKey.PublicKey = pkpEncryptionKey; skpEncryptionKey.InitialVector = new byte[CipherHelper.CipherBlockSize(SymAlgorithms.AES256)]; rngRand = System.Security.Cryptography.RandomNumberGenerator.Create(); rngRand.GetBytes(skpEncryptionKey.InitialVector); skpEncryptionKey.EncryptKeyMaterial(biEncryptionKey[1], strPassphrase); skpEncryptionKey.PublicKey = pkpEncryptionKey; CertifiedUserID cuiUID = new CertifiedUserID(); UserIDPacket uipUID = new UserIDPacket(); uipUID.UserID = userID.Trim() + " <" + email.Trim() + ">"; cuiUID.UserID = uipUID; SignaturePacket spSelfSig = new SignaturePacket(); if (notation != null) { SignatureSubPacket sspNotation = new SignatureSubPacket(); sspNotation.Type = SignatureSubPacketTypes.NotationData; sspNotation.NotationName = "PersonalData"; sspNotation.NotationValue = notation; spSelfSig.AddSubPacket(sspNotation,false); } if (expirationTime.Ticks != 0) { SignatureSubPacket sspExpiration = new SignatureSubPacket(); sspExpiration.Type = SignatureSubPacketTypes.KeyExpirationTime; sspExpiration.KeyExpirationTime = new DateTime(expirationTime.Ticks + (new DateTime(1970,1,2)).Ticks - pkpEncryptionKey.TimeCreated.Ticks); spSelfSig.AddSubPacket(sspExpiration, true); } if (!isRevocableKey) { SignatureSubPacket sspRevocable = new SignatureSubPacket(); sspRevocable.Type = SignatureSubPacketTypes.Revocable; sspRevocable.Revocable = isRevocableKey; spSelfSig.AddSubPacket(sspRevocable, true); } SignatureSubPacket sspPrimaryUID = new SignatureSubPacket(); sspPrimaryUID.Type = SignatureSubPacketTypes.PrimaryUserID; sspPrimaryUID.Revocable = true; spSelfSig.AddSubPacket(sspPrimaryUID, true); spSelfSig.Version = SignaturePacketVersionNumbers.v4; spSelfSig.HashAlgorithm = HashAlgorithms.SHA1; spSelfSig.KeyID = pkpSignatureKey.KeyID; spSelfSig.TimeCreated = DateTime.Now; SignatureSubPacket sspPrimaryUserID = new SignatureSubPacket(); sspPrimaryUserID.Type = SignatureSubPacketTypes.PrimaryUserID; sspPrimaryUserID.PrimaryUserID = true; spSelfSig.AddSubPacket(sspPrimaryUserID, true); SignatureSubPacket sspPreferedSymAlgos = new SignatureSubPacket(); sspPreferedSymAlgos.Type = SignatureSubPacketTypes.PreferedSymmetricAlgorithms; sspPreferedSymAlgos.PreferedSymAlgos = new SymAlgorithms[] {SymAlgorithms.AES256, SymAlgorithms.AES192, SymAlgorithms.AES256, SymAlgorithms.CAST5, SymAlgorithms.Triple_DES}; spSelfSig.AddSubPacket(sspPreferedSymAlgos, true); SignatureSubPacket sspPreferedHashAlgos = new SignatureSubPacket(); sspPreferedHashAlgos.Type = SignatureSubPacketTypes.PreferedHashAlgorithms; sspPreferedHashAlgos.PreferedHashAlgos = new HashAlgorithms[] {HashAlgorithms.SHA1}; spSelfSig.AddSubPacket(sspPreferedHashAlgos, true); cuiUID.Certificates = new System.Collections.ArrayList(); cuiUID.Sign(spSelfSig, skpSignatureKey, strPassphrase, pkpSignatureKey); CertifiedPublicSubkey cpsEncryptionKey = new CertifiedPublicSubkey(); cpsEncryptionKey.Subkey = pkpEncryptionKey; cpsEncryptionKey.SignKeyBindingSignature(pkpSignatureKey, skpSignatureKey, strPassphrase, expirationTime, isRevocableSubkey); TransportablePublicKey tpkPublicKey = new TransportablePublicKey(); tpkPublicKey.PrimaryKey = pkpSignatureKey; tpkPublicKey.SubKeys.Add(cpsEncryptionKey); tpkPublicKey.Certifications.Add(cuiUID); this.PublicRing.AddPublicKey(tpkPublicKey); TransportableSecretKey tskSecretKey = new TransportableSecretKey(); tskSecretKey.PrimaryKey = skpSignatureKey; tskSecretKey.SubKeys.Add(skpEncryptionKey); tskSecretKey.UserIDs.Add(uipUID); this.SecretRing.AddSecretKey(tskSecretKey); }
/// <summary> /// Revoke a key /// </summary> /// <param name="KeyID">key to be revoked</param> /// <param name="skpKeySigner">revoker secret key</param> /// <param name="strPassphrase">revoker passphrase</param> /// <param name="exportable">exportable revocation</param> public void RevokeKey(ulong KeyID, TransportableSecretKey skpKeySigner, string strPassphrase, bool exportable) { TransportablePublicKey tspKey = this.PublicRing.Find(KeyID,false); if (tspKey == null) throw new Exception("Public Key not found"); if (this.PublicRing.isRevoked(KeyID)) throw new Exception("Public Key alreadyRevoked"); if (tspKey.PrimaryKey.KeyID != KeyID) throw new Exception("This is not a Primary key... use Revoke Subkey method instead"); foreach (SignaturePacket sign in tspKey.PrimaryUserIDCert.Certificates) { if (!sign.isRevocable()) return; } bool isRevokerKey = false; if (KeyID == skpKeySigner.PrimaryKey.PublicKey.KeyID) { isRevokerKey = true; } else { foreach (SignaturePacket spPacket in tspKey.RevocationKeys) { foreach (BigInteger revoker in spPacket.FindRevokerKeys()) { if (revoker.ToString() == skpKeySigner.PrimaryKey.PublicKey.Fingerprint.ToString()) { isRevokerKey = true; } } } } if (!isRevokerKey) throw new Exception("You cannot revoke this key"); SignaturePacket spSig = new SignaturePacket(); spSig.Version = SignaturePacketVersionNumbers.v4; spSig.HashAlgorithm = HashAlgorithms.SHA1; spSig.KeyID = skpKeySigner.PrimaryKey.PublicKey.KeyID; spSig.TimeCreated = DateTime.Now; SignatureSubPacket sspExportableSignature = new SignatureSubPacket(); sspExportableSignature.Type = SignatureSubPacketTypes.ExportableSignature; sspExportableSignature.ExportableSignature = exportable; spSig.AddSubPacket(sspExportableSignature, false); PublicKeyPacket pkpKey = tspKey.PrimaryKey; byte[] key = new byte[tspKey.PrimaryKey.Length]; tspKey.PrimaryKey.Header.CopyTo(key,0); tspKey.PrimaryKey.Body.CopyTo(key,tspKey.PrimaryKey.Header.Length); spSig.SignatureType = SignatureTypes.KeyRevocationSignature; spSig.Sign(key, skpKeySigner.PrimaryKey, strPassphrase); tspKey.RevocationSignatures.Add(spSig); }
/// <summary> /// Decrypts the current encrypted message using the secret keys /// in skrKeyRing and the given passphrase. /// </summary> /// <param name="skrKeyRing">The secret keyring containing all the /// secret keys know to the sytem.</param> /// <param name="strPassphrase">The passphrase that was used to /// encrypt the secret key material in the key that decrypts /// the message.</param> /// <returns>Returns the message that was encrypted. Usually this is /// an compressed or literal message.</returns> /// <remarks>No remarks</remarks> public Message Decrypt(SecretKeyRing skrKeyRing, string strPassphrase) { TransportableSecretKey tskSecretKey = new TransportableSecretKey(); AsymSessionKeyPacket askpSessionKey = new AsymSessionKeyPacket(); bool bFound = false; // let's see, if we can find a fitting Sessionkey packet IEnumerator ieSessionkeys = esKeys.AsymKeys.GetEnumerator(); while (ieSessionkeys.MoveNext()) { if (!(ieSessionkeys.Current is AsymSessionKeyPacket)) throw new Exception("Strange Error!"); AsymSessionKeyPacket askpKey = (AsymSessionKeyPacket)ieSessionkeys.Current; ulong lKeyID = askpKey.KeyID; TransportableSecretKey tskKey = skrKeyRing.Find(lKeyID); if (tskKey != null) { bFound = true; tskSecretKey = tskKey; askpSessionKey = askpKey; } } if (!bFound) throw new Exception("No fitting secret key was found to decrypt the message!"); askpSessionKey.DecryptSessionKey(tskSecretKey, strPassphrase); byte[] bKey = askpSessionKey.SessionKey; Packet[] pContent = new Packet[0]; try { SymmetricAlgorithm saAlgo = CipherHelper.CreateSymAlgorithm(askpSessionKey.SymmetricAlgorithm); pContent = sepData.Decrypt(bKey, saAlgo); } catch (Exception e) { throw new System.Exception("Decryption of the Message failed: " + e.Message); } // now we need to look what kind of message was hidden in the // encrypted data // it can be either a literal message LiteralMessage lmLiteral = new LiteralMessage(); try { int iPos = lmLiteral.ParseMessage(pContent); return lmLiteral; } catch (Exception) {} // or an compressed Message CompressedMessage cmCompressed = new CompressedMessage(); try { int iPos = cmCompressed.ParseMessage(pContent); return cmCompressed; } catch (Exception) {} throw new System.ArgumentException("Encrypted package content is not a valid message!"); }