public void SignKeyBindingSignature(PublicKeyPacket pkpPrimaryKey, SecretKeyPacket skpPrimaryKey, string strPassphrase, DateTime expirationTime, bool revocable)
{
byte[] bSubKey = new byte[pkpSubkey.Body.Length + 3];
bSubKey[0] = 0x99;
bSubKey[1] = (byte)((pkpSubkey.Body.Length >> 8) & 0xFF);
bSubKey[2] = (byte)(pkpSubkey.Body.Length & 0xFF);
Array.Copy(pkpSubkey.Body, 0, bSubKey, 3, pkpSubkey.Body.Length);
byte[] bPrimaryKey = new byte[pkpPrimaryKey.Body.Length + 3];
bPrimaryKey[0] = 0x99;
bPrimaryKey[1] = (byte)((pkpPrimaryKey.Body.Length >> 8) & 0xFF);
bPrimaryKey[2] = (byte)(pkpPrimaryKey.Body.Length & 0xFF);
Array.Copy(pkpPrimaryKey.Body, 0, bPrimaryKey, 3, pkpPrimaryKey.Body.Length);
byte[] bData = new byte[bPrimaryKey.Length + bSubKey.Length];
Array.Copy(bPrimaryKey, 0, bData, 0, bPrimaryKey.Length);
Array.Copy(bSubKey, 0, bData, bPrimaryKey.Length, bSubKey.Length);
SignaturePacket spKeyBindingSig = new SignaturePacket();
spKeyBindingSig.Version = SignaturePacketVersionNumbers.v4;
spKeyBindingSig.HashAlgorithm = HashAlgorithms.SHA1;
spKeyBindingSig.KeyID = pkpPrimaryKey.KeyID;
spKeyBindingSig.SignatureType = SignatureTypes.SubkeyBindingSignature;
if (expirationTime.Ticks != 0)
{
SignatureSubPacket sspExpiration = new SignatureSubPacket();
sspExpiration.Type = SignatureSubPacketTypes.KeyExpirationTime;
sspExpiration.KeyExpirationTime = new DateTime(expirationTime.Ticks + (new DateTime(1970, 1, 2)).Ticks - pkpPrimaryKey.TimeCreated.Ticks);
spKeyBindingSig.AddSubPacket(sspExpiration, true);
}
if (!revocable)
{
SignatureSubPacket sspRevocable = new SignatureSubPacket();
sspRevocable.Type = SignatureSubPacketTypes.Revocable;
sspRevocable.Revocable = revocable;
spKeyBindingSig.AddSubPacket(sspRevocable, true);
}
spKeyBindingSig.Sign(bData, skpPrimaryKey, strPassphrase);
this.KeyBindingSignature = spKeyBindingSig;
}
public void GenerateKey(string strName, string strEmail, string strKeyType, int iKeySize, long lExpiration, string strPassphrase)
{
if (strKeyType == "ElGamal/DSA")
{
System.Security.Cryptography.RandomNumberGenerator rngRand = System.Security.Cryptography.RandomNumberGenerator.Create();
// let's first create the encryption key
BigInteger[][] biEncryptionKey = GenerateEncryptionKey(iKeySize);
// now the signature key
BigInteger[][] biSignatureKey = GenerateSignatureKey();
PublicKeyPacket pkpSignatureKey = new PublicKeyPacket(false);
pkpSignatureKey.Algorithm = AsymAlgorithms.DSA;
pkpSignatureKey.KeyMaterial = biSignatureKey[0];
pkpSignatureKey.TimeCreated = DateTime.Now;
pkpSignatureKey.Version = PublicKeyPacketVersionNumbers.v4;
SecretKeyPacket skpSignatureKey = new SecretKeyPacket(false);
skpSignatureKey.SymmetricalAlgorithm = SymAlgorithms.AES256;
skpSignatureKey.PublicKey = pkpSignatureKey;
skpSignatureKey.InitialVector = new byte[CipherHelper.CipherBlockSize(SymAlgorithms.AES256)];
rngRand.GetBytes(skpSignatureKey.InitialVector);
skpSignatureKey.EncryptKeyMaterial(biSignatureKey[1], strPassphrase);
skpSignatureKey.PublicKey = pkpSignatureKey;
PublicKeyPacket pkpEncryptionKey = new PublicKeyPacket(true);
pkpEncryptionKey.Algorithm = AsymAlgorithms.ElGamal_Encrypt_Only;
pkpEncryptionKey.KeyMaterial = biEncryptionKey[0];
pkpEncryptionKey.TimeCreated = DateTime.Now;
pkpEncryptionKey.Version = PublicKeyPacketVersionNumbers.v4;
SecretKeyPacket skpEncryptionKey = new SecretKeyPacket(true);
skpEncryptionKey.SymmetricalAlgorithm = SymAlgorithms.AES256;
skpEncryptionKey.PublicKey = pkpEncryptionKey;
skpEncryptionKey.InitialVector = new byte[CipherHelper.CipherBlockSize(SymAlgorithms.AES256)];
rngRand.GetBytes(skpEncryptionKey.InitialVector);
skpEncryptionKey.EncryptKeyMaterial(biEncryptionKey[1], strPassphrase);
skpEncryptionKey.PublicKey = pkpEncryptionKey;
CertifiedUserID cuiUID = new CertifiedUserID();
UserIDPacket uipUID = new UserIDPacket();
uipUID.UserID = strName.Trim() + " <" + strEmail.Trim() + ">";
cuiUID.UserID = uipUID;
SignaturePacket spSelfSig = new SignaturePacket();
spSelfSig.Version = SignaturePacketVersionNumbers.v4;
spSelfSig.HashAlgorithm = HashAlgorithms.SHA1;
spSelfSig.KeyID = pkpSignatureKey.KeyID;
spSelfSig.TimeCreated = DateTime.Now;
SignatureSubPacket sspPrimaryUserID = new SignatureSubPacket();
sspPrimaryUserID.Type = SignatureSubPacketTypes.PrimaryUserID;
sspPrimaryUserID.PrimaryUserID = true;
spSelfSig.AddSubPacket(sspPrimaryUserID, true);
SignatureSubPacket sspPreferedSymAlgos = new SignatureSubPacket();
sspPreferedSymAlgos.Type = SignatureSubPacketTypes.PreferedSymmetricAlgorithms;
sspPreferedSymAlgos.PreferedSymAlgos = new SymAlgorithms[] { SymAlgorithms.AES256, SymAlgorithms.AES192, SymAlgorithms.AES256, SymAlgorithms.CAST5, SymAlgorithms.Triple_DES };
spSelfSig.AddSubPacket(sspPreferedSymAlgos, true);
SignatureSubPacket sspPreferedHashAlgos = new SignatureSubPacket();
sspPreferedHashAlgos.Type = SignatureSubPacketTypes.PreferedHashAlgorithms;
sspPreferedHashAlgos.PreferedHashAlgos = new HashAlgorithms[] { HashAlgorithms.SHA1 };
spSelfSig.AddSubPacket(sspPreferedHashAlgos, true);
if (lExpiration != 0)
{
SignatureSubPacket sspExpiration = new SignatureSubPacket();
sspExpiration.Type = SignatureSubPacketTypes.SignatureExpirationTime;
sspExpiration.SignatureExpirationTime = new DateTime(lExpiration);
spSelfSig.AddSubPacket(sspExpiration, true);
}
cuiUID.Certificates = new System.Collections.ArrayList();
cuiUID.Sign(spSelfSig, skpSignatureKey, strPassphrase, pkpSignatureKey);
CertifiedPublicSubkey cpsEncryptionKey = new CertifiedPublicSubkey();
cpsEncryptionKey.Subkey = pkpEncryptionKey;
cpsEncryptionKey.SignKeyBindingSignature(pkpSignatureKey, skpSignatureKey, strPassphrase, new DateTime(lExpiration), true);
TransportablePublicKey tpkPublicKey = new TransportablePublicKey();
tpkPublicKey.PrimaryKey = pkpSignatureKey;
tpkPublicKey.SubKeys.Add(cpsEncryptionKey);
tpkPublicKey.Certifications.Add(cuiUID);
TransportableSecretKey tskSecretKey = new TransportableSecretKey();
tskSecretKey.PrimaryKey = skpSignatureKey;
tskSecretKey.SubKeys.Add(skpEncryptionKey);
tskSecretKey.UserIDs.Add(uipUID);
this.pkrKeyRing.AddPublicKey(tpkPublicKey);
this.skrKeyRing.AddSecretKey(tskSecretKey);
pkrKeyRing.Save();
skrKeyRing.Save();
// it's an RSA key
}
else if (strKeyType == "RSA")
{
}
}
public void SignKey(ulong lSignedKeyID, ulong lSigningKeyID, string strUserID, int nIntroducerDepth, bool bIsExportable, int nType, string strPassphrase)
{
TransportableSecretKey tskKey = skrKeyRing.Find(lSigningKeyID);
SecretKeyPacket skpSignatureKey = tskKey.FindKey(AsymActions.Sign);
TransportablePublicKey tpkKey = pkrKeyRing.Find(lSignedKeyID, false);
SignaturePacket spCertificate = new SignaturePacket();
spCertificate.SignatureType = (SignatureTypes)nType;
spCertificate.Version = SignaturePacketVersionNumbers.v4;
spCertificate.HashAlgorithm = HashAlgorithms.SHA1;
spCertificate.KeyID = skpSignatureKey.PublicKey.KeyID;
spCertificate.TimeCreated = DateTime.Now;
CertifiedUserID cuiID = null;
IEnumerator ieUserIDs = tpkKey.Certifications.GetEnumerator();
while (ieUserIDs.MoveNext())
{
if (!(ieUserIDs.Current is CertifiedUserID))
{
continue;
}
CertifiedUserID cuiThisID = (CertifiedUserID)ieUserIDs.Current;
if (cuiThisID.ToString() == strUserID)
{
cuiID = cuiThisID;
}
}
if (cuiID == null)
{
throw new Exception("UserID could not be found!");
}
if (bIsExportable == false)
{
SignatureSubPacket sspNotExportable = new SignatureSubPacket();
sspNotExportable.Type = SignatureSubPacketTypes.ExportableSignature;
sspNotExportable.ExportableSignature = false;
spCertificate.AddSubPacket(sspNotExportable, true);
}
if (nIntroducerDepth > 0)
{
SignatureSubPacket sspTrust = new SignatureSubPacket();
sspTrust.Type = SignatureSubPacketTypes.TrustSignature;
sspTrust.TrustLevel = (byte)nIntroducerDepth;
sspTrust.TrustAmount = 120;
spCertificate.AddSubPacket(sspTrust, true);
}
cuiID.Sign(spCertificate, skpSignatureKey, strPassphrase, tpkKey.PrimaryKey);
tpkKey.Certifications.Remove(cuiID);
tpkKey.Certifications.Add(cuiID);
pkrKeyRing.Delete(lSignedKeyID);
pkrKeyRing.AddPublicKey(tpkKey);
pkrKeyRing.Save();
}
public void SignKeyBindingSignature(PublicKeyPacket pkpPrimaryKey, SecretKeyPacket skpPrimaryKey, string strPassphrase, DateTime expirationTime, bool revocable)
{
byte[] bSubKey = new byte[pkpSubkey.Body.Length + 3];
bSubKey[0] = 0x99;
bSubKey[1] = (byte)((pkpSubkey.Body.Length >> 8) & 0xFF);
bSubKey[2] = (byte)(pkpSubkey.Body.Length & 0xFF);
Array.Copy(pkpSubkey.Body, 0, bSubKey, 3, pkpSubkey.Body.Length);
byte[] bPrimaryKey = new byte[pkpPrimaryKey.Body.Length + 3];
bPrimaryKey[0] = 0x99;
bPrimaryKey[1] = (byte)((pkpPrimaryKey.Body.Length >> 8) & 0xFF);
bPrimaryKey[2] = (byte)(pkpPrimaryKey.Body.Length & 0xFF);
Array.Copy(pkpPrimaryKey.Body, 0, bPrimaryKey, 3, pkpPrimaryKey.Body.Length);
byte[] bData = new byte[bPrimaryKey.Length + bSubKey.Length];
Array.Copy(bPrimaryKey, 0, bData, 0, bPrimaryKey.Length);
Array.Copy(bSubKey, 0, bData, bPrimaryKey.Length, bSubKey.Length);
SignaturePacket spKeyBindingSig = new SignaturePacket();
spKeyBindingSig.Version = SignaturePacketVersionNumbers.v4;
spKeyBindingSig.HashAlgorithm = HashAlgorithms.SHA1;
spKeyBindingSig.KeyID = pkpPrimaryKey.KeyID;
spKeyBindingSig.SignatureType = SignatureTypes.SubkeyBindingSignature;
if(expirationTime.Ticks != 0) {
SignatureSubPacket sspExpiration = new SignatureSubPacket();
sspExpiration.Type = SignatureSubPacketTypes.KeyExpirationTime;
sspExpiration.KeyExpirationTime = new DateTime(expirationTime.Ticks + (new DateTime(1970,1,2)).Ticks - pkpPrimaryKey.TimeCreated.Ticks);
spKeyBindingSig.AddSubPacket(sspExpiration, true);
}
if(!revocable) {
SignatureSubPacket sspRevocable = new SignatureSubPacket();
sspRevocable.Type = SignatureSubPacketTypes.Revocable;
sspRevocable.Revocable = revocable;
spKeyBindingSig.AddSubPacket(sspRevocable, true);
}
spKeyBindingSig.Sign(bData, skpPrimaryKey, strPassphrase);
this.KeyBindingSignature = spKeyBindingSig;
}
