/// <summary>
/// Is key allowed for signing?
/// </summary>
/// <remarks>
/// Checks both key algorithm and also key flags.
/// </remarks>
/// <param name="key"></param>
/// <param name="strict"></param>
/// <returns></returns>
public bool IsSigningKey(PgpPublicKey key)
{
foreach (PgpSignature sig in key.GetSignatures())
{
var hashedSubPackets = sig.GetHashedSubPackets();
if (hashedSubPackets == null)
continue;
if (!hashedSubPackets.HasSubpacket(SignatureSubpacketTag.KeyFlags))
continue;
var keyFlags = hashedSubPackets.GetKeyFlags();
if ((keyFlags & KeyFlags.SignData) > 0)
return true;
return false;
}
// Only use alg if keyflags is missing
if (IsSigningAlg(key))
return true;
return false;
}
/// <summary>
/// Is key allowed for encryption?
/// </summary>
/// <remarks>
/// Checks both key algorithm and also key flags.
/// </remarks>
/// <param name="key"></param>
/// <returns></returns>
public bool IsEncryptionKey(PgpPublicKey key)
{
// First check key use flags
foreach (PgpSignature sig in key.GetSignatures())
{
var hashedSubPackets = sig.GetHashedSubPackets();
if (hashedSubPackets == null)
continue;
if (!hashedSubPackets.HasSubpacket(SignatureSubpacketTag.KeyFlags))
continue;
var keyFlags = hashedSubPackets.GetKeyFlags();
if ((keyFlags & KeyFlags.EncryptComms) > 0)
return true;
if ((keyFlags & KeyFlags.EncryptStorage) > 0)
return true;
return false;
}
// NOTE: Some keys do not have flags set. Instead use
// the alg type. But only those specific to encryption.
if (IsEncryptionAlg(key))
return true;
return false;
}
/// <summary>
/// Is key allowed for signing?
/// </summary>
/// <remarks>
/// Checks both key algorithm and also key flags.
/// </remarks>
/// <param name="key"></param>
/// <returns></returns>
public bool IsSigningKey(PgpPublicKey key)
{
foreach (PgpSignature sig in key.GetSignatures())
{
var hashedSubPackets = sig.GetHashedSubPackets();
if (hashedSubPackets == null)
continue;
var keyFlags = hashedSubPackets.GetKeyFlags();
if ((keyFlags & KeyFlags.SignData) > 0)
return true;
}
if (IsSigningAlg(key))
return true;
return false;
}
