public void Generate() { // Master/Signing key var ecdsa = ECDsa.Create(ECCurve.NamedCurves.nistP256); // Encryption key var ecdh = ECDiffieHellman.Create(ECCurve.NamedCurves.nistP256); // Generate a key ring var passPhrase = "test"; PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(ecdsa, "*****@*****.**", passPhrase); keyRingGen.AddSubKey(ecdh); PgpPublicKeyRing pubRing = keyRingGen.GeneratePublicKeyRing(); // TODO: add check of KdfParameters DoBasicKeyRingCheck(pubRing); PgpSecretKeyRing secRing = keyRingGen.GenerateSecretKeyRing(); PgpPublicKeyRing pubRingEnc = new PgpPublicKeyRing(pubRing.GetEncoded()); Assert.That(pubRing.GetEncoded(), Is.EqualTo(pubRingEnc.GetEncoded()), "public key ring encoding failed"); PgpSecretKeyRing secRingEnc = new PgpSecretKeyRing(secRing.GetEncoded()); Assert.That(secRing.GetEncoded(), Is.EqualTo(secRingEnc.GetEncoded()), "secret key ring encoding failed"); PgpPrivateKey pgpPrivKey = secRing.GetSecretKey().ExtractPrivateKey(passPhrase); }
private void Generate() { SecureRandom random = SecureRandom.GetInstance("SHA1PRNG"); // // Generate a master key // IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); keyGen.Init(new ECKeyGenerationParameters(SecObjectIdentifiers.SecP256r1, random)); AsymmetricCipherKeyPair kpSign = keyGen.GenerateKeyPair(); PgpKeyPair ecdsaKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ECDsa, kpSign, DateTime.UtcNow); // // Generate an encryption key // keyGen = GeneratorUtilities.GetKeyPairGenerator("ECDH"); keyGen.Init(new ECKeyGenerationParameters(SecObjectIdentifiers.SecP256r1, random)); AsymmetricCipherKeyPair kpEnc = keyGen.GenerateKeyPair(); PgpKeyPair ecdhKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ECDH, kpEnc, DateTime.UtcNow); // // Generate a key ring // char[] passPhrase = "test".ToCharArray(); PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, ecdsaKeyPair, "*****@*****.**", SymmetricKeyAlgorithmTag.Aes256, passPhrase, true, null, null, random); keyRingGen.AddSubKey(ecdhKeyPair); PgpPublicKeyRing pubRing = keyRingGen.GeneratePublicKeyRing(); // TODO: add check of KdfParameters DoBasicKeyRingCheck(pubRing); PgpSecretKeyRing secRing = keyRingGen.GenerateSecretKeyRing(); PgpPublicKeyRing pubRingEnc = new PgpPublicKeyRing(pubRing.GetEncoded()); if (!Arrays.AreEqual(pubRing.GetEncoded(), pubRingEnc.GetEncoded())) { Fail("public key ring encoding failed"); } PgpSecretKeyRing secRingEnc = new PgpSecretKeyRing(secRing.GetEncoded()); if (!Arrays.AreEqual(secRing.GetEncoded(), secRingEnc.GetEncoded())) { Fail("secret key ring encoding failed"); } PgpPrivateKey pgpPrivKey = secRing.GetSecretKey().ExtractPrivateKey(passPhrase); }
/// <summary> /// Create master signing key. /// </summary> /// <param name="keyRingGen"> /// Key ring generator. /// </param> /// <param name="identity"> /// Identity of the key. /// </param> /// <param name="password"> /// Password to protect the secret key. /// </param> /// <param name="expires"> /// Key expiry; null means never expires. /// </param> /// <param name="encryptKeyLength"> /// Length of the encryption key. /// </param> /// <param name="encryptGenerator"> /// Generator for the encryption key. /// </param> /// <param name="encryptionAlgorithm"> /// Encryption algorithm. /// </param> /// <param name="symmetricAlgorithm"> /// Symmetric algorithm. /// </param> /// <returns> /// Returns the <see cref="PgpKeyRingGenerator"/> with the keyring properties /// thus far. /// </returns> public static PgpKeyRingGenerator CreateEncryptionSubkey( PgpKeyRingGenerator keyRingGen, string identity, string password, DateTime?expires, int encryptKeyLength = 2048, string encryptGenerator = "RSA", PublicKeyAlgorithmTag encryptionAlgorithm = PublicKeyAlgorithmTag.RsaEncrypt, SymmetricKeyAlgorithmTag symmetricAlgorithm = SymmetricKeyAlgorithmTag.Aes256) { var keyringParameters = new KeyRingParameters(encryptKeyLength, encryptGenerator) { Password = password, Identity = identity, PrivateKeyEncryptionAlgorithm = symmetricAlgorithm, SymmetricAlgorithms = new[] { SymmetricKeyAlgorithmTag.Aes256, SymmetricKeyAlgorithmTag.Aes192, SymmetricKeyAlgorithmTag.Aes128 }, HashAlgorithms = new[] { HashAlgorithmTag.Sha256, HashAlgorithmTag.Sha1, HashAlgorithmTag.Sha384, HashAlgorithmTag.Sha512, HashAlgorithmTag.Sha224, } }; // encryption key var generator = GeneratorUtilities.GetKeyPairGenerator(encryptGenerator); generator.Init(keyringParameters.KeyParams); var encKeyPair = new PgpKeyPair(encryptionAlgorithm, generator.GenerateKeyPair(), DateTime.UtcNow); var symmetricAlgorithms = (from a in keyringParameters.SymmetricAlgorithms select(int) a).ToArray(); var hashAlgorithms = (from a in keyringParameters.HashAlgorithms select(int) a).ToArray(); Debug.WriteLine("Generated encryption key with ID " + encKeyPair.KeyId.ToString("X")); var encSubpckGen = new PgpSignatureSubpacketGenerator(); encSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanEncryptCommunications | PgpKeyFlags.CanEncryptStorage); encSubpckGen.SetPreferredSymmetricAlgorithms(false, symmetricAlgorithms); encSubpckGen.SetPreferredHashAlgorithms(false, hashAlgorithms); if (expires != null) { encSubpckGen.SetKeyExpirationTime(false, (long)((DateTime)expires - DateTime.Now).TotalSeconds); } // add encryption subkey to keyring keyRingGen.AddSubKey(encKeyPair, encSubpckGen.Generate(), null); return(keyRingGen); }
private static PgpKeyRingGenerator GeneratePgpRingKeys(string identity, string password) { var keyRingParams = new KeyRingParams { Password = password, Identity = identity, PrivateKeyEncryptionAlgorithm = SymmetricKeyAlgorithmTag.Aes128, SymmetricAlgorithms = new SymmetricKeyAlgorithmTag[] { SymmetricKeyAlgorithmTag.Aes256, SymmetricKeyAlgorithmTag.Aes192, SymmetricKeyAlgorithmTag.Aes128 }, HashAlgorithms = new HashAlgorithmTag[] { HashAlgorithmTag.Sha256, HashAlgorithmTag.Sha1, HashAlgorithmTag.Sha384, HashAlgorithmTag.Sha512, HashAlgorithmTag.Sha224, } }; var generator = GeneratorUtilities.GetKeyPairGenerator("RSA"); generator.Init(keyRingParams.RsaParams); var masterKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.RsaSign, generator.GenerateKeyPair(), DateTime.UtcNow); Debug.WriteLine("Generated master key with Id {0}", masterKeyPair.KeyId.ToString("x")); var masterSubpckGen = new PgpSignatureSubpacketGenerator(); masterSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanSign | PgpKeyFlags.CanCertify); masterSubpckGen.SetPreferredSymmetricAlgorithms(false, (from a in keyRingParams.SymmetricAlgorithms select(int) a).ToArray()); masterSubpckGen.SetPreferredHashAlgorithms(false, (from a in keyRingParams.HashAlgorithms select(int) a).ToArray()); var encKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.RsaGeneral, generator.GenerateKeyPair(), DateTime.UtcNow); Debug.WriteLine("Generated encryption key with Id {0}", encKeyPair.KeyId.ToString("x")); var encSubpckGen = new PgpSignatureSubpacketGenerator(); encSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanEncryptCommunications | PgpKeyFlags.CanEncryptStorage); masterSubpckGen.SetPreferredSymmetricAlgorithms(false, (from a in keyRingParams.SymmetricAlgorithms select(int) a).ToArray()); masterSubpckGen.SetPreferredHashAlgorithms(false, (from a in keyRingParams.HashAlgorithms select(int) a).ToArray()); var keyRingGen = new PgpKeyRingGenerator(PgpSignature.DefaultCertification, masterKeyPair, keyRingParams.Identity, keyRingParams.PrivateKeyEncryptionAlgorithm.Value, keyRingParams.GetPassword(), true, masterSubpckGen.Generate(), null, new SecureRandom()); keyRingGen.AddSubKey(encKeyPair, encSubpckGen.Generate(), null); return(keyRingGen); }
private void Generate() { SecureRandom random = SecureRandom.GetInstance("SHA1PRNG"); // // Generate a master key // IAsymmetricCipherKeyPairGenerator keyGen = GeneratorUtilities.GetKeyPairGenerator("ECDSA"); keyGen.Init(new ECKeyGenerationParameters(SecObjectIdentifiers.SecP256r1, random)); AsymmetricCipherKeyPair kpSign = keyGen.GenerateKeyPair(); PgpKeyPair ecdsaKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ECDsa, kpSign, DateTime.UtcNow); // // Generate an encryption key // keyGen = GeneratorUtilities.GetKeyPairGenerator("ECDH"); keyGen.Init(new ECKeyGenerationParameters(SecObjectIdentifiers.SecP256r1, random)); AsymmetricCipherKeyPair kpEnc = keyGen.GenerateKeyPair(); PgpKeyPair ecdhKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ECDH, kpEnc, DateTime.UtcNow); // // Generate a key ring // char[] passPhrase = "test".ToCharArray(); PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, ecdsaKeyPair, "*****@*****.**", SymmetricKeyAlgorithmTag.Aes256, passPhrase, true, null, null, random); keyRingGen.AddSubKey(ecdhKeyPair); PgpPublicKeyRing pubRing = keyRingGen.GeneratePublicKeyRing(); // TODO: add check of KdfParameters DoBasicKeyRingCheck(pubRing); PgpSecretKeyRing secRing = keyRingGen.GenerateSecretKeyRing(); PgpPublicKeyRing pubRingEnc = new PgpPublicKeyRing(pubRing.GetEncoded()); if (!Arrays.AreEqual(pubRing.GetEncoded(), pubRingEnc.GetEncoded())) { Fail("public key ring encoding failed"); } PgpSecretKeyRing secRingEnc = new PgpSecretKeyRing(secRing.GetEncoded()); if (!Arrays.AreEqual(secRing.GetEncoded(), secRingEnc.GetEncoded())) { Fail("secret key ring encoding failed"); } PgpPrivateKey pgpPrivKey = secRing.GetSecretKey().ExtractPrivateKey(passPhrase); }
public static PgpKeyRingGenerator GenerateKeyRing(String id, byte[] pass, RSAKeySize keysize) { RsaKeyPairGenerator kpg = new RsaKeyPairGenerator(); kpg.Init(new KeyGenerationParameters(new SecureRandom(), 4096)); AsymmetricCipherKeyPair rsakeys = kpg.GenerateKeyPair(); PgpKeyPair rsakp_sign = new PgpKeyPair(PublicKeyAlgorithmTag.RsaSign, rsakeys, DateTime.UtcNow); PgpKeyPair rsakp_enc = new PgpKeyPair(PublicKeyAlgorithmTag.RsaEncrypt, rsakeys, DateTime.UtcNow); PgpSignatureSubpacketGenerator signhashgen = new PgpSignatureSubpacketGenerator(); signhashgen.SetKeyFlags(false, KeyFlags.SignData | KeyFlags.CertifyOther); signhashgen.SetPreferredSymmetricAlgorithms (false, new int[] { (int)SymmetricKeyAlgorithmTag.Aes256, (int)SymmetricKeyAlgorithmTag.Camellia256 }); signhashgen.SetPreferredHashAlgorithms (false, new int[] { (int)HashAlgorithmTag.Sha256, (int)HashAlgorithmTag.Sha384, (int)HashAlgorithmTag.Sha512 }); signhashgen.SetFeature(false, Features.FEATURE_MODIFICATION_DETECTION); // Create a signature on the encryption subkey. PgpSignatureSubpacketGenerator enchashgen = new PgpSignatureSubpacketGenerator(); enchashgen.SetKeyFlags(false, KeyFlags.EncryptComms | KeyFlags.EncryptStorage | KeyFlags.Authentication); PgpKeyRingGenerator pgpKeyRing = new PgpKeyRingGenerator( PgpSignature.DefaultCertification, rsakp_sign, id, SymmetricKeyAlgorithmTag.Aes256, pass, false, signhashgen.Generate(), null, new SecureRandom() ); pgpKeyRing.AddSubKey(rsakp_enc, enchashgen.Generate(), null, HashAlgorithmTag.Sha512); return(pgpKeyRing); }
public static PgpKeyRingGenerator GenerateKeyRingGenerator(KeyRingParams keyRingParams) { var generator = GeneratorUtilities.GetKeyPairGenerator("RSA"); generator.Init(keyRingParams.RsaParams()); /* Create the master (signing-only) key. */ var masterKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.RsaSign, generator.GenerateKeyPair(), DateTime.UtcNow); Debug.WriteLine("Generated master key with ID " + masterKeyPair.KeyId.ToString("X")); var masterSubpckGen = new PgpSignatureSubpacketGenerator(); masterSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanSign | PgpKeyFlags.CanCertify); masterSubpckGen.SetPreferredSymmetricAlgorithms(false, keyRingParams.SymmetricAlgorithms.Select(a => (int)a).ToArray()); masterSubpckGen.SetPreferredHashAlgorithms(false, keyRingParams.HashAlgorithms.Select(a => (int)a).ToArray()); /* Create a signing and encryption key for daily use. */ var encKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.RsaGeneral, generator.GenerateKeyPair(), DateTime.UtcNow); Debug.WriteLine("Generated encryption key with ID " + encKeyPair.KeyId.ToString("X")); var encSubpckGen = new PgpSignatureSubpacketGenerator(); encSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanEncryptCommunications | PgpKeyFlags.CanEncryptStorage); masterSubpckGen.SetPreferredSymmetricAlgorithms(false, (keyRingParams.SymmetricAlgorithms.Select(a => (int)a)).ToArray()); masterSubpckGen.SetPreferredHashAlgorithms(false, (keyRingParams.HashAlgorithms.Select(a => (int)a)).ToArray()); /* Create the key ring. */ var keyRingGen = new PgpKeyRingGenerator( PgpSignature.DefaultCertification, masterKeyPair, keyRingParams.Identity, keyRingParams.PrivateKeyEncryptionAlgorithm.Value, keyRingParams.GetPassword(), true, masterSubpckGen.Generate(), null, new SecureRandom()); /* Add encryption subkey. */ keyRingGen.AddSubKey(encKeyPair, encSubpckGen.Generate(), null); return(keyRingGen); }
public void Generate25519() { // Generate a master key var ecdsa = new Ed25519(); // Generate an encryption key var ecdh = new X25519(); // Generate a key ring var passPhrase = "test"; PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(ecdsa, "*****@*****.**", passPhrase); keyRingGen.AddSubKey(ecdh); PgpPublicKeyRing pubRing = keyRingGen.GeneratePublicKeyRing(); // TODO: add check of KdfParameters DoBasicKeyRingCheck(pubRing); PgpSecretKeyRing secRing = keyRingGen.GenerateSecretKeyRing(); PgpPublicKeyRing pubRingEnc = new PgpPublicKeyRing(pubRing.GetEncoded()); Assert.That(pubRing.GetEncoded(), Is.EqualTo(pubRingEnc.GetEncoded()), "public key ring encoding failed"); PgpSecretKeyRing secRingEnc = new PgpSecretKeyRing(secRing.GetEncoded()); Assert.That(secRing.GetEncoded(), Is.EqualTo(secRingEnc.GetEncoded()), "secret key ring encoding failed"); // Extract back the ECDH key and verify the encoded values to ensure correct endianness PgpSecretKey pgpSecretKey = secRing.GetSecretKey(pubRing.GetPublicKey().KeyId); PgpPrivateKey pgpPrivKey = pgpSecretKey.ExtractPrivateKey(passPhrase); /*if (!Arrays.AreEqual(((X25519PrivateKeyParameters)kpEnc.Private).GetEncoded(), ((X25519PrivateKeyParameters)pgpPrivKey.Key).GetEncoded())) * { * Fail("private key round trip failed"); * } * if (!Arrays.AreEqual(((X25519PublicKeyParameters)kpEnc.Public).GetEncoded(), ((X25519PublicKeyParameters)pgpSecretKey.PublicKey.GetKey()).GetEncoded())) * { * Fail("private key round trip failed"); * }*/ }
void AddEncryptionKeyPair(PgpKeyRingGenerator keyRingGenerator, KeyGenerationParameters parameters, PublicKeyAlgorithmTag algorithm, DateTime now, long expirationTime, int[] encryptionAlgorithms, int[] digestAlgorithms) { var keyPairGenerator = GeneratorUtilities.GetKeyPairGenerator("RSA"); keyPairGenerator.Init(parameters); var keyPair = new PgpKeyPair(algorithm, keyPairGenerator.GenerateKeyPair(), now); var subpacketGenerator = new PgpSignatureSubpacketGenerator(); subpacketGenerator.SetKeyFlags(false, PgpKeyFlags.CanEncryptCommunications | PgpKeyFlags.CanEncryptStorage); subpacketGenerator.SetPreferredSymmetricAlgorithms(false, encryptionAlgorithms); subpacketGenerator.SetPreferredHashAlgorithms(false, digestAlgorithms); if (expirationTime > 0) { subpacketGenerator.SetKeyExpirationTime(false, expirationTime); subpacketGenerator.SetSignatureExpirationTime(false, expirationTime); } keyRingGenerator.AddSubKey(keyPair, subpacketGenerator.Generate(), null); }
public static void ExportKeyPair( Stream secretOut, Stream publicOut, AsymmetricCipherKeyPair dsaKp, AsymmetricCipherKeyPair elgKp, string identity, char[] passPhrase, bool armor) { if (armor) { secretOut = new ArmoredOutputStream(secretOut); } PgpKeyPair dsaKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa, dsaKp, DateTime.UtcNow); PgpKeyPair elgKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ElGamalEncrypt, elgKp, DateTime.UtcNow); // Prepare a strong Secure Random with seed SecureRandom secureRandom = PgpEncryptionUtil.GetSecureRandom(); PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, dsaKeyPair, identity, SymmetricKeyAlgorithmTag.Aes256, passPhrase, true, null, null, secureRandom); keyRingGen.AddSubKey(elgKeyPair); keyRingGen.GenerateSecretKeyRing().Encode(secretOut); if (armor) { secretOut.Dispose(); publicOut = new ArmoredOutputStream(publicOut); } keyRingGen.GeneratePublicKeyRing().Encode(publicOut); if (armor) { publicOut.Dispose(); } }
private static void ExportKeyPair( Stream secretOut, Stream publicOut, IAsymmetricCipherKeyPair signingKey, IAsymmetricCipherKeyPair encryptionKey, string identity, char[] passPhrase, bool armor, ISecureRandom random) { if (armor) { secretOut = new ArmoredOutputStream(secretOut); } var masterKey = new PgpKeyPair(PublicKeyAlgorithmTag.Ecdsa, signingKey, DateTime.UtcNow); var subKey = new PgpKeyPair(PublicKeyAlgorithmTag.Ecdh, encryptionKey, DateTime.UtcNow); var keyRingGenerator = new PgpKeyRingGenerator( PgpSignature.PositiveCertification, masterKey, identity, SymmetricKeyAlgorithmTag.Aes256, HashAlgorithmTag.Sha256, passPhrase, true, null, null, random); keyRingGenerator.AddSubKey(subKey); keyRingGenerator.GenerateSecretKeyRing().Encode(secretOut); if (armor) { secretOut.Close(); publicOut = new ArmoredOutputStream(publicOut); } keyRingGenerator.GeneratePublicKeyRing().Encode(publicOut); { publicOut.Close(); } }
/// <summary> /// Generates a <see cref="PgpKeyRingGenerator"/> /// </summary> /// <param name="identity"> /// The name of the identity. /// </param> /// <param name="password"> /// The passphrase used to protect the keyring.</param> /// <returns> /// A <see cref="PgpKeyRingGenerator"/>. /// </returns> public static PgpKeyRingGenerator GenerateKeyRingGenerator(string identity, string password) { var rsaParams = new RsaKeyGenerationParameters(BigInteger.ValueOf(0x10001), new SecureRandom(), 2048, 12); var symmetricAlgorithms = new SymmetricKeyAlgorithmTag[] { SymmetricKeyAlgorithmTag.Aes256, SymmetricKeyAlgorithmTag.Aes192, SymmetricKeyAlgorithmTag.Aes128 }.Select(a => (int)a).ToArray(); var hashAlgorithms = new HashAlgorithmTag[] { HashAlgorithmTag.Sha256, HashAlgorithmTag.Sha1, HashAlgorithmTag.Sha384, HashAlgorithmTag.Sha512, HashAlgorithmTag.Sha224, }.Select(a => (int)a).ToArray(); IAsymmetricCipherKeyPairGenerator generator = GeneratorUtilities.GetKeyPairGenerator("RSA"); generator.Init(rsaParams); // Create the master (signing-only) key. PgpKeyPair masterKeyPair = new PgpKeyPair( PublicKeyAlgorithmTag.RsaSign, generator.GenerateKeyPair(), DateTime.UtcNow); PgpSignatureSubpacketGenerator masterSubpckGen = new PgpSignatureSubpacketGenerator(); masterSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanSign | PgpKeyFlags.CanCertify); masterSubpckGen.SetPreferredSymmetricAlgorithms(false, symmetricAlgorithms); masterSubpckGen.SetPreferredHashAlgorithms(false, hashAlgorithms); // Create a signing and encryption key for daily use. PgpKeyPair encKeyPair = new PgpKeyPair( PublicKeyAlgorithmTag.RsaGeneral, generator.GenerateKeyPair(), DateTime.UtcNow); PgpSignatureSubpacketGenerator encSubpckGen = new PgpSignatureSubpacketGenerator(); encSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanEncryptCommunications | PgpKeyFlags.CanEncryptStorage); masterSubpckGen.SetPreferredSymmetricAlgorithms(false, symmetricAlgorithms); masterSubpckGen.SetPreferredHashAlgorithms(false, hashAlgorithms); // Create the key ring. PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator( PgpSignature.DefaultCertification, masterKeyPair, identity, SymmetricKeyAlgorithmTag.Aes128, password.ToCharArray(), true, masterSubpckGen.Generate(), null, new SecureRandom()); // Add encryption subkey. keyRingGen.AddSubKey(encKeyPair, encSubpckGen.Generate(), null); return(keyRingGen); }
private static void ExportKeyPair( Stream secretOut, Stream publicOut, IAsymmetricCipherKeyPair signingKey, IAsymmetricCipherKeyPair encryptionKey, string identity, char[] passPhrase, bool armor, ISecureRandom random) { if (armor) { secretOut = new ArmoredOutputStream(secretOut); } var masterKey = new PgpKeyPair(PublicKeyAlgorithmTag.Ecdsa, signingKey, DateTime.UtcNow); var subKey = new PgpKeyPair(PublicKeyAlgorithmTag.Ecdh, encryptionKey, DateTime.UtcNow); var keyRingGenerator = new PgpKeyRingGenerator( PgpSignature.PositiveCertification, masterKey, identity, SymmetricKeyAlgorithmTag.Aes256, HashAlgorithmTag.Sha256, passPhrase, true, null, null, random); keyRingGenerator.AddSubKey(subKey); keyRingGenerator.GenerateSecretKeyRing().Encode(secretOut); if (armor) { secretOut.Close(); publicOut = new ArmoredOutputStream(publicOut); } keyRingGenerator.GeneratePublicKeyRing().Encode(publicOut); { publicOut.Close(); } }
public void GenerateTest() { char[] passPhrase = "hello".ToCharArray(); DsaParametersGenerator pGen = new DsaParametersGenerator(); pGen.Init(512, 80, new SecureRandom()); DsaParameters dsaParams = pGen.GenerateParameters(); DsaKeyGenerationParameters dsaKgp = new DsaKeyGenerationParameters(new SecureRandom(), dsaParams); IAsymmetricCipherKeyPairGenerator dsaKpg = GeneratorUtilities.GetKeyPairGenerator("DSA"); dsaKpg.Init(dsaKgp); // // this takes a while as the key generator has to Generate some DSA parameters // before it Generates the key. // AsymmetricCipherKeyPair dsaKp = dsaKpg.GenerateKeyPair(); IAsymmetricCipherKeyPairGenerator elgKpg = GeneratorUtilities.GetKeyPairGenerator("ELGAMAL"); BigInteger g = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16); BigInteger p = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16); ElGamalParameters elParams = new ElGamalParameters(p, g); ElGamalKeyGenerationParameters elKgp = new ElGamalKeyGenerationParameters(new SecureRandom(), elParams); elgKpg.Init(elKgp); // // this is quicker because we are using preGenerated parameters. // AsymmetricCipherKeyPair elgKp = elgKpg.GenerateKeyPair(); PgpKeyPair dsaKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.Dsa, dsaKp, DateTime.UtcNow); PgpKeyPair elgKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.ElGamalEncrypt, elgKp, DateTime.UtcNow); PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator(PgpSignature.PositiveCertification, dsaKeyPair, "test", SymmetricKeyAlgorithmTag.Aes256, passPhrase, null, null, new SecureRandom()); keyRingGen.AddSubKey(elgKeyPair); PgpSecretKeyRing keyRing = keyRingGen.GenerateSecretKeyRing(); keyRing.GetSecretKey().ExtractPrivateKey(passPhrase); PgpPublicKeyRing pubRing = keyRingGen.GeneratePublicKeyRing(); PgpPublicKey vKey = null; PgpPublicKey sKey = null; foreach (PgpPublicKey pk in pubRing.GetPublicKeys()) { if (pk.IsMasterKey) { vKey = pk; } else { sKey = pk; } } foreach (PgpSignature sig in sKey.GetSignatures()) { if (sig.KeyId == vKey.KeyId && sig.SignatureType == PgpSignature.SubkeyBinding) { sig.InitVerify(vKey); if (!sig.VerifyCertification(vKey, sKey)) { Fail("failed to verify sub-key signature."); } } } }
/* * Creates a key ring generator and returns to caller */ public static PgpKeyRingGenerator GetKeyRingGenerator( ApplicationContext context, Node args, string identity, string password, DateTime expires, int strength, long publicExponent, int certainty) { // Creating a secure random generator to use when creating keypairs, seeding with all sorts of different unique values var sr = CreateNewSecureRandom(context, args); // Creating our generator IAsymmetricCipherKeyPairGenerator generator = GeneratorUtilities.GetKeyPairGenerator("RSA"); generator.Init( new RsaKeyGenerationParameters( BigInteger.ValueOf(publicExponent), sr, strength, certainty)); // Creates the master key (signing-only key) PgpKeyPair masterKeyPair = new PgpKeyPair( PublicKeyAlgorithmTag.RsaGeneral, generator.GenerateKeyPair(), DateTime.UtcNow); PgpSignatureSubpacketGenerator masterSubPacketGenerator = new PgpSignatureSubpacketGenerator(); masterSubPacketGenerator.SetKeyFlags(false, PgpKeyFlags.CanSign | PgpKeyFlags.CanCertify); masterSubPacketGenerator.SetPreferredSymmetricAlgorithms(false, new SymmetricKeyAlgorithmTag [] { SymmetricKeyAlgorithmTag.Aes256, SymmetricKeyAlgorithmTag.Aes192, SymmetricKeyAlgorithmTag.Aes128 }.Select(ix => (int)ix).ToArray()); masterSubPacketGenerator.SetPreferredHashAlgorithms(false, new HashAlgorithmTag [] { HashAlgorithmTag.Sha256, HashAlgorithmTag.Sha1, HashAlgorithmTag.Sha384, HashAlgorithmTag.Sha512, HashAlgorithmTag.Sha224 }.Select(ix => (int)ix).ToArray()); masterSubPacketGenerator.SetKeyExpirationTime(false, (long)(expires - DateTime.Now).TotalSeconds); // Creating a new secure random generator to use when creating keypairs, seeding with all sorts of different unique values sr = CreateNewSecureRandom(context, args); // Create signing and encryption key, for daily use PgpKeyPair encryptionKeyPair = new PgpKeyPair( PublicKeyAlgorithmTag.RsaGeneral, generator.GenerateKeyPair(), DateTime.UtcNow); PgpSignatureSubpacketGenerator encryptionSubPacketGenerator = new PgpSignatureSubpacketGenerator(); encryptionSubPacketGenerator.SetKeyFlags(false, PgpKeyFlags.CanEncryptCommunications | PgpKeyFlags.CanEncryptStorage | PgpKeyFlags.CanSign); encryptionSubPacketGenerator.SetKeyExpirationTime(false, (long)(expires - DateTime.Now).TotalSeconds); // Creating keyring PgpKeyRingGenerator keyRingGenerator = new PgpKeyRingGenerator( PgpSignature.DefaultCertification, masterKeyPair, identity, SymmetricKeyAlgorithmTag.Aes256, password.ToCharArray(), true, masterSubPacketGenerator.Generate(), null, sr); // Add encryption subkey keyRingGenerator.AddSubKey(encryptionKeyPair, encryptionSubPacketGenerator.Generate(), null); // Returning keyring to caller return(keyRingGenerator); }
public static PgpKeyRingGenerator GenerateKeyRing(string identity, string password) { var keyRingParams = new KeyRingParams { Password = password, Identity = identity, PrivateKeyEncryptionAlgorithm = SymmetricKeyAlgorithmTag.Aes128, SymmetricAlgorithms = new SymmetricKeyAlgorithmTag[] { SymmetricKeyAlgorithmTag.Aes256, SymmetricKeyAlgorithmTag.Aes192, SymmetricKeyAlgorithmTag.Aes128 }, HashAlgorithms = new HashAlgorithmTag[] { HashAlgorithmTag.Sha256, HashAlgorithmTag.Sha1, HashAlgorithmTag.Sha384, HashAlgorithmTag.Sha512, HashAlgorithmTag.Sha224, } }; var generator = GeneratorUtilities.GetKeyPairGenerator("RSA"); generator.Init(keyRingParams.RsaParams); /* Create the master (signing-only) key. */ var masterKeyPair = new PgpKeyPair(PublicKeyAlgorithmTag.RsaSign, generator.GenerateKeyPair(), DateTime.UtcNow); var masterSubpckGen = new PgpSignatureSubpacketGenerator(); masterSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanSign | PgpKeyFlags.CanCertify); masterSubpckGen.SetPreferredSymmetricAlgorithms(false, (from a in keyRingParams.SymmetricAlgorithms select(int) a).ToArray()); masterSubpckGen.SetPreferredHashAlgorithms(false, (from a in keyRingParams.HashAlgorithms select(int) a).ToArray()); /* Create a signing and encryption key for daily use. */ var encKeyPair = new PgpKeyPair( PublicKeyAlgorithmTag.RsaGeneral, generator.GenerateKeyPair(), DateTime.UtcNow); var encSubpckGen = new PgpSignatureSubpacketGenerator(); encSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanEncryptCommunications | PgpKeyFlags.CanEncryptStorage); masterSubpckGen.SetPreferredSymmetricAlgorithms(false, (from a in keyRingParams.SymmetricAlgorithms select(int) a).ToArray()); masterSubpckGen.SetPreferredHashAlgorithms(false, (from a in keyRingParams.HashAlgorithms select(int) a).ToArray()); /* Create the key ring. */ PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator( PgpSignature.DefaultCertification, masterKeyPair, keyRingParams.Identity, keyRingParams.PrivateKeyEncryptionAlgorithm.Value, keyRingParams.GetPassword(), true, masterSubpckGen.Generate(), null, new SecureRandom()); /* Add encryption subkey. */ keyRingGen.AddSubKey(encKeyPair, encSubpckGen.Generate(), null); return(keyRingGen); }
public static PgpKeyRingGenerator generateKeyRingGenerator(String identity, String password) { KeyRingParams keyRingParams = new KeyRingParams(); keyRingParams.Password = password; keyRingParams.Identity = identity; keyRingParams.PrivateKeyEncryptionAlgorithm = SymmetricKeyAlgorithmTag.Aes256; keyRingParams.SymmetricAlgorithms = new SymmetricKeyAlgorithmTag[] { SymmetricKeyAlgorithmTag.Cast5 /*SymmetricKeyAlgorithmTag.Aes256, * SymmetricKeyAlgorithmTag.Aes192, * SymmetricKeyAlgorithmTag.Aes128*/ }; keyRingParams.HashAlgorithms = new HashAlgorithmTag[] { HashAlgorithmTag.Sha512, }; IAsymmetricCipherKeyPairGenerator generator = GeneratorUtilities.GetKeyPairGenerator("RSA"); generator.Init(keyRingParams.RsaParams); /* Create the master (signing-only) key. */ PgpKeyPair masterKeyPair = new PgpKeyPair( PublicKeyAlgorithmTag.RsaSign, generator.GenerateKeyPair(), DateTime.UtcNow); //Debug.WriteLine("Generated master key with ID " // + masterKeyPair.KeyId.ToString("X")); PgpSignatureSubpacketGenerator masterSubpckGen = new PgpSignatureSubpacketGenerator(); masterSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanSign | PgpKeyFlags.CanCertify); masterSubpckGen.SetPreferredSymmetricAlgorithms(false, (from a in keyRingParams.SymmetricAlgorithms select(int) a).ToArray()); masterSubpckGen.SetPreferredHashAlgorithms(false, (from a in keyRingParams.HashAlgorithms select(int) a).ToArray()); /* Create a signing and encryption key for daily use. */ PgpKeyPair encKeyPair = new PgpKeyPair( PublicKeyAlgorithmTag.RsaGeneral, generator.GenerateKeyPair(), DateTime.UtcNow); PgpSignatureSubpacketGenerator encSubpckGen = new PgpSignatureSubpacketGenerator(); encSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanEncryptCommunications | PgpKeyFlags.CanEncryptStorage); masterSubpckGen.SetPreferredSymmetricAlgorithms(false, (from a in keyRingParams.SymmetricAlgorithms select(int) a).ToArray()); masterSubpckGen.SetPreferredHashAlgorithms(false, (from a in keyRingParams.HashAlgorithms select(int) a).ToArray()); /* Create the key ring. */ PgpKeyRingGenerator keyRingGen = new PgpKeyRingGenerator( PgpSignature.DefaultCertification, masterKeyPair, keyRingParams.Identity, keyRingParams.PrivateKeyEncryptionAlgorithm.Value, keyRingParams.GetPassword(), true, masterSubpckGen.Generate(), null, new SecureRandom()); /* Add encryption subkey. */ keyRingGen.AddSubKey(encKeyPair, encSubpckGen.Generate(), null); return(keyRingGen); }
public void GenerateEccKeyTest() { const string identity = "GenerateEccKeyTest Identity"; var secureRandom = new SecureRandom(); var keyParamSet = SecObjectIdentifiers.SecP256r1; var ecParams = new ECKeyGenerationParameters(keyParamSet, secureRandom); var now = DateTime.UtcNow; var masterKey = GenerateKeyPair(PublicKeyAlgorithmTag.Ecdsa, ecParams, now); var subKey = GenerateKeyPair(PublicKeyAlgorithmTag.Ecdh, ecParams, now); var keyRingGenerator = new PgpKeyRingGenerator( PgpSignature.PositiveCertification, masterKey, identity, SymmetricKeyAlgorithmTag.Aes256, HashAlgorithmTag.Sha256, "".ToCharArray(), true, GenerateSignatureSubpackets(identity), null, secureRandom); keyRingGenerator.AddSubKey(subKey); var secretKeyRing = keyRingGenerator.GenerateSecretKeyRing(); CheckEccKey(secretKeyRing); }