PgpKeyRingGenerator CreateKeyRingGenerator(MailboxAddress mailbox, EncryptionAlgorithm algorithm, long expirationTime, string password, DateTime now, SecureRandom random)
{
var enabledEncryptionAlgorithms = EnabledEncryptionAlgorithms;
var enabledDigestAlgorithms = EnabledDigestAlgorithms;
var encryptionAlgorithms = new int[enabledEncryptionAlgorithms.Length];
var digestAlgorithms = new int[enabledDigestAlgorithms.Length];
for (int i = 0; i < enabledEncryptionAlgorithms.Length; i++)
{
encryptionAlgorithms[i] = (int)enabledEncryptionAlgorithms[i];
}
for (int i = 0; i < enabledDigestAlgorithms.Length; i++)
{
digestAlgorithms[i] = (int)enabledDigestAlgorithms[i];
}
var parameters = new RsaKeyGenerationParameters(BigInteger.ValueOf(0x10001), random, 2048, 12);
var signingAlgorithm = PublicKeyAlgorithmTag.RsaSign;
var keyPairGenerator = GeneratorUtilities.GetKeyPairGenerator("RSA");
keyPairGenerator.Init(parameters);
var signingKeyPair = new PgpKeyPair(signingAlgorithm, keyPairGenerator.GenerateKeyPair(), now);
var subpacketGenerator = new PgpSignatureSubpacketGenerator();
subpacketGenerator.SetKeyFlags(false, PgpKeyFlags.CanSign | PgpKeyFlags.CanCertify);
subpacketGenerator.SetPreferredSymmetricAlgorithms(false, encryptionAlgorithms);
subpacketGenerator.SetPreferredHashAlgorithms(false, digestAlgorithms);
if (expirationTime > 0)
{
subpacketGenerator.SetKeyExpirationTime(false, expirationTime);
subpacketGenerator.SetSignatureExpirationTime(false, expirationTime);
}
subpacketGenerator.SetFeature(false, Org.BouncyCastle.Bcpg.Sig.Features.FEATURE_MODIFICATION_DETECTION);
var keyRingGenerator = new PgpKeyRingGenerator(
PgpSignature.PositiveCertification,
signingKeyPair,
mailbox.ToString(false),
GetSymmetricKeyAlgorithm(algorithm),
CharsetUtils.UTF8.GetBytes(password),
true,
subpacketGenerator.Generate(),
null,
random);
// Add the (optional) encryption subkey.
AddEncryptionKeyPair(keyRingGenerator, parameters, PublicKeyAlgorithmTag.RsaGeneral, now, expirationTime, encryptionAlgorithms, digestAlgorithms);
return(keyRingGenerator);
}
public static PgpKeyRingGenerator GenerateKeyRing(String id, byte[] pass, RSAKeySize keysize)
{
RsaKeyPairGenerator kpg = new RsaKeyPairGenerator();
kpg.Init(new KeyGenerationParameters(new SecureRandom(), 4096));
AsymmetricCipherKeyPair rsakeys = kpg.GenerateKeyPair();
PgpKeyPair rsakp_sign = new PgpKeyPair(PublicKeyAlgorithmTag.RsaSign, rsakeys, DateTime.UtcNow);
PgpKeyPair rsakp_enc = new PgpKeyPair(PublicKeyAlgorithmTag.RsaEncrypt, rsakeys, DateTime.UtcNow);
PgpSignatureSubpacketGenerator signhashgen = new PgpSignatureSubpacketGenerator();
signhashgen.SetKeyFlags(false, KeyFlags.SignData | KeyFlags.CertifyOther);
signhashgen.SetPreferredSymmetricAlgorithms
(false, new int[] {
(int)SymmetricKeyAlgorithmTag.Aes256,
(int)SymmetricKeyAlgorithmTag.Camellia256
});
signhashgen.SetPreferredHashAlgorithms
(false, new int[] {
(int)HashAlgorithmTag.Sha256,
(int)HashAlgorithmTag.Sha384,
(int)HashAlgorithmTag.Sha512
});
signhashgen.SetFeature(false, Features.FEATURE_MODIFICATION_DETECTION);
// Create a signature on the encryption subkey.
PgpSignatureSubpacketGenerator enchashgen = new PgpSignatureSubpacketGenerator();
enchashgen.SetKeyFlags(false, KeyFlags.EncryptComms | KeyFlags.EncryptStorage | KeyFlags.Authentication);
PgpKeyRingGenerator pgpKeyRing = new PgpKeyRingGenerator(
PgpSignature.DefaultCertification,
rsakp_sign,
id,
SymmetricKeyAlgorithmTag.Aes256,
pass,
false,
signhashgen.Generate(),
null,
new SecureRandom()
);
pgpKeyRing.AddSubKey(rsakp_enc, enchashgen.Generate(), null, HashAlgorithmTag.Sha512);
return(pgpKeyRing);
}
