private void VerifyEncryptedData(PgpPublicKeyEncryptedData encryptedData)
{
if (!encryptedData.IsIntegrityProtected())
{
return;
}
if (!encryptedData.Verify())
{
throw new PgpException("Message integrity check failed.");
}
}
/// <summary>
/// Decrypt file and verify file signature from stream.
/// </summary>
/// <param name="inputStream">
/// The encrypted data input stream.
/// </param>
/// <param name="outputStream">
/// The output stream.
/// </param>
/// <param name="privateKeyStream">
/// The private key stream.
/// </param>
/// <param name="publicKeyStream">
/// The public key stream.
/// </param>
/// <param name="passPhrase">
/// The pass phrase.
/// </param>
/// <returns>
/// The <see cref="bool"/> value indicating whether or not the signature in
/// the decrypted data is valid.
/// </returns>
public static bool DecryptAndVerifyStream(
Stream inputStream,
Stream outputStream,
Stream privateKeyStream,
Stream publicKeyStream,
char[] passPhrase)
{
PgpPrivateKey privateKey = null;
PgpPublicKeyEncryptedData encryptedData = null;
var secretKeyRing = new PgpSecretKeyRingBundle(PgpUtilities.GetDecoderStream(privateKeyStream));
var encryptedDataList = GetEncryptedDataListFromStream(inputStream);
foreach (PgpPublicKeyEncryptedData dataObject in encryptedDataList.GetEncryptedDataObjects())
{
privateKey = PgpKeyHelper.FindSecretKey(secretKeyRing, dataObject.KeyId, passPhrase);
if (privateKey == null)
{
continue;
}
encryptedData = dataObject;
break;
}
if (privateKey == null)
{
throw new Exception("Unable to find secret key to decrypt the message");
}
var valid = ProcessDecryptionMessageBlocks(encryptedData, outputStream, publicKeyStream, privateKey);
if (encryptedData.IsIntegrityProtected() && !encryptedData.Verify())
{
throw new PgpException("Data is integrity protected but integrity is lost.");
}
return(valid);
}
/**
* Decrypt the byte array passed into inputData and return it as
* another byte array.
*
* @param inputData - the data to decrypt
* @param keyIn - a stream from your private keyring file
* @param passCode - the password
* @return - decrypted data as byte array
*/
public static byte[] Decrypt(byte[] inputData, Stream keyIn, string passCode)
{
byte[] error = Encoding.ASCII.GetBytes("ERROR");
Stream inputStream = new MemoryStream(inputData);
inputStream = PgpUtilities.GetDecoderStream(inputStream);
MemoryStream decoded = new MemoryStream();
try
{
PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
PgpEncryptedDataList enc;
PgpObject o = pgpF.NextPgpObject();
//
// the first object might be a PGP marker packet.
//
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
//
// find the secret key
//
PgpPrivateKey sKey = null;
PgpPublicKeyEncryptedData pbe = null;
PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle(
PgpUtilities.GetDecoderStream(keyIn));
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
sKey = FindSecretKey(pgpSec, pked.KeyId, passCode.ToCharArray());
if (sKey != null)
{
pbe = pked;
break;
}
}
if (sKey == null)
{
throw new ArgumentException("secret key for message not found.");
}
Stream clear = pbe.GetDataStream(sKey);
PgpObjectFactory plainFact = new PgpObjectFactory(clear);
PgpObject message = plainFact.NextPgpObject();
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
PgpObjectFactory pgpFact = new PgpObjectFactory(cData.GetDataStream());
message = pgpFact.NextPgpObject();
}
if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
Stream unc = ld.GetInputStream();
Streams.PipeAll(unc, decoded);
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("message is not a simple encrypted file - type unknown.");
}
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
MessageBox.Show(null, "Message failed integrity check.", "PGP Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
else
{
MessageBox.Show(null, "Message integrity check passed.", "PGP Error", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
}
else
{
MessageBox.Show(null, "No message integrity check.", "PGP Error", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
return(decoded.ToArray());
}
catch (Exception e)
{
if (e.Message.StartsWith("Checksum mismatch"))
{
MessageBox.Show(null, "Likely invalid passcode. Possible data corruption.", "Invalid Passcode", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
else if (e.Message.StartsWith("Object reference not"))
{
MessageBox.Show(null, "PGP data does not exist.", "PGP Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
else if (e.Message.StartsWith("Premature end of stream"))
{
MessageBox.Show(null, "Partial PGP data found.", "PGP Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
else
{
MessageBox.Show(null, e.Message, "PGP Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
Exception underlyingException = e.InnerException;
if (underlyingException != null)
{
MessageBox.Show(null, underlyingException.Message, "PGP Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
return(error);
}
}
public static string Decrypt(
Stream inputStream,
string privateKeyIn,
string passPhrase,
out Stream outputStream)
{
PgpObjectFactory objFactory = new PgpObjectFactory(PgpUtilities.GetDecoderStream(inputStream));
outputStream = new MemoryStream();
PgpObject obj = null;
if (objFactory != null)
{
obj = objFactory.NextPgpObject();
}
// the first object might be a PGP marker packet.
PgpEncryptedDataList enc = null;
PgpObject message = null;
if (obj is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)obj;
}
else if (obj is PgpCompressedData)
{
message = (PgpCompressedData)obj;
}
else
{
enc = (PgpEncryptedDataList)objFactory.NextPgpObject();
}
// If enc and message are null at this point, we failed to detect the contents of the encrypted stream.
if (enc == null && message == null)
{
throw new ArgumentException($"Failed to detect encrypted content format.");
}
// decrypt
PgpPrivateKey privateKey = null;
PgpPublicKeyEncryptedData pbe = null;
PgpSecretKeyRingBundle pgpSecret = null;
byte[] privateKeyBuffer = Encoding.ASCII.GetBytes(privateKeyIn);
MemoryStream privateKeyStream = new MemoryStream(privateKeyBuffer);
pgpSecret = new PgpSecretKeyRingBundle(PgpUtilities.GetDecoderStream(privateKeyStream));
if (enc != null)
{
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
privateKey = FindSecretKey(pgpSecret, pked.KeyId, passPhrase.ToCharArray());
if (privateKey != null)
{
pbe = pked;
break;
}
}
if (privateKey == null)
{
throw new ArgumentException($"Secret key for message not found.");
}
PgpObjectFactory plainFact = null;
using (Stream clear = pbe.GetDataStream(privateKey))
{
plainFact = new PgpObjectFactory(clear);
}
message = plainFact.NextPgpObject();
if (message is PgpOnePassSignatureList)
{
message = plainFact.NextPgpObject();
}
}
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
PgpObjectFactory of = null;
using (Stream compDataIn = cData.GetDataStream())
{
of = new PgpObjectFactory(compDataIn);
}
message = of.NextPgpObject();
if (message is PgpOnePassSignatureList)
{
message = of.NextPgpObject();
PgpLiteralData Ld = null;
Ld = (PgpLiteralData)message;
Stream unc = Ld.GetInputStream();
Streams.PipeAll(unc, outputStream);
}
else
{
PgpLiteralData Ld = null;
Ld = (PgpLiteralData)message;
Stream unc = Ld.GetInputStream();
Streams.PipeAll(unc, outputStream);
}
}
else if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
string outFileName = ld.FileName;
Stream unc = ld.GetInputStream();
Streams.PipeAll(unc, outputStream);
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
throw new PgpException($"Message failed integrity check.");
}
}
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException($"Encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException($"Message is not a simple encrypted file.");
}
byte[] outputBuffer = (outputStream as MemoryStream).ToArray();
return(Encoding.ASCII.GetString(outputBuffer));
}
/// <summary>
/// Decrypts a input stream into an output stream. The first argument is the stream off the private keyring.
/// </summary>
/// <param name="inputStream">The input stream to decrypt</param>
/// <param name="outputStream">The decrypted output stream created by the method.</param>
///
public void Decrypt(
Stream inputStream,
Stream outputStream)
{
/*
* byte[] bytes = Encoding.UTF8.GetBytes(privateArmoredKeyring);
* MemoryStream privateKeyring = new MemoryStream(bytes);
*/
if (inputStream == null)
{
throw new ArgumentNullException("inputStream can not be null!");
}
if (outputStream == null)
{
throw new ArgumentNullException("outputStream can not be null!");
}
inputStream = PgpUtilities.GetDecoderStream(inputStream);
try
{
PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
PgpEncryptedDataList enc;
PgpObject o = pgpF.NextPgpObject();
//
// the first object might be a PGP marker packet.
//
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
//
// find the secret key
//
PgpPrivateKey sKey = null;
PgpPublicKeyEncryptedData pbe = null;
/*
* PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle(
* PgpUtilities.GetDecoderStream(privateKeyring));
*/
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
sKey = FindSecretKey(pgpSec, pked.KeyId, passphrase);
if (sKey != null)
{
pbe = pked;
break;
}
}
if (sKey == null)
{
throw new ArgumentException("PGP Secret key for message not found.");
}
Stream clear = pbe.GetDataStream(sKey);
PgpObjectFactory plainFact = new PgpObjectFactory(clear);
PgpCompressedData cData = (PgpCompressedData)plainFact.NextPgpObject();
PgpObjectFactory pgpFact = new PgpObjectFactory(cData.GetDataStream());
PgpObject message = pgpFact.NextPgpObject();
if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
/*
* string outFileName = ld.FileName;
* if (outFileName.Length == 0)
* {
* outFileName = defaultFileName;
* }
*/
//string outFileName = defaultFileName;
//Stream fOut = File.Create(outFileName);
Stream unc = ld.GetInputStream();
Streams.PipeAll(unc, outputStream);
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("Encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("Message is not a simple encrypted file - type unknown.");
}
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
Verify = false;
}
else
{
Verify = true;
}
}
else
{
//Don't know what to doe
//Console.Error.WriteLine("no message integrity check");
}
}
catch (PgpException e)
{
/*
* Console.Error.WriteLine(e);
*
* Exception underlyingException = e.InnerException;
* if (underlyingException != null)
* {
* Console.Error.WriteLine(underlyingException.Message);
* Console.Error.WriteLine(underlyingException.StackTrace);
* }
*/
if (e.Message.Contains("Checksum mismatch at 0 of 20"))
{
throw new PgpWrongPassphraseException("Wrong passphrase. Can not decrypt.");
}
throw e;
}
finally
{
inputStream.Dispose();
//Because stream mut remain open fro string decryption
if (outputStream.GetType() != typeof(MemoryStream))
{
outputStream.Dispose(); // NO: to be done by caller.
}
}
}
public static GPGDecryptedDataReturn DecryptStream(Stream stream, PgpPrivateKey key)
{
var pgpF = new PgpObjectFactory(stream);
var o = pgpF.NextPgpObject();
var enc = o as PgpEncryptedDataList;
if (enc == null)
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
PgpPublicKeyEncryptedData pbe = null;
string lastFingerPrint = "None";
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
if (pked.KeyId == key.KeyId)
{
pbe = pked;
break;
}
}
if (pbe == null)
{
throw new NoKeyAvailableException("There is no payload that matches loaded key.");
}
var clear = pbe.GetDataStream(key);
var plainFact = new PgpObjectFactory(clear);
var message = plainFact.NextPgpObject();
var outData = new GPGDecryptedDataReturn {
FingerPrint = lastFingerPrint,
};
if (message is PgpCompressedData cData)
{
var pgpFact = new PgpObjectFactory(cData.GetDataStream());
message = pgpFact.NextPgpObject();
}
if (message is PgpLiteralData ld)
{
outData.Filename = ld.FileName;
var iss = ld.GetInputStream();
byte[] buffer = new byte[16 * 1024];
using (var ms = new MemoryStream()) {
int read;
while ((read = iss.Read(buffer, 0, buffer.Length)) > 0)
{
ms.Write(buffer, 0, read);
}
outData.Base64Data = Convert.ToBase64String(ms.ToArray());
}
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("Encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("Message is not a simple encrypted file - type unknown.");
}
outData.IsIntegrityProtected = pbe.IsIntegrityProtected();
if (outData.IsIntegrityProtected)
{
outData.IsIntegrityOK = pbe.Verify();
}
return(outData);
}
private static void DecryptPgp(Stream input, Stream output, Stream key, char[] password)
{
try
{
PgpObjectFactory pgpObjectFactory = new PgpObjectFactory(PgpUtilities.GetDecoderStream(input));
PgpObject pgpObject = pgpObjectFactory.NextPgpObject();
// The first object might be a PGP marker packet
PgpEncryptedDataList pgpEncryptedDataList;
if (pgpObject is PgpEncryptedDataList)
{
pgpEncryptedDataList = (PgpEncryptedDataList)pgpObject;
}
else
{
pgpEncryptedDataList = (PgpEncryptedDataList)pgpObjectFactory.NextPgpObject();
}
// Find private key for decryption
PgpPrivateKey privateKey = null;
PgpSecretKeyRingBundle pgpSecretKeyRing = new PgpSecretKeyRingBundle(PgpUtilities.GetDecoderStream(key));
PgpPublicKeyEncryptedData pgpPublicKeyEncryptedData = null;
foreach (PgpPublicKeyEncryptedData pked in pgpEncryptedDataList.GetEncryptedDataObjects())
{
PgpSecretKey pgpDescretKey = pgpSecretKeyRing.GetSecretKey(pked.KeyId);
privateKey = pgpDescretKey.ExtractPrivateKey(password);
if (privateKey != null)
{
pgpPublicKeyEncryptedData = pked;
break;
}
}
if (privateKey == null)
{
throw new ArgumentException("Private key for decryption not found.");
}
Stream decrypted = pgpPublicKeyEncryptedData.GetDataStream(privateKey);
pgpObjectFactory = new PgpObjectFactory(decrypted);
pgpObject = pgpObjectFactory.NextPgpObject();
if (pgpObject is PgpCompressedData)
{
PgpCompressedData pgpCompressedData = (PgpCompressedData)pgpObject;
pgpObjectFactory = new PgpObjectFactory(pgpCompressedData.GetDataStream());
pgpObject = pgpObjectFactory.NextPgpObject();
}
if (pgpObject is PgpLiteralData)
{
PgpLiteralData pgpLiteralData = (PgpLiteralData)pgpObject;
Stream literal = pgpLiteralData.GetInputStream();
Streams.PipeAll(literal, output);
}
else if (pgpObject is PgpOnePassSignatureList)
{
throw new PgpException("Encrypted message contains a signed message, not a literal data.");
}
else
{
throw new PgpException("Message is not a simple encrypted file, type is unknown.");
}
if (pgpPublicKeyEncryptedData.IsIntegrityProtected())
{
if (!pgpPublicKeyEncryptedData.Verify())
{
Console.Error.WriteLine("Message failed integrity check.");
}
else
{
Console.Error.WriteLine("Message integrity check passed.");
}
}
else
{
Console.Error.WriteLine("No message integrity check.");
}
Console.WriteLine("OpenPGP decryption successfull.");
}
catch (PgpException ex)
{
Console.Error.WriteLine(ex);
Exception pgpInnerException = ex.InnerException;
if (pgpInnerException != null)
{
Console.Error.WriteLine(pgpInnerException.Message);
Console.Error.WriteLine(pgpInnerException.StackTrace);
}
}
}
public byte[] Decrypt(byte[] cipherText)
{
MemoryStream ms = new MemoryStream(cipherText);
Stream inputStream = PgpUtilities.GetDecoderStream(ms);
PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
PgpEncryptedDataList enc;
PgpObject o = pgpF.NextPgpObject();
// the first object might be a PGP marker packet.
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
PgpPublicKeyEncryptedData pbe = null;
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
pbe = pked;
break;
}
Stream clear = pbe.GetDataStream(SecretKey.ExtractPrivateKey(password.ToCharArray()));
PgpObjectFactory plainFact = new PgpObjectFactory(clear);
PgpObject message = plainFact.NextPgpObject();
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
PgpObjectFactory pgpFact = new PgpObjectFactory(cData.GetDataStream());
message = pgpFact.NextPgpObject();
}
MemoryStream clearStream = new MemoryStream();
if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
Stream unc = ld.GetInputStream();
byte[] buffer = new byte[4096];
int read;
while ((read = unc.Read(buffer, 0, buffer.Length)) > 0)
{
clearStream.Write(buffer, 0, read);
}
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("message is not a simple encrypted file - type unknown.");
}
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
throw new InvalidDataException("message failed integrity check");
}
else
{
Console.Error.WriteLine("message integrity check passed");
}
}
else
{
Console.Error.WriteLine("no message integrity check");
}
return(clearStream.ToArray());
}
/**
* decrypt the passed in message stream
*/
private static void DecryptFile(
Stream inputStream,
Stream keyIn,
char[] passwd,
string pathToDecryptedFile) //DC
{
try
{
inputStream = PgpUtilities.GetDecoderStream(inputStream);
try
{
PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
PgpEncryptedDataList enc;
PgpObject o = pgpF.NextPgpObject();
//
// the first object might be a PGP marker packet.
//
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
//
// find the secret key
//
PgpPrivateKey sKey = null;
PgpPublicKeyEncryptedData pbe = null;
PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle(
PgpUtilities.GetDecoderStream(keyIn));
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
sKey = OpenPgp_HelperMethods.FindSecretKey(pgpSec, pked.KeyId, passwd);
if (sKey != null)
{
pbe = pked;
break;
}
}
if (sKey == null)
{
throw new ArgumentException("secret key for message not found.");
}
Stream clear = pbe.GetDataStream(sKey);
PgpObjectFactory plainFact = new PgpObjectFactory(clear);
PgpObject message = plainFact.NextPgpObject();
PgpObjectFactory pgpFact = null;
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
pgpFact = new PgpObjectFactory(cData.GetDataStream());
message = pgpFact.NextPgpObject();
}
if (message is PgpOnePassSignatureList) // DC
{ // DC
message = pgpFact.NextPgpObject(); // DC
} // DC
if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
Stream fOut = File.Create(pathToDecryptedFile); //DC (modified to use the name provided in pathToDecryptedFile
Stream unc = ld.GetInputStream();
Streams.PipeAll(unc, fOut);
fOut.Close();
}
else if (message is PgpOnePassSignatureList)
{
"[API_OpenPgp][DecryptFile] encrypted message contains a signed message - not literal data.".error();
return;
}
else
{
"[API_OpenPgp][DecryptFile] message is not a simple encrypted file - type unknown.".error();
return;
}
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
"[API_OpenPgp][DecryptFile] message failed integrity check".error();
}
else
{
"[API_OpenPgp][DecryptFile] message integrity check passed".debug();
}
}
else
{
"[API_OpenPgp][DecryptFile] no message integrity check".error();
}
}
catch (PgpException e)
{
e.log("[API_OpenPgp] in DecryptFile: " + e.StackTrace);
/*Console.Error.WriteLine(e);
*
* Exception underlyingException = e.InnerException;
* if (underlyingException != null)
* {
* Console.Error.WriteLine(underlyingException.Message);
* Console.Error.WriteLine(underlyingException.StackTrace);
* }*/
}
}
catch (Exception ex)
{
ex.log("[API_OpenPgp] in DecryptFile : " + ex.StackTrace);
}
}
/*
* decrypt a given stream.
*/
public static void Decrypt(Stream inputStream, Stream privateKeyStream, string passPhrase, string outputFile, Stream publicKeyStream)
{
try
{
bool deleteOutputFile = false;
PgpEncryptedDataList enc;
PgpObject o = null;
PgpPrivateKey sKey = null;
PgpPublicKeyEncryptedData pbe = null;
var pgpF = new PgpObjectFactory(PgpUtilities.GetDecoderStream(inputStream));
// find secret key
var pgpSec = new PgpSecretKeyRingBundle(PgpUtilities.GetDecoderStream(privateKeyStream));
if (pgpF != null)
{
o = pgpF.NextPgpObject();
}
// the first object might be a PGP marker packet.
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
// decrypt
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
sKey = FindSecretKey(pgpSec, pked.KeyId, passPhrase.ToCharArray());
if (sKey != null)
{
pbe = pked;
break;
}
}
if (sKey == null)
{
throw new ArgumentException("Secret key for message not found.");
}
PgpObjectFactory plainFact = null;
using (Stream clear = pbe.GetDataStream(sKey))
{
plainFact = new PgpObjectFactory(clear);
}
PgpObject message = plainFact.NextPgpObject();
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
PgpObjectFactory of = null;
using (Stream compDataIn = cData.GetDataStream())
{
of = new PgpObjectFactory(compDataIn);
}
message = of.NextPgpObject();
if (message is PgpOnePassSignatureList)
{
PgpOnePassSignature ops = ((PgpOnePassSignatureList)message)[0];
PgpPublicKeyRingBundle pgpRing = new PgpPublicKeyRingBundle(PgpUtilities.GetDecoderStream(publicKeyStream));
//USE THE BELOW TO CHECK FOR A FAILING SIGNATURE VERIFICATION.
//THE CERTIFICATE MATCHING THE KEY ID MUST BE IN THE PUBLIC KEY RING.
//long fakeKeyId = 3008998260528343108L;
//PgpPublicKey key = pgpRing.GetPublicKey(fakeKeyId);
PgpPublicKey key = pgpRing.GetPublicKey(ops.KeyId);
ops.InitVerify(key);
message = of.NextPgpObject();
PgpLiteralData Ld = null;
Ld = (PgpLiteralData)message;
//THE OUTPUT FILENAME WILL BE BASED ON THE INPUT PARAMETER VALUE TO THIS METHOD. IF YOU WANT TO KEEP THE
//ORIGINAL FILENAME, UNCOMMENT THE FOLLOWING LINE.
//if (!String.IsNullOrEmpty(Ld.FileName))
// outputFile = Ld.FileName;
using (Stream output = File.Create(outputFile))
{
Stream dIn = Ld.GetInputStream();
int ch;
while ((ch = dIn.ReadByte()) >= 0)
{
ops.Update((byte)ch);
output.WriteByte((byte)ch);
}
output.Close();
}
PgpSignatureList p3 = (PgpSignatureList)of.NextPgpObject();
PgpSignature firstSig = p3[0];
if (ops.Verify(firstSig))
{
Console.Out.WriteLine("signature verified.");
}
else
{
Console.Out.WriteLine("signature verification failed.");
//YOU MAY OPT TO DELETE THE OUTPUT FILE IN THE EVENT THAT VERIFICATION FAILS.
//FILE DELETION HAPPENS FURTHER DOWN IN THIS METHOD
//AN ALTERNATIVE IS TO LOG THESE VERIFICATION FAILURE MESSAGES, BUT KEEP THE OUTPUT FILE FOR FURTHER ANALYSIS
//deleteOutputFile = true;
}
}
else
{
PgpLiteralData Ld = null;
Ld = (PgpLiteralData)message;
using (Stream output = File.Create(outputFile))
{
Stream unc = Ld.GetInputStream();
Streams.PipeAll(unc, output);
}
}
}
else if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
string outFileName = ld.FileName;
using (Stream fOut = File.Create(outFileName))
{
Stream unc = ld.GetInputStream();
Streams.PipeAll(unc, fOut);
}
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("Encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("Message is not a simple encrypted file - type unknown.");
}
#region commented code
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
//msg = "message failed integrity check.";
Console.Error.WriteLine("message failed integrity check");
//YOU MAY OPT TO DELETE THE OUTPUT FILE IN THE EVENT THAT THE INTEGRITY PROTECTION CHECK FAILS.
//FILE DELETION HAPPENS FURTHER DOWN IN THIS METHOD.
//AN ALTERNATIVE IS TO LOG THESE VERIFICATION FAILURE MESSAGES, BUT KEEP THE OUTPUT FILE FOR FURTHER ANALYSIS
//deleteOutputFile = true;
}
else
{
//msg = "message integrity check passed.";
Console.Error.WriteLine("message integrity check passed");
}
}
else
{
//msg = "no message integrity check.";
Console.Error.WriteLine("no message integrity check");
}
if (deleteOutputFile)
{
File.Delete(outputFile);
}
#endregion commented code
}
catch (PgpException ex)
{
throw;
}
}
/*
* 加密後的Session Key -> 私鑰(自己)解密 -> Session Key(對稱式)
* 加密後的文章 - - - - - - - - - - - - - > Session Key(對稱式) -> 解密後的文章
*/
private static void DecryptFile(
Stream inputStream, //欲解密之檔案之串流
Stream keyIn, //私鑰之串流
char[] passwd, //私鑰密碼
string defaultFileName //解密後檔案名稱及位置
)
{
inputStream = PgpUtilities.GetDecoderStream(inputStream); //資料流陣列化 byte Array
try
{
PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
PgpEncryptedDataList enc;
PgpObject o = pgpF.NextPgpObject();
//
// the first object might be a PGP marker packet.
//
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
//
// find the Secret Key
//
PgpPrivateKey sKey = null;
PgpPublicKeyEncryptedData pbe = null;
PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle(
PgpUtilities.GetDecoderStream(keyIn)); //new 密鑰捆包 物件
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
sKey = PgpExampleUtilities.FindSecretKey(pgpSec, pked.KeyId, passwd); //(密鑰捆包,identify,私鑰密碼),抓對稱加密的密鑰,密鑰
if (sKey != null)
{
pbe = pked;
break;
}
}
if (sKey == null)
{
throw new ArgumentException("secret key for message not found.");
}
Stream clear = pbe.GetDataStream(sKey); //解碼
PgpObjectFactory plainFact = new PgpObjectFactory(clear); // BcpgInputStream
PgpObject message = plainFact.NextPgpObject(); //取出
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
PgpObjectFactory pgpFact = new PgpObjectFactory(cData.GetDataStream());
message = pgpFact.NextPgpObject(); //解壓縮
}
if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message; //內容
string outFileName = ld.FileName;
//if (outFileName.Length == 0)
//{
outFileName = defaultFileName;
//}
Stream fOut = File.Create(outFileName);
Stream unc = ld.GetInputStream();
Streams.PipeAll(unc, fOut); //Pipe一種傳輸方式,存入匯出檔案
fOut.Close();
fOut.Dispose();
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("message is not a simple encrypted file - type unknown.");
}
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
Console.Error.WriteLine("message failed integrity check");
}
else
{
Console.Error.WriteLine("message integrity check passed");
}
}
else
{
Console.Error.WriteLine("no message integrity check");
}
}
catch (PgpException e)
{
Console.Error.WriteLine(e);
Exception underlyingException = e.InnerException;
if (underlyingException != null)
{
Console.Error.WriteLine(underlyingException.Message);
Console.Error.WriteLine(underlyingException.StackTrace);
}
}
}
/// <summary>
/// Decrypt a stream using the private key stream.
/// </summary>
/// <param name="inputStream">
/// The stream of the encrypted file.
/// </param>
/// <param name="privateKeyStream">
/// The stream of the private key file.
/// </param>
/// <param name="passPhrase">
/// The pass phrase protecting the secret key.
/// </param>
/// <param name="outputFile">
/// The file path to write the decrypted output to.
/// </param>
/// <returns>
/// The <see cref="bool"/> flag indicating decryption success; false states
/// decryption failed because of a data integrity check error.
/// </returns>
public static bool DecryptFileStream(
Stream inputStream,
Stream privateKeyStream,
string passPhrase,
string outputFile)
{
PgpPrivateKey privateKey = null;
var valid = true;
try
{
PgpEncryptedDataList encryptedDataList;
PgpPublicKeyEncryptedData encryptedData = null;
var objectFactory = new PgpObjectFactory(PgpUtilities.GetDecoderStream(inputStream));
var secretKeyRing = new PgpSecretKeyRingBundle(PgpUtilities.GetDecoderStream(privateKeyStream));
var @object = objectFactory.NextPgpObject();
if (@object is PgpEncryptedDataList)
{
encryptedDataList = (PgpEncryptedDataList)@object;
}
else
{
encryptedDataList = (PgpEncryptedDataList)objectFactory.NextPgpObject();
}
foreach (PgpPublicKeyEncryptedData pked in encryptedDataList.GetEncryptedDataObjects())
{
privateKey = PgpKeyHelper.FindSecretKey(secretKeyRing, pked.KeyId, passPhrase.ToCharArray());
if (privateKey == null)
{
continue;
}
encryptedData = pked;
break;
}
if (privateKey == null)
{
throw new ArgumentException("Secret key for message not found.");
}
PgpObjectFactory plainFact;
using (var clear = encryptedData.GetDataStream(privateKey))
{
plainFact = new PgpObjectFactory(clear);
}
var message = plainFact.NextPgpObject();
if (message is PgpCompressedData)
{
var data = (PgpCompressedData)message;
PgpObjectFactory of;
using (var compDataIn = data.GetDataStream())
{
of = new PgpObjectFactory(compDataIn);
}
message = of.NextPgpObject();
if (message is PgpOnePassSignatureList)
{
message = of.NextPgpObject();
var literalData = (PgpLiteralData)message;
using (Stream output = File.Create(outputFile))
{
var unc = literalData.GetInputStream();
Streams.PipeAll(unc, output);
}
}
else
{
var literalData = (PgpLiteralData)message;
using (Stream output = File.Create(outputFile))
{
Stream unc = literalData.GetInputStream();
Streams.PipeAll(unc, output);
}
}
}
else if (message is PgpLiteralData)
{
PgpLiteralData literalData = (PgpLiteralData)message;
string unused = literalData.FileName;
using (Stream outputStream = File.Create(outputFile))
{
Stream unc = literalData.GetInputStream();
Streams.PipeAll(unc, outputStream);
}
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("Encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("Message is not a simple encrypted file - type unknown.");
}
if (encryptedData.IsIntegrityProtected())
{
if (!encryptedData.Verify())
{
Console.Error.WriteLine("Message failed integrity check");
valid = false;
}
else
{
Console.Error.WriteLine("Message integrity check passed");
}
}
}
catch (PgpException exception)
{
PgpCommon.DumpException(exception);
throw;
}
return(valid);
}
public static Stream DecryptStream(Stream inputStream, Stream keyIn, string password)
{
EventLog.Clear();
if (inputStream == null)
{
throw new ArgumentNullException(nameof(inputStream));
}
if (keyIn == null)
{
throw new ArgumentNullException(nameof(keyIn));
}
inputStream = PgpUtilities.GetDecoderStream(inputStream);
Stream decryptedStream;
try
{
var objectFactory = new PgpObjectFactory(inputStream);
PgpEncryptedDataList encryptedDataList;
var pgpObject = objectFactory.NextPgpObject();
// First object may be a PGP marker packet. If so skip it.
if (pgpObject is PgpEncryptedDataList list)
{
encryptedDataList = list;
}
else
{
encryptedDataList = (PgpEncryptedDataList)objectFactory.NextPgpObject();
}
if (encryptedDataList == null)
{
throw new Exception("Cannot read encrypted data from input!!! Unable to find PGP Data. Are you sure this is encrypted?");
}
// Find secret key
PgpPrivateKey privateKey = null;
PgpPublicKeyEncryptedData encryptedData = null;
var pgpSec = new PgpSecretKeyRingBundle(PgpUtilities.GetDecoderStream(keyIn));
foreach (PgpPublicKeyEncryptedData item in encryptedDataList.GetEncryptedDataObjects())
{
privateKey = FindSecretKey(pgpSec, item.KeyId, password.ToCharArray());
if (privateKey == null)
{
continue;
}
encryptedData = item;
break;
}
if (privateKey == null)
{
throw new ArgumentException("Unable to Decrypt - A Secret key for the message was not found.");
}
var clear = encryptedData.GetDataStream(privateKey);
var plainFact = new PgpObjectFactory(clear);
var message = plainFact.NextPgpObject();
if (message is PgpCompressedData cData)
{
var pgpFact = new PgpObjectFactory(cData.GetDataStream());
message = pgpFact.NextPgpObject();
}
switch (message)
{
case PgpLiteralData ld:
decryptedStream = ld.GetInputStream();
break;
case PgpOnePassSignatureList _:
throw new PgpException("The encrypted message contains a signed message - not literal data.");
default:
throw new PgpException("The message is not a simple encrypted file - type unknown.");
}
if (encryptedData.IsIntegrityProtected())
{
EventLog.Add(!encryptedData.Verify()
? "Message Failed integrity check!!!"
: "Message Passed the integrity check.");
}
else
{
EventLog.Add("There was no integrity check");
}
}
catch (PgpException e)
{
throw (Exception)e;
//Console.Error.WriteLine(e);
//if (e.InnerException != null)
//{
// Console.Error.WriteLine(e.InnerException.Message);
// Console.Error.WriteLine(e.InnerException.StackTrace);
//}
}
return(decryptedStream);
}
/// <summary>
/// Decrypts the Input File stream, given the Private Key File stream, to the specified Decrypted File Path.
/// </summary>
/// <param name="inputFileStream">File Stream of encrypted file.</param>
/// <param name="privateKeyFileStream">File Stream of Private Key file.</param>
/// <param name="password">Password that was used to encrypt the file.</param>
/// <param name="decryptedFilePath">Path of the new decrypted file.</param>
/// <exception cref="ArgumentException"></exception>
/// <exception cref="PgpException"></exception>
public static void DecryptFile(Stream inputFileStream, Stream privateKeyFileStream, string password, string decryptedFilePath, PgpSecretKeyRingBundle bundle = null)
{
// Parameter Checks
if (String.IsNullOrEmpty(password))
{
throw new ArgumentException("Password Parameter is invalid.");
}
if (String.IsNullOrEmpty(decryptedFilePath))
{
throw new ArgumentException("Decrypted File Name Parameter is invalid.");
}
inputFileStream = PgpUtilities.GetDecoderStream(inputFileStream);
PgpObjectFactory _pgpObjectFactory = new PgpObjectFactory(inputFileStream);
PgpEncryptedDataList _pgpEncryptedDataList;
PgpObject _pgpObject = _pgpObjectFactory.NextPgpObject();
if (_pgpObject is PgpEncryptedDataList)
{
_pgpEncryptedDataList = (PgpEncryptedDataList)_pgpObject;
}
else
{
_pgpEncryptedDataList = (PgpEncryptedDataList)_pgpObjectFactory.NextPgpObject();
}
PgpPrivateKey _pgpPrivateKey = null;
PgpPublicKeyEncryptedData _pgpPubKeyEncryptedData = null;
PgpSecretKeyRingBundle _pgpSecKeyRingBundle = bundle ?? new PgpSecretKeyRingBundle(PgpUtilities.GetDecoderStream(privateKeyFileStream));
foreach (PgpPublicKeyEncryptedData _pgpPubKeyEncData in _pgpEncryptedDataList.GetEncryptedDataObjects())
{
_pgpPrivateKey = PgpCustomUtilities.FindSecretKey(_pgpSecKeyRingBundle, _pgpPubKeyEncData.KeyId, password.ToCharArray());
if (_pgpPrivateKey != null)
{
_pgpPubKeyEncryptedData = _pgpPubKeyEncData;
break;
}
}
if (_pgpPrivateKey == null)
{
throw new ArgumentException("secret key for message not found.");
}
Stream _privateKeyFileStream = _pgpPubKeyEncryptedData.GetDataStream(_pgpPrivateKey);
PgpObjectFactory _pgpObjectFactoryPrivateKey = new PgpObjectFactory(_privateKeyFileStream);
PgpObject _pgpObjectMessage = null;
var po = _pgpObjectFactoryPrivateKey.NextPgpObject();
if (po is PgpLiteralData)
{
_pgpObjectMessage = (PgpLiteralData)po;
}
else if (po is PgpCompressedData)
{
var _pgpCompressedData = (PgpCompressedData)po;
var _pgpObjectFactoryCompressedData = new PgpObjectFactory(_pgpCompressedData.GetDataStream());
_pgpObjectMessage = _pgpObjectFactoryCompressedData.NextPgpObject();
}
if (_pgpObjectMessage is PgpLiteralData)
{
PgpLiteralData _pgpLiteralData = (PgpLiteralData)_pgpObjectMessage;
// string _outputFileName = _pgpLiteralData.FileName;
using (var st = _pgpLiteralData.GetInputStream())
{
using (var dst = File.Create(decryptedFilePath))
{
st.CopyTo(dst);
}
}
/*
* string _outputFileDirectoryPath;
* Stream _outputFileStream;
* if (_outputFileName.Length == 0)
* {
* _outputFileName = decryptedFilePath;
* _outputFileStream = File.Create(_outputFileName);
* }
* else
* {
* FileInfo _decryptedFileInfo = new FileInfo(decryptedFilePath);
* _outputFileDirectoryPath = _decryptedFileInfo.DirectoryName;
* _outputFileStream = File.Create(Path.Combine(_outputFileDirectoryPath, _outputFileName));
* }
*
* Stream _dataInputStream = _pgpLiteralData.GetInputStream();
* _dataInputStream.CopyTo(_outputFileStream);
* // Streams.PipeAll(_dataInputStream, _outputFileStream);
* _outputFileStream.Close();
*/
}
else if (_pgpObjectMessage is PgpOnePassSignatureList)
{
throw new PgpException("Encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("Message is not a simple encrypted file - type unknown.");
}
if (_pgpPubKeyEncryptedData.IsIntegrityProtected())
{
if (!_pgpPubKeyEncryptedData.Verify())
{
throw new PgpException("Message failed integrity check.");
}
}
}
public static string DecryptKey(string encryptedAESKey, string privateKeyFilename, string passPhrase)
{
var inputStream = new MemoryStream(Encoding.ASCII.GetBytes(encryptedAESKey));
var armoredStream = new ArmoredInputStream(inputStream);
//var decoderStream = PgpUtilities.GetDecoderStream(inputStream);
try
{
PgpObjectFactory pgpF = new PgpObjectFactory(armoredStream);
PgpEncryptedDataList enc;
PgpObject o = pgpF.NextPgpObject();
//
// the first object might be a PGP marker packet.
//
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
//
// find the secret key
//
PgpPrivateKey sKey = ReadPrivateKey(privateKeyFilename, passPhrase);
if (sKey == null)
{
throw new ArgumentException("secret key for message not found.");
}
PgpPublicKeyEncryptedData pbe = null;
foreach (var pked in enc.GetEncryptedDataObjects().Cast <PgpPublicKeyEncryptedData>())
{
if (pked.KeyId == sKey.KeyId)
{
pbe = pked;
break;
}
}
if (pbe == null)
{
Console.WriteLine("Invalid Key");
return("");
}
var cleartextStream = pbe.GetDataStream(sKey);
var plainObjectFactory = new PgpObjectFactory(cleartextStream);
var message = plainObjectFactory.NextPgpObject();
var result = "";
if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
var output = new MemoryStream();
var decrypted = ld.GetInputStream();
decrypted.CopyTo(output);
result = Encoding.ASCII.GetString(output.ToArray());
}
else
{
throw new PgpException("message is not a simple encrypted file - type unknown.");
}
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
Console.Error.WriteLine("message failed integrity check");
}
else
{
Console.Error.WriteLine("message integrity check passed");
}
}
return(result);
}
catch (PgpException e)
{
Console.Error.WriteLine(e);
Exception underlyingException = e.InnerException;
if (underlyingException != null)
{
Console.Error.WriteLine(underlyingException.Message);
Console.Error.WriteLine(underlyingException.StackTrace);
}
}
return("");
}
/// <summary>
/// Decrypts the Input File stream, given the Private Key File stream, to the specified Decrypted File Path.
/// </summary>
/// <param name="inputFileStream">File Stream of encrypted file.</param>
/// <param name="privateKeyFileStream">File Stream of Private Key file.</param>
/// <param name="password">Password that was used to encrypt the file.</param>
/// <param name="decryptedFilePath">Full Path of the new decrypted file.</param>
private static void DecryptFile(Stream inputFileStream, Stream privateKeyFileStream, string password, string decryptedFilePath)
{
inputFileStream = PgpUtilities.GetDecoderStream(inputFileStream);
PgpObjectFactory _pgpObjectFactory = new PgpObjectFactory(inputFileStream);
PgpEncryptedDataList _pgpEncryptedDataList;
PgpObject _pgpObject = _pgpObjectFactory.NextPgpObject();
if (_pgpObject is PgpEncryptedDataList)
{
_pgpEncryptedDataList = (PgpEncryptedDataList)_pgpObject;
}
else
{
_pgpEncryptedDataList = (PgpEncryptedDataList)_pgpObjectFactory.NextPgpObject();
}
PgpPrivateKey _pgpPrivateKey = null;
PgpPublicKeyEncryptedData _pgpPubKeyEncryptedData = null;
PgpSecretKeyRingBundle _pgpSecKeyRingBundle = new PgpSecretKeyRingBundle(PgpUtilities.GetDecoderStream(privateKeyFileStream));
foreach (PgpPublicKeyEncryptedData _pgpPubKeyEncData in _pgpEncryptedDataList.GetEncryptedDataObjects())
{
_pgpPrivateKey = PgpCustomUtilities.FindSecretKey(_pgpSecKeyRingBundle, _pgpPubKeyEncData.KeyId, password.ToCharArray());
if (_pgpPrivateKey != null)
{
_pgpPubKeyEncryptedData = _pgpPubKeyEncData;
break;
}
}
if (_pgpPrivateKey == null)
{
throw new ArgumentException("Secret key for message not found.");
}
Stream _privateKeyFileStream = _pgpPubKeyEncryptedData.GetDataStream(_pgpPrivateKey);
PgpObjectFactory _pgpObjectFactoryPrivateKey = new PgpObjectFactory(_privateKeyFileStream);
PgpCompressedData _pgpCompressedData = (PgpCompressedData)_pgpObjectFactoryPrivateKey.NextPgpObject();
PgpObjectFactory _pgpObjectFactoryCompressedData = new PgpObjectFactory(_pgpCompressedData.GetDataStream());
PgpObject _pgpObjectMessage = _pgpObjectFactoryCompressedData.NextPgpObject();
if (_pgpObjectMessage is PgpLiteralData _pgpLiteralData)
{
FileInfo _decryptedFileInfo = new FileInfo(decryptedFilePath);
string _outputFileName = _decryptedFileInfo.Name;
string _outputFileDirectoryPath = _decryptedFileInfo.DirectoryName;
Stream _outputFileStream = File.Create(Path.Combine(_outputFileDirectoryPath, _outputFileName));
Stream _dataInputStream = _pgpLiteralData.GetInputStream();
Streams.PipeAll(_dataInputStream, _outputFileStream);
_outputFileStream.Dispose();
}
else if (_pgpObjectMessage is PgpCompressedData compressedData)
{
PgpObjectFactory of = null;
using (Stream compressedDataInStream = compressedData.GetDataStream())
{
of = new PgpObjectFactory(compressedDataInStream);
}
FileInfo _decryptedFileInfo = new FileInfo(decryptedFilePath);
string _outputFileName = _decryptedFileInfo.Name;
string _outputFileDirectoryPath = _decryptedFileInfo.DirectoryName;
Stream _outputFileStream = File.Create(Path.Combine(_outputFileDirectoryPath, _outputFileName));
_pgpObjectMessage = of.NextPgpObject();
if (_pgpObjectMessage is PgpOnePassSignatureList)
{
_pgpObjectMessage = of.NextPgpObject();
PgpLiteralData literalData = null;
literalData = (PgpLiteralData)_pgpObjectMessage;
Stream inputStream = literalData.GetInputStream();
Streams.PipeAll(inputStream, _outputFileStream);
}
else
{
PgpLiteralData literalData = null;
literalData = (PgpLiteralData)_pgpObjectMessage;
Stream inputStream = literalData.GetInputStream();
Streams.PipeAll(inputStream, _outputFileStream);
}
_outputFileStream.Dispose();
}
else if (_pgpObjectMessage is PgpOnePassSignatureList)
{
throw new PgpException("Encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("Message is not a simple encrypted file - type unknown.");
}
if (_pgpPubKeyEncryptedData.IsIntegrityProtected())
{
if (!_pgpPubKeyEncryptedData.Verify())
{
throw new PgpException("Message failed integrity check.");
}
}
}
/// <summary>
///
/// </summary>
/// <param name="inputStream"></param>
/// <param name="keyIn"></param>
/// <param name="passwd"></param>
/// <param name="end"></param>
/// <returns></returns>
private static List <string> DecryptFileInAirPlus(Stream inputStream, Stream keyIn, char[] passwd, Encoding end)
{
List <string> result = new List <string>();
inputStream = PgpUtilities.GetDecoderStream(inputStream);
try
{
PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
PgpEncryptedDataList enc;
PgpObject o = pgpF.NextPgpObject();
//
// the first object might be a PGP marker packet.
//
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
//
// find the secret key
//
PgpPrivateKey sKey = null;
PgpPublicKeyEncryptedData pbe = null;
PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle(
PgpUtilities.GetDecoderStream(keyIn));
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
sKey = FindSecretKey(pgpSec, pked.KeyId, passwd);
if (sKey != null)
{
pbe = pked;
break;
}
}
if (sKey == null)
{
throw new ArgumentException("secret key for message not found.");
}
Stream clear = pbe.GetDataStream(sKey);
PgpObjectFactory plainFact = new PgpObjectFactory(clear);
PgpObject message = plainFact.NextPgpObject();
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
PgpObjectFactory pgpFact = new PgpObjectFactory(cData.GetDataStream());
message = pgpFact.NextPgpObject();
}
if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
Stream unc = ld.GetInputStream();
result = ToolReadWriteFile.ReadFile(unc, end);
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("message is not a simple encrypted file - type unknown.");
}
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
Console.Error.WriteLine("message failed integrity check");
}
else
{
Console.Error.WriteLine("message integrity check passed");
}
}
else
{
Console.Error.WriteLine("no message integrity check");
}
return(result);
}
catch (PgpException e)
{
Console.Error.WriteLine(e);
Exception underlyingException = e.InnerException;
if (underlyingException != null)
{
Console.Error.WriteLine(underlyingException.Message);
Console.Error.WriteLine(underlyingException.StackTrace);
}
return(null);
}
}
public GPGDecryptedDataReturn Decrypt(string data)
{
using (var stream = PgpUtilities.GetDecoderStream(Tools.GenerateStreamFromString(data))) {
var pgpF = new PgpObjectFactory(stream);
var o = pgpF.NextPgpObject();
var enc = o as PgpEncryptedDataList;
if (enc == null)
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
PgpPublicKeyEncryptedData pbe = null;
PgpPrivateKey pgpPrivKey = null;
PgpSecretKey pgpSec = null;
string lastFingerPrint = "None";
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
string keyId = pked.KeyId.ToString("X").ToUpper();
string fingerPrint = keyId.Length < 16 ? FP8TO16[Tools.H8FP(keyId)] : Tools.H16FP(keyId);
lastFingerPrint = fingerPrint;
if (!decryptedKeys.ContainsKey(fingerPrint))
{
continue;
}
pgpSec = privateKeys[fingerPrint];
pgpPrivKey = decryptedKeys[fingerPrint];
pbe = pked;
break;
}
if (pbe == null)
{
throw new KeyNotLoadedException(lastFingerPrint);
}
var clear = pbe.GetDataStream(pgpPrivKey);
var plainFact = new PgpObjectFactory(clear);
var message = plainFact.NextPgpObject();
var outData = new GPGDecryptedDataReturn {
FingerPrint = lastFingerPrint,
};
if (message is PgpCompressedData cData)
{
var pgpFact = new PgpObjectFactory(cData.GetDataStream());
message = pgpFact.NextPgpObject();
}
if (message is PgpLiteralData ld)
{
outData.Filename = ld.FileName;
var iss = ld.GetInputStream();
byte[] buffer = new byte[16 * 1024];
using (var ms = new MemoryStream()) {
int read;
while ((read = iss.Read(buffer, 0, buffer.Length)) > 0)
{
ms.Write(buffer, 0, read);
}
outData.Base64Data = Convert.ToBase64String(ms.ToArray());
}
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("Encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("Message is not a simple encrypted file - type unknown.");
}
outData.IsIntegrityProtected = pbe.IsIntegrityProtected();
if (outData.IsIntegrityProtected)
{
outData.IsIntegrityOK = pbe.Verify();
}
return(outData);
}
}
/*
* PGP decrypt a given stream.
*/
private void Decrypt(Stream inputStream, Stream outputStream, Stream privateKeyStream, string passPhrase)
{
if (inputStream == null)
{
throw new ArgumentException("InputStream");
}
if (outputStream == null)
{
throw new ArgumentException("outputStream");
}
if (privateKeyStream == null)
{
throw new ArgumentException("privateKeyStream");
}
if (passPhrase == null)
{
passPhrase = String.Empty;
}
PgpObjectFactory objFactory = new PgpObjectFactory(PgpUtilities.GetDecoderStream(inputStream));
// find secret key
PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle(PgpUtilities.GetDecoderStream(privateKeyStream));
PgpObject obj = null;
if (objFactory != null)
{
obj = objFactory.NextPgpObject();
}
// the first object might be a PGP marker packet.
PgpEncryptedDataList enc = null;
if (obj is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)obj;
}
else
{
enc = (PgpEncryptedDataList)objFactory.NextPgpObject();
}
// decrypt
PgpPrivateKey privateKey = null;
PgpPublicKeyEncryptedData pbe = null;
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
privateKey = FindSecretKey(pgpSec, pked.KeyId, passPhrase.ToCharArray());
if (privateKey != null)
{
pbe = pked;
break;
}
}
if (privateKey == null)
{
throw new ArgumentException("Secret key for message not found.");
}
PgpObjectFactory plainFact = null;
using (Stream clear = pbe.GetDataStream(privateKey))
{
plainFact = new PgpObjectFactory(clear);
}
PgpObject message = plainFact.NextPgpObject();
if (message is PgpOnePassSignatureList)
{
message = plainFact.NextPgpObject();
}
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
PgpObjectFactory of = null;
using (Stream compDataIn = cData.GetDataStream())
{
of = new PgpObjectFactory(compDataIn);
}
message = of.NextPgpObject();
if (message is PgpOnePassSignatureList)
{
message = of.NextPgpObject();
PgpLiteralData Ld = null;
Ld = (PgpLiteralData)message;
Stream unc = Ld.GetInputStream();
Streams.PipeAll(unc, outputStream);
}
else
{
PgpLiteralData Ld = null;
Ld = (PgpLiteralData)message;
Stream unc = Ld.GetInputStream();
Streams.PipeAll(unc, outputStream);
}
}
else if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
string outFileName = ld.FileName;
Stream unc = ld.GetInputStream();
Streams.PipeAll(unc, outputStream);
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
throw new PgpException("Message failed integrity check.");
}
}
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("Encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("Message is not a simple encrypted file.");
}
}
private SignatureStatus DecryptFile()
{
if (InStream.CanSeek)
{
InStream.Seek(0, SeekOrigin.Begin);
}
var inputStream = PgpUtilities.GetDecoderStream(InStream);
try
{
PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
PgpEncryptedDataList enc;
PgpObject o = pgpF.NextPgpObject();
//
// the first object might be a PGP marker packet.
//
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
var privateKeys = GetAllPrivateKeys();
//
// find the secret key
//
PgpPrivateKey sKey = null;
PgpPublicKeyEncryptedData pbe = null;
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
sKey = FindPrivateKey(privateKeys, pked.KeyId);
if (sKey != null)
{
pbe = pked;
break;
}
}
if (sKey == null)
{
throw new SecretKeyNotFound("secret key for message not found.");
}
Stream clear = pbe.GetDataStream(sKey);
PgpLiteralData pgpLiteralData = null;
PgpOnePassSignatureList onePassSignatureList = null;
PgpSignatureList signatureList = null;
PgpObjectFactory pgpObjectFactory = new PgpObjectFactory(clear);
var pgpObject = pgpObjectFactory.NextPgpObject();
while (pgpObject != null)
{
if (pgpObject is PgpCompressedData)
{
var compressedData = (PgpCompressedData)pgpObject;
pgpObjectFactory = new PgpObjectFactory(compressedData.GetDataStream());
pgpObject = pgpObjectFactory.NextPgpObject();
}
if (pgpObject is PgpLiteralData)
{
pgpLiteralData = pgpObject as PgpLiteralData;
//must read directly to continue reading next pgp objects
Stream unc = pgpLiteralData.GetInputStream();
Streams.PipeAll(unc, OutStream);
}
else if (pgpObject is PgpOnePassSignatureList)
{
onePassSignatureList = pgpObject as PgpOnePassSignatureList;
}
else if (pgpObject is PgpSignatureList)
{
signatureList = pgpObject as PgpSignatureList;
}
pgpObject = pgpObjectFactory.NextPgpObject();
}
if (pgpLiteralData == null)
{
throw new PgpLitralDataNotFound("couldn't find pgp literal data");
}
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
throw new PgpIntegrityCheckFailed("message failed integrity check");
}
}
if (CheckSignature)
{
if (onePassSignatureList == null || signatureList == null)
{
return(SignatureStatus.NoSignature);
}
else
{
return(VerifyFileSignature(OutStream, onePassSignatureList, signatureList));
}
}
else
{
return(SignatureStatus.NotChecked);
}
}
catch
{
throw;
}
}
private static Stream DecryptFileAsStream(
Stream inputStream,
Stream keyIn,
char[] passwd)
{
inputStream = PgpUtilities.GetDecoderStream(inputStream);
MemoryStream outputStream = new MemoryStream();
try
{
PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
PgpEncryptedDataList enc;
PgpObject o = pgpF.NextPgpObject();
// the first object might be a PGP marker packet.
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
// find the secret key
PgpPrivateKey sKey = null;
PgpPublicKeyEncryptedData pbe = null;
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
sKey = FindSecretKey(keyIn, pked.KeyId, passwd);
if (sKey != null)
{
pbe = pked;
break;
}
}
// Iterator it = enc.GetEncryptedDataObjects();
//
// while (sKey == null && it.hasNext())
// {
// pbe = (PgpPublicKeyEncryptedData)it.next();
//
// sKey = FindSecretKey(keyIn, pbe.KeyID, passwd);
// }
if (sKey == null)
{
throw new ArgumentException("secret key for message not found.");
}
Stream clear = pbe.GetDataStream(sKey);
PgpObjectFactory plainFact = new PgpObjectFactory(clear);
PgpObject message = plainFact.NextPgpObject();
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
PgpObjectFactory pgpFact = new PgpObjectFactory(cData.GetDataStream());
message = pgpFact.NextPgpObject();
if (message is PgpOnePassSignatureList)
{
//throw new PgpException("encrypted message contains a signed message - not literal data.");
// file is signed!
// verify signature here if you want.
PgpOnePassSignatureList p1 = (PgpOnePassSignatureList)message;
PgpOnePassSignature ops = p1[0];
// etc…
message = pgpFact.NextPgpObject();
}
}
if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
Stream unc = ld.GetInputStream();
int ch;
while ((ch = unc.ReadByte()) >= 0)
{
outputStream.WriteByte((byte)ch);
}
outputStream.Seek(0, SeekOrigin.Begin);
}
else
{
throw new PgpException("message is not a simple encrypted file - type unknown.");
}
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
Console.Error.WriteLine("message failed integrity check");
}
else
{
Console.Error.WriteLine("message integrity check passed");
}
}
else
{
Console.Error.WriteLine("no message integrity check");
}
return(outputStream);
}
catch (PgpException e)
{
Console.Error.WriteLine(e);
Exception underlyingException = e.InnerException;
if (underlyingException != null)
{
Console.Error.WriteLine(underlyingException.Message);
Console.Error.WriteLine(underlyingException.StackTrace);
}
throw;
}
}
/// <summary>
///
/// </summary>
/// <param name="inputStream"></param>
/// <param name="pgpSecKey"></param>
/// <param name="passwd"></param>
/// <param name="pathToSaveFile"></param>
public static void DecryptFile(
Stream inputStream,
PgpSecretKey pgpSecKey,
char[] passwd,
string pathToSaveFile)
{
inputStream = PgpUtilities.GetDecoderStream(inputStream);
var pgpF = new PgpObjectFactory(inputStream);
PgpEncryptedDataList enc;
var o = pgpF.NextPgpObject();
//
// the first object might be a PGP marker packet.
//
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
//
// find the secret key
//
PgpPrivateKey sKey = null;
PgpPublicKeyEncryptedData pbe = null;
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
sKey = pgpSecKey.ExtractPrivateKey(passwd);
if (sKey != null)
{
pbe = pked;
break;
}
}
if (sKey == null)
{
throw new ArgumentException("secret key for message not found.");
}
var clear = pbe.GetDataStream(sKey);
var plainFact = new PgpObjectFactory(clear);
var message = plainFact.NextPgpObject();
if (message is PgpCompressedData)
{
var cData = (PgpCompressedData)message;
var pgpFact = new PgpObjectFactory(cData.GetDataStream());
message = pgpFact.NextPgpObject();
}
if (message is PgpLiteralData)
{
var ld = (PgpLiteralData)message;
Stream fOut = File.Create(pathToSaveFile);
var unc = ld.GetInputStream();
Streams.PipeAll(unc, fOut);
fOut.Close();
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("message is not a simple encrypted file - type unknown.");
}
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
throw new PgpException("message failed integrity check");
}
}
}
/**
* decrypt the passed in message stream
*/
private static String DecryptFile(
Stream inputStream,
Stream keyIn,
char[] passwd,
string defaultFileName)
{
inputStream = PgpUtilities.GetDecoderStream(inputStream);
try
{
PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
PgpEncryptedDataList enc;
PgpObject o = pgpF.NextPgpObject();
//
// the first object might be a PGP marker packet.
//
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
//
// find the secret key
//
PgpPrivateKey sKey = null;
PgpPublicKeyEncryptedData pbe = null;
PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle(
PgpUtilities.GetDecoderStream(keyIn));
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
sKey = FindSecretKey(pgpSec, pked.KeyId, passwd);
if (sKey != null)
{
pbe = pked;
break;
}
}
if (sKey == null)
{
throw new ArgumentException("secret key for message not found.");
}
Stream clear = pbe.GetDataStream(sKey);
PgpObjectFactory plainFact = new PgpObjectFactory(clear);
PgpObject message = plainFact.NextPgpObject();
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
PgpObjectFactory pgpFact = new PgpObjectFactory(cData.GetDataStream());
message = pgpFact.NextPgpObject();
}
String decryptedstring;
if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
Stream unc = ld.GetInputStream();
//string outFileName = ld.FileName;
//if (outFileName.Length == 0)
//{
// outFileName = defaultFileName;
//}
//Stream fos = File.Create("C:\\test.epdf");
//Streams.PipeAll(unc, fos);
//fos.Close();
StreamReader reader = new StreamReader(unc);
decryptedstring = reader.ReadToEnd();
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("message is not a simple encrypted file - type unknown.");
}
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
Console.Error.WriteLine("message failed integrity check");
}
else
{
Console.Error.WriteLine("message integrity check passed");
}
}
else
{
Console.Error.WriteLine("no message integrity check");
}
return(decryptedstring);
}
catch (PgpException e)
{
Console.Error.WriteLine(e);
Exception underlyingException = e.InnerException;
if (underlyingException != null)
{
Console.Error.WriteLine(underlyingException.Message);
Console.Error.WriteLine(underlyingException.StackTrace);
}
return(null);
}
}
/**
* Decrypt the byte array passed into inputData and return it as
* another byte array.
*
* @param inputData - the data to decrypt
* @param keyIn - a stream from your private keyring file
* @param passCode - the password
* @return - decrypted data as byte array
*/
public static byte[] Decrypt(byte[] inputData, Stream keyIn, string passCode)
{
byte[] error = Encoding.ASCII.GetBytes("ERROR");
Stream inputStream = new MemoryStream(inputData);
inputStream = PgpUtilities.GetDecoderStream(inputStream);
MemoryStream decoded = new MemoryStream();
try
{
PgpObjectFactory pgpF = new PgpObjectFactory(inputStream);
PgpEncryptedDataList enc;
PgpObject o = pgpF.NextPgpObject();
//
// the first object might be a PGP marker packet.
//
if (o is PgpEncryptedDataList)
{
enc = (PgpEncryptedDataList)o;
}
else
{
enc = (PgpEncryptedDataList)pgpF.NextPgpObject();
}
//
// find the secret key
//
PgpPrivateKey sKey = null;
PgpPublicKeyEncryptedData pbe = null;
PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle(
PgpUtilities.GetDecoderStream(keyIn));
foreach (PgpPublicKeyEncryptedData pked in enc.GetEncryptedDataObjects())
{
sKey = FindSecretKey(pgpSec, pked.KeyId, passCode.ToCharArray());
if (sKey != null)
{
pbe = pked;
break;
}
}
if (sKey == null)
{
throw new ArgumentException("secret key for message not found.");
}
Stream clear = pbe.GetDataStream(sKey);
PgpObjectFactory plainFact = new PgpObjectFactory(clear);
PgpObject message = plainFact.NextPgpObject();
if (message is PgpCompressedData)
{
PgpCompressedData cData = (PgpCompressedData)message;
PgpObjectFactory pgpFact = new PgpObjectFactory(cData.GetDataStream());
message = pgpFact.NextPgpObject();
}
if (message is PgpLiteralData)
{
PgpLiteralData ld = (PgpLiteralData)message;
Stream unc = ld.GetInputStream();
Streams.PipeAll(unc, decoded);
}
else if (message is PgpOnePassSignatureList)
{
throw new PgpException("encrypted message contains a signed message - not literal data.");
}
else
{
throw new PgpException("message is not a simple encrypted file - type unknown.");
}
if (pbe.IsIntegrityProtected())
{
if (!pbe.Verify())
{
Console.WriteLine("Message failed integrity check.", "PGP Error");
}
else
{
Console.WriteLine("Message integrity check passed.", "PGP Error");
}
}
else
{
Console.WriteLine("No message integrity check.", "PGP Error");
}
return(decoded.ToArray());
}
catch (Exception e)
{
throw e;
}
}
