/// <summary> /// Create master signing key. /// </summary> /// <param name="keyRingGen"> /// Key ring generator. /// </param> /// <param name="identity"> /// Identity of the key. /// </param> /// <param name="password"> /// Password to protect the secret key. /// </param> /// <param name="expires"> /// Key expiry; null means never expires. /// </param> /// <param name="encryptKeyLength"> /// Length of the encryption key. /// </param> /// <param name="encryptGenerator"> /// Generator for the encryption key. /// </param> /// <param name="encryptionAlgorithm"> /// Encryption algorithm. /// </param> /// <param name="symmetricAlgorithm"> /// Symmetric algorithm. /// </param> /// <returns> /// Returns the <see cref="PgpKeyRingGenerator"/> with the keyring properties /// thus far. /// </returns> public static PgpKeyRingGenerator CreateEncryptionSubkey( PgpKeyRingGenerator keyRingGen, string identity, string password, DateTime?expires, int encryptKeyLength = 2048, string encryptGenerator = "RSA", PublicKeyAlgorithmTag encryptionAlgorithm = PublicKeyAlgorithmTag.RsaEncrypt, SymmetricKeyAlgorithmTag symmetricAlgorithm = SymmetricKeyAlgorithmTag.Aes256) { var keyringParameters = new KeyRingParameters(encryptKeyLength, encryptGenerator) { Password = password, Identity = identity, PrivateKeyEncryptionAlgorithm = symmetricAlgorithm, SymmetricAlgorithms = new[] { SymmetricKeyAlgorithmTag.Aes256, SymmetricKeyAlgorithmTag.Aes192, SymmetricKeyAlgorithmTag.Aes128 }, HashAlgorithms = new[] { HashAlgorithmTag.Sha256, HashAlgorithmTag.Sha1, HashAlgorithmTag.Sha384, HashAlgorithmTag.Sha512, HashAlgorithmTag.Sha224, } }; // encryption key var generator = GeneratorUtilities.GetKeyPairGenerator(encryptGenerator); generator.Init(keyringParameters.KeyParams); var encKeyPair = new PgpKeyPair(encryptionAlgorithm, generator.GenerateKeyPair(), DateTime.UtcNow); var symmetricAlgorithms = (from a in keyringParameters.SymmetricAlgorithms select(int) a).ToArray(); var hashAlgorithms = (from a in keyringParameters.HashAlgorithms select(int) a).ToArray(); Debug.WriteLine("Generated encryption key with ID " + encKeyPair.KeyId.ToString("X")); var encSubpckGen = new PgpSignatureSubpacketGenerator(); encSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanEncryptCommunications | PgpKeyFlags.CanEncryptStorage); encSubpckGen.SetPreferredSymmetricAlgorithms(false, symmetricAlgorithms); encSubpckGen.SetPreferredHashAlgorithms(false, hashAlgorithms); if (expires != null) { encSubpckGen.SetKeyExpirationTime(false, (long)((DateTime)expires - DateTime.Now).TotalSeconds); } // add encryption subkey to keyring keyRingGen.AddSubKey(encKeyPair, encSubpckGen.Generate(), null); return(keyRingGen); }
/// <summary> /// Get parameters for the specified public key algorithm. /// </summary> /// <param name="username"> /// The username of the key. /// </param> /// <param name="password"> /// The password for the private key. /// </param> /// <param name="keyLength"> /// The key length. /// </param> /// <param name="symmetricKeyAlgorithm"> /// The symmetric key algorithm. /// </param> /// <param name="publicKeyAlgorithm"> /// The public key algorithm. /// </param> /// <returns> /// The generated <see cref="KeyRingParameters"/>. /// </returns> /// <exception cref="NotSupportedException"> /// Thrown if the <see cref="PublicKeyAlgorithmTag"/> is not supported. /// </exception> private static KeyRingParameters GetParametersForPublicKeyAlgorithm( string username, string password, int keyLength, SymmetricKeyAlgorithmTag symmetricKeyAlgorithm, PublicKeyAlgorithmTag publicKeyAlgorithm) { string generatorIndicator; if (publicKeyAlgorithm.ToString().StartsWith("rsa", StringComparison.CurrentCultureIgnoreCase)) { generatorIndicator = "RSA"; } else if (publicKeyAlgorithm.ToString().StartsWith("dsa", StringComparison.CurrentCultureIgnoreCase)) { generatorIndicator = "DSA"; } else if (publicKeyAlgorithm.ToString().StartsWith("elg", StringComparison.CurrentCultureIgnoreCase)) { generatorIndicator = "ELGAMAL"; } else { throw new NotSupportedException($"Public key algorithm not supported: {publicKeyAlgorithm.ToString()}"); } var keyringParameters = new KeyRingParameters(keyLength, generatorIndicator) { Password = password, Identity = username, PrivateKeyEncryptionAlgorithm = symmetricKeyAlgorithm, SymmetricAlgorithms = new[] { SymmetricKeyAlgorithmTag.Aes256, SymmetricKeyAlgorithmTag.Aes192, SymmetricKeyAlgorithmTag.Aes128 }, HashAlgorithms = new[] { HashAlgorithmTag.Sha256, HashAlgorithmTag.Sha1, HashAlgorithmTag.Sha384, HashAlgorithmTag.Sha512, HashAlgorithmTag.Sha224, } }; return(keyringParameters); }
/// <summary> /// Create master signing key. /// </summary> /// <param name="identity"> /// Identity of the key. /// </param> /// <param name="password"> /// Password to protect the secret key. /// </param> /// <param name="expires"> /// Key expiry; null means never expires. /// </param> /// <param name="signKeyLength"> /// Length of the signing key. /// </param> /// <param name="signGenerator"> /// Generator for the signing key. /// </param> /// <param name="signingAlgorithm"> /// Signing algorithm. /// </param> /// <param name="symmetricAlgorithm"> /// Symmetric algorithm. /// </param> /// <returns> /// Returns the <see cref="PgpKeyRingGenerator"/> with the keyring properties /// thus far. /// </returns> public static PgpKeyRingGenerator CreateMasterSigningKey( string identity, string password, DateTime?expires, int signKeyLength = 2048, string signGenerator = "RSA", PublicKeyAlgorithmTag signingAlgorithm = PublicKeyAlgorithmTag.RsaSign, SymmetricKeyAlgorithmTag symmetricAlgorithm = SymmetricKeyAlgorithmTag.Aes256) { var keyringParameters = new KeyRingParameters(signKeyLength, signGenerator) { Password = password, Identity = identity, PrivateKeyEncryptionAlgorithm = symmetricAlgorithm, SymmetricAlgorithms = new[] { SymmetricKeyAlgorithmTag.Aes256, SymmetricKeyAlgorithmTag.Aes192, SymmetricKeyAlgorithmTag.Aes128 }, HashAlgorithms = new[] { HashAlgorithmTag.Sha256, HashAlgorithmTag.Sha1, HashAlgorithmTag.Sha384, HashAlgorithmTag.Sha512, HashAlgorithmTag.Sha224, } }; // master signing key var generator = GeneratorUtilities.GetKeyPairGenerator(signGenerator); generator.Init(keyringParameters.KeyParams); var masterKeyPair = new PgpKeyPair(signingAlgorithm, generator.GenerateKeyPair(), DateTime.UtcNow); Debug.WriteLine("Generated master key with ID " + masterKeyPair.KeyId.ToString("X")); var symmetricAlgorithms = (from a in keyringParameters.SymmetricAlgorithms select(int) a).ToArray(); var hashAlgorithms = (from a in keyringParameters.HashAlgorithms select(int) a).ToArray(); var masterSubpckGen = new PgpSignatureSubpacketGenerator(); masterSubpckGen.SetKeyFlags(false, PgpKeyFlags.CanSign | PgpKeyFlags.CanCertify); masterSubpckGen.SetPreferredSymmetricAlgorithms(false, symmetricAlgorithms); masterSubpckGen.SetPreferredHashAlgorithms(false, hashAlgorithms); if (expires != null) { masterSubpckGen.SetKeyExpirationTime(false, (long)((DateTime)expires - DateTime.Now).TotalSeconds); } // keyring -- adding master key return(new PgpKeyRingGenerator( PgpSignature.DefaultCertification, masterKeyPair, keyringParameters.Identity, keyringParameters.PrivateKeyEncryptionAlgorithm, keyringParameters.GetPassword(), true, masterSubpckGen.Generate(), null, new SecureRandom())); }