PgpKeyRingGenerator CreateKeyRingGenerator(MailboxAddress mailbox, EncryptionAlgorithm algorithm, long expirationTime, string password, DateTime now, SecureRandom random) { var enabledEncryptionAlgorithms = EnabledEncryptionAlgorithms; var enabledDigestAlgorithms = EnabledDigestAlgorithms; var encryptionAlgorithms = new int[enabledEncryptionAlgorithms.Length]; var digestAlgorithms = new int[enabledDigestAlgorithms.Length]; for (int i = 0; i < enabledEncryptionAlgorithms.Length; i++) { encryptionAlgorithms[i] = (int)enabledEncryptionAlgorithms[i]; } for (int i = 0; i < enabledDigestAlgorithms.Length; i++) { digestAlgorithms[i] = (int)enabledDigestAlgorithms[i]; } var parameters = new RsaKeyGenerationParameters(BigInteger.ValueOf(0x10001), random, 2048, 12); var signingAlgorithm = PublicKeyAlgorithmTag.RsaSign; var keyPairGenerator = GeneratorUtilities.GetKeyPairGenerator("RSA"); keyPairGenerator.Init(parameters); var signingKeyPair = new PgpKeyPair(signingAlgorithm, keyPairGenerator.GenerateKeyPair(), now); var subpacketGenerator = new PgpSignatureSubpacketGenerator(); subpacketGenerator.SetKeyFlags(false, PgpKeyFlags.CanSign | PgpKeyFlags.CanCertify); subpacketGenerator.SetPreferredSymmetricAlgorithms(false, encryptionAlgorithms); subpacketGenerator.SetPreferredHashAlgorithms(false, digestAlgorithms); if (expirationTime > 0) { subpacketGenerator.SetKeyExpirationTime(false, expirationTime); subpacketGenerator.SetSignatureExpirationTime(false, expirationTime); } subpacketGenerator.SetFeature(false, Org.BouncyCastle.Bcpg.Sig.Features.FEATURE_MODIFICATION_DETECTION); var keyRingGenerator = new PgpKeyRingGenerator( PgpSignature.PositiveCertification, signingKeyPair, mailbox.ToString(false), GetSymmetricKeyAlgorithm(algorithm), CharsetUtils.UTF8.GetBytes(password), true, subpacketGenerator.Generate(), null, random); // Add the (optional) encryption subkey. AddEncryptionKeyPair(keyRingGenerator, parameters, PublicKeyAlgorithmTag.RsaGeneral, now, expirationTime, encryptionAlgorithms, digestAlgorithms); return(keyRingGenerator); }
public static PgpKeyRingGenerator GenerateKeyRing(String id, byte[] pass, RSAKeySize keysize) { RsaKeyPairGenerator kpg = new RsaKeyPairGenerator(); kpg.Init(new KeyGenerationParameters(new SecureRandom(), 4096)); AsymmetricCipherKeyPair rsakeys = kpg.GenerateKeyPair(); PgpKeyPair rsakp_sign = new PgpKeyPair(PublicKeyAlgorithmTag.RsaSign, rsakeys, DateTime.UtcNow); PgpKeyPair rsakp_enc = new PgpKeyPair(PublicKeyAlgorithmTag.RsaEncrypt, rsakeys, DateTime.UtcNow); PgpSignatureSubpacketGenerator signhashgen = new PgpSignatureSubpacketGenerator(); signhashgen.SetKeyFlags(false, KeyFlags.SignData | KeyFlags.CertifyOther); signhashgen.SetPreferredSymmetricAlgorithms (false, new int[] { (int)SymmetricKeyAlgorithmTag.Aes256, (int)SymmetricKeyAlgorithmTag.Camellia256 }); signhashgen.SetPreferredHashAlgorithms (false, new int[] { (int)HashAlgorithmTag.Sha256, (int)HashAlgorithmTag.Sha384, (int)HashAlgorithmTag.Sha512 }); signhashgen.SetFeature(false, Features.FEATURE_MODIFICATION_DETECTION); // Create a signature on the encryption subkey. PgpSignatureSubpacketGenerator enchashgen = new PgpSignatureSubpacketGenerator(); enchashgen.SetKeyFlags(false, KeyFlags.EncryptComms | KeyFlags.EncryptStorage | KeyFlags.Authentication); PgpKeyRingGenerator pgpKeyRing = new PgpKeyRingGenerator( PgpSignature.DefaultCertification, rsakp_sign, id, SymmetricKeyAlgorithmTag.Aes256, pass, false, signhashgen.Generate(), null, new SecureRandom() ); pgpKeyRing.AddSubKey(rsakp_enc, enchashgen.Generate(), null, HashAlgorithmTag.Sha512); return(pgpKeyRing); }