/// <summary>
/// Finds a key
/// </summary>
/// <param name="lKeyID"the key to be found></param>
/// <returns>the found key</returns>
public TransportableSecretKey Find(ulong lKeyID)
{
IEnumerator ieKeys = SecretKeys.GetEnumerator();
while (ieKeys.MoveNext())
{
TransportableSecretKey tskKey = (TransportableSecretKey)ieKeys.Current;
if (tskKey.PrimaryKey.PublicKey.KeyID == lKeyID)
{
return(tskKey);
}
IEnumerator ieSubkeys = tskKey.SubKeys.GetEnumerator();
while (ieSubkeys.MoveNext())
{
if (!(ieSubkeys.Current is SecretKeyPacket))
{
throw new Exception("Expected a secret key packet, but did not find one.");
}
SecretKeyPacket skpKey = (SecretKeyPacket)ieSubkeys.Current;
if (skpKey.PublicKey.KeyID == lKeyID)
{
return(tskKey);
}
}
}
return(null);
}
public string SignText(string strMessage, ulong lSignatureKeyID, string strPassphrase)
{
SignaturePacket spSign = new SignaturePacket();
strMessage = Radix64.TrimMessage(strMessage);
TransportableSecretKey tskKey = skrKeyRing.Find(lSignatureKeyID);
SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign);
spSign.HashAlgorithm = HashAlgorithms.SHA1;
spSign.Format = PacketFormats.New;
spSign.KeyID = skpKey.PublicKey.KeyID;
spSign.TimeCreated = DateTime.Now;
spSign.SignatureAlgorithm = skpKey.PublicKey.Algorithm;
spSign.SignatureType = SignatureTypes.TextSignature;
spSign.Version = SignaturePacketVersionNumbers.v4;
byte[] bMessage = System.Text.Encoding.UTF8.GetBytes(strMessage);
spSign.Sign(bMessage, skpKey, strPassphrase);
byte[] bSignature = spSign.Generate();
string strSignature = Radix64.Encode(bSignature, true);
string strFinal = Armor.WrapCleartextSignature(strMessage, strSignature);
return(strFinal);
}
/// <summary>
/// Loads a keyring file
/// </summary>
/// <param name="strPath">The keyring file location</param>
public void Load(string strPath)
{
strLoadingPath = strPath;
System.IO.StreamReader srInput = new StreamReader(strPath);
string strKeys = srInput.ReadToEnd();
srInput.Close();
this.SecretKeys = new ArrayList();
ArmorTypes atType = new ArmorTypes();
string strKey = Armor.RemoveArmor(strKeys, ref atType, ref strKeys);
while (strKey.Length > 0)
{
TransportableSecretKey[] tskKeys = TransportableSecretKey.SplitKeys(strKey);
foreach (TransportableSecretKey tskKey in tskKeys)
{
this.SecretKeys.Add(tskKey);
}
strKey = Armor.RemoveArmor(strKeys, ref atType, ref strKeys);
}
bIsUpdated = false;
}
public static string ClearTextSign(string strMessage, SecretKeyRing skrKeyRing)
{
SignaturePacket spSign = new SignaturePacket();
strMessage = Radix64.TrimMessage(strMessage);
QueryPassphrase qpPassphrase = new QueryPassphrase();
qpPassphrase.ShowMyDialog(skrKeyRing);
string strPassphrase = qpPassphrase.Passphrase;
TransportableSecretKey tskKey = qpPassphrase.SelectedKey;
SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign);
Working wWorking = new Working();
wWorking.Show();
spSign.HashAlgorithm = HashAlgorithms.SHA1;
spSign.Format = PacketFormats.New;
wWorking.Progress(10);
SignatureSubPacket sspCreator = new SignatureSubPacket();
sspCreator.Type = SignatureSubPacketTypes.IssuerKeyID;
sspCreator.KeyID = skpKey.PublicKey.KeyID;
SignatureSubPacket sspCreationTime = new SignatureSubPacket();
sspCreationTime.Type = SignatureSubPacketTypes.SignatureCreationTime;
sspCreationTime.TimeCreated = DateTime.Now;
spSign.HashedSubPackets = new SignatureSubPacket[2];
spSign.HashedSubPackets[0] = sspCreator;
spSign.HashedSubPackets[1] = sspCreationTime;
wWorking.Progress(20);
//spSign.KeyID = skpKey.PublicKey.KeyID;
//spSign.TimeCreated = DateTime.Now;
spSign.SignatureAlgorithm = skpKey.PublicKey.Algorithm;
spSign.SignatureType = SignatureTypes.TextSignature;
spSign.Version = SignaturePacketVersionNumbers.v4;
wWorking.Progress(10);
byte[] bMessage = System.Text.Encoding.UTF8.GetBytes(strMessage);
spSign.Sign(bMessage, skpKey, strPassphrase);
wWorking.Progress(40);
byte[] bSignature = spSign.Generate();
string strSignature = Radix64.Encode(bSignature, true);
wWorking.Progress(20);
string strFinal = Armor.WrapCleartextSignature(strMessage, strSignature);
wWorking.Hide();
return(strFinal);
}
public string GetSecretKey(ulong lKeyID, string strPassphrase)
{
TransportableSecretKey tskKey = skrKeyRing.Find(lKeyID);
tskKey.PrimaryKey.GetDecryptedKeyMaterial(strPassphrase);
byte[] bKey = tskKey.Generate();
return(Armor.WrapPrivateKey(bKey));
}
/// <summary>
/// Private method to add a key doing checks
/// </summary>
/// <param name="tspk">key to be added</param>
public void AddSecretKey(TransportableSecretKey tspk)
{
if (tspk != null)
{
if (this.Find(tspk.PrimaryKey.PublicKey.KeyID) == null)
{
this.Add(tspk);
}
}
}
/// <summary>
/// Saves a key to a location
/// </summary>
/// <param name="strPath">file path</param>
/// <param name="KeyID">key to save</param>
public void Save(string strPath, ulong KeyID)
{
System.IO.StreamWriter swOutput = new StreamWriter(strPath);
try {
TransportableSecretKey tskKey = this.Find(KeyID);
byte[] bKey = tskKey.Generate();
string strKey = Armor.WrapPrivateKey(bKey);
swOutput.Write(strKey);
} catch (Exception e) {
throw new Exception("Error while trying to save a private key: " + e.Message);
}
swOutput.Close();
bIsUpdated = false;
}
public string GetSecretKeysProperties()
{
string strReturn = "<SecretKeyRing>";
IEnumerator ieKeys = skrKeyRing.SecretKeys.GetEnumerator();
while (ieKeys.MoveNext())
{
if (!(ieKeys.Current is TransportableSecretKey))
{
continue;
}
TransportableSecretKey tskKey = (TransportableSecretKey)ieKeys.Current;
strReturn += "\n" + GetSecretKeyProperties(tskKey.PrimaryKey.PublicKey.KeyID);
}
return(strReturn + "</SecretKeyRing>");
}
private SignedMessage SignMessage(LiteralMessage lmToBeSigned, ulong lSignatureKeyID, string strPassphrase)
{
TransportableSecretKey tskKey = skrKeyRing.Find(lSignatureKeyID);
SignedMessage smMessage = new SignedMessage();
smMessage.MessageSigned = lmToBeSigned;
SignaturePacket spPacket = new SignaturePacket();
spPacket.Version = SignaturePacketVersionNumbers.v3;
SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign);
spPacket.KeyID = skpKey.PublicKey.KeyID;
spPacket.HashAlgorithm = HashAlgorithms.SHA1;
spPacket.SignatureAlgorithm = skpKey.PublicKey.Algorithm;
spPacket.TimeCreated = DateTime.Now;
spPacket.SignatureType = SignatureTypes.TextSignature;
spPacket.Sign(lmToBeSigned.Binary, skpKey, strPassphrase);
smMessage.Signature = spPacket;
return(smMessage);
}
public void Save(string strPath)
{
System.IO.StreamWriter swOutput = new StreamWriter(strPath);
IEnumerator ieKeys = this.SecretKeys.GetEnumerator();
while (ieKeys.MoveNext())
{
if (ieKeys.Current is TransportableSecretKey)
{
try {
TransportableSecretKey tskKey = (TransportableSecretKey)ieKeys.Current;
byte[] bKey = tskKey.Generate();
string strKey = Armor.WrapPrivateKey(bKey);
swOutput.Write(strKey);
} catch (Exception e) {
MessageBox.Show("Error while trying to save a private key: " + e.Message, "Error...", MessageBoxButtons.OK, MessageBoxIcon.Warning);
}
}
}
swOutput.Close();
bIsUpdated = false;
}
public void AddUserID(ulong lKeyID, string strName, string strEmail, string strPassphrase)
{
TransportableSecretKey tskKey = skrKeyRing.Find(lKeyID);
TransportablePublicKey tpkKey = pkrKeyRing.Find(lKeyID, false);
CertifiedUserID cuiUID = new CertifiedUserID();
UserIDPacket uipUID = new UserIDPacket();
uipUID.UserID = strName.Trim() + " <" + strEmail.Trim() + ">";
cuiUID.UserID = uipUID;
SecretKeyPacket skpSignatureKey = tskKey.FindKey(AsymActions.Sign);
SignaturePacket spSelfSig = new SignaturePacket();
spSelfSig.Version = SignaturePacketVersionNumbers.v4;
spSelfSig.HashAlgorithm = HashAlgorithms.SHA1;
spSelfSig.KeyID = skpSignatureKey.PublicKey.KeyID;
spSelfSig.TimeCreated = DateTime.Now;
cuiUID.Certificates = new System.Collections.ArrayList();
cuiUID.Sign(spSelfSig, skpSignatureKey, strPassphrase, tpkKey.PrimaryKey);
tpkKey.Certifications.Add(cuiUID);
tskKey.UserIDs.Add(uipUID);
}
/// <summary>
/// Revoke a subkey
/// </summary>
/// <param name="KeyID">subkey ID</param>
/// <param name="skpKeySigner">revoker secret key</param>
/// <param name="strPassphrase">revoker passphrase</param>
/// <param name="exportable">exportable revocation</param>
public void RevokeSubKey(ulong KeyID, TransportableSecretKey skpKeySigner, string strPassphrase, bool exportable)
{
TransportablePublicKey tspKey = this.PublicRing.Find(KeyID,false);
if(tspKey == null)
throw new Exception("Public Key not found");
if(tspKey.PrimaryKey.KeyID == KeyID)
throw new Exception("This is a primary key... use RevokeKey method instead.");
CertifiedPublicSubkey cps = null;
foreach(CertifiedPublicSubkey cpsi in tspKey.SubKeys) {
if(cpsi.Subkey.KeyID == KeyID)
cps = cpsi;
}
bool allowed = false;
ulong issuer = skpKeySigner.PrimaryKey.PublicKey.KeyID;
if(issuer == tspKey.PrimaryKey.KeyID) {
allowed = true;
} else {
foreach (SignaturePacket spPacket in tspKey.RevocationKeys) {
foreach (BigInteger revoker in spPacket.FindRevokerKeys()) {
if (revoker.ToString() == skpKeySigner.PrimaryKey.PublicKey.Fingerprint.ToString()) {
allowed = true;
}
}
}
}
if (allowed && cps.KeyBindingSignature.isRevocable()) {
if (this.PublicRing.isRevoked(KeyID))
throw new Exception("Public SubKey alreadyRevoked");
SignaturePacket spSig = new SignaturePacket();
spSig.Version = SignaturePacketVersionNumbers.v4;
spSig.HashAlgorithm = HashAlgorithms.SHA1;
spSig.KeyID = skpKeySigner.PrimaryKey.PublicKey.KeyID;
spSig.TimeCreated = DateTime.Now;
SignatureSubPacket sspExportableSignature = new SignatureSubPacket();
sspExportableSignature.Type = SignatureSubPacketTypes.ExportableSignature;
sspExportableSignature.ExportableSignature = exportable;
spSig.AddSubPacket(sspExportableSignature, false);
byte[] subkey = new byte[cps.Subkey.Length];
cps.Subkey.Header.CopyTo(subkey,0);
cps.Subkey.Body.CopyTo(subkey,cps.Subkey.Header.Length);
subkey[0]=0x99;
byte[] mainkey = new byte[tspKey.PrimaryKey.Length];
tspKey.PrimaryKey.Header.CopyTo(mainkey,0);
tspKey.PrimaryKey.Body.CopyTo(mainkey,tspKey.PrimaryKey.Header.Length);
byte[] key = new byte[subkey.Length+mainkey.Length];
mainkey.CopyTo(key,0);
subkey.CopyTo(key,mainkey.Length);
spSig.SignatureType = SignatureTypes.SubkeyRevocationSignature;
spSig.Sign(key, skpKeySigner.PrimaryKey, strPassphrase);
cps.RevocationSignature=spSig;
} else
throw new Exception("Not allowed to revoke this subkey");
}
public void GenerateKey(string strName, string strEmail, string strKeyType, int iKeySize, long lExpiration, string strPassphrase)
{
if (strKeyType == "ElGamal/DSA") {
System.Security.Cryptography.RandomNumberGenerator rngRand = System.Security.Cryptography.RandomNumberGenerator.Create();
// let's first create the encryption key
BigInteger[][] biEncryptionKey = GenerateEncryptionKey(iKeySize);
// now the signature key
BigInteger[][] biSignatureKey = GenerateSignatureKey();
PublicKeyPacket pkpSignatureKey = new PublicKeyPacket(false);
pkpSignatureKey.Algorithm = AsymAlgorithms.DSA;
pkpSignatureKey.KeyMaterial = biSignatureKey[0];
pkpSignatureKey.TimeCreated = DateTime.Now;
pkpSignatureKey.Version = PublicKeyPacketVersionNumbers.v4;
SecretKeyPacket skpSignatureKey = new SecretKeyPacket(false);
skpSignatureKey.SymmetricalAlgorithm = SymAlgorithms.AES256;
skpSignatureKey.PublicKey = pkpSignatureKey;
skpSignatureKey.InitialVector = new byte[CipherHelper.CipherBlockSize(SymAlgorithms.AES256)];
rngRand.GetBytes(skpSignatureKey.InitialVector);
skpSignatureKey.EncryptKeyMaterial(biSignatureKey[1], strPassphrase);
skpSignatureKey.PublicKey = pkpSignatureKey;
PublicKeyPacket pkpEncryptionKey = new PublicKeyPacket(true);
pkpEncryptionKey.Algorithm = AsymAlgorithms.ElGamal_Encrypt_Only;
pkpEncryptionKey.KeyMaterial = biEncryptionKey[0];
pkpEncryptionKey.TimeCreated = DateTime.Now;
pkpEncryptionKey.Version = PublicKeyPacketVersionNumbers.v4;
SecretKeyPacket skpEncryptionKey = new SecretKeyPacket(true);
skpEncryptionKey.SymmetricalAlgorithm = SymAlgorithms.AES256;
skpEncryptionKey.PublicKey = pkpEncryptionKey;
skpEncryptionKey.InitialVector = new byte[CipherHelper.CipherBlockSize(SymAlgorithms.AES256)];
rngRand.GetBytes(skpEncryptionKey.InitialVector);
skpEncryptionKey.EncryptKeyMaterial(biEncryptionKey[1], strPassphrase);
skpEncryptionKey.PublicKey = pkpEncryptionKey;
CertifiedUserID cuiUID = new CertifiedUserID();
UserIDPacket uipUID = new UserIDPacket();
uipUID.UserID = strName.Trim() + " <" + strEmail.Trim() + ">";
cuiUID.UserID = uipUID;
SignaturePacket spSelfSig = new SignaturePacket();
spSelfSig.Version = SignaturePacketVersionNumbers.v4;
spSelfSig.HashAlgorithm = HashAlgorithms.SHA1;
spSelfSig.KeyID = pkpSignatureKey.KeyID;
spSelfSig.TimeCreated = DateTime.Now;
SignatureSubPacket sspPrimaryUserID = new SignatureSubPacket();
sspPrimaryUserID.Type = SignatureSubPacketTypes.PrimaryUserID;
sspPrimaryUserID.PrimaryUserID = true;
spSelfSig.AddSubPacket(sspPrimaryUserID, true);
SignatureSubPacket sspPreferedSymAlgos = new SignatureSubPacket();
sspPreferedSymAlgos.Type = SignatureSubPacketTypes.PreferedSymmetricAlgorithms;
sspPreferedSymAlgos.PreferedSymAlgos = new SymAlgorithms[] {SymAlgorithms.AES256, SymAlgorithms.AES192, SymAlgorithms.AES256, SymAlgorithms.CAST5, SymAlgorithms.Triple_DES};
spSelfSig.AddSubPacket(sspPreferedSymAlgos, true);
SignatureSubPacket sspPreferedHashAlgos = new SignatureSubPacket();
sspPreferedHashAlgos.Type = SignatureSubPacketTypes.PreferedHashAlgorithms;
sspPreferedHashAlgos.PreferedHashAlgos = new HashAlgorithms[] {HashAlgorithms.SHA1};
spSelfSig.AddSubPacket(sspPreferedHashAlgos, true);
if (lExpiration != 0) {
SignatureSubPacket sspExpiration = new SignatureSubPacket();
sspExpiration.Type = SignatureSubPacketTypes.SignatureExpirationTime;
sspExpiration.SignatureExpirationTime = new DateTime(lExpiration);
spSelfSig.AddSubPacket(sspExpiration, true);
}
cuiUID.Certificates = new System.Collections.ArrayList();
cuiUID.Sign(spSelfSig, skpSignatureKey, strPassphrase, pkpSignatureKey);
CertifiedPublicSubkey cpsEncryptionKey = new CertifiedPublicSubkey();
cpsEncryptionKey.Subkey = pkpEncryptionKey;
cpsEncryptionKey.SignKeyBindingSignature(pkpSignatureKey, skpSignatureKey, strPassphrase, new DateTime(lExpiration), true);
TransportablePublicKey tpkPublicKey = new TransportablePublicKey();
tpkPublicKey.PrimaryKey = pkpSignatureKey;
tpkPublicKey.SubKeys.Add(cpsEncryptionKey);
tpkPublicKey.Certifications.Add(cuiUID);
TransportableSecretKey tskSecretKey = new TransportableSecretKey();
tskSecretKey.PrimaryKey = skpSignatureKey;
tskSecretKey.SubKeys.Add(skpEncryptionKey);
tskSecretKey.UserIDs.Add(uipUID);
this.pkrKeyRing.AddPublicKey(tpkPublicKey);
this.skrKeyRing.AddSecretKey(tskSecretKey);
pkrKeyRing.Save();
skrKeyRing.Save();
// it's an RSA key
} else if (strKeyType == "RSA") {
}
}
public void SignKey(ulong lSignedKeyID, ulong lSigningKeyID, string strUserID, int nIntroducerDepth, bool bIsExportable, int nType, string strPassphrase)
{
TransportableSecretKey tskKey = skrKeyRing.Find(lSigningKeyID);
SecretKeyPacket skpSignatureKey = tskKey.FindKey(AsymActions.Sign);
TransportablePublicKey tpkKey = pkrKeyRing.Find(lSignedKeyID, false);
SignaturePacket spCertificate = new SignaturePacket();
spCertificate.SignatureType = (SignatureTypes)nType;
spCertificate.Version = SignaturePacketVersionNumbers.v4;
spCertificate.HashAlgorithm = HashAlgorithms.SHA1;
spCertificate.KeyID = skpSignatureKey.PublicKey.KeyID;
spCertificate.TimeCreated = DateTime.Now;
CertifiedUserID cuiID = null;
IEnumerator ieUserIDs = tpkKey.Certifications.GetEnumerator();
while (ieUserIDs.MoveNext())
{
if (!(ieUserIDs.Current is CertifiedUserID))
{
continue;
}
CertifiedUserID cuiThisID = (CertifiedUserID)ieUserIDs.Current;
if (cuiThisID.ToString() == strUserID)
{
cuiID = cuiThisID;
}
}
if (cuiID == null)
{
throw new Exception("UserID could not be found!");
}
if (bIsExportable == false)
{
SignatureSubPacket sspNotExportable = new SignatureSubPacket();
sspNotExportable.Type = SignatureSubPacketTypes.ExportableSignature;
sspNotExportable.ExportableSignature = false;
spCertificate.AddSubPacket(sspNotExportable, true);
}
if (nIntroducerDepth > 0)
{
SignatureSubPacket sspTrust = new SignatureSubPacket();
sspTrust.Type = SignatureSubPacketTypes.TrustSignature;
sspTrust.TrustLevel = (byte)nIntroducerDepth;
sspTrust.TrustAmount = 120;
spCertificate.AddSubPacket(sspTrust, true);
}
cuiID.Sign(spCertificate, skpSignatureKey, strPassphrase, tpkKey.PrimaryKey);
tpkKey.Certifications.Remove(cuiID);
tpkKey.Certifications.Add(cuiID);
pkrKeyRing.Delete(lSignedKeyID);
pkrKeyRing.AddPublicKey(tpkKey);
pkrKeyRing.Save();
}
public static string EncryptText(string strMessage, PublicKeyRing pkrPublicKeyRing, SecretKeyRing skrSecretKeyRing, bool bSign)
{
PublicKeySelector pksSelectKeys = new PublicKeySelector(pkrPublicKeyRing);
pksSelectKeys.ShowDialog();
TransportableSecretKey tskKey = new TransportableSecretKey();
string strPassphrase = "";
if (bSign) {
QueryPassphrase qpPassphrase = new QueryPassphrase();
qpPassphrase.ShowMyDialog(skrSecretKeyRing);
tskKey = qpPassphrase.SelectedKey;
strPassphrase = qpPassphrase.Passphrase;
}
if (pksSelectKeys.SelectedKeys.Count == 0)
return strMessage;
Working wWorking = new Working();
wWorking.Show();
LiteralMessage lmMessage = new LiteralMessage(DataFormatTypes.Text);
lmMessage.Text = strMessage;
lmMessage.TimeCreated = DateTime.Now;
lmMessage.Filename = "";
SharpPrivacy.OpenPGP.Messages.Message mEncryptionMessage = lmMessage;
if (bSign) {
SignedMessage smMessage = new SignedMessage();
smMessage.MessageSigned = lmMessage;
SignaturePacket spPacket = new SignaturePacket();
spPacket.Version = SignaturePacketVersionNumbers.v3;
SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign);
spPacket.KeyID = skpKey.PublicKey.KeyID;
spPacket.HashAlgorithm = HashAlgorithms.SHA1;
spPacket.SignatureAlgorithm = skpKey.PublicKey.Algorithm;
spPacket.TimeCreated = DateTime.Now;
spPacket.SignatureType = SignatureTypes.TextSignature;
spPacket.Sign(lmMessage.Binary, skpKey, strPassphrase);
smMessage.Signature = spPacket;
mEncryptionMessage = smMessage;
}
CompressedMessage cmMessage = new CompressedMessage();
cmMessage.Compress(mEncryptionMessage);
wWorking.Progress(20);
SymAlgorithms saAlgo = GetSymAlgorithmPreferences(pksSelectKeys.SelectedKeys);
SymmetricallyEncryptedDataPacket sedpEncrypted = new SymmetricallyEncryptedDataPacket();
SymmetricAlgorithm saEncrypt = CipherHelper.CreateSymAlgorithm(saAlgo);
saEncrypt.Mode = CipherMode.OpenPGP_CFB;
saEncrypt.GenerateKey();
byte[] bKey = saEncrypt.Key;
wWorking.Progress(10);
ESKSequence esksKeys = new ESKSequence();
try {
esksKeys = CreateESKSequence(pksSelectKeys.SelectedKeys, AsymActions.Encrypt, saAlgo, bKey);
} catch (Exception e) {
wWorking.Hide();
MessageBox.Show("The following error occured: " + e.Message, "Error...");
return strMessage;
}
wWorking.Progress(50);
ICryptoTransform ictEncryptor = saEncrypt.CreateEncryptor();
byte[] bMessage = cmMessage.GetEncoded();
byte[] bOutput = new byte[bMessage.Length];
ictEncryptor.TransformBlock(bMessage, 0, bMessage.Length, ref bOutput, 0);
bKey.Initialize();
wWorking.Progress(10);
int iOutLength = (saEncrypt.BlockSize >> 3) + 2 + bMessage.Length;
sedpEncrypted.Body = new byte[iOutLength];
Array.Copy(bOutput, 0, sedpEncrypted.Body, 0, iOutLength);
byte[] bESK = esksKeys.GetEncoded();
byte[] bEncrypted = sedpEncrypted.Generate();
byte[] bReturn = new byte[bESK.Length + bEncrypted.Length];
bESK.CopyTo(bReturn, 0);
bEncrypted.CopyTo(bReturn, bESK.Length);
wWorking.Progress(10);
string strReturn = Radix64.Encode(bReturn, true);
strReturn = Armor.WrapMessage(strReturn);
wWorking.Hide();
return strReturn;
}
/// <summary>
/// Text signing
/// </summary>
/// <param name="strMessage">text to be signed</param>
/// <param name="tskKey">secret key for signing purpose</param>
/// <param name="strPassphrase">passphrase for the secret key</param>
/// <returns>the signed text</returns>
public string ClearTextSign(string strMessage, TransportableSecretKey tskKey, string strPassphrase, bool embedMessage)
{
SignaturePacket spSign = new SignaturePacket();
strMessage = Radix64.TrimMessage(strMessage);
SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign);
spSign.HashAlgorithm = HashAlgorithms.SHA1;
spSign.Format = PacketFormats.New;
SignatureSubPacket sspCreator = new SignatureSubPacket();
sspCreator.Type = SignatureSubPacketTypes.IssuerKeyID;
sspCreator.KeyID = skpKey.PublicKey.KeyID;
SignatureSubPacket sspCreationTime = new SignatureSubPacket();
sspCreationTime.Type = SignatureSubPacketTypes.SignatureCreationTime;
sspCreationTime.TimeCreated = DateTime.Now;
spSign.HashedSubPackets = new SignatureSubPacket[2];
spSign.HashedSubPackets[0] = sspCreator;
spSign.HashedSubPackets[1] = sspCreationTime;
//spSign.KeyID = skpKey.PublicKey.KeyID;
//spSign.TimeCreated = DateTime.Now;
spSign.SignatureAlgorithm = skpKey.PublicKey.Algorithm;
spSign.SignatureType = SignatureTypes.TextSignature;
spSign.Version = SignaturePacketVersionNumbers.v4;
byte[] bMessage = System.Text.Encoding.UTF8.GetBytes(strMessage);
spSign.Sign(bMessage, skpKey, strPassphrase);
byte[] bSignature = spSign.Generate();
string strSignature = Radix64.Encode(bSignature, true);
string strFinal;
if(embedMessage)
strFinal = Armor.WrapCleartextSignature(strMessage, strSignature);
else
strFinal = Armor.WrapCleartextSignature(strSignature);
return strFinal;
}
/// <summary>
/// Signs a key
/// </summary>
/// <param name="tspKey">key to be signed</param>
/// <param name="cuidTobeSigned">user id to be signed</param>
/// <param name="skpKeySigner">signer private key</param>
/// <param name="strPassphrase">signer passphrase</param>
/// <param name="exportable">exportable signature</param>
/// <param name="expirationTime">expiration time (new DateTime(0) == never)</param>
/// <param name="isRevocable"></param>
public void SignKey(TransportablePublicKey tspKey, CertifiedUserID cuidTobeSigned, TransportableSecretKey skpKeySigner, string strPassphrase, bool exportable, DateTime expirationTime, bool isRevocable)
{
SignaturePacket spSig = new SignaturePacket();
spSig.Version = SignaturePacketVersionNumbers.v4;
spSig.HashAlgorithm = HashAlgorithms.SHA1;
spSig.KeyID = skpKeySigner.PrimaryKey.PublicKey.KeyID;
spSig.TimeCreated = DateTime.Now;
SignatureSubPacket sspExportableSignature = new SignatureSubPacket();
sspExportableSignature.Type = SignatureSubPacketTypes.ExportableSignature;
sspExportableSignature.ExportableSignature = exportable;
spSig.AddSubPacket(sspExportableSignature, false);
if (!isRevocable) {
SignatureSubPacket sspRevocable = new SignatureSubPacket();
sspRevocable.Type = SignatureSubPacketTypes.Revocable;
sspRevocable.Revocable = isRevocable;
spSig.AddSubPacket(sspRevocable, true);
}
if (expirationTime.Ticks != 0) {
SignatureSubPacket sspExpiration = new SignatureSubPacket();
sspExpiration.Type = SignatureSubPacketTypes.KeyExpirationTime;
sspExpiration.KeyExpirationTime = new DateTime(expirationTime.Ticks + (new DateTime(1970,1,2)).Ticks - tspKey.PrimaryKey.TimeCreated.Ticks);
spSig.AddSubPacket(sspExpiration, true);
}
cuidTobeSigned.Sign(spSig, skpKeySigner.PrimaryKey, strPassphrase, tspKey.PrimaryKey);
}
/// <summary>
/// Decrypts the session key stored in the EncryptedSessionKey
/// property and saves the decrypted key in the EncodedSessionKey
/// property.
/// </summary>
/// <remarks>This function also calls DecodeSessionKey so that the
/// decrypted and decoded sessionkey is stored in the
/// SessionKey property.</remarks>
/// <param name="tskKey">A transportable secret key that is used to
/// decrypt the encrypted session key.</param>
/// <param name="strPassphrase">The passphrase used to decrypt the
/// encrypted key material of the given transportable secret
/// key.</param>
public void DecryptSessionKey(TransportableSecretKey tskKey, string strPassphrase)
{
AsymmetricCipher acCipher = new RSA();
switch (aaPublicAlgorithm)
{
case AsymAlgorithms.ElGama_Encrypt_Sign:
case AsymAlgorithms.ElGamal_Encrypt_Only:
acCipher = new ElGamal();
break;
case AsymAlgorithms.RSA_Encrypt_Only:
case AsymAlgorithms.RSA_Encrypt_Sign:
acCipher = new RSA();
break;
default:
throw new System.Exception("The chosen public key algorithm is not yet implemented!");
}
bool bFound = false;
SecretKeyPacket skpKey = new SecretKeyPacket();
IEnumerator ieSubkeys = tskKey.SubKeys.GetEnumerator();
while (ieSubkeys.MoveNext())
{
if (!(ieSubkeys.Current is SecretKeyPacket))
{
throw new System.Exception("Expected a secret key packet, but did not find one!");
}
skpKey = (SecretKeyPacket)ieSubkeys.Current;
if (skpKey.PublicKey.KeyID == lKeyID)
{
bFound = true;
continue;
}
}
// check if the message was encrypted with the primary key
if (!bFound)
{
if (tskKey.PrimaryKey.PublicKey.KeyID == lKeyID)
{
skpKey = tskKey.PrimaryKey;
}
else
{
//theoretically we should never see this exception, as
//encrytped message makes sure we only get fitting secret
//keys, but just in case someone calls this directly, we
//throw an exception
throw new System.Exception("No fitting secret key found!");
}
}
BigInteger biKey = acCipher.Decrypt(this.biEncryptedSessionKey, skpKey, strPassphrase);
this.bEncodedSessionKey = biKey.getBytes();
DecodeSessionKey();
}
/// <summary>
/// Add a key to the keyring
/// </summary>
/// <param name="tskKey">the key to be added</param>
private void Add(TransportableSecretKey tskKey)
{
bIsUpdated = true;
SecretKeys.Add(tskKey);
}
public static void EncryptFiles(String[] strFiles, PublicKeyRing pkrPublicKeyRing, SecretKeyRing skrSecretKeyRing, bool bEncrypt, bool bSign)
{
PublicKeySelector pksSelectKeys = new PublicKeySelector(pkrPublicKeyRing);
if (bEncrypt)
{
pksSelectKeys.ShowDialog();
if (pksSelectKeys.SelectedKeys.Count == 0)
{
MessageBox.Show("You did not select a public key to encrypt to. Doing nothing...", "Nothing Done...");
return;
}
}
TransportableSecretKey tskKey = new TransportableSecretKey();
string strPassphrase = "";
if (bSign)
{
QueryPassphrase qpPassphrase = new QueryPassphrase();
qpPassphrase.ShowMyDialog(skrSecretKeyRing);
tskKey = qpPassphrase.SelectedKey;
strPassphrase = qpPassphrase.Passphrase;
}
Working wWorking = new Working();
wWorking.Show();
for (int i = 0; i < strFiles.Length; i++)
{
byte[] bFileContent = new byte[0];
try {
System.IO.FileStream fsFile = new FileStream(strFiles[i], FileMode.Open);
BinaryReader brReader = new BinaryReader(fsFile);
bFileContent = brReader.ReadBytes((int)fsFile.Length);
brReader.Close();
fsFile.Close();
} catch (Exception e) {
wWorking.Hide();
MessageBox.Show("An error occured while opening the file " + strFiles[i] + ": " + e.Message, "Error...");
return;
}
LiteralMessage lmMessage = new LiteralMessage(DataFormatTypes.Binary);
lmMessage.Binary = bFileContent;
lmMessage.TimeCreated = DateTime.Now;
int iLastBackslash = strFiles[i].LastIndexOf("\\");
lmMessage.Filename = strFiles[i].Substring(iLastBackslash + 1, strFiles[i].Length - iLastBackslash - 1);
SharpPrivacy.OpenPGP.Messages.Message mEncryptionMessage = lmMessage;
if (bSign)
{
SignedMessage smMessage = new SignedMessage();
smMessage.MessageSigned = lmMessage;
SignaturePacket spPacket = new SignaturePacket();
spPacket.Version = SignaturePacketVersionNumbers.v3;
SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign);
spPacket.KeyID = skpKey.PublicKey.KeyID;
spPacket.HashAlgorithm = HashAlgorithms.SHA1;
spPacket.SignatureAlgorithm = skpKey.PublicKey.Algorithm;
spPacket.TimeCreated = DateTime.Now;
spPacket.SignatureType = SignatureTypes.TextSignature;
spPacket.Sign(lmMessage.Binary, skpKey, strPassphrase);
smMessage.Signature = spPacket;
mEncryptionMessage = smMessage;
}
CompressedMessage cmMessage = new CompressedMessage();
cmMessage.Compress(mEncryptionMessage);
wWorking.Progress(20 / strFiles.Length);
SymAlgorithms saAlgo = GetSymAlgorithmPreferences(pksSelectKeys.SelectedKeys);
wWorking.Progress(10 / strFiles.Length);
byte[] bReturn = new byte[0];
if (bEncrypt)
{
SymmetricallyEncryptedDataPacket sedpEncrypted = new SymmetricallyEncryptedDataPacket();
SymmetricAlgorithm saEncrypt = CipherHelper.CreateSymAlgorithm(saAlgo);
saEncrypt.Mode = CipherMode.OpenPGP_CFB;
saEncrypt.GenerateKey();
byte[] bKey = saEncrypt.Key;
ESKSequence esksKeys = new ESKSequence();
try {
esksKeys = CreateESKSequence(pksSelectKeys.SelectedKeys, AsymActions.Encrypt, saAlgo, bKey);
} catch (Exception e) {
wWorking.Hide();
MessageBox.Show("The following error occured: " + e.Message, "Error...");
return;
}
wWorking.Progress(50 / strFiles.Length);
ICryptoTransform ictEncryptor = saEncrypt.CreateEncryptor();
byte[] bMessage = cmMessage.GetEncoded();
byte[] bOutput = new byte[bMessage.Length];
ictEncryptor.TransformBlock(bMessage, 0, bMessage.Length, ref bOutput, 0);
bKey.Initialize();
wWorking.Progress(10 / strFiles.Length);
int iOutLength = (saEncrypt.BlockSize >> 3) + 2 + bMessage.Length;
sedpEncrypted.Body = new byte[iOutLength];
Array.Copy(bOutput, 0, sedpEncrypted.Body, 0, iOutLength);
byte[] bESK = esksKeys.GetEncoded();
byte[] bEncrypted = sedpEncrypted.Generate();
bReturn = new byte[bESK.Length + bEncrypted.Length];
bESK.CopyTo(bReturn, 0);
bEncrypted.CopyTo(bReturn, bESK.Length);
}
else
{
wWorking.Progress(60 / strFiles.Length);
bReturn = cmMessage.GetEncoded();
}
wWorking.Progress(10 / strFiles.Length);
try {
FileStream fsOut = new FileStream(strFiles[i] + ".asc", FileMode.CreateNew);
BinaryWriter bwWrite = new BinaryWriter(fsOut);
bwWrite.Write(bReturn);
bwWrite.Close();
fsOut.Close();
} catch (IOException io) {
MessageBox.Show("Could not write to file. The following error occured: " + io.Message, "Error...");
}
}
wWorking.Hide();
}
public static string EncryptText(string strMessage, PublicKeyRing pkrPublicKeyRing, SecretKeyRing skrSecretKeyRing, bool bSign)
{
PublicKeySelector pksSelectKeys = new PublicKeySelector(pkrPublicKeyRing);
pksSelectKeys.ShowDialog();
TransportableSecretKey tskKey = new TransportableSecretKey();
string strPassphrase = "";
if (bSign)
{
QueryPassphrase qpPassphrase = new QueryPassphrase();
qpPassphrase.ShowMyDialog(skrSecretKeyRing);
tskKey = qpPassphrase.SelectedKey;
strPassphrase = qpPassphrase.Passphrase;
}
if (pksSelectKeys.SelectedKeys.Count == 0)
{
return(strMessage);
}
Working wWorking = new Working();
wWorking.Show();
LiteralMessage lmMessage = new LiteralMessage(DataFormatTypes.Text);
lmMessage.Text = strMessage;
lmMessage.TimeCreated = DateTime.Now;
lmMessage.Filename = "";
SharpPrivacy.OpenPGP.Messages.Message mEncryptionMessage = lmMessage;
if (bSign)
{
SignedMessage smMessage = new SignedMessage();
smMessage.MessageSigned = lmMessage;
SignaturePacket spPacket = new SignaturePacket();
spPacket.Version = SignaturePacketVersionNumbers.v3;
SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign);
spPacket.KeyID = skpKey.PublicKey.KeyID;
spPacket.HashAlgorithm = HashAlgorithms.SHA1;
spPacket.SignatureAlgorithm = skpKey.PublicKey.Algorithm;
spPacket.TimeCreated = DateTime.Now;
spPacket.SignatureType = SignatureTypes.TextSignature;
spPacket.Sign(lmMessage.Binary, skpKey, strPassphrase);
smMessage.Signature = spPacket;
mEncryptionMessage = smMessage;
}
CompressedMessage cmMessage = new CompressedMessage();
cmMessage.Compress(mEncryptionMessage);
wWorking.Progress(20);
SymAlgorithms saAlgo = GetSymAlgorithmPreferences(pksSelectKeys.SelectedKeys);
SymmetricallyEncryptedDataPacket sedpEncrypted = new SymmetricallyEncryptedDataPacket();
SymmetricAlgorithm saEncrypt = CipherHelper.CreateSymAlgorithm(saAlgo);
saEncrypt.Mode = CipherMode.OpenPGP_CFB;
saEncrypt.GenerateKey();
byte[] bKey = saEncrypt.Key;
wWorking.Progress(10);
ESKSequence esksKeys = new ESKSequence();
try {
esksKeys = CreateESKSequence(pksSelectKeys.SelectedKeys, AsymActions.Encrypt, saAlgo, bKey);
} catch (Exception e) {
wWorking.Hide();
MessageBox.Show("The following error occured: " + e.Message, "Error...");
return(strMessage);
}
wWorking.Progress(50);
ICryptoTransform ictEncryptor = saEncrypt.CreateEncryptor();
byte[] bMessage = cmMessage.GetEncoded();
byte[] bOutput = new byte[bMessage.Length];
ictEncryptor.TransformBlock(bMessage, 0, bMessage.Length, ref bOutput, 0);
bKey.Initialize();
wWorking.Progress(10);
int iOutLength = (saEncrypt.BlockSize >> 3) + 2 + bMessage.Length;
sedpEncrypted.Body = new byte[iOutLength];
Array.Copy(bOutput, 0, sedpEncrypted.Body, 0, iOutLength);
byte[] bESK = esksKeys.GetEncoded();
byte[] bEncrypted = sedpEncrypted.Generate();
byte[] bReturn = new byte[bESK.Length + bEncrypted.Length];
bESK.CopyTo(bReturn, 0);
bEncrypted.CopyTo(bReturn, bESK.Length);
wWorking.Progress(10);
string strReturn = Radix64.Encode(bReturn, true);
strReturn = Armor.WrapMessage(strReturn);
wWorking.Hide();
return(strReturn);
}
/// <summary>
/// Decrypts the session key stored in the EncryptedSessionKey
/// property and saves the decrypted key in the EncodedSessionKey
/// property.
/// </summary>
/// <remarks>This function also calls DecodeSessionKey so that the
/// decrypted and decoded sessionkey is stored in the
/// SessionKey property.</remarks>
/// <param name="tskKey">A transportable secret key that is used to
/// decrypt the encrypted session key.</param>
/// <param name="strPassphrase">The passphrase used to decrypt the
/// encrypted key material of the given transportable secret
/// key.</param>
public void DecryptSessionKey(TransportableSecretKey tskKey, string strPassphrase)
{
AsymmetricCipher acCipher = new RSA();
switch (aaPublicAlgorithm) {
case AsymAlgorithms.ElGama_Encrypt_Sign:
case AsymAlgorithms.ElGamal_Encrypt_Only:
acCipher = new ElGamal();
break;
case AsymAlgorithms.RSA_Encrypt_Only:
case AsymAlgorithms.RSA_Encrypt_Sign:
acCipher = new RSA();
break;
default:
throw new System.Exception("The chosen public key algorithm is not yet implemented!");
}
bool bFound = false;
SecretKeyPacket skpKey = new SecretKeyPacket();
IEnumerator ieSubkeys = tskKey.SubKeys.GetEnumerator();
while (ieSubkeys.MoveNext()) {
if (!(ieSubkeys.Current is SecretKeyPacket))
throw new System.Exception("Expected a secret key packet, but did not find one!");
skpKey = (SecretKeyPacket)ieSubkeys.Current;
if (skpKey.PublicKey.KeyID == lKeyID) {
bFound = true;
continue;
}
}
// check if the message was encrypted with the primary key
if (!bFound) {
if (tskKey.PrimaryKey.PublicKey.KeyID == lKeyID) {
skpKey = tskKey.PrimaryKey;
} else {
//theoretically we should never see this exception, as
//encrytped message makes sure we only get fitting secret
//keys, but just in case someone calls this directly, we
//throw an exception
throw new System.Exception("No fitting secret key found!");
}
}
BigInteger biKey = acCipher.Decrypt(this.biEncryptedSessionKey, skpKey, strPassphrase);
this.bEncodedSessionKey = biKey.getBytes();
DecodeSessionKey();
}
public void AddKey(string strKey)
{
bool bNotImported = false;
bool bError = false;
string strRest = "";
ArmorTypes atType = new ArmorTypes();
do
{
strKey = Armor.RemoveArmor(strKey, ref atType, ref strRest);
if (atType == ArmorTypes.PrivateKeyBlock)
{
try {
TransportableSecretKey[] tskKeys = TransportableSecretKey.SplitKeys(strKey);
for (int i = 0; i < tskKeys.Length; i++)
{
TransportableSecretKey tskKey = tskKeys[i];
TransportableSecretKey tskTestKey = skrKeyRing.Find(tskKey.PrimaryKey.PublicKey.KeyID);
if (tskTestKey != null)
{
bNotImported = true;
continue;
}
skrKeyRing.AddSecretKey(tskKey);
}
} catch (Exception) {
bError = true;
}
}
else if (atType == ArmorTypes.PublicKeyBlock)
{
try {
TransportablePublicKey[] tpkKeys = TransportablePublicKey.SplitKeys(strKey);
for (int i = 0; i < tpkKeys.Length; i++)
{
TransportablePublicKey tpkKey = tpkKeys[i];
TransportablePublicKey tpkTestKey = pkrKeyRing.Find(tpkKey.PrimaryKey.KeyID, true);
if (tpkTestKey != null)
{
bNotImported = true;
continue;
}
pkrKeyRing.AddPublicKey(tpkKey);
}
} catch (Exception) {
bError = true;
}
}
strKey = strRest;
} while (strKey.Length > 0);
pkrKeyRing.Save();
skrKeyRing.Save();
if (bError)
{
throw new Exception("Some keys could not be imported, because there were errors!");
}
if (bNotImported)
{
throw new Exception("Some keys could not be imported, because they were already in your keyring!");
}
}
/// <summary>
/// Methond handling encryption/signing
/// </summary>
/// <param name="strFiles">file list to be encrypted</param>
/// <param name="tskKey">secret key needed for encyption purpose</param>
/// <param name="tpkKeys">public key needed for signing purpose</param>
/// <param name="strPassphrase">passphrase for secret key</param>
/// <param name="bEncrypt">encrypt files?</param>
/// <param name="bSign">sign files?</param>
public void EncryptFiles(String[] strFiles, TransportableSecretKey tskKey, ArrayList tpkKeys, string strPassphrase, bool bEncrypt, bool bSign, bool embedMsg)
{
if(this.pkrPublicKeyRing == null || this.skrSecretKeyRing == null) {
throw new Exception("<ERROR code=\"5\">");
}
if (bSign && tskKey == null) {
throw new Exception("Need a Private Key To Sign!");
}
if (bEncrypt && (tpkKeys == null || tpkKeys.Count < 1)) {
throw new Exception("Need Public Keys To Encrypt!");
}
for (int i=0; i<strFiles.Length; i++) {
byte[] bFileContent = new byte[0];
try {
System.IO.FileStream fsFile = new FileStream(strFiles[i], FileMode.Open);
BinaryReader brReader = new BinaryReader(fsFile);
bFileContent = brReader.ReadBytes((int)fsFile.Length);
brReader.Close();
fsFile.Close();
} catch (Exception e) {
throw new Exception("An error occured while opening the file " + strFiles[i] + ": " + e.Message);
}
LiteralMessage lmMessage = new LiteralMessage(DataFormatTypes.Binary);
lmMessage.Binary = bFileContent;
lmMessage.TimeCreated = DateTime.Now;
int iLastBackslash = strFiles[i].LastIndexOf("\\");
lmMessage.Filename = strFiles[i].Substring(iLastBackslash + 1, strFiles[i].Length - iLastBackslash - 1);
SharpPrivacy.SharpPrivacyLib.OpenPGP.Messages.Message mEncryptionMessage = lmMessage;
if (bSign) {
SignedMessage smMessage = new SignedMessage();
smMessage.MessageSigned = lmMessage;
SignaturePacket spPacket = new SignaturePacket();
spPacket.Version = SignaturePacketVersionNumbers.v3;
SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign);
spPacket.KeyID = skpKey.PublicKey.KeyID;
spPacket.HashAlgorithm = HashAlgorithms.SHA1;
spPacket.SignatureAlgorithm = skpKey.PublicKey.Algorithm;
spPacket.TimeCreated = DateTime.Now;
spPacket.SignatureType = SignatureTypes.TextSignature;
spPacket.Sign(lmMessage.Binary, skpKey, strPassphrase);
smMessage.Signature = spPacket;
mEncryptionMessage = smMessage;
}
CompressedMessage cmMessage = new CompressedMessage();
cmMessage.Compress(mEncryptionMessage);
byte[] bReturn = new byte[0];
if (bEncrypt) {
SymAlgorithms saAlgo = GetSymAlgorithmPreferences(tpkKeys);
SymmetricallyEncryptedDataPacket sedpEncrypted = new SymmetricallyEncryptedDataPacket();
SymmetricAlgorithm saEncrypt = CipherHelper.CreateSymAlgorithm(saAlgo);
saEncrypt.Mode = CipherMode.OpenPGP_CFB;
saEncrypt.GenerateKey();
byte[] bKey = saEncrypt.Key;
ESKSequence esksKeys = new ESKSequence();
try {
esksKeys = CreateESKSequence(tpkKeys, AsymActions.Encrypt, saAlgo, bKey);
} catch (Exception e) {
throw new Exception("The following error occured: " + e.Message);
}
ICryptoTransform ictEncryptor = saEncrypt.CreateEncryptor();
byte[] bMessage = cmMessage.GetEncoded();
byte[] bOutput = new byte[bMessage.Length];
ictEncryptor.TransformBlock(bMessage, 0, bMessage.Length, ref bOutput, 0);
bKey.Initialize();
int iOutLength = (saEncrypt.BlockSize >> 3) + 2 + bMessage.Length;
sedpEncrypted.Body = new byte[iOutLength];
Array.Copy(bOutput, 0, sedpEncrypted.Body, 0, iOutLength);
byte[] bESK = esksKeys.GetEncoded();
byte[] bEncrypted = sedpEncrypted.Generate();
bReturn = new byte[bESK.Length + bEncrypted.Length];
bESK.CopyTo(bReturn, 0);
bEncrypted.CopyTo(bReturn, bESK.Length);
} else {
if(embedMsg) {
bReturn = cmMessage.GetEncoded();
} else {
byte[] bSignature = ((SignedMessage)mEncryptionMessage).Signature.Generate();
string strSignature = Radix64.Encode(bSignature, true);
string strFinal = Armor.WrapCleartextSignature(strSignature);
try {
FileStream fsOut = new FileStream(strFiles[i] + ".asc", FileMode.Create);
StreamWriter bwWrite = new StreamWriter(fsOut);
bwWrite.Write(strFinal);
bwWrite.Close();
fsOut.Close();
return;
} catch (IOException io) {
throw new Exception("Could not write to file. The following error occured: " + io.Message);
}
}
}
try {
FileStream fsOut = new FileStream(strFiles[i] + ".asc", FileMode.Create);
BinaryWriter bwWrite = new BinaryWriter(fsOut);
bwWrite.Write(bReturn);
bwWrite.Close();
fsOut.Close();
} catch (IOException io) {
throw new Exception("Could not write to file. The following error occured: " + io.Message);
}
}
}
public string GetSecretKeyProperties(ulong lKeyID)
{
TransportableSecretKey tskKey = skrKeyRing.Find(lKeyID);
SecretKeyPacket skpKey = tskKey.PrimaryKey;
XmlDocument xmlDoc = new XmlDocument();
XmlElement xmlSecretKey = xmlDoc.CreateElement("SecretKey");
xmlSecretKey.SetAttribute("keyid", "0x" + skpKey.PublicKey.KeyID.ToString("x"));
xmlSecretKey.SetAttribute("fingerprint", skpKey.PublicKey.Fingerprint.ToString(16));
xmlSecretKey.SetAttribute("size", skpKey.PublicKey.KeyMaterial[0].bitCount().ToString());
xmlSecretKey.SetAttribute("algorithm", skpKey.PublicKey.Algorithm.ToString());
xmlSecretKey.SetAttribute("timecreated", skpKey.PublicKey.TimeCreated.Ticks.ToString());
XmlElement xmlUserIDs = xmlDoc.CreateElement("UserIDs");
XmlElement xmlUserID;
IEnumerator ieUserIDs = tskKey.UserIDs.GetEnumerator();
while (ieUserIDs.MoveNext())
{
if (!(ieUserIDs.Current is UserIDPacket))
{
continue;
}
UserIDPacket uipUID = (UserIDPacket)ieUserIDs.Current;
xmlUserID = xmlDoc.CreateElement("UserID");
xmlUserID.SetAttribute("name", uipUID.UserID);
xmlUserIDs.AppendChild(xmlUserID);
}
xmlSecretKey.AppendChild(xmlUserIDs);
XmlElement xmlSubkeys = xmlDoc.CreateElement("Subkeys");
XmlElement xmlSubkey;
IEnumerator ieSubkeys = tskKey.SubKeys.GetEnumerator();
while (ieSubkeys.MoveNext())
{
if (!(ieSubkeys.Current is SecretKeyPacket))
{
continue;
}
SecretKeyPacket skpSubkey = (SecretKeyPacket)ieSubkeys.Current;
xmlSubkey = xmlDoc.CreateElement("Subkey");
xmlSubkey.SetAttribute("keyid", "0x" + skpSubkey.PublicKey.KeyID.ToString("x"));
xmlSubkey.SetAttribute("fingerprint", skpSubkey.PublicKey.Fingerprint.ToString(16));
xmlSubkey.SetAttribute("size", skpSubkey.PublicKey.KeyMaterial[0].bitCount().ToString());
xmlSubkey.SetAttribute("algorithm", skpSubkey.PublicKey.Algorithm.ToString());
xmlSubkeys.AppendChild(xmlSubkey);
}
xmlSecretKey.AppendChild(xmlSubkeys);
xmlDoc.AppendChild(xmlSecretKey);
return(xmlDoc.OuterXml);
}
/// <summary>
/// Add a key to the keyring
/// </summary>
/// <param name="tskKey">the key to be added</param>
private void Add(TransportableSecretKey tskKey)
{
bIsUpdated = true;
SecretKeys.Add(tskKey);
}
/// <summary>
/// Removes the specified key from the ring
/// </summary>
/// <param name="tskKey">the key to remove</param>
public void Delete(TransportableSecretKey tskKey)
{
bIsUpdated = true;
SecretKeys.Remove(tskKey);
}
public static void EncryptFiles(String[] strFiles, PublicKeyRing pkrPublicKeyRing, SecretKeyRing skrSecretKeyRing, bool bEncrypt, bool bSign)
{
PublicKeySelector pksSelectKeys = new PublicKeySelector(pkrPublicKeyRing);
if (bEncrypt) {
pksSelectKeys.ShowDialog();
if (pksSelectKeys.SelectedKeys.Count == 0) {
MessageBox.Show("You did not select a public key to encrypt to. Doing nothing...", "Nothing Done...");
return;
}
}
TransportableSecretKey tskKey = new TransportableSecretKey();
string strPassphrase = "";
if (bSign) {
QueryPassphrase qpPassphrase = new QueryPassphrase();
qpPassphrase.ShowMyDialog(skrSecretKeyRing);
tskKey = qpPassphrase.SelectedKey;
strPassphrase = qpPassphrase.Passphrase;
}
Working wWorking = new Working();
wWorking.Show();
for (int i=0; i<strFiles.Length; i++) {
byte[] bFileContent = new byte[0];
try {
System.IO.FileStream fsFile = new FileStream(strFiles[i], FileMode.Open);
BinaryReader brReader = new BinaryReader(fsFile);
bFileContent = brReader.ReadBytes((int)fsFile.Length);
brReader.Close();
fsFile.Close();
} catch (Exception e) {
wWorking.Hide();
MessageBox.Show("An error occured while opening the file " + strFiles[i] + ": " + e.Message, "Error...");
return;
}
LiteralMessage lmMessage = new LiteralMessage(DataFormatTypes.Binary);
lmMessage.Binary = bFileContent;
lmMessage.TimeCreated = DateTime.Now;
int iLastBackslash = strFiles[i].LastIndexOf("\\");
lmMessage.Filename = strFiles[i].Substring(iLastBackslash + 1, strFiles[i].Length - iLastBackslash - 1);
SharpPrivacy.OpenPGP.Messages.Message mEncryptionMessage = lmMessage;
if (bSign) {
SignedMessage smMessage = new SignedMessage();
smMessage.MessageSigned = lmMessage;
SignaturePacket spPacket = new SignaturePacket();
spPacket.Version = SignaturePacketVersionNumbers.v3;
SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign);
spPacket.KeyID = skpKey.PublicKey.KeyID;
spPacket.HashAlgorithm = HashAlgorithms.SHA1;
spPacket.SignatureAlgorithm = skpKey.PublicKey.Algorithm;
spPacket.TimeCreated = DateTime.Now;
spPacket.SignatureType = SignatureTypes.TextSignature;
spPacket.Sign(lmMessage.Binary, skpKey, strPassphrase);
smMessage.Signature = spPacket;
mEncryptionMessage = smMessage;
}
CompressedMessage cmMessage = new CompressedMessage();
cmMessage.Compress(mEncryptionMessage);
wWorking.Progress(20/strFiles.Length);
SymAlgorithms saAlgo = GetSymAlgorithmPreferences(pksSelectKeys.SelectedKeys);
wWorking.Progress(10/strFiles.Length);
byte[] bReturn = new byte[0];
if (bEncrypt) {
SymmetricallyEncryptedDataPacket sedpEncrypted = new SymmetricallyEncryptedDataPacket();
SymmetricAlgorithm saEncrypt = CipherHelper.CreateSymAlgorithm(saAlgo);
saEncrypt.Mode = CipherMode.OpenPGP_CFB;
saEncrypt.GenerateKey();
byte[] bKey = saEncrypt.Key;
ESKSequence esksKeys = new ESKSequence();
try {
esksKeys = CreateESKSequence(pksSelectKeys.SelectedKeys, AsymActions.Encrypt, saAlgo, bKey);
} catch (Exception e) {
wWorking.Hide();
MessageBox.Show("The following error occured: " + e.Message, "Error...");
return;
}
wWorking.Progress(50/strFiles.Length);
ICryptoTransform ictEncryptor = saEncrypt.CreateEncryptor();
byte[] bMessage = cmMessage.GetEncoded();
byte[] bOutput = new byte[bMessage.Length];
ictEncryptor.TransformBlock(bMessage, 0, bMessage.Length, ref bOutput, 0);
bKey.Initialize();
wWorking.Progress(10/strFiles.Length);
int iOutLength = (saEncrypt.BlockSize >> 3) + 2 + bMessage.Length;
sedpEncrypted.Body = new byte[iOutLength];
Array.Copy(bOutput, 0, sedpEncrypted.Body, 0, iOutLength);
byte[] bESK = esksKeys.GetEncoded();
byte[] bEncrypted = sedpEncrypted.Generate();
bReturn = new byte[bESK.Length + bEncrypted.Length];
bESK.CopyTo(bReturn, 0);
bEncrypted.CopyTo(bReturn, bESK.Length);
} else {
wWorking.Progress(60/strFiles.Length);
bReturn = cmMessage.GetEncoded();
}
wWorking.Progress(10/strFiles.Length);
try {
FileStream fsOut = new FileStream(strFiles[i] + ".asc", FileMode.CreateNew);
BinaryWriter bwWrite = new BinaryWriter(fsOut);
bwWrite.Write(bReturn);
bwWrite.Close();
fsOut.Close();
} catch (IOException io) {
MessageBox.Show("Could not write to file. The following error occured: " + io.Message, "Error...");
}
}
wWorking.Hide();
}
public void GenerateKey(string strName, string strEmail, string strKeyType, int iKeySize, long lExpiration, string strPassphrase)
{
if (strKeyType == "ElGamal/DSA")
{
System.Security.Cryptography.RandomNumberGenerator rngRand = System.Security.Cryptography.RandomNumberGenerator.Create();
// let's first create the encryption key
BigInteger[][] biEncryptionKey = GenerateEncryptionKey(iKeySize);
// now the signature key
BigInteger[][] biSignatureKey = GenerateSignatureKey();
PublicKeyPacket pkpSignatureKey = new PublicKeyPacket(false);
pkpSignatureKey.Algorithm = AsymAlgorithms.DSA;
pkpSignatureKey.KeyMaterial = biSignatureKey[0];
pkpSignatureKey.TimeCreated = DateTime.Now;
pkpSignatureKey.Version = PublicKeyPacketVersionNumbers.v4;
SecretKeyPacket skpSignatureKey = new SecretKeyPacket(false);
skpSignatureKey.SymmetricalAlgorithm = SymAlgorithms.AES256;
skpSignatureKey.PublicKey = pkpSignatureKey;
skpSignatureKey.InitialVector = new byte[CipherHelper.CipherBlockSize(SymAlgorithms.AES256)];
rngRand.GetBytes(skpSignatureKey.InitialVector);
skpSignatureKey.EncryptKeyMaterial(biSignatureKey[1], strPassphrase);
skpSignatureKey.PublicKey = pkpSignatureKey;
PublicKeyPacket pkpEncryptionKey = new PublicKeyPacket(true);
pkpEncryptionKey.Algorithm = AsymAlgorithms.ElGamal_Encrypt_Only;
pkpEncryptionKey.KeyMaterial = biEncryptionKey[0];
pkpEncryptionKey.TimeCreated = DateTime.Now;
pkpEncryptionKey.Version = PublicKeyPacketVersionNumbers.v4;
SecretKeyPacket skpEncryptionKey = new SecretKeyPacket(true);
skpEncryptionKey.SymmetricalAlgorithm = SymAlgorithms.AES256;
skpEncryptionKey.PublicKey = pkpEncryptionKey;
skpEncryptionKey.InitialVector = new byte[CipherHelper.CipherBlockSize(SymAlgorithms.AES256)];
rngRand.GetBytes(skpEncryptionKey.InitialVector);
skpEncryptionKey.EncryptKeyMaterial(biEncryptionKey[1], strPassphrase);
skpEncryptionKey.PublicKey = pkpEncryptionKey;
CertifiedUserID cuiUID = new CertifiedUserID();
UserIDPacket uipUID = new UserIDPacket();
uipUID.UserID = strName.Trim() + " <" + strEmail.Trim() + ">";
cuiUID.UserID = uipUID;
SignaturePacket spSelfSig = new SignaturePacket();
spSelfSig.Version = SignaturePacketVersionNumbers.v4;
spSelfSig.HashAlgorithm = HashAlgorithms.SHA1;
spSelfSig.KeyID = pkpSignatureKey.KeyID;
spSelfSig.TimeCreated = DateTime.Now;
SignatureSubPacket sspPrimaryUserID = new SignatureSubPacket();
sspPrimaryUserID.Type = SignatureSubPacketTypes.PrimaryUserID;
sspPrimaryUserID.PrimaryUserID = true;
spSelfSig.AddSubPacket(sspPrimaryUserID, true);
SignatureSubPacket sspPreferedSymAlgos = new SignatureSubPacket();
sspPreferedSymAlgos.Type = SignatureSubPacketTypes.PreferedSymmetricAlgorithms;
sspPreferedSymAlgos.PreferedSymAlgos = new SymAlgorithms[] { SymAlgorithms.AES256, SymAlgorithms.AES192, SymAlgorithms.AES256, SymAlgorithms.CAST5, SymAlgorithms.Triple_DES };
spSelfSig.AddSubPacket(sspPreferedSymAlgos, true);
SignatureSubPacket sspPreferedHashAlgos = new SignatureSubPacket();
sspPreferedHashAlgos.Type = SignatureSubPacketTypes.PreferedHashAlgorithms;
sspPreferedHashAlgos.PreferedHashAlgos = new HashAlgorithms[] { HashAlgorithms.SHA1 };
spSelfSig.AddSubPacket(sspPreferedHashAlgos, true);
if (lExpiration != 0)
{
SignatureSubPacket sspExpiration = new SignatureSubPacket();
sspExpiration.Type = SignatureSubPacketTypes.SignatureExpirationTime;
sspExpiration.SignatureExpirationTime = new DateTime(lExpiration);
spSelfSig.AddSubPacket(sspExpiration, true);
}
cuiUID.Certificates = new System.Collections.ArrayList();
cuiUID.Sign(spSelfSig, skpSignatureKey, strPassphrase, pkpSignatureKey);
CertifiedPublicSubkey cpsEncryptionKey = new CertifiedPublicSubkey();
cpsEncryptionKey.Subkey = pkpEncryptionKey;
cpsEncryptionKey.SignKeyBindingSignature(pkpSignatureKey, skpSignatureKey, strPassphrase, new DateTime(lExpiration), true);
TransportablePublicKey tpkPublicKey = new TransportablePublicKey();
tpkPublicKey.PrimaryKey = pkpSignatureKey;
tpkPublicKey.SubKeys.Add(cpsEncryptionKey);
tpkPublicKey.Certifications.Add(cuiUID);
TransportableSecretKey tskSecretKey = new TransportableSecretKey();
tskSecretKey.PrimaryKey = skpSignatureKey;
tskSecretKey.SubKeys.Add(skpEncryptionKey);
tskSecretKey.UserIDs.Add(uipUID);
this.pkrKeyRing.AddPublicKey(tpkPublicKey);
this.skrKeyRing.AddSecretKey(tskSecretKey);
pkrKeyRing.Save();
skrKeyRing.Save();
// it's an RSA key
}
else if (strKeyType == "RSA")
{
}
}
/// <summary>
/// Revokes a key certified userID
/// </summary>
/// <param name="KeyID">key containing the certified user id</param>
/// <param name="cuidTobeSigned">certified user id to be revoked</param>
/// <param name="skpKeySigner">revoker secret key</param>
/// <param name="strPassphrase">revoker passphrase</param>
/// <param name="exportable">exportable revocation</param>
public void RevokeKeyCertificate(ulong KeyID, CertifiedUserID cuidTobeSigned, TransportableSecretKey skpKeySigner, string strPassphrase, bool exportable)
{
TransportablePublicKey tspKey = this.PublicRing.Find(KeyID,false);
if(tspKey == null)
throw new Exception("Public Key not found");
bool found = false;
CertifiedUserID toBeVerified = null;
foreach(CertifiedUserID cui in tspKey.Certifications) {
if(cui==cuidTobeSigned) {
found=true;
toBeVerified = cui;
break;
}
}
if (!found)
throw new Exception("UserId not found among Key certificates");
found = false;
foreach(SignaturePacket sign in toBeVerified.Certificates) {
if(sign.KeyID == skpKeySigner.PrimaryKey.PublicKey.KeyID && sign.isRevocable())
found = true;
}
if (!found)
throw new Exception("UserId not certified by this private key or not revocable");
SignaturePacket spSig = new SignaturePacket();
spSig.Version = SignaturePacketVersionNumbers.v4;
spSig.HashAlgorithm = HashAlgorithms.SHA1;
spSig.KeyID = skpKeySigner.PrimaryKey.PublicKey.KeyID;
spSig.TimeCreated = DateTime.Now;
SignatureSubPacket sspExportableSignature = new SignatureSubPacket();
sspExportableSignature.Type = SignatureSubPacketTypes.ExportableSignature;
sspExportableSignature.ExportableSignature = exportable;
spSig.AddSubPacket(sspExportableSignature, false);
cuidTobeSigned.Revoke(spSig, skpKeySigner.PrimaryKey, strPassphrase, tspKey.PrimaryKey);
}
/// <summary>
/// Method handling encryption/signing
/// </summary>
/// <param name="strMessage">text to be encrypted</param>
/// <param name="tskKey">secret key needed for encyption purpose</param>
/// <param name="tpkKeys">public key needed for signing purpose</param>
/// <param name="bSign">sign text?</param>
/// <param name="strPassphrase">passphrase for the secret key</param>
/// <returns>the encrypted text</returns>
public string EncryptText(string strMessage, TransportableSecretKey tskKey, ArrayList tpkKeys, bool bSign, string strPassphrase)
{
if(this.pkrPublicKeyRing == null || this.skrSecretKeyRing == null) {
throw new Exception("<ERROR code=\"5\">");
}
if(bSign && tskKey == null) {
throw new Exception("Need a Private Key To Sign!");
}
LiteralMessage lmMessage = new LiteralMessage(DataFormatTypes.Text);
lmMessage.Text = strMessage;
lmMessage.TimeCreated = DateTime.Now;
lmMessage.Filename = "";
SharpPrivacy.SharpPrivacyLib.OpenPGP.Messages.Message mEncryptionMessage = lmMessage;
if (bSign) {
SignedMessage smMessage = new SignedMessage();
smMessage.MessageSigned = lmMessage;
SignaturePacket spPacket = new SignaturePacket();
spPacket.Version = SignaturePacketVersionNumbers.v3;
SecretKeyPacket skpKey = tskKey.FindKey(AsymActions.Sign);
spPacket.KeyID = skpKey.PublicKey.KeyID;
spPacket.HashAlgorithm = HashAlgorithms.SHA1;
spPacket.SignatureAlgorithm = skpKey.PublicKey.Algorithm;
spPacket.TimeCreated = DateTime.Now;
spPacket.SignatureType = SignatureTypes.TextSignature;
spPacket.Sign(lmMessage.Binary, skpKey, strPassphrase);
smMessage.Signature = spPacket;
mEncryptionMessage = smMessage;
}
CompressedMessage cmMessage = new CompressedMessage();
cmMessage.Compress(mEncryptionMessage);
SymAlgorithms saAlgo = GetSymAlgorithmPreferences(tpkKeys);
SymmetricallyEncryptedDataPacket sedpEncrypted = new SymmetricallyEncryptedDataPacket();
SymmetricAlgorithm saEncrypt = CipherHelper.CreateSymAlgorithm(saAlgo);
saEncrypt.Mode = CipherMode.OpenPGP_CFB;
saEncrypt.GenerateKey();
byte[] bKey = saEncrypt.Key;
ESKSequence esksKeys = new ESKSequence();
try {
esksKeys = CreateESKSequence(tpkKeys, AsymActions.Encrypt, saAlgo, bKey);
} catch (Exception e) {
throw new Exception("The following error occured: " + e.Message);
}
ICryptoTransform ictEncryptor = saEncrypt.CreateEncryptor();
byte[] bMessage = cmMessage.GetEncoded();
byte[] bOutput = new byte[bMessage.Length];
ictEncryptor.TransformBlock(bMessage, 0, bMessage.Length, ref bOutput, 0);
bKey.Initialize();
int iOutLength = (saEncrypt.BlockSize >> 3) + 2 + bMessage.Length;
sedpEncrypted.Body = new byte[iOutLength];
Array.Copy(bOutput, 0, sedpEncrypted.Body, 0, iOutLength);
byte[] bESK = esksKeys.GetEncoded();
byte[] bEncrypted = sedpEncrypted.Generate();
byte[] bReturn = new byte[bESK.Length + bEncrypted.Length];
bESK.CopyTo(bReturn, 0);
bEncrypted.CopyTo(bReturn, bESK.Length);
string strReturn = Radix64.Encode(bReturn, true);
strReturn = Armor.WrapMessage(strReturn);
return strReturn;
}
/// <summary>
/// Private method to add a key doing checks
/// </summary>
/// <param name="tspk">key to be added</param>
public void AddSecretKey(TransportableSecretKey tspk)
{
if(tspk != null) {
if(this.Find(tspk.PrimaryKey.PublicKey.KeyID) == null) {
this.Add(tspk);
}
}
}
/// <summary>
/// Removes the specified key from the ring
/// </summary>
/// <param name="tskKey">the key to remove</param>
public void Delete(TransportableSecretKey tskKey)
{
bIsUpdated = true;
SecretKeys.Remove(tskKey);
}
/// <summary>
/// Generate a key pair
/// </summary>
/// <param name="iKeySize">Encription key size</param>
/// <param name="strPassphrase">passhrase for the key pair</param>
/// <param name="userID">primary user id</param>
/// <param name="email">user email</param>
/// <param name="notation">xml encoded user info</param>
/// <param name="expirationTime">expiration date of the primary key (new DateTime(0) == never)</param>
/// <param name="keyType">1: RSA/DSA 0:Elgamal/DSA(DEFAULT)</param>
/// <param name="isRevocableKey">revocable?</param>
/// <param name="isRevocableSubkey">revocable subkey?</param>
public void GenerateKey(int iKeySize, string strPassphrase, string userID, string email, string notation, DateTime expirationTime, int keyType, bool isRevocableKey, bool isRevocableSubkey)
{
if(iKeySize % 1024 != 0)
throw new Exception("Keysize must be a 1024 multiple");
System.Security.Cryptography.RandomNumberGenerator rngRand;
// let's first create the encryption key
BigInteger[][] biEncryptionKey;
if (keyType == 1) {
// it's a RSA/DSA key
biEncryptionKey = GenerateRSAEncryptionKey(iKeySize);
} else {
// it's an elgamal/DSA key DEFAULF
biEncryptionKey = GenerateElGamalEncryptionKey(iKeySize);
}
// now the signature key
BigInteger[][] biSignatureKey = GenerateDSASignatureKey();
PublicKeyPacket pkpSignatureKey = new PublicKeyPacket(false);
pkpSignatureKey.Algorithm = AsymAlgorithms.DSA;
pkpSignatureKey.KeyMaterial = biSignatureKey[0];
pkpSignatureKey.TimeCreated = DateTime.Now;
pkpSignatureKey.Version = PublicKeyPacketVersionNumbers.v4;
SecretKeyPacket skpSignatureKey = new SecretKeyPacket(false);
skpSignatureKey.SymmetricalAlgorithm = SymAlgorithms.AES256;
skpSignatureKey.PublicKey = pkpSignatureKey;
skpSignatureKey.InitialVector = new byte[CipherHelper.CipherBlockSize(SymAlgorithms.AES256)];
rngRand = System.Security.Cryptography.RandomNumberGenerator.Create();
rngRand.GetBytes(skpSignatureKey.InitialVector);
skpSignatureKey.EncryptKeyMaterial(biSignatureKey[1], strPassphrase);
skpSignatureKey.PublicKey = pkpSignatureKey;
PublicKeyPacket pkpEncryptionKey = new PublicKeyPacket(true);
if (keyType == 0) {
// it's an elgamal/DSA key
pkpEncryptionKey.Algorithm = AsymAlgorithms.ElGamal_Encrypt_Only;
} else if (keyType == 1) {
// it's a RSA/DSA key
pkpEncryptionKey.Algorithm = AsymAlgorithms.RSA_Encrypt_Only;
}
pkpEncryptionKey.KeyMaterial = biEncryptionKey[0];
pkpEncryptionKey.TimeCreated = DateTime.Now;
pkpEncryptionKey.Version = PublicKeyPacketVersionNumbers.v4;
SecretKeyPacket skpEncryptionKey = new SecretKeyPacket(true);
skpEncryptionKey.SymmetricalAlgorithm = SymAlgorithms.AES256;
skpEncryptionKey.PublicKey = pkpEncryptionKey;
skpEncryptionKey.InitialVector = new byte[CipherHelper.CipherBlockSize(SymAlgorithms.AES256)];
rngRand = System.Security.Cryptography.RandomNumberGenerator.Create();
rngRand.GetBytes(skpEncryptionKey.InitialVector);
skpEncryptionKey.EncryptKeyMaterial(biEncryptionKey[1], strPassphrase);
skpEncryptionKey.PublicKey = pkpEncryptionKey;
CertifiedUserID cuiUID = new CertifiedUserID();
UserIDPacket uipUID = new UserIDPacket();
uipUID.UserID = userID.Trim() + " <" + email.Trim() + ">";
cuiUID.UserID = uipUID;
SignaturePacket spSelfSig = new SignaturePacket();
if (notation != null) {
SignatureSubPacket sspNotation = new SignatureSubPacket();
sspNotation.Type = SignatureSubPacketTypes.NotationData;
sspNotation.NotationName = "PersonalData";
sspNotation.NotationValue = notation;
spSelfSig.AddSubPacket(sspNotation,false);
}
if (expirationTime.Ticks != 0) {
SignatureSubPacket sspExpiration = new SignatureSubPacket();
sspExpiration.Type = SignatureSubPacketTypes.KeyExpirationTime;
sspExpiration.KeyExpirationTime = new DateTime(expirationTime.Ticks + (new DateTime(1970,1,2)).Ticks - pkpEncryptionKey.TimeCreated.Ticks);
spSelfSig.AddSubPacket(sspExpiration, true);
}
if (!isRevocableKey) {
SignatureSubPacket sspRevocable = new SignatureSubPacket();
sspRevocable.Type = SignatureSubPacketTypes.Revocable;
sspRevocable.Revocable = isRevocableKey;
spSelfSig.AddSubPacket(sspRevocable, true);
}
SignatureSubPacket sspPrimaryUID = new SignatureSubPacket();
sspPrimaryUID.Type = SignatureSubPacketTypes.PrimaryUserID;
sspPrimaryUID.Revocable = true;
spSelfSig.AddSubPacket(sspPrimaryUID, true);
spSelfSig.Version = SignaturePacketVersionNumbers.v4;
spSelfSig.HashAlgorithm = HashAlgorithms.SHA1;
spSelfSig.KeyID = pkpSignatureKey.KeyID;
spSelfSig.TimeCreated = DateTime.Now;
SignatureSubPacket sspPrimaryUserID = new SignatureSubPacket();
sspPrimaryUserID.Type = SignatureSubPacketTypes.PrimaryUserID;
sspPrimaryUserID.PrimaryUserID = true;
spSelfSig.AddSubPacket(sspPrimaryUserID, true);
SignatureSubPacket sspPreferedSymAlgos = new SignatureSubPacket();
sspPreferedSymAlgos.Type = SignatureSubPacketTypes.PreferedSymmetricAlgorithms;
sspPreferedSymAlgos.PreferedSymAlgos = new SymAlgorithms[] {SymAlgorithms.AES256, SymAlgorithms.AES192, SymAlgorithms.AES256, SymAlgorithms.CAST5, SymAlgorithms.Triple_DES};
spSelfSig.AddSubPacket(sspPreferedSymAlgos, true);
SignatureSubPacket sspPreferedHashAlgos = new SignatureSubPacket();
sspPreferedHashAlgos.Type = SignatureSubPacketTypes.PreferedHashAlgorithms;
sspPreferedHashAlgos.PreferedHashAlgos = new HashAlgorithms[] {HashAlgorithms.SHA1};
spSelfSig.AddSubPacket(sspPreferedHashAlgos, true);
cuiUID.Certificates = new System.Collections.ArrayList();
cuiUID.Sign(spSelfSig, skpSignatureKey, strPassphrase, pkpSignatureKey);
CertifiedPublicSubkey cpsEncryptionKey = new CertifiedPublicSubkey();
cpsEncryptionKey.Subkey = pkpEncryptionKey;
cpsEncryptionKey.SignKeyBindingSignature(pkpSignatureKey, skpSignatureKey, strPassphrase, expirationTime, isRevocableSubkey);
TransportablePublicKey tpkPublicKey = new TransportablePublicKey();
tpkPublicKey.PrimaryKey = pkpSignatureKey;
tpkPublicKey.SubKeys.Add(cpsEncryptionKey);
tpkPublicKey.Certifications.Add(cuiUID);
this.PublicRing.AddPublicKey(tpkPublicKey);
TransportableSecretKey tskSecretKey = new TransportableSecretKey();
tskSecretKey.PrimaryKey = skpSignatureKey;
tskSecretKey.SubKeys.Add(skpEncryptionKey);
tskSecretKey.UserIDs.Add(uipUID);
this.SecretRing.AddSecretKey(tskSecretKey);
}
/// <summary>
/// Revoke a key
/// </summary>
/// <param name="KeyID">key to be revoked</param>
/// <param name="skpKeySigner">revoker secret key</param>
/// <param name="strPassphrase">revoker passphrase</param>
/// <param name="exportable">exportable revocation</param>
public void RevokeKey(ulong KeyID, TransportableSecretKey skpKeySigner, string strPassphrase, bool exportable)
{
TransportablePublicKey tspKey = this.PublicRing.Find(KeyID,false);
if (tspKey == null)
throw new Exception("Public Key not found");
if (this.PublicRing.isRevoked(KeyID))
throw new Exception("Public Key alreadyRevoked");
if (tspKey.PrimaryKey.KeyID != KeyID)
throw new Exception("This is not a Primary key... use Revoke Subkey method instead");
foreach (SignaturePacket sign in tspKey.PrimaryUserIDCert.Certificates) {
if (!sign.isRevocable())
return;
}
bool isRevokerKey = false;
if (KeyID == skpKeySigner.PrimaryKey.PublicKey.KeyID) {
isRevokerKey = true;
} else {
foreach (SignaturePacket spPacket in tspKey.RevocationKeys) {
foreach (BigInteger revoker in spPacket.FindRevokerKeys()) {
if (revoker.ToString() == skpKeySigner.PrimaryKey.PublicKey.Fingerprint.ToString()) {
isRevokerKey = true;
}
}
}
}
if (!isRevokerKey)
throw new Exception("You cannot revoke this key");
SignaturePacket spSig = new SignaturePacket();
spSig.Version = SignaturePacketVersionNumbers.v4;
spSig.HashAlgorithm = HashAlgorithms.SHA1;
spSig.KeyID = skpKeySigner.PrimaryKey.PublicKey.KeyID;
spSig.TimeCreated = DateTime.Now;
SignatureSubPacket sspExportableSignature = new SignatureSubPacket();
sspExportableSignature.Type = SignatureSubPacketTypes.ExportableSignature;
sspExportableSignature.ExportableSignature = exportable;
spSig.AddSubPacket(sspExportableSignature, false);
PublicKeyPacket pkpKey = tspKey.PrimaryKey;
byte[] key = new byte[tspKey.PrimaryKey.Length];
tspKey.PrimaryKey.Header.CopyTo(key,0);
tspKey.PrimaryKey.Body.CopyTo(key,tspKey.PrimaryKey.Header.Length);
spSig.SignatureType = SignatureTypes.KeyRevocationSignature;
spSig.Sign(key, skpKeySigner.PrimaryKey, strPassphrase);
tspKey.RevocationSignatures.Add(spSig);
}
/// <summary>
/// Decrypts the current encrypted message using the secret keys
/// in skrKeyRing and the given passphrase.
/// </summary>
/// <param name="skrKeyRing">The secret keyring containing all the
/// secret keys know to the sytem.</param>
/// <param name="strPassphrase">The passphrase that was used to
/// encrypt the secret key material in the key that decrypts
/// the message.</param>
/// <returns>Returns the message that was encrypted. Usually this is
/// an compressed or literal message.</returns>
/// <remarks>No remarks</remarks>
public Message Decrypt(SecretKeyRing skrKeyRing, string strPassphrase)
{
TransportableSecretKey tskSecretKey = new TransportableSecretKey();
AsymSessionKeyPacket askpSessionKey = new AsymSessionKeyPacket();
bool bFound = false;
// let's see, if we can find a fitting Sessionkey packet
IEnumerator ieSessionkeys = esKeys.AsymKeys.GetEnumerator();
while (ieSessionkeys.MoveNext()) {
if (!(ieSessionkeys.Current is AsymSessionKeyPacket))
throw new Exception("Strange Error!");
AsymSessionKeyPacket askpKey = (AsymSessionKeyPacket)ieSessionkeys.Current;
ulong lKeyID = askpKey.KeyID;
TransportableSecretKey tskKey = skrKeyRing.Find(lKeyID);
if (tskKey != null) {
bFound = true;
tskSecretKey = tskKey;
askpSessionKey = askpKey;
}
}
if (!bFound)
throw new Exception("No fitting secret key was found to decrypt the message!");
askpSessionKey.DecryptSessionKey(tskSecretKey, strPassphrase);
byte[] bKey = askpSessionKey.SessionKey;
Packet[] pContent = new Packet[0];
try {
SymmetricAlgorithm saAlgo = CipherHelper.CreateSymAlgorithm(askpSessionKey.SymmetricAlgorithm);
pContent = sepData.Decrypt(bKey, saAlgo);
} catch (Exception e) {
throw new System.Exception("Decryption of the Message failed: " + e.Message);
}
// now we need to look what kind of message was hidden in the
// encrypted data
// it can be either a literal message
LiteralMessage lmLiteral = new LiteralMessage();
try {
int iPos = lmLiteral.ParseMessage(pContent);
return lmLiteral;
} catch (Exception) {}
// or an compressed Message
CompressedMessage cmCompressed = new CompressedMessage();
try {
int iPos = cmCompressed.ParseMessage(pContent);
return cmCompressed;
} catch (Exception) {}
throw new System.ArgumentException("Encrypted package content is not a valid message!");
}
