/// <summary> /// Is key allowed for signing? /// </summary> /// <remarks> /// Checks both key algorithm and also key flags. /// </remarks> /// <param name="key"></param> /// <param name="strict"></param> /// <returns></returns> public bool IsSigningKey(PgpPublicKey key) { foreach (PgpSignature sig in key.GetSignatures()) { var hashedSubPackets = sig.GetHashedSubPackets(); if (hashedSubPackets == null) continue; if (!hashedSubPackets.HasSubpacket(SignatureSubpacketTag.KeyFlags)) continue; var keyFlags = hashedSubPackets.GetKeyFlags(); if ((keyFlags & KeyFlags.SignData) > 0) return true; return false; } // Only use alg if keyflags is missing if (IsSigningAlg(key)) return true; return false; }
/// <summary> /// Is key allowed for encryption? /// </summary> /// <remarks> /// Checks both key algorithm and also key flags. /// </remarks> /// <param name="key"></param> /// <returns></returns> public bool IsEncryptionKey(PgpPublicKey key) { // First check key use flags foreach (PgpSignature sig in key.GetSignatures()) { var hashedSubPackets = sig.GetHashedSubPackets(); if (hashedSubPackets == null) continue; if (!hashedSubPackets.HasSubpacket(SignatureSubpacketTag.KeyFlags)) continue; var keyFlags = hashedSubPackets.GetKeyFlags(); if ((keyFlags & KeyFlags.EncryptComms) > 0) return true; if ((keyFlags & KeyFlags.EncryptStorage) > 0) return true; return false; } // NOTE: Some keys do not have flags set. Instead use // the alg type. But only those specific to encryption. if (IsEncryptionAlg(key)) return true; return false; }
/// <summary> /// Is key allowed for signing? /// </summary> /// <remarks> /// Checks both key algorithm and also key flags. /// </remarks> /// <param name="key"></param> /// <returns></returns> public bool IsSigningKey(PgpPublicKey key) { foreach (PgpSignature sig in key.GetSignatures()) { var hashedSubPackets = sig.GetHashedSubPackets(); if (hashedSubPackets == null) continue; var keyFlags = hashedSubPackets.GetKeyFlags(); if ((keyFlags & KeyFlags.SignData) > 0) return true; } if (IsSigningAlg(key)) return true; return false; }