diff --git a/crypto/src/openpgp/PgpSecretKey.cs b/crypto/src/openpgp/PgpSecretKey.cs
index 9d87f49c8..94c892a87 100644
--- a/crypto/src/openpgp/PgpSecretKey.cs
+++ b/crypto/src/openpgp/PgpSecretKey.cs
@@ -8,109 +8,109 @@ using Org.BouncyCastle.Security;
namespace Org.BouncyCastle.Bcpg.OpenPgp
{
- /// <remarks>General class to handle a PGP secret key object.</remarks>
+ /// <remarks>General class to handle a PGP secret key object.</remarks>
public class PgpSecretKey
{
private readonly SecretKeyPacket secret;
private readonly PgpPublicKey pub;
- internal PgpSecretKey(
- SecretKeyPacket secret,
- PgpPublicKey pub)
- {
- this.secret = secret;
- this.pub = pub;
- }
-
- internal PgpSecretKey(
- PgpPrivateKey privKey,
- PgpPublicKey pubKey,
- SymmetricKeyAlgorithmTag encAlgorithm,
- char[] passPhrase,
- bool useSha1,
- SecureRandom rand)
- : this(privKey, pubKey, encAlgorithm, passPhrase, useSha1, rand, false)
- {
- }
-
- internal PgpSecretKey(
- PgpPrivateKey privKey,
- PgpPublicKey pubKey,
- SymmetricKeyAlgorithmTag encAlgorithm,
+ internal PgpSecretKey(
+ SecretKeyPacket secret,
+ PgpPublicKey pub)
+ {
+ this.secret = secret;
+ this.pub = pub;
+ }
+
+ internal PgpSecretKey(
+ PgpPrivateKey privKey,
+ PgpPublicKey pubKey,
+ SymmetricKeyAlgorithmTag encAlgorithm,
+ char[] passPhrase,
+ bool useSha1,
+ SecureRandom rand)
+ : this(privKey, pubKey, encAlgorithm, passPhrase, useSha1, rand, false)
+ {
+ }
+
+ internal PgpSecretKey(
+ PgpPrivateKey privKey,
+ PgpPublicKey pubKey,
+ SymmetricKeyAlgorithmTag encAlgorithm,
char[] passPhrase,
- bool useSha1,
- SecureRandom rand,
- bool isMasterKey)
+ bool useSha1,
+ SecureRandom rand,
+ bool isMasterKey)
{
- BcpgObject secKey;
+ BcpgObject secKey;
- this.pub = pubKey;
+ this.pub = pubKey;
- switch (pubKey.Algorithm)
+ switch (pubKey.Algorithm)
{
- case PublicKeyAlgorithmTag.RsaEncrypt:
- case PublicKeyAlgorithmTag.RsaSign:
- case PublicKeyAlgorithmTag.RsaGeneral:
- RsaPrivateCrtKeyParameters rsK = (RsaPrivateCrtKeyParameters) privKey.Key;
- secKey = new RsaSecretBcpgKey(rsK.Exponent, rsK.P, rsK.Q);
- break;
- case PublicKeyAlgorithmTag.Dsa:
- DsaPrivateKeyParameters dsK = (DsaPrivateKeyParameters) privKey.Key;
- secKey = new DsaSecretBcpgKey(dsK.X);
- break;
- case PublicKeyAlgorithmTag.ElGamalEncrypt:
- case PublicKeyAlgorithmTag.ElGamalGeneral:
- ElGamalPrivateKeyParameters esK = (ElGamalPrivateKeyParameters) privKey.Key;
- secKey = new ElGamalSecretBcpgKey(esK.X);
- break;
- default:
- throw new PgpException("unknown key class");
+ case PublicKeyAlgorithmTag.RsaEncrypt:
+ case PublicKeyAlgorithmTag.RsaSign:
+ case PublicKeyAlgorithmTag.RsaGeneral:
+ RsaPrivateCrtKeyParameters rsK = (RsaPrivateCrtKeyParameters) privKey.Key;
+ secKey = new RsaSecretBcpgKey(rsK.Exponent, rsK.P, rsK.Q);
+ break;
+ case PublicKeyAlgorithmTag.Dsa:
+ DsaPrivateKeyParameters dsK = (DsaPrivateKeyParameters) privKey.Key;
+ secKey = new DsaSecretBcpgKey(dsK.X);
+ break;
+ case PublicKeyAlgorithmTag.ElGamalEncrypt:
+ case PublicKeyAlgorithmTag.ElGamalGeneral:
+ ElGamalPrivateKeyParameters esK = (ElGamalPrivateKeyParameters) privKey.Key;
+ secKey = new ElGamalSecretBcpgKey(esK.X);
+ break;
+ default:
+ throw new PgpException("unknown key class");
}
- try
+ try
{
MemoryStream bOut = new MemoryStream();
BcpgOutputStream pOut = new BcpgOutputStream(bOut);
- pOut.WriteObject(secKey);
+ pOut.WriteObject(secKey);
- byte[] keyData = bOut.ToArray();
- byte[] checksumBytes = Checksum(useSha1, keyData, keyData.Length);
+ byte[] keyData = bOut.ToArray();
+ byte[] checksumBytes = Checksum(useSha1, keyData, keyData.Length);
- pOut.Write(checksumBytes);
+ pOut.Write(checksumBytes);
- byte[] bOutData = bOut.ToArray();
+ byte[] bOutData = bOut.ToArray();
- if (encAlgorithm == SymmetricKeyAlgorithmTag.Null)
- {
- if (isMasterKey)
- {
- this.secret = new SecretKeyPacket(pub.publicPk, encAlgorithm, null, null, bOutData);
- }
- else
- {
- this.secret = new SecretSubkeyPacket(pub.publicPk, encAlgorithm, null, null, bOutData);
- }
- }
- else
+ if (encAlgorithm == SymmetricKeyAlgorithmTag.Null)
+ {
+ if (isMasterKey)
+ {
+ this.secret = new SecretKeyPacket(pub.publicPk, encAlgorithm, null, null, bOutData);
+ }
+ else
+ {
+ this.secret = new SecretSubkeyPacket(pub.publicPk, encAlgorithm, null, null, bOutData);
+ }
+ }
+ else
{
- S2k s2k;
- byte[] iv;
- byte[] encData = EncryptKeyData(bOutData, encAlgorithm, passPhrase, rand, out s2k, out iv);
-
- int s2kUsage = useSha1
- ? SecretKeyPacket.UsageSha1
- : SecretKeyPacket.UsageChecksum;
-
- if (isMasterKey)
- {
- this.secret = new SecretKeyPacket(pub.publicPk, encAlgorithm, s2kUsage, s2k, iv, encData);
- }
- else
- {
- this.secret = new SecretSubkeyPacket(pub.publicPk, encAlgorithm, s2kUsage, s2k, iv, encData);
- }
- }
+ S2k s2k;
+ byte[] iv;
+ byte[] encData = EncryptKeyData(bOutData, encAlgorithm, passPhrase, rand, out s2k, out iv);
+
+ int s2kUsage = useSha1
+ ? SecretKeyPacket.UsageSha1
+ : SecretKeyPacket.UsageChecksum;
+
+ if (isMasterKey)
+ {
+ this.secret = new SecretKeyPacket(pub.publicPk, encAlgorithm, s2kUsage, s2k, iv, encData);
+ }
+ else
+ {
+ this.secret = new SecretSubkeyPacket(pub.publicPk, encAlgorithm, s2kUsage, s2k, iv, encData);
+ }
+ }
}
catch (PgpException e)
{
@@ -122,7 +122,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp
}
}
- public PgpSecretKey(
+ public PgpSecretKey(
int certificationLevel,
PgpKeyPair keyPair,
string id,
@@ -131,61 +131,61 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp
PgpSignatureSubpacketVector hashedPackets,
PgpSignatureSubpacketVector unhashedPackets,
SecureRandom rand)
- : this(certificationLevel, keyPair, id, encAlgorithm, passPhrase, false, hashedPackets, unhashedPackets, rand)
- {
- }
-
- public PgpSecretKey(
- int certificationLevel,
- PgpKeyPair keyPair,
- string id,
- SymmetricKeyAlgorithmTag encAlgorithm,
- char[] passPhrase,
- bool useSha1,
- PgpSignatureSubpacketVector hashedPackets,
- PgpSignatureSubpacketVector unhashedPackets,
- SecureRandom rand)
- : this(keyPair.PrivateKey, certifiedPublicKey(certificationLevel, keyPair, id, hashedPackets, unhashedPackets), encAlgorithm, passPhrase, useSha1, rand, true)
- {
- }
-
- private static PgpPublicKey certifiedPublicKey(
- int certificationLevel,
- PgpKeyPair keyPair,
- string id,
- PgpSignatureSubpacketVector hashedPackets,
- PgpSignatureSubpacketVector unhashedPackets)
- {
- PgpSignatureGenerator sGen;
- try
- {
- sGen = new PgpSignatureGenerator(keyPair.PublicKey.Algorithm, HashAlgorithmTag.Sha1);
- }
- catch (Exception e)
- {
- throw new PgpException("Creating signature generator: " + e.Message, e);
- }
-
- //
- // Generate the certification
- //
- sGen.InitSign(certificationLevel, keyPair.PrivateKey);
-
- sGen.SetHashedSubpackets(hashedPackets);
- sGen.SetUnhashedSubpackets(unhashedPackets);
-
- try
+ : this(certificationLevel, keyPair, id, encAlgorithm, passPhrase, false, hashedPackets, unhashedPackets, rand)
+ {
+ }
+
+ public PgpSecretKey(
+ int certificationLevel,
+ PgpKeyPair keyPair,
+ string id,
+ SymmetricKeyAlgorithmTag encAlgorithm,
+ char[] passPhrase,
+ bool useSha1,
+ PgpSignatureSubpacketVector hashedPackets,
+ PgpSignatureSubpacketVector unhashedPackets,
+ SecureRandom rand)
+ : this(keyPair.PrivateKey, certifiedPublicKey(certificationLevel, keyPair, id, hashedPackets, unhashedPackets), encAlgorithm, passPhrase, useSha1, rand, true)
+ {
+ }
+
+ private static PgpPublicKey certifiedPublicKey(
+ int certificationLevel,
+ PgpKeyPair keyPair,
+ string id,
+ PgpSignatureSubpacketVector hashedPackets,
+ PgpSignatureSubpacketVector unhashedPackets)
+ {
+ PgpSignatureGenerator sGen;
+ try
{
- PgpSignature certification = sGen.GenerateCertification(id, keyPair.PublicKey);
+ sGen = new PgpSignatureGenerator(keyPair.PublicKey.Algorithm, HashAlgorithmTag.Sha1);
+ }
+ catch (Exception e)
+ {
+ throw new PgpException("Creating signature generator: " + e.Message, e);
+ }
+
+ //
+ // Generate the certification
+ //
+ sGen.InitSign(certificationLevel, keyPair.PrivateKey);
+
+ sGen.SetHashedSubpackets(hashedPackets);
+ sGen.SetUnhashedSubpackets(unhashedPackets);
+
+ try
+ {
+ PgpSignature certification = sGen.GenerateCertification(id, keyPair.PublicKey);
return PgpPublicKey.AddCertification(keyPair.PublicKey, id, certification);
}
catch (Exception e)
{
- throw new PgpException("Exception doing certification: " + e.Message, e);
- }
+ throw new PgpException("Exception doing certification: " + e.Message, e);
+ }
}
- public PgpSecretKey(
+ public PgpSecretKey(
int certificationLevel,
PublicKeyAlgorithmTag algorithm,
AsymmetricKeyParameter pubKey,
@@ -203,181 +203,181 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp
{
}
- public PgpSecretKey(
- int certificationLevel,
- PublicKeyAlgorithmTag algorithm,
- AsymmetricKeyParameter pubKey,
- AsymmetricKeyParameter privKey,
- DateTime time,
- string id,
- SymmetricKeyAlgorithmTag encAlgorithm,
- char[] passPhrase,
- bool useSha1,
- PgpSignatureSubpacketVector hashedPackets,
- PgpSignatureSubpacketVector unhashedPackets,
- SecureRandom rand)
- : this(certificationLevel, new PgpKeyPair(algorithm, pubKey, privKey, time), id, encAlgorithm, passPhrase, useSha1, hashedPackets, unhashedPackets, rand)
- {
- }
-
- /// <summary>
- /// Check if this key has an algorithm type that makes it suitable to use for signing.
- /// </summary>
- /// <remarks>
- /// Note: with version 4 keys KeyFlags subpackets should also be considered when present for
- /// determining the preferred use of the key.
- /// </remarks>
- /// <returns>
- /// <c>true</c> if this key algorithm is suitable for use with signing.
- /// </returns>
- public bool IsSigningKey
+ public PgpSecretKey(
+ int certificationLevel,
+ PublicKeyAlgorithmTag algorithm,
+ AsymmetricKeyParameter pubKey,
+ AsymmetricKeyParameter privKey,
+ DateTime time,
+ string id,
+ SymmetricKeyAlgorithmTag encAlgorithm,
+ char[] passPhrase,
+ bool useSha1,
+ PgpSignatureSubpacketVector hashedPackets,
+ PgpSignatureSubpacketVector unhashedPackets,
+ SecureRandom rand)
+ : this(certificationLevel, new PgpKeyPair(algorithm, pubKey, privKey, time), id, encAlgorithm, passPhrase, useSha1, hashedPackets, unhashedPackets, rand)
+ {
+ }
+
+ /// <summary>
+ /// Check if this key has an algorithm type that makes it suitable to use for signing.
+ /// </summary>
+ /// <remarks>
+ /// Note: with version 4 keys KeyFlags subpackets should also be considered when present for
+ /// determining the preferred use of the key.
+ /// </remarks>
+ /// <returns>
+ /// <c>true</c> if this key algorithm is suitable for use with signing.
+ /// </returns>
+ public bool IsSigningKey
{
- get
- {
- switch (pub.Algorithm)
- {
- case PublicKeyAlgorithmTag.RsaGeneral:
- case PublicKeyAlgorithmTag.RsaSign:
- case PublicKeyAlgorithmTag.Dsa:
- case PublicKeyAlgorithmTag.ECDsa:
- case PublicKeyAlgorithmTag.ElGamalGeneral:
- return true;
- default:
- return false;
- }
- }
+ get
+ {
+ switch (pub.Algorithm)
+ {
+ case PublicKeyAlgorithmTag.RsaGeneral:
+ case PublicKeyAlgorithmTag.RsaSign:
+ case PublicKeyAlgorithmTag.Dsa:
+ case PublicKeyAlgorithmTag.ECDsa:
+ case PublicKeyAlgorithmTag.ElGamalGeneral:
+ return true;
+ default:
+ return false;
+ }
+ }
}
- /// <summary>True, if this is a master key.</summary>
+ /// <summary>True, if this is a master key.</summary>
public bool IsMasterKey
- {
- get { return pub.IsMasterKey; }
+ {
+ get { return pub.IsMasterKey; }
}
- /// <summary>The algorithm the key is encrypted with.</summary>
+ /// <summary>The algorithm the key is encrypted with.</summary>
public SymmetricKeyAlgorithmTag KeyEncryptionAlgorithm
{
- get { return secret.EncAlgorithm; }
+ get { return secret.EncAlgorithm; }
}
- /// <summary>The key ID of the public key associated with this key.</summary>
+ /// <summary>The key ID of the public key associated with this key.</summary>
public long KeyId
{
get { return pub.KeyId; }
}
- /// <summary>The public key associated with this key.</summary>
+ /// <summary>The public key associated with this key.</summary>
public PgpPublicKey PublicKey
{
- get { return pub; }
+ get { return pub; }
}
- /// <summary>Allows enumeration of any user IDs associated with the key.</summary>
- /// <returns>An <c>IEnumerable</c> of <c>string</c> objects.</returns>
+ /// <summary>Allows enumeration of any user IDs associated with the key.</summary>
+ /// <returns>An <c>IEnumerable</c> of <c>string</c> objects.</returns>
public IEnumerable UserIds
{
- get { return pub.GetUserIds(); }
+ get { return pub.GetUserIds(); }
}
- /// <summary>Allows enumeration of any user attribute vectors associated with the key.</summary>
- /// <returns>An <c>IEnumerable</c> of <c>string</c> objects.</returns>
+ /// <summary>Allows enumeration of any user attribute vectors associated with the key.</summary>
+ /// <returns>An <c>IEnumerable</c> of <c>string</c> objects.</returns>
public IEnumerable UserAttributes
{
- get { return pub.GetUserAttributes(); }
+ get { return pub.GetUserAttributes(); }
}
- private byte[] ExtractKeyData(
+ private byte[] ExtractKeyData(
char[] passPhrase)
{
SymmetricKeyAlgorithmTag alg = secret.EncAlgorithm;
- byte[] encData = secret.GetSecretKeyData();
-
- if (alg == SymmetricKeyAlgorithmTag.Null)
- return encData;
-
- byte[] data;
- IBufferedCipher c = null;
- try
- {
- string cName = PgpUtilities.GetSymmetricCipherName(alg);
- c = CipherUtilities.GetCipher(cName + "/CFB/NoPadding");
- }
- catch (Exception e)
- {
- throw new PgpException("Exception creating cipher", e);
- }
-
- // TODO Factor this block out as 'encryptData'
- try
+ byte[] encData = secret.GetSecretKeyData();
+
+ if (alg == SymmetricKeyAlgorithmTag.Null)
+ return encData;
+
+ byte[] data;
+ IBufferedCipher c = null;
+ try
{
- KeyParameter key = PgpUtilities.MakeKeyFromPassPhrase(secret.EncAlgorithm, secret.S2k, passPhrase);
- byte[] iv = secret.GetIV();
+ string cName = PgpUtilities.GetSymmetricCipherName(alg);
+ c = CipherUtilities.GetCipher(cName + "/CFB/NoPadding");
+ }
+ catch (Exception e)
+ {
+ throw new PgpException("Exception creating cipher", e);
+ }
- if (secret.PublicKeyPacket.Version == 4)
+ // TODO Factor this block out as 'encryptData'
+ try
+ {
+ KeyParameter key = PgpUtilities.MakeKeyFromPassPhrase(secret.EncAlgorithm, secret.S2k, passPhrase);
+ byte[] iv = secret.GetIV();
+
+ if (secret.PublicKeyPacket.Version == 4)
{
- c.Init(false, new ParametersWithIV(key, iv));
+ c.Init(false, new ParametersWithIV(key, iv));
- data = c.DoFinal(encData);
+ data = c.DoFinal(encData);
- bool useSha1 = secret.S2kUsage == SecretKeyPacket.UsageSha1;
- byte[] check = Checksum(useSha1, data, (useSha1) ? data.Length - 20 : data.Length - 2);
+ bool useSha1 = secret.S2kUsage == SecretKeyPacket.UsageSha1;
+ byte[] check = Checksum(useSha1, data, (useSha1) ? data.Length - 20 : data.Length - 2);
- for (int i = 0; i != check.Length; i++)
- {
- if (check[i] != data[data.Length - check.Length + i])
- {
- throw new PgpException("Checksum mismatch at " + i + " of " + check.Length);
- }
- }
- }
+ for (int i = 0; i != check.Length; i++)
+ {
+ if (check[i] != data[data.Length - check.Length + i])
+ {
+ throw new PgpException("Checksum mismatch at " + i + " of " + check.Length);
+ }
+ }
+ }
else // version 2 or 3, RSA only.
{
- data = new byte[encData.Length];
+ data = new byte[encData.Length];
- //
+ //
// read in the four numbers
//
int pos = 0;
- for (int i = 0; i != 4; i++)
+ for (int i = 0; i != 4; i++)
{
c.Init(false, new ParametersWithIV(key, iv));
- int encLen = (((encData[pos] << 8) | (encData[pos + 1] & 0xff)) + 7) / 8;
+ int encLen = (((encData[pos] << 8) | (encData[pos + 1] & 0xff)) + 7) / 8;
- data[pos] = encData[pos];
- data[pos + 1] = encData[pos + 1];
- pos += 2;
+ data[pos] = encData[pos];
+ data[pos + 1] = encData[pos + 1];
+ pos += 2;
- c.DoFinal(encData, pos, encLen, data, pos);
- pos += encLen;
+ c.DoFinal(encData, pos, encLen, data, pos);
+ pos += encLen;
- if (i != 3)
+ if (i != 3)
{
Array.Copy(encData, pos - iv.Length, iv, 0, iv.Length);
}
}
- //
+ //
// verify Checksum
//
- int cs = ((encData[pos] << 8) & 0xff00) | (encData[pos + 1] & 0xff);
+ int cs = ((encData[pos] << 8) & 0xff00) | (encData[pos + 1] & 0xff);
int calcCs = 0;
for (int j=0; j < data.Length-2; j++)
{
calcCs += data[j] & 0xff;
}
- calcCs &= 0xffff;
+ calcCs &= 0xffff;
if (calcCs != cs)
{
throw new PgpException("Checksum mismatch: passphrase wrong, expected "
- + cs.ToString("X")
- + " found " + calcCs.ToString("X"));
+ + cs.ToString("X")
+ + " found " + calcCs.ToString("X"));
}
}
- return data;
+ return data;
}
catch (PgpException e)
{
@@ -389,15 +389,15 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp
}
}
- /// <summary>Extract a <c>PgpPrivateKey</c> from this secret key's encrypted contents.</summary>
+ /// <summary>Extract a <c>PgpPrivateKey</c> from this secret key's encrypted contents.</summary>
public PgpPrivateKey ExtractPrivateKey(
char[] passPhrase)
{
- byte[] secKeyData = secret.GetSecretKeyData();
+ byte[] secKeyData = secret.GetSecretKeyData();
if (secKeyData == null || secKeyData.Length < 1)
return null;
- PublicKeyPacket pubPk = secret.PublicKeyPacket;
+ PublicKeyPacket pubPk = secret.PublicKeyPacket;
try
{
byte[] data = ExtractKeyData(passPhrase);
@@ -438,7 +438,7 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp
throw new PgpException("unknown public key algorithm encountered");
}
- return new PgpPrivateKey(privateKey, KeyId);
+ return new PgpPrivateKey(privateKey, KeyId);
}
catch (PgpException e)
{
@@ -450,65 +450,65 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp
}
}
- private static byte[] Checksum(
- bool useSha1,
- byte[] bytes,
- int length)
- {
- if (useSha1)
- {
- try
- {
- IDigest dig = DigestUtilities.GetDigest("SHA1");
- dig.BlockUpdate(bytes, 0, length);
- return DigestUtilities.DoFinal(dig);
- }
- //catch (NoSuchAlgorithmException e)
- catch (Exception e)
- {
- throw new PgpException("Can't find SHA-1", e);
- }
- }
- else
- {
- int Checksum = 0;
- for (int i = 0; i != length; i++)
- {
- Checksum += bytes[i];
- }
-
- return new byte[] { (byte)(Checksum >> 8), (byte)Checksum };
- }
- }
-
- public byte[] GetEncoded()
+ private static byte[] Checksum(
+ bool useSha1,
+ byte[] bytes,
+ int length)
+ {
+ if (useSha1)
+ {
+ try
+ {
+ IDigest dig = DigestUtilities.GetDigest("SHA1");
+ dig.BlockUpdate(bytes, 0, length);
+ return DigestUtilities.DoFinal(dig);
+ }
+ //catch (NoSuchAlgorithmException e)
+ catch (Exception e)
+ {
+ throw new PgpException("Can't find SHA-1", e);
+ }
+ }
+ else
+ {
+ int Checksum = 0;
+ for (int i = 0; i != length; i++)
+ {
+ Checksum += bytes[i];
+ }
+
+ return new byte[] { (byte)(Checksum >> 8), (byte)Checksum };
+ }
+ }
+
+ public byte[] GetEncoded()
{
MemoryStream bOut = new MemoryStream();
Encode(bOut);
return bOut.ToArray();
}
- public void Encode(
+ public void Encode(
Stream outStr)
{
BcpgOutputStream bcpgOut = BcpgOutputStream.Wrap(outStr);
- bcpgOut.WritePacket(secret);
+ bcpgOut.WritePacket(secret);
if (pub.trustPk != null)
{
bcpgOut.WritePacket(pub.trustPk);
}
- if (pub.subSigs == null) // is not a sub key
+ if (pub.subSigs == null) // is not a sub key
{
- foreach (PgpSignature keySig in pub.keySigs)
- {
- keySig.Encode(bcpgOut);
+ foreach (PgpSignature keySig in pub.keySigs)
+ {
+ keySig.Encode(bcpgOut);
}
- for (int i = 0; i != pub.ids.Count; i++)
+ for (int i = 0; i != pub.ids.Count; i++)
{
- object pubID = pub.ids[i];
+ object pubID = pub.ids[i];
if (pubID is string)
{
string id = (string) pubID;
@@ -520,38 +520,38 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp
bcpgOut.WritePacket(new UserAttributePacket(v.ToSubpacketArray()));
}
- if (pub.idTrusts[i] != null)
+ if (pub.idTrusts[i] != null)
{
bcpgOut.WritePacket((ContainedPacket)pub.idTrusts[i]);
}
- foreach (PgpSignature sig in (IList) pub.idSigs[i])
- {
- sig.Encode(bcpgOut);
+ foreach (PgpSignature sig in (IList) pub.idSigs[i])
+ {
+ sig.Encode(bcpgOut);
}
}
}
else
{
- foreach (PgpSignature subSig in pub.subSigs)
- {
- subSig.Encode(bcpgOut);
+ foreach (PgpSignature subSig in pub.subSigs)
+ {
+ subSig.Encode(bcpgOut);
}
}
- // TODO Check that this is right/necessary
- //bcpgOut.Finish();
+ // TODO Check that this is right/necessary
+ //bcpgOut.Finish();
}
- /// <summary>
- /// Return a copy of the passed in secret key, encrypted using a new password
- /// and the passed in algorithm.
- /// </summary>
- /// <param name="key">The PgpSecretKey to be copied.</param>
- /// <param name="oldPassPhrase">The current password for the key.</param>
- /// <param name="newPassPhrase">The new password for the key.</param>
- /// <param name="newEncAlgorithm">The algorithm to be used for the encryption.</param>
- /// <param name="rand">Source of randomness.</param>
+ /// <summary>
+ /// Return a copy of the passed in secret key, encrypted using a new password
+ /// and the passed in algorithm.
+ /// </summary>
+ /// <param name="key">The PgpSecretKey to be copied.</param>
+ /// <param name="oldPassPhrase">The current password for the key.</param>
+ /// <param name="newPassPhrase">The new password for the key.</param>
+ /// <param name="newEncAlgorithm">The algorithm to be used for the encryption.</param>
+ /// <param name="rand">Source of randomness.</param>
public static PgpSecretKey CopyWithNewPassword(
PgpSecretKey key,
char[] oldPassPhrase,
@@ -560,35 +560,35 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp
SecureRandom rand)
{
byte[] rawKeyData = key.ExtractKeyData(oldPassPhrase);
- int s2kUsage = key.secret.S2kUsage;
- byte[] iv = null;
+ int s2kUsage = key.secret.S2kUsage;
+ byte[] iv = null;
S2k s2k = null;
byte[] keyData;
- if (newEncAlgorithm == SymmetricKeyAlgorithmTag.Null)
+ if (newEncAlgorithm == SymmetricKeyAlgorithmTag.Null)
{
- s2kUsage = SecretKeyPacket.UsageNone;
- if (key.secret.S2kUsage == SecretKeyPacket.UsageSha1) // SHA-1 hash, need to rewrite Checksum
- {
- keyData = new byte[rawKeyData.Length - 18];
-
- Array.Copy(rawKeyData, 0, keyData, 0, keyData.Length - 2);
-
- byte[] check = Checksum(false, keyData, keyData.Length - 2);
-
- keyData[keyData.Length - 2] = check[0];
- keyData[keyData.Length - 1] = check[1];
- }
- else
- {
- keyData = rawKeyData;
- }
- }
+ s2kUsage = SecretKeyPacket.UsageNone;
+ if (key.secret.S2kUsage == SecretKeyPacket.UsageSha1) // SHA-1 hash, need to rewrite Checksum
+ {
+ keyData = new byte[rawKeyData.Length - 18];
+
+ Array.Copy(rawKeyData, 0, keyData, 0, keyData.Length - 2);
+
+ byte[] check = Checksum(false, keyData, keyData.Length - 2);
+
+ keyData[keyData.Length - 2] = check[0];
+ keyData[keyData.Length - 1] = check[1];
+ }
+ else
+ {
+ keyData = rawKeyData;
+ }
+ }
else
{
try
{
- keyData = EncryptKeyData(rawKeyData, newEncAlgorithm, newPassPhrase, rand, out s2k, out iv);
+ keyData = EncryptKeyData(rawKeyData, newEncAlgorithm, newPassPhrase, rand, out s2k, out iv);
}
catch (PgpException e)
{
@@ -600,67 +600,67 @@ namespace Org.BouncyCastle.Bcpg.OpenPgp
}
}
- SecretKeyPacket secret;
+ SecretKeyPacket secret;
if (key.secret is SecretSubkeyPacket)
{
secret = new SecretSubkeyPacket(key.secret.PublicKeyPacket,
- newEncAlgorithm, s2kUsage, s2k, iv, keyData);
+ newEncAlgorithm, s2kUsage, s2k, iv, keyData);
}
else
{
secret = new SecretKeyPacket(key.secret.PublicKeyPacket,
- newEncAlgorithm, s2kUsage, s2k, iv, keyData);
+ newEncAlgorithm, s2kUsage, s2k, iv, keyData);
}
- return new PgpSecretKey(secret, key.pub);
+ return new PgpSecretKey(secret, key.pub);
}
- /// <summary>Replace the passed the public key on the passed in secret key.</summary>
- /// <param name="secretKey">Secret key to change.</param>
- /// <param name="publicKey">New public key.</param>
- /// <returns>A new secret key.</returns>
- /// <exception cref="ArgumentException">If KeyId's do not match.</exception>
- public static PgpSecretKey ReplacePublicKey(
- PgpSecretKey secretKey,
- PgpPublicKey publicKey)
- {
- if (publicKey.KeyId != secretKey.KeyId)
- throw new ArgumentException("KeyId's do not match");
-
- return new PgpSecretKey(secretKey.secret, publicKey);
- }
-
- private static byte[] EncryptKeyData(
- byte[] rawKeyData,
- SymmetricKeyAlgorithmTag encAlgorithm,
- char[] passPhrase,
- SecureRandom random,
- out S2k s2k,
- out byte[] iv)
- {
- IBufferedCipher c;
- try
- {
- string cName = PgpUtilities.GetSymmetricCipherName(encAlgorithm);
- c = CipherUtilities.GetCipher(cName + "/CFB/NoPadding");
- }
- catch (Exception e)
- {
- throw new PgpException("Exception creating cipher", e);
- }
-
- byte[] s2kIV = new byte[8];
- random.NextBytes(s2kIV);
- s2k = new S2k(HashAlgorithmTag.Sha1, s2kIV, 0x60);
-
- KeyParameter kp = PgpUtilities.MakeKeyFromPassPhrase(encAlgorithm, s2k, passPhrase);
-
- iv = new byte[c.GetBlockSize()];
- random.NextBytes(iv);
-
- c.Init(true, new ParametersWithRandom(new ParametersWithIV(kp, iv), random));
-
- return c.DoFinal(rawKeyData);
- }
+ /// <summary>Replace the passed the public key on the passed in secret key.</summary>
+ /// <param name="secretKey">Secret key to change.</param>
+ /// <param name="publicKey">New public key.</param>
+ /// <returns>A new secret key.</returns>
+ /// <exception cref="ArgumentException">If KeyId's do not match.</exception>
+ public static PgpSecretKey ReplacePublicKey(
+ PgpSecretKey secretKey,
+ PgpPublicKey publicKey)
+ {
+ if (publicKey.KeyId != secretKey.KeyId)
+ throw new ArgumentException("KeyId's do not match");
+
+ return new PgpSecretKey(secretKey.secret, publicKey);
+ }
+
+ private static byte[] EncryptKeyData(
+ byte[] rawKeyData,
+ SymmetricKeyAlgorithmTag encAlgorithm,
+ char[] passPhrase,
+ SecureRandom random,
+ out S2k s2k,
+ out byte[] iv)
+ {
+ IBufferedCipher c;
+ try
+ {
+ string cName = PgpUtilities.GetSymmetricCipherName(encAlgorithm);
+ c = CipherUtilities.GetCipher(cName + "/CFB/NoPadding");
+ }
+ catch (Exception e)
+ {
+ throw new PgpException("Exception creating cipher", e);
+ }
+
+ byte[] s2kIV = new byte[8];
+ random.NextBytes(s2kIV);
+ s2k = new S2k(HashAlgorithmTag.Sha1, s2kIV, 0x60);
+
+ KeyParameter kp = PgpUtilities.MakeKeyFromPassPhrase(encAlgorithm, s2k, passPhrase);
+
+ iv = new byte[c.GetBlockSize()];
+ random.NextBytes(iv);
+
+ c.Init(true, new ParametersWithRandom(new ParametersWithIV(kp, iv), random));
+
+ return c.DoFinal(rawKeyData);
+ }
}
}
|
