using System;
using System.Collections.Generic;
using System.Drawing;
using System.IO;
using Org.BouncyCastle.Asn1.Cryptlib;
using Org.BouncyCastle.Asn1.EdEC;
using Org.BouncyCastle.Asn1.Gnu;
using Org.BouncyCastle.Asn1.X509;
using Org.BouncyCastle.Asn1.X9;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Generators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Math.EC;
using Org.BouncyCastle.Math.EC.Rfc7748;
using Org.BouncyCastle.Math.EC.Rfc8032;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities;
using Org.BouncyCastle.Utilities.Collections;
namespace Org.BouncyCastle.Bcpg.OpenPgp
{
/// General class to handle a PGP public key object.
public class PgpPublicKey
: PgpObject
{
// We default to these as they are specified as mandatory in RFC 6631.
private static readonly PgpKdfParameters DefaultKdfParameters = new PgpKdfParameters(HashAlgorithmTag.Sha256,
SymmetricKeyAlgorithmTag.Aes128);
public static byte[] CalculateFingerprint(PublicKeyPacket publicPk)
{
IBcpgKey key = publicPk.Key;
IDigest digest;
if (publicPk.Version <= 3)
{
RsaPublicBcpgKey rK = (RsaPublicBcpgKey)key;
try
{
digest = PgpUtilities.CreateDigest(HashAlgorithmTag.MD5);
UpdateDigest(digest, rK.Modulus);
UpdateDigest(digest, rK.PublicExponent);
}
catch (Exception e)
{
throw new PgpException("can't encode key components: " + e.Message, e);
}
}
else
{
try
{
byte[] kBytes = publicPk.GetEncodedContents();
digest = PgpUtilities.CreateDigest(HashAlgorithmTag.Sha1);
digest.Update(0x99);
digest.Update((byte)(kBytes.Length >> 8));
digest.Update((byte)kBytes.Length);
digest.BlockUpdate(kBytes, 0, kBytes.Length);
}
catch (Exception e)
{
throw new PgpException("can't encode key components: " + e.Message, e);
}
}
return DigestUtilities.DoFinal(digest);
}
private static void UpdateDigest(IDigest d, BigInteger b)
{
byte[] bytes = b.ToByteArrayUnsigned();
d.BlockUpdate(bytes, 0, bytes.Length);
}
private static readonly int[] MasterKeyCertificationTypes = new int[]
{
PgpSignature.PositiveCertification,
PgpSignature.CasualCertification,
PgpSignature.NoCertification,
PgpSignature.DefaultCertification,
PgpSignature.DirectKey,
};
internal PublicKeyPacket publicPk;
internal TrustPacket trustPk;
internal IList keySigs = new List();
internal IList ids = new List();
internal IList idTrusts = new List();
internal IList> idSigs = new List>();
internal IList subSigs = null;
private long keyId;
private byte[] fingerprint;
private int keyStrength;
private void Init()
{
IBcpgKey key = publicPk.Key;
this.fingerprint = CalculateFingerprint(publicPk);
if (publicPk.Version <= 3)
{
RsaPublicBcpgKey rK = (RsaPublicBcpgKey) key;
this.keyId = rK.Modulus.LongValue;
this.keyStrength = rK.Modulus.BitLength;
}
else
{
this.keyId = (long)(((ulong)fingerprint[fingerprint.Length - 8] << 56)
| ((ulong)fingerprint[fingerprint.Length - 7] << 48)
| ((ulong)fingerprint[fingerprint.Length - 6] << 40)
| ((ulong)fingerprint[fingerprint.Length - 5] << 32)
| ((ulong)fingerprint[fingerprint.Length - 4] << 24)
| ((ulong)fingerprint[fingerprint.Length - 3] << 16)
| ((ulong)fingerprint[fingerprint.Length - 2] << 8)
| (ulong)fingerprint[fingerprint.Length - 1]);
if (key is RsaPublicBcpgKey)
{
this.keyStrength = ((RsaPublicBcpgKey)key).Modulus.BitLength;
}
else if (key is DsaPublicBcpgKey)
{
this.keyStrength = ((DsaPublicBcpgKey)key).P.BitLength;
}
else if (key is ElGamalPublicBcpgKey)
{
this.keyStrength = ((ElGamalPublicBcpgKey)key).P.BitLength;
}
else if (key is EdDsaPublicBcpgKey eddsaK)
{
var curveOid = eddsaK.CurveOid;
if (EdECObjectIdentifiers.id_Ed25519.Equals(curveOid) ||
GnuObjectIdentifiers.Ed25519.Equals(curveOid) ||
EdECObjectIdentifiers.id_X25519.Equals(curveOid) ||
CryptlibObjectIdentifiers.curvey25519.Equals(curveOid))
{
this.keyStrength = 256;
}
else if (EdECObjectIdentifiers.id_Ed448.Equals(curveOid) ||
EdECObjectIdentifiers.id_X448.Equals(curveOid))
{
this.keyStrength = 448;
}
else
{
this.keyStrength = -1; // unknown
}
}
else if (key is ECPublicBcpgKey ecK)
{
var curveOid = ecK.CurveOid;
X9ECParametersHolder ecParameters = ECKeyPairGenerator.FindECCurveByOidLazy(curveOid);
if (ecParameters != null)
{
this.keyStrength = ecParameters.Curve.FieldSize;
}
else
{
this.keyStrength = -1; // unknown
}
}
}
}
///
/// Create a PgpPublicKey from the passed in lightweight one.
///
///
/// Note: the time passed in affects the value of the key's keyId, so you probably only want
/// to do this once for a lightweight key, or make sure you keep track of the time you used.
///
/// Asymmetric algorithm type representing the public key.
/// Actual public key to associate.
/// Date of creation.
/// If pubKey is not public.
/// On key creation problem.
public PgpPublicKey(PublicKeyAlgorithmTag algorithm, AsymmetricKeyParameter pubKey, DateTime time)
{
if (pubKey.IsPrivate)
throw new ArgumentException("Expected a public key", nameof(pubKey));
IBcpgKey bcpgKey;
if (pubKey is RsaKeyParameters rK)
{
bcpgKey = new RsaPublicBcpgKey(rK.Modulus, rK.Exponent);
}
else if (pubKey is DsaPublicKeyParameters dK)
{
DsaParameters dP = dK.Parameters;
bcpgKey = new DsaPublicBcpgKey(dP.P, dP.Q, dP.G, dK.Y);
}
else if (pubKey is ElGamalPublicKeyParameters eK)
{
ElGamalParameters eS = eK.Parameters;
bcpgKey = new ElGamalPublicBcpgKey(eS.P, eS.G, eK.Y);
}
else if (pubKey is ECPublicKeyParameters ecK)
{
if (algorithm == PublicKeyAlgorithmTag.ECDH)
{
bcpgKey = new ECDHPublicBcpgKey(ecK.PublicKeyParamSet, ecK.Q, HashAlgorithmTag.Sha256,
SymmetricKeyAlgorithmTag.Aes128);
}
else if (algorithm == PublicKeyAlgorithmTag.ECDsa)
{
bcpgKey = new ECDsaPublicBcpgKey(ecK.PublicKeyParamSet, ecK.Q);
}
else
{
throw new PgpException("unknown EC algorithm");
}
}
else if (pubKey is Ed25519PublicKeyParameters ed25519PubKey)
{
byte[] pointEnc = new byte[1 + Ed25519PublicKeyParameters.KeySize];
pointEnc[0] = 0x40;
ed25519PubKey.Encode(pointEnc, 1);
bcpgKey = new EdDsaPublicBcpgKey(GnuObjectIdentifiers.Ed25519, new BigInteger(1, pointEnc));
}
else if (pubKey is Ed448PublicKeyParameters ed448PubKey)
{
byte[] pointEnc = new byte[Ed448PublicKeyParameters.KeySize];
ed448PubKey.Encode(pointEnc, 0);
bcpgKey = new EdDsaPublicBcpgKey(EdECObjectIdentifiers.id_Ed448, new BigInteger(1, pointEnc));
}
else if (pubKey is X25519PublicKeyParameters x25519PubKey)
{
byte[] pointEnc = new byte[1 + X25519PublicKeyParameters.KeySize];
pointEnc[0] = 0x40;
x25519PubKey.Encode(pointEnc, 1);
PgpKdfParameters kdfParams = DefaultKdfParameters;
bcpgKey = new ECDHPublicBcpgKey(CryptlibObjectIdentifiers.curvey25519, new BigInteger(1, pointEnc),
kdfParams.HashAlgorithm, kdfParams.SymmetricWrapAlgorithm);
}
else if (pubKey is X448PublicKeyParameters x448PubKey)
{
byte[] pointEnc = new byte[X448PublicKeyParameters.KeySize];
x448PubKey.Encode(pointEnc, 0);
PgpKdfParameters kdfParams = DefaultKdfParameters;
bcpgKey = new ECDHPublicBcpgKey(EdECObjectIdentifiers.id_X448, new BigInteger(1, pointEnc),
kdfParams.HashAlgorithm, kdfParams.SymmetricWrapAlgorithm);
}
else
{
throw new PgpException("unknown key class");
}
this.publicPk = new PublicKeyPacket(algorithm, time, bcpgKey);
this.ids = new List();
this.idSigs = new List>();
try
{
Init();
}
catch (IOException e)
{
throw new PgpException("exception calculating keyId", e);
}
}
public PgpPublicKey(PublicKeyPacket publicPk)
: this(publicPk, new List(), new List>())
{
}
/// Constructor for a sub-key.
internal PgpPublicKey(PublicKeyPacket publicPk, TrustPacket trustPk, IList sigs)
{
this.publicPk = publicPk;
this.trustPk = trustPk;
this.subSigs = sigs;
Init();
}
internal PgpPublicKey(
PgpPublicKey key,
TrustPacket trust,
IList subSigs)
{
this.publicPk = key.publicPk;
this.trustPk = trust;
this.subSigs = subSigs;
this.fingerprint = key.fingerprint;
this.keyId = key.keyId;
this.keyStrength = key.keyStrength;
}
/// Copy constructor.
/// The public key to copy.
internal PgpPublicKey(
PgpPublicKey pubKey)
{
this.publicPk = pubKey.publicPk;
this.keySigs = new List(pubKey.keySigs);
this.ids = new List(pubKey.ids);
this.idTrusts = new List(pubKey.idTrusts);
this.idSigs = new List>(pubKey.idSigs.Count);
for (int i = 0; i < pubKey.idSigs.Count; ++i)
{
this.idSigs.Add(new List(pubKey.idSigs[i]));
}
if (pubKey.subSigs != null)
{
this.subSigs = new List(pubKey.subSigs);
}
this.fingerprint = pubKey.fingerprint;
this.keyId = pubKey.keyId;
this.keyStrength = pubKey.keyStrength;
}
internal PgpPublicKey(
PublicKeyPacket publicPk,
TrustPacket trustPk,
IList keySigs,
IList ids,
IList idTrusts,
IList> idSigs)
{
this.publicPk = publicPk;
this.trustPk = trustPk;
this.keySigs = keySigs;
this.ids = ids;
this.idTrusts = idTrusts;
this.idSigs = idSigs;
Init();
}
internal PgpPublicKey(
PublicKeyPacket publicPk,
IList ids,
IList> idSigs)
{
this.publicPk = publicPk;
this.ids = ids;
this.idSigs = idSigs;
Init();
}
internal PgpPublicKey(
PgpPublicKey original,
TrustPacket trustPk,
List keySigs,
List ids,
List idTrusts,
IList> idSigs)
{
this.publicPk = original.publicPk;
this.fingerprint = original.fingerprint;
this.keyStrength = original.keyStrength;
this.keyId = original.keyId;
this.trustPk = trustPk;
this.keySigs = keySigs;
this.ids = ids;
this.idTrusts = idTrusts;
this.idSigs = idSigs;
}
/// The version of this key.
public int Version
{
get { return publicPk.Version; }
}
/// The creation time of this key.
public DateTime CreationTime
{
get { return publicPk.GetTime(); }
}
/// Return the trust data associated with the public key, if present.
/// A byte array with trust data, null otherwise.
public byte[] GetTrustData()
{
if (trustPk == null)
{
return null;
}
return Arrays.Clone(trustPk.GetLevelAndTrustAmount());
}
/// The number of valid seconds from creation time - zero means no expiry.
public long GetValidSeconds()
{
if (publicPk.Version <= 3)
{
return (long)publicPk.ValidDays * (24 * 60 * 60);
}
if (IsMasterKey)
{
for (int i = 0; i != MasterKeyCertificationTypes.Length; i++)
{
long seconds = GetExpirationTimeFromSig(true, MasterKeyCertificationTypes[i]);
if (seconds >= 0)
{
return seconds;
}
}
}
else
{
long seconds = GetExpirationTimeFromSig(false, PgpSignature.SubkeyBinding);
if (seconds >= 0)
{
return seconds;
}
seconds = GetExpirationTimeFromSig(false, PgpSignature.DirectKey);
if (seconds >= 0)
{
return seconds;
}
}
return 0;
}
private long GetExpirationTimeFromSig(bool selfSigned, int signatureType)
{
long expiryTime = -1;
long lastDate = -1;
foreach (PgpSignature sig in GetSignaturesOfType(signatureType))
{
if (selfSigned && sig.KeyId != this.KeyId)
continue;
PgpSignatureSubpacketVector hashed = sig.GetHashedSubPackets();
if (hashed == null)
continue;
if (!hashed.HasSubpacket(SignatureSubpacketTag.KeyExpireTime))
continue;
long current = hashed.GetKeyExpirationTime();
if (sig.KeyId == this.KeyId)
{
if (sig.CreationTime.Ticks > lastDate)
{
lastDate = sig.CreationTime.Ticks;
expiryTime = current;
}
}
else if (current == 0 || current > expiryTime)
{
expiryTime = current;
}
}
return expiryTime;
}
/// The key ID associated with the public key.
public long KeyId
{
get { return keyId; }
}
/// The fingerprint of the public key
public byte[] GetFingerprint()
{
return (byte[]) fingerprint.Clone();
}
///
/// Check if this key has an algorithm type that makes it suitable to use for encryption.
///
///
/// Note: with version 4 keys KeyFlags subpackets should also be considered when present for
/// determining the preferred use of the key.
///
///
/// true if this key algorithm is suitable for encryption.
///
public bool IsEncryptionKey
{
get
{
switch (publicPk.Algorithm)
{
case PublicKeyAlgorithmTag.ECDH:
case PublicKeyAlgorithmTag.ElGamalEncrypt:
case PublicKeyAlgorithmTag.ElGamalGeneral:
case PublicKeyAlgorithmTag.RsaEncrypt:
case PublicKeyAlgorithmTag.RsaGeneral:
return true;
default:
return false;
}
}
}
/// True, if this could be a master key.
public bool IsMasterKey
{
get
{
// this might seem a bit excessive, but we're also trying to flag something can't be a master key.
return !(publicPk is PublicSubkeyPacket)
&& !(this.IsEncryptionKey && publicPk.Algorithm != PublicKeyAlgorithmTag.RsaGeneral);
}
}
/// The algorithm code associated with the public key.
public PublicKeyAlgorithmTag Algorithm
{
get { return publicPk.Algorithm; }
}
/// The strength of the key in bits.
public int BitStrength
{
get { return keyStrength; }
}
/// The public key contained in the object.
/// A lightweight public key.
/// If the key algorithm is not recognised.
public AsymmetricKeyParameter GetKey()
{
try
{
switch (publicPk.Algorithm)
{
case PublicKeyAlgorithmTag.RsaEncrypt:
case PublicKeyAlgorithmTag.RsaGeneral:
case PublicKeyAlgorithmTag.RsaSign:
RsaPublicBcpgKey rsaK = (RsaPublicBcpgKey)publicPk.Key;
return new RsaKeyParameters(false, rsaK.Modulus, rsaK.PublicExponent);
case PublicKeyAlgorithmTag.Dsa:
DsaPublicBcpgKey dsaK = (DsaPublicBcpgKey)publicPk.Key;
return new DsaPublicKeyParameters(dsaK.Y, new DsaParameters(dsaK.P, dsaK.Q, dsaK.G));
case PublicKeyAlgorithmTag.ECDsa:
ECDsaPublicBcpgKey ecdsaK = (ECDsaPublicBcpgKey)publicPk.Key;
return GetECKey("ECDSA", ecdsaK);
case PublicKeyAlgorithmTag.ECDH:
{
ECDHPublicBcpgKey ecdhK = (ECDHPublicBcpgKey)publicPk.Key;
var curveOid = ecdhK.CurveOid;
if (EdECObjectIdentifiers.id_X25519.Equals(curveOid) ||
CryptlibObjectIdentifiers.curvey25519.Equals(curveOid))
{
byte[] pEnc = BigIntegers.AsUnsignedByteArray(1 + X25519.PointSize, ecdhK.EncodedPoint);
if (pEnc[0] != 0x40)
throw new ArgumentException("Invalid X25519 public key");
return PublicKeyFactory.CreateKey(new SubjectPublicKeyInfo(
new AlgorithmIdentifier(curveOid),
// TODO Span variant
Arrays.CopyOfRange(pEnc, 1, pEnc.Length)));
}
else if (EdECObjectIdentifiers.id_X448.Equals(curveOid))
{
byte[] pEnc = BigIntegers.AsUnsignedByteArray(1 + X448.PointSize, ecdhK.EncodedPoint);
if (pEnc[0] != 0x40)
throw new ArgumentException("Invalid X448 public key");
return PublicKeyFactory.CreateKey(new SubjectPublicKeyInfo(
new AlgorithmIdentifier(curveOid),
// TODO Span variant
Arrays.CopyOfRange(pEnc, 1, pEnc.Length)));
}
else
{
return GetECKey("ECDH", ecdhK);
}
}
case PublicKeyAlgorithmTag.EdDsa:
{
EdDsaPublicBcpgKey eddsaK = (EdDsaPublicBcpgKey)publicPk.Key;
var curveOid = eddsaK.CurveOid;
if (EdECObjectIdentifiers.id_Ed25519.Equals(curveOid) ||
GnuObjectIdentifiers.Ed25519.Equals(curveOid))
{
byte[] pEnc = BigIntegers.AsUnsignedByteArray(1 + Ed25519.PublicKeySize, eddsaK.EncodedPoint);
if (pEnc[0] != 0x40)
throw new ArgumentException("Invalid Ed25519 public key");
return PublicKeyFactory.CreateKey(new SubjectPublicKeyInfo(
new AlgorithmIdentifier(curveOid),
// TODO Span variant
Arrays.CopyOfRange(pEnc, 1, pEnc.Length)));
}
else if (EdECObjectIdentifiers.id_Ed448.Equals(curveOid))
{
byte[] pEnc = BigIntegers.AsUnsignedByteArray(1 + Ed448.PublicKeySize, eddsaK.EncodedPoint);
if (pEnc[0] != 0x40)
throw new ArgumentException("Invalid Ed448 public key");
return PublicKeyFactory.CreateKey(new SubjectPublicKeyInfo(
new AlgorithmIdentifier(curveOid),
// TODO Span variant
Arrays.CopyOfRange(pEnc, 1, pEnc.Length)));
}
else
{
throw new InvalidOperationException();
}
}
case PublicKeyAlgorithmTag.ElGamalEncrypt:
case PublicKeyAlgorithmTag.ElGamalGeneral:
ElGamalPublicBcpgKey elK = (ElGamalPublicBcpgKey)publicPk.Key;
return new ElGamalPublicKeyParameters(elK.Y, new ElGamalParameters(elK.P, elK.G));
default:
throw new PgpException("unknown public key algorithm encountered");
}
}
catch (PgpException e)
{
throw e;
}
catch (Exception e)
{
throw new PgpException("exception constructing public key", e);
}
}
private ECPublicKeyParameters GetECKey(string algorithm, ECPublicBcpgKey ecK)
{
X9ECParameters x9 = ECKeyPairGenerator.FindECCurveByOid(ecK.CurveOid);
BigInteger encodedPoint = ecK.EncodedPoint;
#if NETCOREAPP2_1_OR_GREATER || NETSTANDARD2_1_OR_GREATER
int encodedLength = BigIntegers.GetUnsignedByteLength(encodedPoint);
Span encoding = encodedLength <= 512
? stackalloc byte[encodedLength]
: new byte[encodedLength];
BigIntegers.AsUnsignedByteArray(encodedPoint, encoding);
ECPoint q = x9.Curve.DecodePoint(encoding);
#else
ECPoint q = x9.Curve.DecodePoint(BigIntegers.AsUnsignedByteArray(encodedPoint));
#endif
return new ECPublicKeyParameters(algorithm, q, ecK.CurveOid);
}
/// Allows enumeration of any user IDs associated with the key.
/// An IEnumerable of string objects.
public IEnumerable GetUserIds()
{
var result = new List();
foreach (var id in ids)
{
if (id is UserIdPacket userId)
{
result.Add(userId.GetId());
}
}
return CollectionUtilities.Proxy(result);
}
/// Return any userIDs associated with the key in raw byte form.
/// No attempt is made to convert the IDs into strings.
/// An IEnumerable of byte[].
public IEnumerable GetRawUserIds()
{
var result = new List();
foreach (var id in ids)
{
if (id is UserIdPacket userId)
{
result.Add(userId.GetRawId());
}
}
return CollectionUtilities.Proxy(result);
}
/// Allows enumeration of any user attribute vectors associated with the key.
/// An IEnumerable of PgpUserAttributeSubpacketVector objects.
public IEnumerable GetUserAttributes()
{
var result = new List();
foreach (var id in ids)
{
if (id is PgpUserAttributeSubpacketVector v)
{
result.Add(v);
}
}
return CollectionUtilities.Proxy(result);
}
/// Allows enumeration of any signatures associated with the passed in id.
/// The ID to be matched.
/// An IEnumerable of PgpSignature objects.
public IEnumerable GetSignaturesForId(string id)
{
if (id == null)
throw new ArgumentNullException(nameof(id));
return GetSignaturesForId(new UserIdPacket(id));
}
public IEnumerable GetSignaturesForId(byte[] rawId)
{
if (rawId == null)
throw new ArgumentNullException(nameof(rawId));
return GetSignaturesForId(new UserIdPacket(rawId));
}
private IEnumerable GetSignaturesForId(UserIdPacket id)
{
var signatures = new List();
bool userIdFound = false;
for (int i = 0; i != ids.Count; i++)
{
if (id.Equals(ids[i]))
{
userIdFound = true;
signatures.AddRange(idSigs[i]);
}
}
return userIdFound ? signatures : null;
}
/// Return any signatures associated with the passed in key identifier keyID.
/// the key id to be matched.
/// An IEnumerable of PgpSignature objects issued by the key with keyID.
public IEnumerable GetSignaturesForKeyID(long keyID)
{
var sigs = new List();
foreach (var sig in GetSignatures())
{
if (sig.KeyId == keyID)
{
sigs.Add(sig);
}
}
return CollectionUtilities.Proxy(sigs);
}
/// Allows enumeration of signatures associated with the passed in user attributes.
/// The vector of user attributes to be matched.
/// An IEnumerable of PgpSignature objects.
public IEnumerable GetSignaturesForUserAttribute(PgpUserAttributeSubpacketVector userAttributes)
{
if (userAttributes == null)
throw new ArgumentNullException(nameof(userAttributes));
var result = new List();
bool attributeFound = false;
for (int i = 0; i != ids.Count; i++)
{
if (userAttributes.Equals(ids[i]))
{
attributeFound = true;
result.AddRange(idSigs[i]);
}
}
return attributeFound ? CollectionUtilities.Proxy(result) : null;
}
/// Allows enumeration of signatures of the passed in type that are on this key.
/// The type of the signature to be returned.
/// An IEnumerable of PgpSignature objects.
public IEnumerable GetSignaturesOfType(int signatureType)
{
var result = new List();
foreach (PgpSignature sig in GetSignatures())
{
if (sig.SignatureType == signatureType)
{
result.Add(sig);
}
}
return CollectionUtilities.Proxy(result);
}
/// Allows enumeration of all signatures/certifications associated with this key.
/// An IEnumerable with all signatures/certifications.
public IEnumerable GetSignatures()
{
var result = subSigs;
if (result == null)
{
var temp = new List(keySigs);
foreach (var extraSigs in idSigs)
{
temp.AddRange(extraSigs);
}
result = temp;
}
return CollectionUtilities.Proxy(result);
}
/**
* Return all signatures/certifications directly associated with this key (ie, not to a user id).
*
* @return an iterator (possibly empty) with all signatures/certifications.
*/
public IEnumerable GetKeySignatures()
{
var result = subSigs ?? new List(keySigs);
return CollectionUtilities.Proxy(result);
}
public PublicKeyPacket PublicKeyPacket
{
get { return publicPk; }
}
public byte[] GetEncoded()
{
MemoryStream bOut = new MemoryStream();
Encode(bOut);
return bOut.ToArray();
}
public void Encode(Stream outStr)
{
Encode(outStr, false);
}
/**
* Encode the key to outStream, with trust packets stripped out if forTransfer is true.
*
* @param outStream stream to write the key encoding to.
* @param forTransfer if the purpose of encoding is to send key to other users.
* @throws IOException in case of encoding error.
*/
public void Encode(Stream outStr, bool forTransfer)
{
BcpgOutputStream bcpgOut = BcpgOutputStream.Wrap(outStr);
bcpgOut.WritePacket(publicPk);
if (!forTransfer && trustPk != null)
{
bcpgOut.WritePacket(trustPk);
}
if (subSigs == null) // not a sub-key
{
foreach (PgpSignature keySig in keySigs)
{
keySig.Encode(bcpgOut);
}
for (int i = 0; i != ids.Count; i++)
{
if (ids[i] is UserIdPacket id)
{
bcpgOut.WritePacket(id);
}
else
{
PgpUserAttributeSubpacketVector v = (PgpUserAttributeSubpacketVector)ids[i];
bcpgOut.WritePacket(new UserAttributePacket(v.ToSubpacketArray()));
}
if (!forTransfer && idTrusts[i] != null)
{
bcpgOut.WritePacket((TrustPacket)idTrusts[i]);
}
foreach (PgpSignature sig in idSigs[i])
{
sig.Encode(bcpgOut, forTransfer);
}
}
}
else
{
foreach (PgpSignature subSig in subSigs)
{
subSig.Encode(bcpgOut);
}
}
}
/// Check whether this (sub)key has a revocation signature on it.
/// True, if this (sub)key has been revoked.
public bool IsRevoked()
{
int ns = 0;
bool revoked = false;
if (IsMasterKey) // Master key
{
while (!revoked && (ns < keySigs.Count))
{
if (((PgpSignature)keySigs[ns++]).SignatureType == PgpSignature.KeyRevocation)
{
revoked = true;
}
}
}
else // Sub-key
{
while (!revoked && (ns < subSigs.Count))
{
if (((PgpSignature)subSigs[ns++]).SignatureType == PgpSignature.SubkeyRevocation)
{
revoked = true;
}
}
}
return revoked;
}
/// Add a certification for an id to the given public key.
/// The key the certification is to be added to.
/// The ID the certification is associated with.
/// The new certification.
/// The re-certified key.
public static PgpPublicKey AddCertification(
PgpPublicKey key,
string id,
PgpSignature certification)
{
return AddCert(key, new UserIdPacket(id), certification);
}
/// Add a certification for the given UserAttributeSubpackets to the given public key.
/// The key the certification is to be added to.
/// The attributes the certification is associated with.
/// The new certification.
/// The re-certified key.
public static PgpPublicKey AddCertification(
PgpPublicKey key,
PgpUserAttributeSubpacketVector userAttributes,
PgpSignature certification)
{
return AddCert(key, userAttributes, certification);
}
private static PgpPublicKey AddCert(
PgpPublicKey key,
IUserDataPacket id,
PgpSignature certification)
{
PgpPublicKey returnKey = new PgpPublicKey(key);
IList sigList = null;
for (int i = 0; i != returnKey.ids.Count; i++)
{
if (id.Equals(returnKey.ids[i]))
{
sigList = returnKey.idSigs[i];
}
}
if (sigList != null)
{
sigList.Add(certification);
}
else
{
sigList = new List();
sigList.Add(certification);
returnKey.ids.Add(id);
returnKey.idTrusts.Add(null);
returnKey.idSigs.Add(sigList);
}
return returnKey;
}
///
/// Remove any certifications associated with a user attribute subpacket on a key.
///
/// The key the certifications are to be removed from.
/// The attributes to be removed.
///
/// The re-certified key, or null if the user attribute subpacket was not found on the key.
///
public static PgpPublicKey RemoveCertification(PgpPublicKey key,
PgpUserAttributeSubpacketVector userAttributes)
{
return RemoveCert(key, userAttributes);
}
/// Remove any certifications associated with a given ID on a key.
/// The key the certifications are to be removed from.
/// The ID that is to be removed.
/// The re-certified key, or null if the ID was not found on the key.
public static PgpPublicKey RemoveCertification(PgpPublicKey key, string id)
{
return RemoveCert(key, new UserIdPacket(id));
}
/// Remove any certifications associated with a given ID on a key.
/// The key the certifications are to be removed from.
/// The ID that is to be removed in raw byte form.
/// The re-certified key, or null if the ID was not found on the key.
public static PgpPublicKey RemoveCertification(PgpPublicKey key, byte[] rawId)
{
return RemoveCert(key, new UserIdPacket(rawId));
}
private static PgpPublicKey RemoveCert(PgpPublicKey key, IUserDataPacket id)
{
PgpPublicKey returnKey = new PgpPublicKey(key);
bool found = false;
for (int i = 0; i < returnKey.ids.Count; i++)
{
if (id.Equals(returnKey.ids[i]))
{
found = true;
returnKey.ids.RemoveAt(i);
returnKey.idTrusts.RemoveAt(i);
returnKey.idSigs.RemoveAt(i);
}
}
return found ? returnKey : null;
}
/// Remove a certification associated with a given ID on a key.
/// The key the certifications are to be removed from.
/// The ID that the certfication is to be removed from (in its raw byte form).
/// The certfication to be removed.
/// The re-certified key, or null if the certification was not found.
public static PgpPublicKey RemoveCertification(PgpPublicKey key, byte[] id, PgpSignature certification)
{
return RemoveCert(key, new UserIdPacket(id), certification);
}
/// Remove a certification associated with a given ID on a key.
/// The key the certifications are to be removed from.
/// The ID that the certfication is to be removed from.
/// The certfication to be removed.
/// The re-certified key, or null if the certification was not found.
public static PgpPublicKey RemoveCertification(PgpPublicKey key, string id, PgpSignature certification)
{
return RemoveCert(key, new UserIdPacket(id), certification);
}
/// Remove a certification associated with a given user attributes on a key.
/// The key the certifications are to be removed from.
/// The user attributes that the certfication is to be removed from.
/// The certification to be removed.
/// The re-certified key, or null if the certification was not found.
public static PgpPublicKey RemoveCertification(PgpPublicKey key, PgpUserAttributeSubpacketVector userAttributes,
PgpSignature certification)
{
return RemoveCert(key, userAttributes, certification);
}
private static PgpPublicKey RemoveCert(PgpPublicKey key, IUserDataPacket id, PgpSignature certification)
{
PgpPublicKey returnKey = new PgpPublicKey(key);
bool found = false;
for (int i = 0; i < returnKey.ids.Count; i++)
{
if (id.Equals(returnKey.ids[i]))
{
found |= returnKey.idSigs[i].Remove(certification);
}
}
return found ? returnKey : null;
}
/// Add a revocation or some other key certification to a key.
/// The key the revocation is to be added to.
/// The key signature to be added.
/// The new changed public key object.
public static PgpPublicKey AddCertification(PgpPublicKey key, PgpSignature certification)
{
if (key.IsMasterKey)
{
if (certification.SignatureType == PgpSignature.SubkeyRevocation)
throw new ArgumentException("signature type incorrect for master key revocation.");
}
else
{
if (certification.SignatureType == PgpSignature.KeyRevocation)
throw new ArgumentException("signature type incorrect for sub-key revocation.");
}
PgpPublicKey returnKey = new PgpPublicKey(key);
var sigs = returnKey.subSigs ?? returnKey.keySigs;
sigs.Add(certification);
return returnKey;
}
/// Remove a certification from the key.
/// The key the certifications are to be removed from.
/// The certfication to be removed.
/// The modified key, null if the certification was not found.
public static PgpPublicKey RemoveCertification(PgpPublicKey key, PgpSignature certification)
{
var returnKey = new PgpPublicKey(key);
var sigs = returnKey.subSigs ?? returnKey.keySigs;
bool found = sigs.Remove(certification);
foreach (var idSigs in returnKey.idSigs)
{
found |= idSigs.Remove(certification);
}
return found ? returnKey : null;
}
///
/// Merge the given local public key with another, potentially fresher copy. The resulting public key
/// contains the sum of both keys' user-ids and signatures.
///
///
/// If joinTrustPackets is set to true and the copy carries a trust packet, the joined key will copy the
/// trust-packet from the copy. Otherwise, it will carry the trust packet of the local key.
///
/// local public key.
/// copy of the public key (e.g. from a key server).
/// if true, trust packets from the copy are copied over into the resulting key.
///
/// if true, subkey signatures on the copy will be present in the
/// merged key, even if key was not a subkey before.
/// joined key.
public static PgpPublicKey Join(PgpPublicKey key, PgpPublicKey copy, bool joinTrustPackets,
bool allowSubkeySigsOnNonSubkey)
{
if (key.KeyId != copy.keyId)
throw new ArgumentException("Key-ID mismatch.");
TrustPacket trustPk = key.trustPk;
List keySigs = new List(key.keySigs);
List ids = new List(key.ids);
List idTrusts = new List(key.idTrusts);
List> idSigs = new List>(key.idSigs);
List subSigs = key.subSigs == null ? null : new List(key.subSigs);
if (joinTrustPackets)
{
if (copy.trustPk != null)
{
trustPk = copy.trustPk;
}
}
// key signatures
foreach (PgpSignature keySig in copy.keySigs)
{
bool found = false;
for (int i = 0; i < keySigs.Count; i++)
{
PgpSignature existingKeySig = keySigs[i];
if (PgpSignature.IsSignatureEncodingEqual(existingKeySig, keySig))
{
found = true;
// join existing sig with copy to apply modifications in unhashed subpackets
existingKeySig = PgpSignature.Join(existingKeySig, keySig);
keySigs[i] = existingKeySig;
break;
}
}
if (found)
break;
keySigs.Add(keySig);
}
// user-ids and id sigs
for (int idIdx = 0; idIdx < copy.ids.Count; idIdx++)
{
IUserDataPacket copyId = copy.ids[idIdx];
List copyIdSigs = new List(copy.idSigs[idIdx]);
TrustPacket copyTrust = copy.idTrusts[idIdx];
int existingIdIndex = -1;
for (int i = 0; i < ids.Count; i++)
{
IUserDataPacket existingId = ids[i];
if (existingId.Equals(copyId))
{
existingIdIndex = i;
break;
}
}
// new user-id
if (existingIdIndex == -1)
{
ids.Add(copyId);
idSigs.Add(copyIdSigs);
idTrusts.Add(joinTrustPackets ? copyTrust : null);
continue;
}
// existing user-id
if (joinTrustPackets && copyTrust != null)
{
TrustPacket existingTrust = idTrusts[existingIdIndex];
if (existingTrust == null ||
Arrays.AreEqual(copyTrust.GetLevelAndTrustAmount(), existingTrust.GetLevelAndTrustAmount()))
{
idTrusts[existingIdIndex] = copyTrust;
}
}
var existingIdSigs = idSigs[existingIdIndex];
foreach (PgpSignature newSig in copyIdSigs)
{
bool found = false;
for (int i = 0; i < existingIdSigs.Count; i++)
{
PgpSignature existingSig = existingIdSigs[i];
if (PgpSignature.IsSignatureEncodingEqual(newSig, existingSig))
{
found = true;
// join existing sig with copy to apply modifications in unhashed subpackets
existingSig = PgpSignature.Join(existingSig, newSig);
existingIdSigs[i] = existingSig;
break;
}
}
if (!found)
{
existingIdSigs.Add(newSig);
}
}
}
// subSigs
if (copy.subSigs != null)
{
if (subSigs == null && allowSubkeySigsOnNonSubkey)
{
subSigs = new List(copy.subSigs);
}
else
{
foreach (PgpSignature copySubSig in copy.subSigs)
{
bool found = false;
for (int i = 0; subSigs != null && i < subSigs.Count; i++)
{
PgpSignature existingSubSig = subSigs[i];
if (PgpSignature.IsSignatureEncodingEqual(existingSubSig, copySubSig))
{
found = true;
// join existing sig with copy to apply modifications in unhashed subpackets
existingSubSig = PgpSignature.Join(existingSubSig, copySubSig);
subSigs[i] = existingSubSig;
break;
}
}
if (!found && subSigs != null)
{
subSigs.Add(copySubSig);
}
}
}
}
PgpPublicKey merged = new PgpPublicKey(key, trustPk, keySigs, ids, idTrusts, idSigs);
merged.subSigs = subSigs;
return merged;
}
}
}