forwarding this since i think it was bounced.
Subject: Re: [dev-crypto-csharp] Need advice on how to implemnet my use case
for PGP
From: [email protected]
Date: Wed, 19 Sep 2012 18:34:28 +0800
CC: [email protected]
To: [email protected]
Hi Christoph,
1st off thank you very much for taking the time to reply back to my very
dimwitted questions. So I've done some reading and I have a better idea of PGP
and encryption. So just to reiterate them, PGP is more like a combination of
more basic encryption methods pieced together methodically. Bouncy's API
provides implementations for this various basic encryption methods like RSA..
and Bouncy's implementation of PGP is probably based of other basic classes as
well. That said some interesting questions came to mind.. A big reason I plan
to use bouncy's api or the c# version at least, is cause I'm developing this
API for the Unity3d game engine which uses c# as one of its scripting
languages. Anyways how much of the original API can I safely trim down/omit so
that I can get a dll streamlined for PGP only. And another random idea that
came to mind was .net's System.Security.Cryptography also supports some basic
encryption methods is it possible to string these together to get something simi
Thanks again,Zaid
On Sep 19, 2012, at 4:12 PM, Christoph Hannebauer wrote:
Hi Zaid,
you should probably start reading about encryption in general.
From your description, I am uncertain whether you know the
difference between Symmetric and Asymmetric Cryptography. The
Wikipedia is a good start:
<http://en.wikipedia.org/wiki/Cryptography#Modern_cryptography>.
You do not have to know the math behind cryptography if you just
want to use cryptography, but you should know the use cases of the
different technologies.
Once you have got an overview, you should find out, how PGP
implements Cryptography. I believe you should not start
programming right away, instead you should play around with GPG or
the like. Encrypt and decrypt some files, change the password on
your PGP key, export keys and import them on another machine or
into another keyring. You can find details about the PGP protocol
in RFC 4880.
After you know how to use GPG, it will be less difficult to
understand the Bouncy Castle Crypto API :-).
There is another popular cryptography protocol, defined by
standards X.509, PKIX, S/MIME and PKCS. Maybe these are an
alternative to PGP. Bouncy Castle supports both, but I think X.509
has better support in general. Java and C# offer native methods to
process those and most operating systems have some kind of support
for X.509. X.509 is also used for TLS (e.g. HTTPS). PGP is
probably sufficient to achive your goal, though, so this is for
bonus ;-).
Good luck and best wishes,
Christoph
On 19.09.2012 02:30, Muhd Zaid wrote:
Hi,
I'm relatively new to encryption and quite frankly I'm
lost. Let me try to explain my use case properly..
I need an API that can run both on the client side and the
server side. It needs to be able to send 128 bit PGP
encrypted xml files to and from the game client and the
game server.
I've considered looking at
the c# implementation of bouncy castle's API since it
could easily allow me to make an api that could run as a
plugin in-game as well as a standalone program server
side.
However its sheer size and
the lack of good documentation have put me at a loss.
I’ve been following examples from this site
http://ledwith.org/2009/08/pgp-decryption-with-c/
but I keep getting the exception “can’t find signing key
in key ring”. I’m generating my keys with gpgtools a
gnuPG implementation for
mac. Quite frankly I don’t know where to start to isolate
the problem.
As this is my 1st task as a
junior programmer at my company, ideally I would like to
be able to roll out my own solution for this API but
bouncy’s API is so huge and add to the fact I have no
encryption experience or background I’m at a loss. I’d be
nice if anyone could also highlight the classes that I
need to zoom in for use...
A little background about
myself, I’m CS bachelor but I majored in game development
so I know how to code, I’m just lost with how to approach
this problem and use bouncy’s API for PGP.
Thanks in advance,
Zaid
