Seems that the latest development code in GitHub has it implemented, I
downloaded made some formatting fixes on file that made compilation fail and
was able to come up with a way to generate a revocation certificate. Any idea
when the next version of BC in C# will be released with this changes? or at
least point me in the correct direction to get all of these changes in to a
single DLL for some reason it compiled to several DLLs for me.
Thanks,
Carlos
Here is the method I came up with that I will later fix up.
public static void GenerateCertificate(PgpSecretKey SecretKey, char[]
Passhrase, string Reason, string RevokeDescription, string OutFile)
{
RevocationReasonTag RevokeReason;
if (string.Equals(Reason, "Compromised",
StringComparison.CurrentCultureIgnoreCase))
{
RevokeReason = RevocationReasonTag.KeyCompromised;
}
else if (string.Equals(Reason, "Retired",
StringComparison.CurrentCultureIgnoreCase))
{
RevokeReason = RevocationReasonTag.KeyRetired;
}
else if (string.Equals(Reason, "Superseded",
StringComparison.CurrentCultureIgnoreCase))
{
RevokeReason = RevocationReasonTag.KeySuperseded;
}
else if (string.Equals(Reason, "NoReason",
StringComparison.CurrentCultureIgnoreCase))
{
RevokeReason = RevocationReasonTag.NoReason;
}
else if (string.Equals(Reason, "Invalid",
StringComparison.CurrentCultureIgnoreCase))
{
RevokeReason = RevocationReasonTag.UserNoLongerValid;
}
else
{
RevokeReason = RevocationReasonTag.NoReason;
}
PgpSignatureSubpacketGenerator subHashGenerator = new
PgpSignatureSubpacketGenerator();
PgpSignatureSubpacketGenerator subUnHashGenerator = new
PgpSignatureSubpacketGenerator();
PgpPrivateKey privKey = SecretKey.ExtractPrivateKey(Passhrase);
PgpSignatureGenerator generator = new
PgpSignatureGenerator(SecretKey.PublicKey.Algorithm , HashAlgorithmTag.Sha256);
generator.InitSign(PgpSignature.KeyRevocation, privKey, new
SecureRandom());
subHashGenerator.SetSignatureCreationTime(false, DateTime.UtcNow);
subHashGenerator.SetRevocationReason(false, RevokeReason,
RevokeDescription);
subUnHashGenerator.SetRevocationKey(false,
SecretKey.PublicKey.Algorithm, SecretKey.PublicKey.GetFingerprint());
generator.SetHashedSubpackets(subHashGenerator.Generate());
generator.SetUnhashedSubpackets(subUnHashGenerator.Generate());
PgpSignature signature =
generator.GenerateCertification(SecretKey.PublicKey);
MemoryStream mStream = new MemoryStream();
using (ArmoredOutputStream outAStream = new
ArmoredOutputStream(mStream))
{
outAStream.SetHeader("Version", "Posh-OpenPGP");
signature.Encode(outAStream);
outAStream.Close();
}
mStream.Position = 0;
var sr = new StreamReader(mStream);
string armour = sr.ReadToEnd();
string outstr = armour.Replace("BEGIN PGP SIGNATURE", "BEGIN PGP
PUBLIC KEY BLOCK").Replace("END PGP SIGNATURE", "END PGP PUBLIC KEY BLOCK");
System.IO.File.WriteAllText(OutFile, outstr);
}
On Oct 9, 2013, at 4:53 PM, Carlos Perez <[email protected]> wrote:
> Hi
>
> As I started to work on key revocation I noticed that some methods where
> missing from PgpSignatureSubPacketGenerator that are present on the Java
> library for setting the revocation reason and the the key fingerprint to
> generate the certificate for, I should be able with the generator to do
> .setRevocationReason(false, reason, description) and add that to the
> HashedPacket and use .setIssuerKeyID() in another generator to generate an
> unhashed packet to add. Are these implemented in the C# library or the Java
> approach is different from the C# approach on this one?
>
> PgpSignatureSubpacketGenerator subHashGenerator = new
> PgpSignatureSubpacketGenerator();
> PgpPrivateKey privKey = SecretKey.ExtractPrivateKey(passPhrase);
> PgpSignatureGenerator generator = new
> PgpSignatureGenerator(SecretKey.PublicKey.Algorithm , HashAlgorithmTag.Sha1);
> generator.InitSign(PgpSignature.KeyRevocation, privKey, new
> SecureRandom());
> subHashGenerator.SetSignatureCreationTime(true, DateTime.UtcNow);
