mattosaurus
commented
5 months ago I think there's a few bugs here.
We're currently ignoring the specified public key algorithim and just defaulting to RSA.
We were also ignoring the passed through hash algorithim and so were defaulting to SHA1 for all key generation.
I've fixed the hash algorithim bug #292 but allowing the use of anything but RSA (DSA in your case) looks like quite a bit more work so will take me a while to figure out.
pcgitjo
I am having issues generating keys with different PublicKeyAlgorithmTag and HasAlgorithmTag. The code below produces an error (see below). If I remove the line "pgp.PublicKeyAlgorithm.." everything works but it does not seem to be using SHA256 as the Hash Algorithm and rather continuing to default to SHA1.
The following code: BouncyCastle Version: BouncyCastle.NET Cryptography (net6.0) v2.1.1+851feee009 PgpCore Version: 6.3.1
`using (PGP pgp = new()) {
pgp.PublicKeyAlgorithm = Org.BouncyCastle.Bcpg.PublicKeyAlgorithmTag.Dsa; pgp.GenerateKey(publicKeyFileInfo, privateKeyFileInfo, config.UserID, config.UserID, 4096, 12, true, false, 0, 0, null, new Org.BouncyCastle.Bcpg.HashAlgorithmTag[] { Org.BouncyCastle.Bcpg.HashAlgorithmTag.Sha256 }, new Org.BouncyCastle.Bcpg.SymmetricKeyAlgorithmTag[] { Org.BouncyCastle.Bcpg.SymmetricKeyAlgorithmTag.Aes128 }); };`
produces "invalid key" from BouncyCastle.Cryptography at:
at Org.BouncyCastle.Bcpg.OpenPgp.PgpSignatureGenerator.InitSign(Int32 sigType, PgpPrivateKey privKey, SecureRandom random) at Org.BouncyCastle.Bcpg.OpenPgp.PgpSignatureGenerator.InitSign(Int32 sigType, PgpPrivateKey privKey) at Org.BouncyCastle.Bcpg.OpenPgp.PgpSecretKey.CertifiedPublicKey(Int32 certificationLevel, PgpKeyPair keyPair, String id, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets) at Org.BouncyCastle.Bcpg.OpenPgp.PgpSecretKey..ctor(Int32 certificationLevel, PgpKeyPair keyPair, String id, SymmetricKeyAlgorithmTag encAlgorithm, Byte[] rawPassPhrase, Boolean clearPassPhrase, Boolean useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) at Org.BouncyCastle.Bcpg.OpenPgp.PgpKeyRingGenerator..ctor(Int32 certificationLevel, PgpKeyPair masterKey, String id, SymmetricKeyAlgorithmTag encAlgorithm, Byte[] rawPassPhrase, Boolean useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) at Org.BouncyCastle.Bcpg.OpenPgp.PgpKeyRingGenerator..ctor(Int32 certificationLevel, PgpKeyPair masterKey, String id, SymmetricKeyAlgorithmTag encAlgorithm, Boolean utf8PassPhrase, Char[] passPhrase, Boolean useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) at Org.BouncyCastle.Bcpg.OpenPgp.PgpKeyRingGenerator..ctor(Int32 certificationLevel, PgpKeyPair masterKey, String id, SymmetricKeyAlgorithmTag encAlgorithm, Char[] passPhrase, Boolean useSha1, PgpSignatureSubpacketVector hashedPackets, PgpSignatureSubpacketVector unhashedPackets, SecureRandom rand) at PgpCore.PGP.GenerateKey(Stream publicKeyStream, Stream privateKeyStream, String username, String password, Int32 strength, Int32 certainty, Boolean armor, Boolean emitVersion, Int64 keyExpirationInSeconds, Int64 signatureExpirationInSeconds, CompressionAlgorithmTag[] preferredCompressionAlgorithms, HashAlgorithmTag[] preferredHashAlgorithmTags, SymmetricKeyAlgorithmTag[] preferredSymetricKeyAlgorithms) at PgpCore.PGP.GenerateKey(FileInfo publicKeyFileInfo, FileInfo privateKeyFileInfo, String username, String password, Int32 strength, Int32 certainty, Boolean armor, Boolean emitVersion, Int64 keyExpirationInSeconds, Int64 signatureExpirationInSeconds, CompressionAlgorithmTag[] preferredCompressionAlgorithms, HashAlgorithmTag[] preferredHashAlgorithmTags, SymmetricKeyAlgorithmTag[] preferredSymetricKeyAlgorithms) at PGPCLI.Program.GenKeys(Config config) in C:\p\data\DataAndAnalytics\console\cli\pgp\Program.cs:line 165