Use GnuPG Tools or C# Code for PGP Encryption and Signature

For PGP encryption and signature, usually we use PGP command line tools for test purpose and finally use C# application for production.

Mine is a Net Core 2.0 console application using NuGet package PgpCore,  https://github.com/mattosaurus/PgpCore. PgpCore is based on BouncyCastle.NetCore which supports the standard OpenPGP keys. Here w use the popular GnuPG (GPG) tools to generate OpenPGP key pair.

Download and Install GPG for Windows

Download from https://gpg4win.org/download.html. By default the installation will create two folders (here we use command line tools only):

  • Gpg4Win UI (Kleopatra): C:\Program Files (x86)\Gpg4win
  • Command line tools: C:\Program Files (x86)\GnuPG\bin

Generate a GPG Key Pair

For GnuPG 2.2.1 and above:
    C:\Program Files (x86)\GnuPG\bin> gpg --full-generate-key
For old versions of GnuPG:
    C:\Program Files (x86)\GnuPG\bin> gpg --gen-key

Common GPG Commands

List public keys: gpg --list-key or gpg -k
List private keys: gpg --list-secretkey or gpg -K
List and check signatures:  gpg --check-sigs
To delete a key pair, please delete private first, then delete public:
    Delete a private key: gpg --delete-secret-key keyname
    Delete a public key: gpg --delete-key keyname

Export GPG Public Key File

C:\Program Files (x86)\GnuPG\bin>gpg --export -a -o PGPPublicKey.asc keyname
Please send this public key file to the remote server so that the server can validate our signature.

Export GPG Private Key File (if using C# code)

C:\Program Files (x86)\GnuPG\bin>gpg --export-secret-key -a -o PGPPrivateKey.asc keyname

This private key file will be used by the PgpCore package for file signature.

Please note that we don't need to export the private key if we use GPG command line tools only.

Import, Sign and Trust Remote Server's GPG Public Key (if using GPG command tools)

C:\Program Files (x86)\GnuPG\bin>gpg --import RemoteServersPGPPublicKeyFilePath
C:\Program Files (x86)\GnuPG\bin>gpg --sign-key RemoteServersPGPKeyName
C:\Program Files (x86)\GnuPG\bin>gpg --edit-key RemoteServersPGPKeyName (then type trust and quit)

Please note that we don't need to import remote server's public key if we use C# code for encryption and signature.

Encryption and Signature using GPG command tools

Encrypt and Sign:
    C:\Program Files (x86)\GnuPG\bin>gpg -r RecipientKeyName -a -u SenderKeyName -s -e -o encryptedAndSignedFile sourceFile

Descrypt:
    Decrypt: C:\Program Files (x86)\GnuPG\bin>gpg -d -o destinationFile encryptedFile

Encryption and Signature using C# Code

using PgpCore;

using (PGP pgp = new PGP()) {
    pgp.EncryptFileAndSign(Source, EncryptedAndSignedFile, RemoteServersPGPPublicKeyFilePath, ClientsPGPPrivateKeyFilePath, ClientsPGPPrivateKeyPassPhrase, Armor?, IntegrityCheck?);
}


Comments

  1. Make My Digital SignatureThursday, October 10, 2019 7:41:00 am

    I am very grateful you did share your knowledge here. It is an excellent post.Thank you so much for providing such useful content.
    Digital Signature Certificate

    ReplyDelete
  2. DSMFriday, October 11, 2019 6:13:00 am

    Interesting topic for a blog. I have been searching the Internet for fun and came upon your blog Fabulous post. We are the best provider of digital signature certificate

    ReplyDelete
  3. Make My Digital SignatureMonday, November 18, 2019 8:01:00 am

    Reading your blog is really Amazing. Thanks for this one and expect one more from you.
    Get class 2 digital signature certificate at a very reasonable price.

    ReplyDelete
  4. DSMWednesday, November 20, 2019 3:20:00 am

    Thanks for this blog and it is absolutely fantastic.
    Class 2 Digital Signature Provider in Noida

    ReplyDelete
  5. DSC7Friday, November 22, 2019 8:08:00 am

    Thanks for sharing this. Very useful article.
    Digital signature Certificate

    ReplyDelete
  6. DSMMonday, November 25, 2019 5:41:00 am

    I am really happy after read this post. Keep blogging.

    Renew digital signature in Ghaziabad

    ReplyDelete
  7. Make My Digital SignatureTuesday, November 26, 2019 7:06:00 am

    I'm happy to see your instructive post here and yes I'm going to attempt your tips a debt of gratitude is in order for sharing… Keep Sharing


    Class 3 digital signature certificate

    ReplyDelete
  8. DSC7Wednesday, November 27, 2019 6:52:00 am

    This was really what i was looking for and i'm glad to come back right here! Thanks for sharing such treasured statistics with us.

    Digital signature Provider in Delhi

    ReplyDelete
  9. Make My Digital SignatureFriday, December 27, 2019 5:38:00 am

    I've been searching for information on this subject for some time. I'm glad this one is so extraordinary. Keep up the brilliant work.

    Digital signature provider in Delhi

    ReplyDelete
  10. 99digitalsignatureTuesday, January 14, 2020 5:23:00 am

    thankyou for sharing these details we will coordinate with you,doing good job guys
    https://www.99digitalsignature.com

    ReplyDelete
  11. esigndscWednesday, October 21, 2020 1:50:00 am



    I want to thank you. Because for this great post you really deserve a big thumbs up.


    digital signature provider in Gurgaon

    ReplyDelete
  12. Colour PrintersFriday, August 12, 2022 4:05:00 am

    Thank you for all the knowledge that you share, great article. I was extremely interested in the post, and it's impressive.

    printing company sydney

    ReplyDelete
  13. sana AdverdTuesday, August 23, 2022 2:41:00 am

    Pretty! This was an extremely wonderful post. I'm thankful that you're sharing useful and valuable information for all us.
    Shadi dresses design

    ReplyDelete
  14. BuydscdelhiWednesday, September 06, 2023 8:37:00 am

    Awesome article on blog commenting, keep the good work Thank you.Digital Signature In Noida

    ReplyDelete
  15. esigndscFriday, September 08, 2023 6:52:00 am

    First of all thanks to the blogger for sharing and giving useful information. Buy Digital Signature in Chennai

    ReplyDelete
  16. esigndscSaturday, September 09, 2023 3:03:00 am

    Awesome article on blog commenting, keep the good work Thank you. Get Digital Signature in Ghaziabad

    ReplyDelete
  17. BuydscdelhiSaturday, September 09, 2023 7:32:00 am

    This post is really insightful; it has helped me understand so many things.Best Digital Signature Services In Faridabad

    ReplyDelete
  18. Make My Digital SignatureMonday, September 11, 2023 3:46:00 am

    Awesome article on blog commenting, keep the good work Thank you.Best Digital Signature Agency in Ghaziabad

    ReplyDelete
  19. Make My Digital SignatureWednesday, September 13, 2023 8:27:00 am

    Thanks for the wonderful post. I've been looking around the web for this type of information and finally found it.Buy Digital Signature in Chennai

    ReplyDelete
  20. Make My Digital SignatureMonday, September 18, 2023 1:46:00 am

    Happy to see your blog as it is just what I’ve looking for. I am looking forward to another great article from you.Best Digital Signature Services in Faridabad

    ReplyDelete
  21. Make My Digital SignatureWednesday, September 20, 2023 8:02:00 am

    Thank you for describing in detail about blog commenting. It is a valuable tool.Apply Digital Signature in Jalandhar

    ReplyDelete
  22. Make My Digital SignatureFriday, September 22, 2023 4:08:00 am

    Thank you for this helpful article! I have a question though. How many comments should I post per day.Buy Digital Signature In Siwan

    ReplyDelete
  23. Make My Digital SignatureFriday, September 29, 2023 3:36:00 am

    Thanks for posting such an informative article.Apply Digital Signature in Gopalganj

    ReplyDelete
  24. DSMMonday, January 22, 2024 5:21:00 am

    Thank you very much for your valuable information. Digital Signature in Rajkot

    ReplyDelete
  25. DSMMonday, February 12, 2024 4:37:00 am

    Very well constructed about blog commenting. Blog commenting plays a good role in SEO in fact approving the comments is the biggest achievement. Renew Detective Signature Online

    ReplyDelete
  26. esigndscFriday, April 26, 2024 2:20:00 am

    Thank you for describing in detail about blog commenting. It is a valuable tool. Digital Signature in Kolkata

    ReplyDelete
  27. DSMMonday, May 06, 2024 2:42:00 am

    Thanks for this useful article. Digital Signature Certificate For Icegate

    ReplyDelete

Post a Comment

Popular posts from this blog

Errors in Net Core Add-Migration

Visual Studio 2017 version 15.5.2, Net Core 2. Add-Migration error: Exception calling "SetData" with "2" argument(s): "Type  'Microsoft.VisualStudio.ProjectSystem.VS.Implementation.Package.Automation.OAProject' in  assembly 'Microsoft.VisualStudio.ProjectSystem.VS.Implementation, Version=15.0.0.0,  Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a' is not marked as serializable." At C:\Users\wanj\.nuget\packages\entityframework\6.2.0\tools\EntityFramework.psm1:720 char:5 +     $domain.SetData('project', $project) +     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~     + CategoryInfo          : NotSpecified: (:) [], MethodInvocationException     + FullyQualifiedErrorId : SerializationException Exception calling "SetData" with "2" argument(s): "Type  'Microsoft.VisualStudio.ProjectSystem.VS.Implementation.Package.Automation.OAProject' in  assembly 'Microsoft.VisualStudio.ProjectSystem.VS.Impl
Read more

Confusing Concepts about SFTP: SSH2 vs OpenSSH

Credit and copied from https://dada.tw/2008/01/03/70/ Terminology: SSH Protocols and Products SSH A generic term referring to SSH protocols or software products. SSH-1 The SSH protocol, Version 1. This protocol went through several revisions, of which 1.3 and 1.5 are the best known, and we will write SSH-1.3 and SSH-1.5 should the distinction be necessary. SSH-2 The SSH protocol, Version 2, as defined by several draft standards documents of the IETF SECSH working group. SSH1 Tatu Ylönen's software implementing the SSH-1 protocol; the original SSH. Now distributed and maintained (minimally) by SSH Communications Security, Inc. SSH2 The "SSH Secure Shell" product from SSH Communications Security, Inc. This is a commercial SSH-2 protocol implementation, though it is licensed free of charge in some circumstances. ssh (all lowercase letters) A client program included in SSH1, SSH2, OpenSSH, F-Secure SSH, and other
Read more