Contents
- Introduction
- Assumptions
- Features
- Using the Code
- GenerateKey
- PGPEncryptFile
- PGPEncryptFileAndSign
- PGPDecryptFile
ChoPGP library is an open source PGP library for .NET. It is a simple PGP wrapper library over Bouncy Castle library. It includes methods for PGP encryption, decryption, decrypt and verify, key generation, supports both key store and keys located in files. 100% managed code.
This article explains how to use this library to encrypt, sign, decrypt or verify OpenPGP messages. ChoPGP has been developed to be an Open Source implementation of the OpenPGP standard. OpenPGP is a standard for encrypting, decrypting, signing and verifying data cryptographically. The OpenPGP protocol is commonly used and is said to be very secure.
Fortunately, there is a free OpenPGP implementation available, Bouncy Castle. That is a really full-featured and stable implementation of OpenPGP protocol.
This wrapper library simplifies the use of it to PGP encrypt and decrypt files in no time.
This article assumes you have some basic understanding of public key cryptography.
Some of the features provided by ChoPGP are:
- Encrypt/Decrypt files and streams with PGP using a single line of code
- Synchronous or asynchronous operation
- Public/Private key ring file generation
- ASCII Armor, data integrity packets, etc.
Nuget Command: Install-Package ChoPGP
This library exposes ChoPGPEncryptDecrypt
class to do PGP encryption and decryption process.
public class ChoPGPEncryptDecrypt : IDisposable
{
public void DecryptFile(string inputFilePath, string outputFilePath,
string privateKeyFilePath, string passPhrase);
public Task DecryptFileAsync(string inputFilePath, string outputFilePath,
string privateKeyFilePath, string passPhrase);
public void EncryptFile(string inputFilePath, string outputFilePath,
string publicKeyFilePath, bool armor, bool withIntegrityCheck);
public Task EncryptFileAsync(string inputFilePath, string outputFilePath,
string publicKeyFilePath, bool armor, bool withIntegrityCheck);
public void EncryptFileAndSign(string inputFilePath, string outputFilePath,
string publicKeyFilePath, string privateKeyFilePath, string passPhrase, bool armor);
public Task EncryptFileAndSignAsync(string inputFilePath, string outputFilePath,
string publicKeyFilePath, string privateKeyFilePath, string passPhrase, bool armor);
public void GenerateKey(Stream publicKeyStream, Stream privateKeyStream,
string username = null, string password = null, int strength = 1024, int certainty = 8);
public void GenerateKey(string publicKeyFilePath, string privateKeyFilePath,
string username = null, string password = null, int strength = 1024, int certainty = 8);
public Task GenerateKeyAsync(string publicKeyFilePath, string privateKeyFilePath,
string username = null, string password = null, int strength = 1024, int certainty = 8);
}
In this section, you will learn how to use the ChoPGP
assembly to generate PGP key ring.
using (ChoPGPEncryptDecrypt pgp = new ChoPGPEncryptDecrypt())
pgp.GenerateKey("pub.asc", "pri.asc", "mark@gmail.com", "Test123");
where:
publicKeyFilePath
- File path to store the PGP public key info. Put this key on your website or at the bottom signature of your email messages. Anyone wishing to contact you in private will have your public PGP to send you encrypted messages privateKeyFilePath
- File path to store the PGP private key info. Save your PGP private key in a file on your computer and keep it as confidential as possible. userName
- Your email address is recommended for generating your PGP keys.
Your email address will be included as public information in your public PGP key, so your public key can be easily imported by any third-party PGP software. If you do not supply your email address, your PGP decryption software may be unable to link your email address to your public PGP key, and therefore unable to automatically encrypt/decrypt email messages. As a result, you will have to manually decrypt messages each time you receive a PGP-encrypted message. password
- Pick a password to protect your private PGP key.
This password offers an extra layer of protection in case someone manages to steal your public PGP key. strength
- The key strength. Default value is 1024. certainty
- Certainty for prime evaluation. Bouncy Castle uses this number to generate random number and checks whether or not they are prime numbers using prime test algorithm. Default value is 8.
In this section, you will learn how to use the ChoPGP
assembly to encrypt data.
To PGP encrypt a file synchronously:
using (ChoPGPEncryptDecrypt pgp = new ChoPGPEncryptDecrypt())
{
pgp.EncryptFile("SampleData.txt", "SampleData.PGP", "Pub.asc", true, false);
}
where:
inputFilePath
- Plain data file path to be encrypted outputFilePath
- Output PGP encrypted file path publicKeyFilePath
- PGP public key file path armor
- True
, means a binary data representation as an ASCII-only text. Otherwise, false
withIntegrityCheck
- True
, to perform integrity packet check on input file. Otherwise, false
To PGP encrypt a file asynchronously:
using (ChoPGPEncryptDecrypt pgp = new ChoPGPEncryptDecrypt())
{
pgp.EncryptFileAsync("SampleData.txt", "SampleData.PGP", "Pub.asc", true, false);
}
To PGP encrypt a file and sign synchronously:
using (ChoPGPEncryptDecrypt pgp = new ChoPGPEncryptDecrypt())
{
pgp.EncryptFileAndSign("SampleData.txt", "SampleData.PGP", "Pub.asc", "Pri.asc",
"Test123", true);
}
where:
inputFilePath
- Plain data file path to be encrypted outputFilePath
- Output PGP encrypted file path publicKeyFilePath
- PGP public key file path privateKeyFilePath
- PGP secret key file path password
- PGP secret key password armor
- True
, means a binary data representation as an ASCII-only text. Otherwise, false
To PGP encrypt a file and sign asynchronously:
using (ChoPGPEncryptDecrypt pgp = new ChoPGPEncryptDecrypt())
{
pgp.EncryptFileAndSignAsync("SampleData.txt", "SampleData.PGP", "Pub.asc", "Pri.asc",
"Test123", true);
}
In this section, you will learn how to use the ChoPGP
assembly to decrypt data.
To PGP decrypt a file synchronously:
using (ChoPGPEncryptDecrypt pgp = new ChoPGPEncryptDecrypt())
{
pgp.DecryptFile("SampleData.PGP", "SampleData.OUT", "Pri.asc", "Test123");
}
where:
inputFilePath
- PGP encrypted data file outputFilePath
- Output of decrypted file path privateKeyFilePath
- PGP secret key file path password
- PGP secret key password
To PGP decrypt a file asynchronously:
using (ChoPGPEncryptDecrypt pgp = new ChoPGPEncryptDecrypt())
{
pgp.DecryptFileAsync("SampleData.PGP", "SampleData.OUT", "Pri.asc", "Test123");
}