This chapter shows how to generate a DH/DSS (Diffie-Hellman/Digital Signature Algorithm or DSA) key pair with OpenPGP Library for .NET.
The master signing key of such keypair is a DSA (Digital Signature Algorithm) key and the encryption subkey is an ElGamal key (an implementation of the Diffie-Hellman algorithm).
Key sizes
The accepted values for the key size of the master key (DSA) are 1024 and 2048 bits.
The accepted values for the key size of the encryption sub-key (ElGamal) are 1024, 2048, 3072, 4096, 6144, 8192 bits.
Example code
Generating DH/DSS (DSA) OpenPGP key with default options
The key generated this way has default options for symmetric cipher preferences, hash and compression algorithms.
C# example
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | using System; using DidiSoft.Pgp; public class GenerateKeyPairDHDSS { public static void Demo() { KeyStore ks = KeyStore.OpenFile(@"DataFiles\key.store", "changeit"); long dsaMasterKeyLength = 2048; long dhEncryptionKeylength = 4096; string keyPassword = "changeit"; string userId = "DidiSoft Support <support@didisoft.com>"; ks.GenerateDhDssKeyPair(dsaMasterKeyLength, dhEncryptionKeylength, userId, keyPassword); } } |
VB.NET example
1 2 3 4 5 6 7 8 9 10 11 12 13 14 | Imports System Imports DidiSoft.Pgp Public Class GenerateKeyPairDHDSS Public Shared Sub Demo() Dim ks As KeyStore = KeyStore.OpenFile("DataFiles\key.store", "changeit") Dim dsaMasterKeyLength As Long = 2048 Dim dhEncryptionKeylength As Long = 4096 Dim keyPassword As String = "changeit" Dim userId As String = "DidiSoft Support <support@didisoft.com>" ks.GenerateDhDssKeyPair(dsaMasterKeyLength, dhEncryptionKeylength, userId, keyPassword) End Sub End Class |
Generating a DH/DSS key with custom options
In order to specify custom algorithm preferences for symmetric cipher, hash functions, and compression we shall use the more general KeyStore.GenerateKeyPair method:
C# example
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 | using System; using DidiSoft.Pgp; public class GenerateKeyPairDHDSS { public static void Demo() { KeyStore ks = KeyStore.OpenFile(@"DataFiles\key.store", "changeit"); int keySize = 2048; KeyAlgorithm keyAlgorithm = KeyAlgorithm.DHDSA; String userId = "DH/DSS Key <demo@didisoft.com>"; String privateKeyPassword = "changeit"; HashAlgorithm[] hashing = { HashAlgorithm.SHA1, HashAlgorithm.SHA256, HashAlgorithm.MD5 }; CompressionAlgorithm[] compression = {CompressionAlgorithm.ZIP, CompressionAlgorithm.ZLIB, CompressionAlgorithm.UNCOMPRESSED}; CypherAlgorithm[] cypher = { CypherAlgorithm.AES_128, CypherAlgorithm.CAST5, CypherAlgorithm.BLOWFISH }; DateTime expirationDate = DateTime.Now.AddYears(1); ks.GenerateKeyPair(keySize, userId, keyAlgorithm, privateKeyPassword, compression, hashing, cypher, expirationDate); } } |
VB.NET example
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 | Imports System Imports DidiSoft.Pgp Public Class GenerateKeyPairDHDSS Public Shared Sub Demo() Dim ks As KeyStore = KeyStore.OpenFile("DataFiles\key.store", "changeit") Dim keySize As Integer = 2048 Dim keyAlgorithm As KeyAlgorithm = KeyAlgorithm.DHDSA Dim userId As String = "DH/DSS Key <demo@didisoft.com>" Dim privateKeyPassword As String = "changeit" Dim hashing As HashAlgorithm() = {HashAlgorithm.SHA1, _ HashAlgorithm.SHA256, _ HashAlgorithm.MD5} Dim compression As CompressionAlgorithm() = _ {CompressionAlgorithm.ZIP, _ CompressionAlgorithm.ZLIB, _ CompressionAlgorithm.UNCOMPRESSED} Dim cypher As CypherAlgorithm() = {CypherAlgorithm.AES_128, _ CypherAlgorithm.CAST5, _ CypherAlgorithm.BLOWFISH} Dim expirationDate As DateTime = DateTime.Now.AddYears(1) ks.GenerateKeyPair(keySize, _ userId, _ keyAlgorithm, _ privateKeyPassword, _ compression, _ hashing, _ cypher, _ expirationDate) End Sub End Class |
Async support
In order to create a key pair asynchronously, we have to use the DidiSoft.Pgp.KeyStoreAsync class which provides the same key creation methods with Async suffixes.
Summary
In this chapter, we have discussed DH/DSS (DSA) OpenPGP key generation with DidiSoft OpenPGP Library for .NET.
You may also consider reading RSA OpenPGP key pair generation or the new type of ECC/OpenPGP keys, key exporting and importing.
The library ships with a visual KeyTool WinForms application located under <library install folder>/Examples, that can be used to examine key generation and many other operations with a KeyStore.
List of methods used:
- KeyStore.GenerateDhDssKeyPair – Generates a DH/DSS OpenPGP key pair with default options
- KeyStore.GenerateKeyPair – Generates an OpenPGP key pair with custom options