The KeyStore object allows the import of keys from external sources.
Supported import sources are public PGP key files (usually with file name extension .asc), private PGP key files, key pairs (public and private key combined in one file), PGP command line and GnuPG key rings (all their keys at once).
As of version 1.9 the new GnuPG/gpg Keybox (.kbx) file format is also supported.
List of examples
- Import public OpenPGP key
- Import private OpenPGP key
- Import OpenPGP key pair
- Import OpenPGP key ring (a lot of keys stored in one file)
- Reusing existing keys from GnuPG and Symantec PGP
- Import GnuPG 2.x keybox .kbx file
- Exceptions
Import public OpenPGP key
The KeyStore.ImportPublicKey method imports a public key inside the KeyStore and returns a DidiSoft.Pgp.KeyPairInformation object with details for the key:
C# example
using System; using DidiSoft.Pgp; public class ImportKeys { public static void Demo() { // initialize the key store KeyStore keyStore = new KeyStore("pgp.keystore", "changeit"); KeyPairInformation key1 = keyStore.ImportPublicKey("public_key.asc"); } } |
VB.NET code
Imports System Imports DidiSoft.Pgp Public Class ImportKeys Public Shared Sub Demo() ' initialize the key store Dim keyStore As New KeyStore("pgp.keystore", "changeit") Dim key1 As KeyPairInformation = keyStore.ImportPublicKey("public_key.asc") End Sub End Class |
Import private OpenPGP key
The KeyStore.ImportPrivateKey method imports a private key inside the KeyStore and returns a DidiSoft.Pgp.KeyPairInformation object with details for the key:
C# example
using System; using DidiSoft.Pgp; public class ImportKeys { public static void Demo() { // initialize the key store KeyStore keyStore = new KeyStore("pgp.keystore", "changeit"); KeyPairInformation key = keyStore.ImportPrivateKey("private_key.asc"); } } |
VB.NET code
Imports System Imports DidiSoft.Pgp Public Class ImportKeys Public Shared Sub Demo() ' initialize the key store Dim keyStore As New KeyStore("pgp.keystore", "changeit") Dim key As KeyPairInformation = keyStore.ImportPrivateKey("private_key.asc") End Sub End Class |
Note that with the ImportPrivateKey method we can import a private key file without specifying its key password, but anyway in order to use it afterward we should pass its password when invoking decryption and signing methods.
Import OpenPGP key pair
The KeyStore.ImportKeyPair methods are designed to import a file containing both a public OpenPGP key and its corresponding private key. If the supplied file contains only public or only a private key, the result DidiSoft.Pgp.KeyPairInformation will reflect only them. If there are no keys inside the source, null will be returned.
C# example
using System; using DidiSoft.Pgp; public class ImportKeys { public static void Demo() { // initialize the key store KeyStore keyStore = new KeyStore("pgp.keystore", "changeit"); KeyPairInformation key = KeyStore.ImportKeyPair("pgpkey.asc"); } } |
VB.NET code
Imports System Imports DidiSoft.Pgp Public Class ImportKeys Public Shared Sub Demo() ' initialize the key store Dim keyStore As New KeyStore("pgp.keystore", "changeit") Dim key As KeyPairInformation = KeyStore.ImportKeyPair("pgpkey.asc") End Sub End Class |
Import OpenPGP key ring (a lot of keys stored in one file)
The KeyStore.ImportKeyRing method allows a lot of keys to be imported at once. This method is especially useful for importing keys from GnuPG and Symantec PGP Command line key containers (see below)
C# example
using System; using DidiSoft.Pgp; public class ImportKeys { public static void Demo() { // initialize the key store KeyStore keyStore = new KeyStore("pgp.keystore", "changeit"); KeyPairInformation[] manyKeys = keyStore.ImportKeyRing("pubring.pkr"); } } |
VB.NET code
Imports System Imports DidiSoft.Pgp Public Class ImportKeys Public Shared Sub Demo() ' initialize the key store Dim keyStore As New KeyStore("pgp.keystore", "changeit") Dim manyKeys As KeyPairInformation() = keyStore.ImportKeyRing("pubring.pkr") End Sub End Class |
Reusing existing keys from GnuPG and Symantec PGP
We can reuse existing key rings from GnuPG and Symantec PGP transparently by importing them in a KeyStore object.
For example, if we wish to use those existing keys in a read-only manner, we have to:
1. create an in-memory located KeyStore object
2. invoke KeyStore.ImportKeyRing to import the public key ring (pubring.pkr for Symantec PGP and pubring.gpg for GnuPG) and the secret key ring (secring.skr for Symantec PGP and secring.gpg for GnuPG)
Afterwards, we can refer to the keys the same way we do from the command line, either by hexadecimal Key Id or by User Id. Check here for an example.
Import GnuPG 2.x .kbx file
GnuPG 2.x uses a new optimized file format for storing public keys known as Keybox file format. In order to import the keys contained in gpg .kbx file we have to use the KeyStore.ImportGnuPgKbx method:
C# example
using System; using DidiSoft.Pgp; public class ImportKeys { public static void Demo() { // initialize the key store KeyStore keyStore = new KeyStore("pgp.keystore", "changeit"); KeyPairInformation[] manyKeys = keyStore.ImportGnuPgKbx("C:\Users\me\AppData\Roaming\gnupg\pubring.kbx"); } } |
VB.NET code
Imports System Imports DidiSoft.Pgp Public Class ImportKeys Public Shared Sub Demo() ' initialize the key store Dim keyStore As New KeyStore("pgp.keystore", "changeit") Dim manyKeys As KeyPairInformation() = keyStore.ImportGnuPgKbx("C:\Users\me\AppData\Roaming\gnupg\pubring.kbx") End Sub End Class |
Exceptions
All Import methods will throw System.IO.IOException in case of I/O related exception.
The caller can also catch the general OpenPGP related error DidiSoft.Pgp.PGPException.
KeyStore.ImportPublicKey will throw DidiSoft.Pgp.Exceptions.WrongPublicKey exception if the provided source doesn’t contain PGP public key
KeyStore.ImportPrivateKey will throw DidiSoft.Pgp.Exceptions.WrongPrivateKey exception if the provided source doesn’t contain PGP public key
Summary
In this chapter we have illustrated how to import OpenPGP keys and whole key rings into a KeyStore object.
You can also check how to export keys from a KeyStore and how to import X.509 keys wrapped transparently as OpenPGP keys.