In order to allow more flexible exchange of public keys between members of an organization, the keys can be submitted to a central store. One of those stores used widely at production sites is the LDAP OpenPGP key server, like Symantec Encryption Management Server (SEMS, previously PGP Universal Server) and OpenLDAP/slapd with PGP LDAP scheme installed.
DLL file and namespace
The functionality is available in the class LdapClient located in the namespace DidiSoft.Pgp.Net.
As of version 1.7.10, you will have to reference and deploy with your application an additional DLL
[library installation folder]\Bin\DidiSoft.Pgp.Net.LdapClient.dll
Table of Contents
In this chapter, we will demonstrate how to exchange keys with LDAP OpenPGP key servers.
1. Searching for keys
2. Uploading a key
3. Exception handling
4. Supported .NET patforms
Searching for a key
We can search for a key by referencing it by it’s Key Id, hexadecimal Key Id or part or the whole User Id. The example below illustrates retrieval of the first matching key:
Searching for the first matching keys
C# example
1 2 3 4 5 6 7 | DidiSoft.Pgp.Net.LdapClient ldap = new DidiSoft.Pgp.Net.LdapClient("keyserver.pgp.com"); ldap.PartialMatchUserIds = true; DidiSoft.Pgp.KeyPairInformation key = ldap.GetSingleKeyByUserId("Didisoft");if (key != null) { Console.WriteLine("Found key: " + key.UserId); } |
VB.NET example
1 2 3 4 5 6 | Dim ldap As New DidiSoft.Pgp.Net.LdapClient("keyserver.pgp.com") ldap.PartialMatchUserIds = True Dim key As DidiSoft.Pgp.KeyPairInformation = ldap.GetSingleKeyByUserId("Didisoft")If Not IsNothing(key) Then Console.WriteLine("Found key: " + key.UserId) End If |
Searching for multiple keys
When using Partial matching of the user Id, we can get all the matching keys with GetMultipleKesByUserId.In the sample code below we are also using the wild card symbol *that will match any character sequence:
1 2 3 4 5 | DidiSoft.Pgp.KeyPairInformation[] keys = ldap.GetMultipleKeysByUserId("Didisoft*"); foreach (DidiSoft.Pgp.KeyPairInformation key in keys) { Console.WriteLine("Found key: " + key.UserId); } |
Searching by key Id
1 2 3 4 5 | DidiSoft.Pgp.KeyPairInformation key = ldap.GetSingleKeyByKeyIdHex("9A652C43"); if (key != null) { Console.WriteLine("Found key: " + key.UserId); } |
Uploading a key
The key upload is simply invoking the method submitKey of the LdapClient class. For private LDAP servers like a private Symantec Encryption Management Server usually you will have to authenticate by using the LdapClient constructor that accepts username and password parameters.
C# example
DidiSoft.Pgp.Net.LdapClient ldap = new DidiSoft.Pgp.Net.LdapClient("keyserver.pgp.com"); ldap.SubmitKey(File.ReadAllBytes(@"c:\Test\My_key.asc")); |
VB.NET example
Dim ldap As New DidiSoft.Pgp.Net.LdapClient("keyserver.pgp.com") ldap.SubmitKey(File.ReadAllBytes("c:\Test\My_key.asc")) |
Exception handling
All methods for interaction with an LDAP server throws:
DidiSoft.Pgp.Net.LdapKeyServerException – in case of a network error
Supported platforms
This functionality is available only in the standard .NET Framework and .NET Standard
Summary
This chapter was a brief introduction to how to exchange keys with LDAP OpenPGP keys servers with C# and VB.NET examples.
You may also be interested in exchanging keys with HKP key servers.