Verifying OpenPGP signed or cleartext signed data with VB.NET

This page contains sample code for verifying OpenPGP signed data in VB.NET using DidiSoft OpenPGP Library for .NET.

Verify a signed or clear text signed file

1. with public key from a file
2. with public key located in a KeyStore

Verify a signed or clear text signed String message

4. with public key from a file
3. with public key located in a KeyStore

Verify a signed or clear text signed Stream

5. with a sender’s public key as Stream
6. with a sender’s public key located in a KeyStore

1. Verifying a signed or clear text signed file using sender’s public key located also in a file

VB.NET example how to verify a file containing OpenPGP signed or cleartext signed data:

Imports System
Imports DidiSoft.Pgp
 
Public Class VerifyDemo
    Public Sub Demo()
        ' create an instance of the library
        Dim pgp As New PGPLib()
 
        ' check the signature and extract the data 
        Dim signatureCheck As SignatureCheckResult = _
             pgp.VerifyFile("C:\Test\INPUT.pgp", _
                            "C:\Test\public_key.asc", _
                            "C:\Test\OUTPUT.txt")
 
	If signatureCheck = SignatureCheckResult.SignatureVerified Then
		Console.WriteLine("Signare OK")
	ElseIf signatureCheck = SignatureCheckResult.SignatureBroken Then
		Console.WriteLine("Signare of the message is either broken or forged")
	ElseIf signatureCheck = SignatureCheckResult.PublicKeyNotMatching Then
		Console.WriteLine("The provided public key(s) doesn't match the signature")
	ElseIf signatureCheck = SignatureCheckResult.NoSignatureFound Then
		Console.WriteLine("This message is not digitally signed")
	End If
    End Sub
End Class

2. Verify a signed or clear text signed file using sender’s public key located in a KeyStore

This example is equivalent to the above, except that the verifying public key is contained in a KeyStore object and there is no need to specify explicitly the exact key:

Imports System
Imports DidiSoft.Pgp
 
Class KeyStoreVerifyFile
 Public Shared Sub Demo()
	' create an instance of the library
	Dim pgp As New PGPLib()
 
	' initialize the KeyStore
	' If the keystore file does not exists, it is created.
	Dim ks As New KeyStore("DataFiles\key.store", "changeit")
 
	' verify OpenPGP signed or clear text signed file
	Dim outputFileLocation As String = "DataFiles\OUTPUT.txt"
	Dim signatureCheck As SignatureCheckResult = _
             pgp.VerifyFile("DataFiles\OUTPUT.pgp", _
                            ks, _
                            outputFileLocation)
 
	' Print the results
	Console.WriteLine("Extracted data in " + outputFileLocation)
 
	If signatureCheck = SignatureCheckResult.SignatureVerified Then
		Console.WriteLine("Signare OK")
	ElseIf signatureCheck = SignatureCheckResult.SignatureBroken Then
		Console.WriteLine("Signare of the message is either broken or forged")
	ElseIf signatureCheck = SignatureCheckResult.PublicKeyNotMatching Then
		Console.WriteLine("The provided public key(s) doesn't match the signature")
	ElseIf signatureCheck = SignatureCheckResult.NoSignatureFound Then
		Console.WriteLine("This message is not digitally signed")
	End If
 End Sub
End Class

3. Verify a String message using the sender’s public key located in a file

VB.NET example illustrating how to verify PGP signed data supplied in ASCII armored format in a variable of type String:

Imports System
Imports System.IO
Imports DidiSoft.Pgp
 
Class VerifyString
  Public Shared Sub Demo()
   ' obtain an OpenPGP signed message
   Dim signedString As String = SignString.Demo()
 
   ' Extract the message and check the validity of the signature
   Dim plainText As String
   Dim pgp As New PGPLib()
   Dim signatureCheck As SignatureCheckResult = _
     pgp.VerifyString(signedString, _
                      New FileInfo("c:\public_key.asc"), _
		      plainText)
 
   ' Print the results
   Console.WriteLine("Extracted plain text message is " + plainText)
 
   If signatureCheck = SignatureCheckResult.SignatureVerified Then
        Console.WriteLine("Signare OK")
   ElseIf signatureCheck = SignatureCheckResult.SignatureBroken Then
	Console.WriteLine("Signare of the message is either broken or forged")
   ElseIf signatureCheck = SignatureCheckResult.PublicKeyNotMatching Then
	Console.WriteLine("The provided public key(s) doesn't match the signature")
   ElseIf signatureCheck = SignatureCheckResult.NoSignatureFound Then
	Console.WriteLine("This message is not digitally signed")
   End If
  End Sub
End Class

4. Verify a string message using sender’s public key located in a KeyStore

The equivalent example with a public key obtained from a KeyStore is available below:
VB.NET example

Imports System
Imports DidiSoft.Pgp
 
Class KeyStoreVerifyString
 Public Shared Sub Demo()
   ' obtain an OpenPGP signed message
   Dim signedString As String = KeyStoreSignString.Demo()
 
   ' Extract the message and check the validity of the signature
   Dim plainText As String
   Dim pgp As New PGPLib()
   Dim ks As New KeyStore("DataFiles\key.store", "changeit")
   Dim signatureCheck As SignatureCheckResult = pgp.VerifyString(signedString, ks, plainText)
 
   ' Print the results
   Console.WriteLine("Extracted plain text message is " + plainText)
 
   If signatureCheck = SignatureCheckResult.SignatureVerified Then
	Console.WriteLine("Signare OK")
   ElseIf signatureCheck = SignatureCheckResult.SignatureBroken Then
	Console.WriteLine("Signare of the message is either broken or forged")
   ElseIf signatureCheck = SignatureCheckResult.PublicKeyNotMatching Then
	Console.WriteLine("The provided public key(s) doesn't match the signature")
   ElseIf signatureCheck = SignatureCheckResult.NoSignatureFound Then
	Console.WriteLine("This message is not digitally signed")
   End If
 End Sub
End Class

5. Verify a signed or clear text signed Stream with a sender’s public key as Stream

This VB.NET example demonstrates how to verify and extract OpenPGP signed data available in Stream ready for reading:

Imports System
Imports System.IO
Imports DidiSoft.Pgp
 
Public Class VerifyStream
 Public Sub Demo()
  ' create an instance of the library
  Dim pgp As New PGPLib()
 
  ' The data and the public key can be any kind of stream
  Dim dataStream As Stream = File.OpenRead("c:\signed.pgp")
  Dim publicKeyStream As Stream = File.OpenRead("c:\public_key.asc")
 
  Dim outputStream As Stream = New MemoryStream()
 
  ' verify signed or clear text signed stream
  Dim signatureCheck As SignatureCheckResult = _
			pgp.VerifyStream(dataStream, _
					publicKeyStream, _
					outputStream)
 
  If signatureCheck = SignatureCheckResult.SignatureVerified Then
	Console.WriteLine("Signare OK")
  ElseIf signatureCheck = SignatureCheckResult.SignatureBroken Then
	Console.WriteLine("Signare of the message is either broken or forged")
  ElseIf signatureCheck = SignatureCheckResult.PublicKeyNotMatching Then
	Console.WriteLine("The provided public key(s) doesn't match the signature")
  ElseIf signatureCheck = SignatureCheckResult.NoSignatureFound Then
	Console.WriteLine("This message is not digitally signed")
  End If
 
  ' We must reinitialize the output in order to read from it later
  TryCast(outputStream, MemoryStream).Positon = 0
 End Sub
End Class

6. Verify a Stream when the public key of the sender is in a KeyStore

The same code above rewritten to support public key from a KeyStore object:

Imports System
Imports System.IO
Imports DidiSoft.Pgp
 
Class KeyStoreVerifyStream
 Public Shared Sub Demo()
   ' create an instance of the library
   Dim pgp As New PGPLib()
 
   ' initialize the KeyStore that contains the sender's public key
   Dim ks As New KeyStore("c:\my_key.store", "changeit")
 
   ' The data and the output can be any kind of stream
   Dim dataStream As Stream = File.OpenRead("c:\signed.pgp")
   Dim outputStream As Stream = New MemoryStream()
 
   ' verify
   Dim outputFileLocation As String = "c:\OUTPUT.txt"
   Dim signatureCheck As SignatureCheckResult = pgp.VerifyStream(dataStream, ks, outputStream)
 
   ' We must reinitialize the output in order to read from it later
   TryCast(outputStream, MemoryStream).Position = 0
 
   If signatureCheck = SignatureCheckResult.SignatureVerified Then
	Console.WriteLine("Signare OK")
   ElseIf signatureCheck = SignatureCheckResult.SignatureBroken Then
	Console.WriteLine("Signare of the message is either broken or forged")
   ElseIf signatureCheck = SignatureCheckResult.PublicKeyNotMatching Then
	Console.WriteLine("The provided public key(s) doesn't match the signature")
   ElseIf signatureCheck = SignatureCheckResult.NoSignatureFound Then
	Console.WriteLine("This message is not digitally signed")
   End If
 End Sub
End Class

Summary

These examples are an extension to the tutorial illustrating how to verify OpenPGP signed data in C#

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Verifying OpenPGP signed or cleartext signed data with VB.NET

Table of contents