Encryption, PGP, and .NET

[The One We Call 'Dave']

Hi there,

I read a Microsoft paper explaining the basic concepts of encryption.
For example, I now understand the difference between asymmetric and
symmetric encryption and have successfully used the .NET crypto classes.

I'm now working on a project where I need to download a file from a bank
and process it. The bank's policy is encrypt the file using something called
a "PGP key." I need a way to decrypt it but I'm not sure where to start.
According to the admin at the bank, PGP is an asymmetric algorithm. I
interpreted this to mean that I would give the admin at the bank a public
key which he would use to encrypt the file and when I receive it, I'd
decrypt it with my private key. Correct?

So, I used the .NET classes to create the following public key and I
sent it to the admin at the bank:

<RSAKeyValue><Modulus>151Vw6Kq51bpblahblahblahWCkPmD345ncclzFrmeb9fjpE+B6VsIAqP3kahu00p33BmFpDpXOcgiuRC2En0HoGqyZB9ifvNlPhT7flZ1uVuC9JtywG3FmYRsqbpJuT7VTIAHYExU6T/FyRuyIbhdUVwhue7ARaObsEWszE1IoM7+XcYYs=</Modulus><Exponent>AQAB</Exponent><P>+7OU6YErvfk84O/2bX5s2753xE+pdiyJl3j8gy4zMh4UKeKVhyxgSJJCvNTl9XVIya6xnCWPkHVy8ylNqyLiHQ==</P><Q>20v7/nODe/jKcbsiYEwzGXp0ZyiG17JqzOBKrDFu6bwPiAEHzZln0CYfUn0EhJdCmetaq9WFXk27mbK3Z6aBxw==</Q><DP>RpoN6B26dlRGFlZZCkePI2he0esCfsppYdqnAejgpWs4frM2/C6fZ1vXan5RbrOSUjg1S7ZhecToFHr+dUWYpQ==</DP><DQ>ayaHbF7YwfxgPo3nUBIrbamNstH0gPQmhxCYq+ZDgWVoWVXXkDgCp4vZBh8b1AVsf3SmCwv7bIaiwYi3YKfVBQ==</DQ><InverseQ>YjvieMYPEDdUHqSZRWAsFlEESd3NczFCrbBaSHzbsbOZeDrccvUfoOP2jeIhuMt0qQwMqXY/NJau9Ldwdx7xNw==</InverseQ><D>wEg6bM5LVSWoQgWpoldz5dQWfQjqQVc8WzKpDAHQ8ejsm0ug4ZwRcRRnKZs3o7OTsiAJCfjqT9ij1gKMoeLrXIM1RDOcAYBxI0qwWdRrr3sbar7ntMYmy4tlTTf8/G+ypw+CJi1gz2umswcx4MHhNTUGTUHSmjEjDTFfh3sW64k=</D></RSAKeyValue>

He said that he had never seen a key like this before. He said that the
public key that I generate should look something like this:

---BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.6 (GNU/Linux)

mQGiBD7ca+gRBADND4XM/Gb8HkdhPZ82AgVjKPUElAH4ohBnG0Fu/YHKmzqJWoB5
8uGnmXY5UYa2t1m//JluwJa/Dlb+1qlEXgZcDyTUFL/++le/a3yI2QQEo1XCO/VD

...and so on, blah blah
-----END PGP PUBLIC KEY BLOCK-----

Which begs the following questions:

How do I create a public PGP key using .NET?
How do I create a *private* PGP key using .NET?
How do I decrypt a PGP file using .NET?

Thanks,

Jules Winfield

 

[jeremiah johnson]

Dave/Jules Winfield,

PGP is asymmetric, correct.

PGP is a proprietary (as in not quite "open") asymmetric algorithm.
There are open implementations of PGP however. See www.gnupg.org for that.

What I've done in the past is use C# and the Process and ProcessInfo
classes to call pgp.exe from gnupg.org and do the encryption/decryption
that way.

There is no native C# pgp implementation that I'm aware of.

The key you sent looks to be some kind of RSA key, but I'm guessing that
just from the XML tag that encompasses it. RSA != PGP.

jeremiah();

 

[John Bailo]

There is no native C# pgp implementation that I'm aware of.

Somone built a c# wrapper for Gnu PG.

I use it all the time:

http://www.codeproject.com/csharp/gnupgdotnet.asp

It's configured as an ASP project, but I use it in a web service and a
windows service.

You still need to install GnuPG. There is a windows version that you
can find on the Gnu PG site.

 

[Cletus Van Damme]

Hi there,

I read a Microsoft paper explaining the basic concepts of encryption.
For example, I now understand the difference between asymmetric and
symmetric encryption and have successfully used the .NET crypto classes.

I'm now working on a project where I need to download a file from a
bank and process it. The bank's policy is encrypt the file using something
called a "PGP key." I need a way to decrypt it but I'm not sure where to
start. According to the admin at the bank, PGP is an asymmetric algorithm.
I interpreted this to mean that I would give the admin at the bank a
public key which he would use to encrypt the file and when I receive it,
I'd decrypt it with my private key. Correct?

So, I used the .NET classes to create the following public key and I
sent it to the admin at the bank:

<RSAKeyValue><Modulus>151Vw6Kq51bpblahblahblahWCkPmD345ncclzFrmeb9fjpE+B6VsIAqP3kahu00p33BmFpDpXOcgiuRC2En0HoGqyZB9ifvNlPhT7flZ1uVuC9JtywG3FmYRsqbpJuT7VTIAHYExU6T/FyRuyIbhdUVwhue7ARaObsEWszE1IoM7+XcYYs=</Modulus><Exponent>AQAB</Exponent><P>+7OU6YErvfk84O/2bX5s2753xE+pdiyJl3j8gy4zMh4UKeKVhyxgSJJCvNTl9XVIya6xnCWPkHVy8ylNqyLiHQ==</P><Q>20v7/nODe/jKcbsiYEwzGXp0ZyiG17JqzOBKrDFu6bwPiAEHzZln0CYfUn0EhJdCmetaq9WFXk27mbK3Z6aBxw==</Q><DP>RpoN6B26dlRGFlZZCkePI2he0esCfsppYdqnAejgpWs4frM2/C6fZ1vXan5RbrOSUjg1S7ZhecToFHr+dUWYpQ==</DP><DQ>ayaHbF7YwfxgPo3nUBIrbamNstH0gPQmhxCYq+ZDgWVoWVXXkDgCp4vZBh8b1AVsf3SmCwv7bIaiwYi3YKfVBQ==</DQ><InverseQ>YjvieMYPEDdUHqSZRWAsFlEESd3NczFCrbBaSHzbsbOZeDrccvUfoOP2jeIhuMt0qQwMqXY/NJau9Ldwdx7xNw==</InverseQ><D>wEg6bM5LVSWoQgWpoldz5dQWfQjqQVc8WzKpDAHQ8ejsm0ug4ZwRcRRnKZs3o7OTsiAJCfjqT9ij1gKMoeLrXIM1RDOcAYBxI0qwWdRrr3sbar7ntMYmy4tlTTf8/G+ypw+CJi1gz2umswcx4MHhNTUGTUHSmjEjDTFfh3sW64k=</D></RSAKeyValue>

He said that he had never seen a key like this before. He said that the
public key that I generate should look something like this:

---BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.6 (GNU/Linux)

mQGiBD7ca+gRBADND4XM/Gb8HkdhPZ82AgVjKPUElAH4ohBnG0Fu/YHKmzqJWoB5
8uGnmXY5UYa2t1m//JluwJa/Dlb+1qlEXgZcDyTUFL/++le/a3yI2QQEo1XCO/VD

..and so on, blah blah
-----END PGP PUBLIC KEY BLOCK-----

Which begs the following questions:

How do I create a public PGP key using .NET?
How do I create a *private* PGP key using .NET?
How do I decrypt a PGP file using .NET?

Thanks,

Jules Winfield

We've used this extensivly to support PGP encryption and decryption in C#:

http://community.wow.net/grt/nsdpgp.html

It's a COM wrapper for PGP, I believe supporting versions 8 and 9 of PGP.
The caveat is that you must have a copy of PGP installed to use it.

CVD