Playing around with signing and verifying pgp-clearsign files

src/ChecksumCreator/App.config

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<configuration>
+    <startup> 
+        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
+    </startup>
+</configuration>

src/ChecksumCreator/ChecksumCreator.csproj

@@ -0,0 +1,63 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="12.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
+  <PropertyGroup>
+    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
+    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
+    <ProjectGuid>{CFD4B44A-328E-4294-89A0-6A2962DEFB33}</ProjectGuid>
+    <OutputType>Exe</OutputType>
+    <AppDesignerFolder>Properties</AppDesignerFolder>
+    <RootNamespace>ChecksumCreator</RootNamespace>
+    <AssemblyName>ChecksumCreator</AssemblyName>
+    <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
+    <FileAlignment>512</FileAlignment>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugSymbols>true</DebugSymbols>
+    <DebugType>full</DebugType>
+    <Optimize>false</Optimize>
+    <OutputPath>bin\Debug\</OutputPath>
+    <DefineConstants>DEBUG;TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
+    <PlatformTarget>AnyCPU</PlatformTarget>
+    <DebugType>pdbonly</DebugType>
+    <Optimize>true</Optimize>
+    <OutputPath>bin\Release\</OutputPath>
+    <DefineConstants>TRACE</DefineConstants>
+    <ErrorReport>prompt</ErrorReport>
+    <WarningLevel>4</WarningLevel>
+  </PropertyGroup>
+  <ItemGroup>
+    <Reference Include="BouncyCastle.Crypto, Version=1.7.4137.9688, Culture=neutral, PublicKeyToken=a4292a325f69b123, processorArchitecture=MSIL">
+      <HintPath>..\packages\BouncyCastle.1.7.0\lib\Net40-Client\BouncyCastle.Crypto.dll</HintPath>
+      <Private>True</Private>
+    </Reference>
+    <Reference Include="System" />
+    <Reference Include="System.Core" />
+    <Reference Include="System.Xml.Linq" />
+    <Reference Include="System.Data.DataSetExtensions" />
+    <Reference Include="Microsoft.CSharp" />
+    <Reference Include="System.Data" />
+    <Reference Include="System.Xml" />
+  </ItemGroup>
+  <ItemGroup>
+    <Compile Include="Program.cs" />
+    <Compile Include="Properties\AssemblyInfo.cs" />
+  </ItemGroup>
+  <ItemGroup>
+    <None Include="App.config" />
+    <None Include="packages.config" />
+  </ItemGroup>
+  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
+  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
+       Other similar extension points exist, see Microsoft.Common.targets.
+  <Target Name="BeforeBuild">
+  </Target>
+  <Target Name="AfterBuild">
+  </Target>
+  -->
+</Project>

src/ChecksumCreator/Program.cs

@@ -0,0 +1,129 @@
+using Org.BouncyCastle.Bcpg;
+using Org.BouncyCastle.Bcpg.OpenPgp;
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace ChecksumCreator
+{
+    // From the SignedFileProcessor sample, and http://stackoverflow.com/a/18796555/1086121
+    class Program
+    {
+        static void Main(string[] args)
+        {
+            //using (var key = File.OpenRead("secret_key.gpg"))
+            //using (var outputStream = File.OpenWrite("testfile2.txt.asc"))
+            //{
+            //    SignFile(File.ReadAllBytes("testfile2.txt"), outputStream, key, "password".ToCharArray());
+            //}
+
+            using (var key = File.OpenRead("certificate.asc"))
+            using (var input = File.OpenRead("testfile2.txt.asc"))
+            {
+                VerifyFile(input, key);
+            }
+        }
+
+        private static PgpSecretKey ReadSecretKey(Stream inputStream)
+        {
+            var decodedInputStream = PgpUtilities.GetDecoderStream(inputStream);
+            PgpSecretKeyRingBundle pgpSec = new PgpSecretKeyRingBundle(decodedInputStream);
+
+            // we just loop through the collection till we find a key suitable for encryption, in the real
+            // world you would probably want to be a bit smarter about this.
+            foreach (PgpSecretKeyRing keyRing in pgpSec.GetKeyRings())
+            {
+                foreach (PgpSecretKey key in keyRing.GetSecretKeys())
+                {
+                    if (key.IsSigningKey)
+                        return key;
+                }
+            }
+
+            throw new ArgumentException("Can't find signing key in key ring.");
+        }
+
+        private static void SignFile(byte[] input, Stream outputStream, Stream keyIn, char[] pass)
+        {
+            var secretKey = ReadSecretKey(keyIn);
+            var privateKey = secretKey.ExtractPrivateKey(pass);
+
+            PgpSignatureGenerator signatureGenerator = new PgpSignatureGenerator(secretKey.PublicKey.Algorithm, HashAlgorithmTag.Sha1);
+            PgpSignatureSubpacketGenerator subpacketGenerator = new PgpSignatureSubpacketGenerator();
+
+            signatureGenerator.InitSign(PgpSignature.CanonicalTextDocument, privateKey);
+            foreach (string userId in secretKey.PublicKey.GetUserIds())
+            {
+                PgpSignatureSubpacketGenerator spGen = new PgpSignatureSubpacketGenerator();
+                spGen.SetSignerUserId(false, userId);
+                signatureGenerator.SetHashedSubpackets(spGen.Generate());
+                // Just the first one!
+                break;
+            }
+
+            var armouredOutputStream = new ArmoredOutputStream(outputStream);
+
+            BcpgOutputStream bcpgOutputStream = new BcpgOutputStream(armouredOutputStream);
+
+            armouredOutputStream.BeginClearText(HashAlgorithmTag.Sha1);
+
+            signatureGenerator.Update(input);
+            bcpgOutputStream.Write(input);
+            bcpgOutputStream.Write((byte)'\n'); // For some reason this needs adding
+
+            armouredOutputStream.EndClearText();
+
+            signatureGenerator.Generate().Encode(bcpgOutputStream);
+        }
+
+        private static byte[] VerifyFile(Stream inputStream, Stream keyIn)
+        {
+            byte[] cleartext;
+            var armouredInputStream = new ArmoredInputStream(inputStream);
+
+            using (var cleartextStream = new MemoryStream())
+            {
+                int ch = 0;
+                while ((ch = armouredInputStream.ReadByte()) >= 0 && armouredInputStream.IsClearText())
+                {
+                    cleartextStream.WriteByte((byte)ch);
+                }
+
+                // Strip the trailing newline if set...
+                cleartextStream.Seek(-1, SeekOrigin.End);
+                if (cleartextStream.ReadByte() == '\n')
+                    cleartextStream.SetLength(cleartextStream.Length - 1);
+
+                cleartext = cleartextStream.ToArray();
+            }
+
+            using (var decoderStream = PgpUtilities.GetDecoderStream(inputStream))
+            {
+                PgpObjectFactory pgpObjectFactory = new PgpObjectFactory(decoderStream);
+
+                PgpSignatureList signatureList = (PgpSignatureList)pgpObjectFactory.NextPgpObject();
+                PgpSignature signature = signatureList[0];
+
+                PgpPublicKeyRingBundle publicKeyRing = new PgpPublicKeyRingBundle(PgpUtilities.GetDecoderStream(keyIn));
+                PgpPublicKey publicKey = publicKeyRing.GetPublicKey(signature.KeyId);
+
+                signature.InitVerify(publicKey);
+                signature.Update(cleartext);
+
+                if (signature.Verify())
+                {
+                    Console.WriteLine("signature verified.");
+                }
+                else
+                {
+                    Console.WriteLine("signature verification failed.");
+                }
+            }
+
+            return cleartext;
+        }
+    }
+}

src/ChecksumCreator/Properties/AssemblyInfo.cs

@@ -0,0 +1,36 @@
+using System.Reflection;
+using System.Runtime.CompilerServices;
+using System.Runtime.InteropServices;
+
+// General Information about an assembly is controlled through the following 
+// set of attributes. Change these attribute values to modify the information
+// associated with an assembly.
+[assembly: AssemblyTitle("ChecksumCreator")]
+[assembly: AssemblyDescription("")]
+[assembly: AssemblyConfiguration("")]
+[assembly: AssemblyCompany("")]
+[assembly: AssemblyProduct("ChecksumCreator")]
+[assembly: AssemblyCopyright("Copyright ©  2015")]
+[assembly: AssemblyTrademark("")]
+[assembly: AssemblyCulture("")]
+
+// Setting ComVisible to false makes the types in this assembly not visible 
+// to COM components.  If you need to access a type in this assembly from 
+// COM, set the ComVisible attribute to true on that type.
+[assembly: ComVisible(false)]
+
+// The following GUID is for the ID of the typelib if this project is exposed to COM
+[assembly: Guid("e54696bf-ab8f-4176-89a7-13f4d3e3072b")]
+
+// Version information for an assembly consists of the following four values:
+//
+//      Major Version
+//      Minor Version 
+//      Build Number
+//      Revision
+//
+// You can specify all the values or you can default the Build and Revision Numbers 
+// by using the '*' as shown below:
+// [assembly: AssemblyVersion("1.0.*")]
+[assembly: AssemblyVersion("1.0.0.0")]
+[assembly: AssemblyFileVersion("1.0.0.0")]

src/ChecksumCreator/packages.config

@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="utf-8"?>
+<packages>
+  <package id="BouncyCastle" version="1.7.0" targetFramework="net45" />
+</packages>

src/SyncTrayzor.sln

@@ -10,30 +10,60 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SyncTrayzor", "SyncTrayzor\
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ProcessRunner", "ProcessRunner\ProcessRunner.csproj", "{692BB2F9-CD24-482F-B13A-4335F27F6EC2}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ChecksumCreator", "ChecksumCreator\ChecksumCreator.csproj", "{CFD4B44A-328E-4294-89A0-6A2962DEFB33}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|Any CPU = Debug|Any CPU
+		Debug|Mixed Platforms = Debug|Mixed Platforms
 		Debug|x64 = Debug|x64
 		Debug|x86 = Debug|x86
+		Release|Any CPU = Release|Any CPU
+		Release|Mixed Platforms = Release|Mixed Platforms
 		Release|x64 = Release|x64
 		Release|x86 = Release|x86
 	EndGlobalSection
 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{D1F89B3D-7967-4DC6-AE45-50A7817FE54F}.Debug|Any CPU.ActiveCfg = Debug|x86
+		{D1F89B3D-7967-4DC6-AE45-50A7817FE54F}.Debug|Mixed Platforms.ActiveCfg = Debug|x86
+		{D1F89B3D-7967-4DC6-AE45-50A7817FE54F}.Debug|Mixed Platforms.Build.0 = Debug|x86
 		{D1F89B3D-7967-4DC6-AE45-50A7817FE54F}.Debug|x64.ActiveCfg = Debug|x64
 		{D1F89B3D-7967-4DC6-AE45-50A7817FE54F}.Debug|x64.Build.0 = Debug|x64
 		{D1F89B3D-7967-4DC6-AE45-50A7817FE54F}.Debug|x86.ActiveCfg = Debug|x86
 		{D1F89B3D-7967-4DC6-AE45-50A7817FE54F}.Debug|x86.Build.0 = Debug|x86
+		{D1F89B3D-7967-4DC6-AE45-50A7817FE54F}.Release|Any CPU.ActiveCfg = Release|x86
+		{D1F89B3D-7967-4DC6-AE45-50A7817FE54F}.Release|Mixed Platforms.ActiveCfg = Release|x86
+		{D1F89B3D-7967-4DC6-AE45-50A7817FE54F}.Release|Mixed Platforms.Build.0 = Release|x86
 		{D1F89B3D-7967-4DC6-AE45-50A7817FE54F}.Release|x64.ActiveCfg = Release|x64
 		{D1F89B3D-7967-4DC6-AE45-50A7817FE54F}.Release|x64.Build.0 = Release|x64
 		{D1F89B3D-7967-4DC6-AE45-50A7817FE54F}.Release|x86.ActiveCfg = Release|x86
 		{D1F89B3D-7967-4DC6-AE45-50A7817FE54F}.Release|x86.Build.0 = Release|x86
+		{692BB2F9-CD24-482F-B13A-4335F27F6EC2}.Debug|Any CPU.ActiveCfg = Debug|x86
+		{692BB2F9-CD24-482F-B13A-4335F27F6EC2}.Debug|Mixed Platforms.ActiveCfg = Debug|x86
+		{692BB2F9-CD24-482F-B13A-4335F27F6EC2}.Debug|Mixed Platforms.Build.0 = Debug|x86
 		{692BB2F9-CD24-482F-B13A-4335F27F6EC2}.Debug|x64.ActiveCfg = Debug|x64
 		{692BB2F9-CD24-482F-B13A-4335F27F6EC2}.Debug|x64.Build.0 = Debug|x64
 		{692BB2F9-CD24-482F-B13A-4335F27F6EC2}.Debug|x86.ActiveCfg = Debug|x86
 		{692BB2F9-CD24-482F-B13A-4335F27F6EC2}.Debug|x86.Build.0 = Debug|x86
+		{692BB2F9-CD24-482F-B13A-4335F27F6EC2}.Release|Any CPU.ActiveCfg = Release|x86
+		{692BB2F9-CD24-482F-B13A-4335F27F6EC2}.Release|Mixed Platforms.ActiveCfg = Release|x86
+		{692BB2F9-CD24-482F-B13A-4335F27F6EC2}.Release|Mixed Platforms.Build.0 = Release|x86
 		{692BB2F9-CD24-482F-B13A-4335F27F6EC2}.Release|x64.ActiveCfg = Release|x64
 		{692BB2F9-CD24-482F-B13A-4335F27F6EC2}.Release|x64.Build.0 = Release|x64
 		{692BB2F9-CD24-482F-B13A-4335F27F6EC2}.Release|x86.ActiveCfg = Release|x86
 		{692BB2F9-CD24-482F-B13A-4335F27F6EC2}.Release|x86.Build.0 = Release|x86
+		{CFD4B44A-328E-4294-89A0-6A2962DEFB33}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{CFD4B44A-328E-4294-89A0-6A2962DEFB33}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{CFD4B44A-328E-4294-89A0-6A2962DEFB33}.Debug|Mixed Platforms.ActiveCfg = Debug|Any CPU
+		{CFD4B44A-328E-4294-89A0-6A2962DEFB33}.Debug|Mixed Platforms.Build.0 = Debug|Any CPU
+		{CFD4B44A-328E-4294-89A0-6A2962DEFB33}.Debug|x64.ActiveCfg = Debug|Any CPU
+		{CFD4B44A-328E-4294-89A0-6A2962DEFB33}.Debug|x86.ActiveCfg = Debug|Any CPU
+		{CFD4B44A-328E-4294-89A0-6A2962DEFB33}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{CFD4B44A-328E-4294-89A0-6A2962DEFB33}.Release|Any CPU.Build.0 = Release|Any CPU
+		{CFD4B44A-328E-4294-89A0-6A2962DEFB33}.Release|Mixed Platforms.ActiveCfg = Release|Any CPU
+		{CFD4B44A-328E-4294-89A0-6A2962DEFB33}.Release|Mixed Platforms.Build.0 = Release|Any CPU
+		{CFD4B44A-328E-4294-89A0-6A2962DEFB33}.Release|x64.ActiveCfg = Release|Any CPU
+		{CFD4B44A-328E-4294-89A0-6A2962DEFB33}.Release|x86.ActiveCfg = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE