Long Hex Key ID’s in OpenPGP for .NET
Recent posts on the Internet described hacks that allowed intruders to fake Linus Torvalds OpenPGP key by providing a key that has the same short hexadecimal representation. A full Key ID is 64 bit long (8 bytes) but represented as a hexadecimal string it takes 16 characters (2 for each byte) and this was initially considered hard for typing.
"08A321B6" // short key id "3D4761A008A321B6" // long key id
GnuPG and command line versions of PGP used all over their tutorials short key ID’s, produced by the lower 32 bits of the real Key ID. But after the recent threats this may become obsolete and probably in the future the full hexadecimal Key ID’s may become mandatory.
Support for long key ID’s
In order to address this issue today we have shipped a new version 184.108.40.206 of DidiSoft OpenPGP Library for .NET that fully supports long hexadecimal Key ID’s. Check below a short code snippet that illustrates the difference between short and link key id’s:
// C# example KeyStore ks = KeyStore.OpenFile(@"c:\mykeys.keystore", "my keystore pass"); PGPLib pgp = new PGPLib(); // short key id string encryptedMessage = pgp.EncryptString("Hello World!", ks, "08A321B6"); // long key id string encryptedMessage2 = pgp.EncryptString("Hello World!", ks, "3D4761A008A321B6");
// VB.NET example Dim ks As KeyStore = KeyStore.OpenFile("c:\mykeys.keystore", "my keystore pass") Dim pgp As New PGPLib() ' short key id Dim encryptedMessage As String = pgp.EncryptString("Hello World!", ks, "08A321B6") ' long key id Dim encryptedMessage2 As String = pgp.EncryptString("Hello World!", ks, "3D4761A008A321B6")
Print long hexadecimal key ID’s
Both DidiSoft.Pgp.KeyStore and DidiSoft.Pgp.KeypairInformation classes provide a static method KeyIdToLongHex that converts a raw key ID of type long (Int64) into a full hexadecimal representation:
long keyId = ... string longHexKeyId = KeyStore.KeyIdToLongHex(keyId);
Convert line endings of text files
Another recent change that was introduced is the automatic conversion of line endings of decrypted text files to the default for the current operating system, which is CrLf (/r/n) for Windows.
For example a text document encrypted on Mac will have only the new line character (\n) line endings. Decrypted on Windows the new line character will be automatically corrected. This will be done only if the encrypted file is marked internally as text. If for some reason you need to have the line endings intact, just switch the property KeepLineEndingsIntact to true like:
// C# example PGPLib pgp = new PGPLib(); pgp.KeepLineEndingsIntact = true; // no conversion will be made for decrypted text files