We are happy to announce version 1.9.0 of DidiSoft OpenPGP Library for .NET which supports the new public key storage format used in GnuPG from version 2 and above. The import of keys from a GnuPG .kbx file is performed with a dedicated method KeyStore.ImportGnuPgKbx Version 1.8 End of Life Version 1.8 will continue to […]
Knowledge Base
OpenPGP Knowledge Base (Java, C#, VB.NET examples and solutions)
OpenPGP Library for .NET 1.8.5.31 fixes RSA signatures problem with Java 7+
Half a year ago we have released version 1.8.3.5 which addressed compatibility with OpenPGP signatures verification with systems build with Java version 7 and above. Unfortunately it ended that we have introduced an additional bug at that time that brakes signature verification for each 1 out of 500 files created with RSA key and SHA-1 hash digest. […]
OpenPGP Library for Java v3.1.3.6 with a critical bugfix
Today has been released version 3.1.3.6 of DidiSoft OpenPGP Library for Java which provides a critical bug fix. The bug prevents decrypting .pgp data that was encrypted and compressed with the BZip-2 algorithm. The error message thrown in such cases is: “com.didisoft.pgp.PGPException: I/O problem with stream: java.io.IOException: Not a BZIP2 marked stream : Not a BZIP2 marked stream […]
Recent updates in OpenPGP Library for .NET 1.8.5
The new version of DidiSoft OpenPGP Library for .NET 1.8.5 starts with some new features that simplify key management and enhanced key export. Below you can see some short code samples illustrating the new features: KeyStore access by Index Additional signing sub keys Partial private key export KeyStore access by Index DidiSoft.Pgp.KeyStore items can now […]
GnuPG 2.2.8 compatibility with Java
Recent changes in GnuPG version 2.2.8 in response to the EFAIL attack reject all encrypted data that don’t have Modification Detection Code (MDC) packet. In order to address this as of version 3.1.3.2 DidiSoft OpenPGP Library for Java exposes a new property in the PGPLib class: PGPLib.isIntegrityProtectArchives() PGPLib.setIntegrityProtectArchives(boolean)PGPLib.isIntegrityProtectArchives() PGPLib.setIntegrityProtectArchives(boolean) Example usage: PGPLib pgp = new […]
GnuPG 2.2.8 compatibility for .NET
As of version 2.2.8, GnuPG/gpg will not accept encrypted or signed and encrypted .pgp files which don’t have integrity protection packet, also known as Modification detection code (MDC packet). This will be the default behavior of GnuPG from now on, and is their answer to the EFAIL attack. Our product OpenPGP Library for .NET exposes […]
Compatibility with Java 7+ RSA signatures
As of Java version 7 and above the RSA digital signatures computation has been changed and signatures that were previously accepted by software build with Java may end being rejected with message like: “unable to verify signature: Signature length not correct: got 511 but was expecting 512” Solutions using DidiSoft OpenPGP Library for .NET may […]
OraSFTP v 1.2.6 now supports current remote folder
DidiSoft OraSFTP prior to version 1.2.6 were limited to either absolute paths or paths relative from the current user remote home directory. As of version 1.2.6 the current remote folder can be changed this way allowing for easy traversing and manipulation of complex remote folder structures. The new methods that support this functionality are: ORA_SFTP.CURRENT_DIRECTORY […]
Should the EFAIL attack concern your PGP applications
A few days ago in the world of applied cryptography especially S/MIME and PGP emails has appeared a new threat – the EFAIL attack. In this post we are not going to explain again details of the attack itself as a lot has already been published on the Internet, but rather explain do you have […]
Should DidiSoft OpenPGP Library for .NET provide strong name assemblies or unsigned assemblies?
Last week we have sent a short survey to subscribers for our OpenPGP Library for .NET mailing list. The survey had only one question: Should DidiSoft OpenPGP Library for .NET provide strong name (signed) assemblies (DLL’s) or plain unsigned assemblies? At the end of this post you will find the results of the survey, but […]