In order to allow more flexible exchange of public keys between members of an organization, the keys can be submitted to a central store. One of those stores used widely at production sites is the LDAP OpenPGP key server, like Symantec Encryption Management Server (SEMS, previously PGP Universal Server) and OpenLDAP/slapd with pgp LDAP scheme installed.
DLL file and namespace
The functionality is available in the class LdapClient located in the namespace DidiSoft.Pgp.Net.
As of version 1.7.10 you will have to reference and deploy with your application an additional DLL
[library installation folder]\Bin\DidiSoft.Pgp.Net.LdapClient.dll
Table of Contents
In this chapter we will demonstrate how to exchange keys with LDAP OpenPGP key servers.
1. Searching for a key
2. Uploading a key
3. Exception handling
4. Supported .NET patforms
Searching for a key
We can search for a key by referencing it by it’s Key Id, hexadecimal Key Id or part or the whole User Id. The example below illustrates key retrieval with part of the User Id.
C# example
1 2 3 4 5 6 7 8 9 10 11 | DidiSoft.Pgp.Net.LdapClient ldap = new DidiSoft.Pgp.Net.LdapClient("keyserver.pgp.com"); ldap.PartialMatchUserIds = true; byte[] keyBytes = ldap.GetKeyByUserId("Didisoft");if (keyBytes.Length > 0) { Console.WriteLine("key found"); // example usage of the key KeyStore store = new KeyStore(); store.ImportPublicKey(new MemoryStream(keyBytes)); } |
VB.NET example
1 2 3 4 5 6 7 8 9 10 | Dim ldap As New DidiSoft.Pgp.Net.LdapClient("keyserver.pgp.com") ldap.PartialMatchUserIds = True Dim keyBytes As Byte() = ldap.GetKeyByUserId("Didisoft")If (keyBytes.Length > 0) Then Console.WriteLine("key found") ' example usage of the key Dim store As New KeyStore() store.ImportPublicKey(New MemoryStream(keyBytes)) End If |
Uploading a key
The key upload is simply invoking the method submitKey of the LdapClient class. For private LDAP servers like a private Symantec Encryption Management Server usually you will have to authenticate by using the LdapClient constructor that accepts username and password parameters.
C# example
DidiSoft.Pgp.Net.LdapClient ldap = new DidiSoft.Pgp.Net.LdapClient("keyserver.pgp.com"); ldap.SubmitKey(File.ReadAllBytes(@"c:\Test\My_key.asc")); |
VB.NET example
Dim ldap As New DidiSoft.Pgp.Net.LdapClient("keyserver.pgp.com") ldap.SubmitKey(File.ReadAllBytes("c:\Test\My_key.asc")) |
Exception handling
All methods for interaction with an LDAP server throw two basic exceptions:
System.Runtime.InteropServices.COMException – in case of a network error
System.DirectoryServices.DirectoryServicesCOMException – LDAP related exception
Supported platforms
This functionality is available only in the standard .NET Framework version of the library.
Summary
This chapter was a brief introduction how to exchange keys with LDAP OpenPGP keys servers with C# and VB.NET examples.
You may also be interested in exchanging keys with HKP key servers.