GeneratePair Method
Generates a new pair of PGP keys.
Syntax
ANSI (Cross Platform) int GeneratePair(const char* lpszUsername, const char* lpszKeyAlgorithm, int iKeyBits, const char* lpszSubKeyAlgorithm, int iSubKeyBits, const char* lpszPassword, int iExpires); Unicode (Windows) INT GeneratePair(LPCWSTR lpszUsername, LPCWSTR lpszKeyAlgorithm, INT iKeyBits, LPCWSTR lpszSubKeyAlgorithm, INT iSubKeyBits, LPCWSTR lpszPassword, INT iExpires);
- (void)generatePair:(NSString*)username :(NSString*)keyAlgorithm :(int)keyBits :(NSString*)subKeyAlgorithm :(int)subKeyBits :(NSString*)password :(int)expires;
#define MID_PGPKEYMANAGER_GENERATEPAIR 16 SECUREBLACKBOX_EXTERNAL int SECUREBLACKBOX_CALL SecureBlackbox_PGPKeyManager_Do(void *lpObj, int methid, int cparam, void *param[], int cbparam[], int64 *lpllVal);
Remarks
Use this method to create a new key-subkey pair. This is the primary method for generating conformant PGP keys.
Pass the user ID of the new key via the Username property. This typically should be in the format of User Name <user@email>, for example Robert Frost <robert@frost.com>, but generally can be an arbitrary text string.
Set KeyAlgorithm and SubKeyAlgorithm to the public key algorithms that you want to use for the new key. See the full list of algorithms below. Where ECDSA or ECDH algorithm is used, you can specify a particular curve after the algorithm name, separated with the colon: ECDSA:P384 or ECDH:BRAINPOOLP256. KeyBits and SubKeyBits specify the number of bits in the key and the subkey. These parameters can be set to zero if the key length is implicitly defined by the algorithm of the key. For example, ECDSA P256 keys are always 256 bit long, so you may pass 0 as the corresponding KeyBits or SubKeyBits parameter.
Provide the key encryption password and the validity period in days via the Password and Expires parameters. Set Expires to zero to indicate that the key does not expire.
While you can use any combination of algorithms for your key and subkey, most implementations got used to specific hard-wired combinations. Sticking to those will help make sure your keys are understood by other implementations. Typical combinations are:
- EDDSA main key with ECDH:CURVE25519 subkey;
- ECDSA main key with ECDH subkey; both with NIST curves (P256, P384, or P512);
- ECDSA main key with ECDH subkey; both with Brainpool curves (BRAINPOOLP256 or BRAINPOOLP512);
- RSA main key with RSA subkey.
Pgpkeymanager mgr = new Pgpkeymanager(); // generating a pair mgr.GeneratePair("Michel Legrand <ml@email.com>", "EDDSA", 0, "ECDH:CURVE25519", 0, "password", 0); // creating a keyring object and adding the new pair to the keyring Pgpkeyring keyring = new Pgpkeyring(); keyring.CreateNew(); keyring.PinnedKey = mgr.Key; keyring.AddPinned(); // exporting the keyring to a file keyring.Save("pubkey.pkr", "seckey.skr");Alternative calls to GeneratePair may look like this:
mgr.GeneratePair("Michel Legrand <ml@email.com>", "ECDSA:P384", 0, "ECDH", 0, "password", 0); mgr.GeneratePair("Michel Legrand <ml@email.com>", "ECDSA:BRAINPOOLP256", 0, "ECDH:BRAINPOOLP256", 0, "password", 0); mgr.GeneratePair("Michel Legrand <ml@email.com>", "RSA", 4096, "RSA", 2048, "password", 0);Supported public key algorithms:
SB_PGP_PUBLIC_KEY_ALGORITHM_RSA | RSA | |
SB_PGP_PUBLIC_KEY_ALGORITHM_RSA_ENCRYPT | RSA-encrypt | |
SB_PGP_PUBLIC_KEY_ALGORITHM_RSA_SIGN | RSA-sign | |
SB_PGP_PUBLIC_KEY_ALGORITHM_DSA | DSA | |
SB_PGP_PUBLIC_KEY_ALGORITHM_ECDSA | ECDSA | |
SB_PGP_PUBLIC_KEY_ALGORITHM_ECDH | ECDH | |
SB_PGP_PUBLIC_KEY_ALGORITHM_ELGAMAL_ENCRYPT | Elgamal-encrypt | |
SB_PGP_PUBLIC_KEY_ALGORITHM_ELGAMAL | Elgamal | |
SB_PGP_PUBLIC_KEY_ALGORITHM_EDDSA | EDDSA |
SB_PGP_CURVE_P256 | P256 | |
SB_PGP_CURVE_P384 | P384 | |
SB_PGP_CURVE_P521 | P521 | |
SB_PGP_CURVE_ED25519 | ED25519 | |
SB_PGP_CURVE_CURVE25519 | CURVE25519 | |
SB_PGP_CURVE_BRAINPOOLP256R1 | BRAINPOOLP256 | |
SB_PGP_CURVE_BRAINPOOLP512R1 | BRAINPOOLP512 |
Error Handling (C++)
This method returns a result code; 0 indicates success, while a non-zero error code indicates that this method encountered an error during its execution. If an error occurs, the GetLastError() method can be called to retrieve the associated error message. (Note: This method's result code can also be obtained by calling the GetLastErrorCode() method after it returns.)