locked
BizTalk PGP Signing in Send Pipeline component RRS feed

  • Question

  • We have requirement wherein we need PGP signing and encryption of the message before it’s sent out. We have already accomplished the encryption part in a pipeline component however aren’t sure on the Signing part.

    Although signing using Private key can be done using MIME/SMIME component, we wanted to avoid it’s usage and incorporate the signing source code inside the same encryption component. Please revert back if someone has come across any similar requirement in the past.


    • Edited by Basudek Wednesday, August 31, 2016 12:41 PM
    Wednesday, August 31, 2016 12:40 PM

Answers

  • Hi,

    You should use nSoftware OpenPGP Pipeline Component which provides OpenPGP signing and encryption functionality.

    The OpenPGP Pipeline Component is used when generating BizTalk Pipelines for sending and receiving OpenPGP signed and encrypted messages. The messages may be signed, encrypted, or both.

    Refer: OpenPGP Pipeline Component

    The send pipeline will make use of the OpenPGP Encoder with property SignData- A Boolean to tell the component whether or not to sign the data.

    Refer: https://www.nsoftware.com/kb/articles/pgppipeline.rst


    Rachit Sikroria (Microsoft Azure MVP)


    • Edited by Rachit SikroriaModerator Wednesday, August 31, 2016 12:50 PM
    • Proposed as answer by Angie Xu Wednesday, September 7, 2016 8:16 AM
    • Marked as answer by Angie Xu Wednesday, September 7, 2016 8:16 AM
    Wednesday, August 31, 2016 12:47 PM
    Moderator

All replies

  • Hi,

    You should use nSoftware OpenPGP Pipeline Component which provides OpenPGP signing and encryption functionality.

    The OpenPGP Pipeline Component is used when generating BizTalk Pipelines for sending and receiving OpenPGP signed and encrypted messages. The messages may be signed, encrypted, or both.

    Refer: OpenPGP Pipeline Component

    The send pipeline will make use of the OpenPGP Encoder with property SignData- A Boolean to tell the component whether or not to sign the data.

    Refer: https://www.nsoftware.com/kb/articles/pgppipeline.rst


    Rachit Sikroria (Microsoft Azure MVP)


    • Edited by Rachit SikroriaModerator Wednesday, August 31, 2016 12:50 PM
    • Proposed as answer by Angie Xu Wednesday, September 7, 2016 8:16 AM
    • Marked as answer by Angie Xu Wednesday, September 7, 2016 8:16 AM
    Wednesday, August 31, 2016 12:47 PM
    Moderator
  • These PGP Pipeline Components work and are free:  https://code.msdn.microsoft.com/BizTalk-Sample-PGP-ebcbc8b2?tduid=(691a2ab7df0aab4051278c2bdeb13b22)(256380)(2459594)(TnL5HPStwNw-HEXh.bSCMaUzu1S_Hy8VQw)()

    Keep in mind, a PGP encrypted block in implicitly signed since the same key pair has to be used on both ends.  Or, more fundamentally, two key must be involved but they can be two sides of the same pair.

    Whether you use 2 or 4 keys, the most important part is the physical security of the keys.  So, it really doesn't matter.  The sender is encrypting and signing the block if they are the only ones with that Public Key.  In case, the term "Public Key" is a misnomer since only you and the other party would have each key.

    I'm saying the you are covered for both Encrypting and Signing with PGP.

    Wednesday, August 31, 2016 1:02 PM
    Moderator
  • Hi Basudek,

    As you already done encryption part in your custom pipeline component. i did this thing for my learning part  and it 4-5 lines of code.

                    PGPLib pgp = new PGPLib();
                    Stream inStream = pInMsg.BodyPart.GetOriginalDataStream();
                    Stream outStream = new MemoryStream();
                    FileInfo privateKeyLocationFileInfo = new FileInfo(_privateKeyLocation);
                    pgp.EncryptStream(inStream, privateKeyLocationFileInfo, outStream, false);
                    pInMsg.BodyPart.Data = outStream;
                    pInMsg.BodyPart.Data.Position = 0;

    Here you just need to provide the private key location.

    Wednesday, August 31, 2016 1:04 PM