Bouncy Castle Cryptography Library 1.81

org.bouncycastle.bcpg
Class OnePassSignaturePacket

java.lang.Object
  extended byorg.bouncycastle.bcpg.Packet
      extended byorg.bouncycastle.bcpg.ContainedPacket
          extended byorg.bouncycastle.bcpg.OnePassSignaturePacket
All Implemented Interfaces:
org.bouncycastle.util.Encodable, PacketTags

public class OnePassSignaturePacket
extends ContainedPacket

One-Pass-Signature packet. OPS packets are used to enable verification of signed messages in one-pass by providing necessary metadata about the signed data up front, so the consumer can start processing the signed data without needing to process the signature packet at the end of the data stream first. There are two versions of this packet currently defined. Version 3 OPS packets are used with SignaturePackets of version 3 and 4. Version 6 OPS packets are used with SignaturePackets of version 6. It is not clear to me, which version of the OPS packet is intended to be used with version 5 signatures.

See Also:
Definition of version 3 OPS packets in RFC4880, Definition of version 3 and 6 OPS packets in RFC9580, Definition of version 3 and 6 OPS packets in librepgp

Field Summary
static int VERSION_3
           
static int VERSION_6
           
 
Fields inherited from interface org.bouncycastle.bcpg.PacketTags
AEAD_ENC_DATA, COMPRESSED_DATA, EXPERIMENTAL_1, EXPERIMENTAL_2, EXPERIMENTAL_3, EXPERIMENTAL_4, LITERAL_DATA, MARKER, MOD_DETECTION_CODE, ONE_PASS_SIGNATURE, PADDING, PUBLIC_KEY, PUBLIC_KEY_ENC_SESSION, PUBLIC_SUBKEY, RESERVED, SECRET_KEY, SECRET_SUBKEY, SIGNATURE, SYM_ENC_INTEGRITY_PRO, SYMMETRIC_KEY_ENC, SYMMETRIC_KEY_ENC_SESSION, TRUST, USER_ATTRIBUTE, USER_ID
 
Constructor Summary
OnePassSignaturePacket(int sigType, int hashAlgorithm, int keyAlgorithm, byte[] salt, byte[] fingerprint, boolean isNested)
          Create a version 6 OnePassSignaturePacket.
OnePassSignaturePacket(int sigType, int hashAlgorithm, int keyAlgorithm, long keyID, boolean isNested)
          Create a version 3 OnePassSignaturePacket.
 
Method Summary
 void encode(BCPGOutputStream out)
          Encode the contents of this packet into the given packet output stream.
 byte[] getFingerprint()
          Return the version 6 fingerprint of the issuer.
 int getHashAlgorithm()
          Return the algorithm ID of the hash algorithm.
 int getKeyAlgorithm()
          Return the ID of the public key encryption algorithm.
 long getKeyID()
          Return the key-id of the signing key.
 byte[] getSalt()
          Return the salt used in the signature.
 int getSignatureType()
          Return the signature type.
 int getVersion()
          Return the packet version.
 boolean isContaining()
          Return true, if the signature contains any signatures that follow.
 
Methods inherited from class org.bouncycastle.bcpg.ContainedPacket
getEncoded, getEncoded
 
Methods inherited from class org.bouncycastle.bcpg.Packet
getPacketTag, hasNewPacketFormat, isCritical
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

VERSION_3

public static final int VERSION_3
See Also:
Constant Field Values

VERSION_6

public static final int VERSION_6
See Also:
Constant Field Values
Constructor Detail

OnePassSignaturePacket

public OnePassSignaturePacket(int sigType,
                              int hashAlgorithm,
                              int keyAlgorithm,
                              long keyID,
                              boolean isNested)
Create a version 3 OnePassSignaturePacket. Version 3 OPS packets are used with version 3 and version 4 SignaturePackets. To create an OPS packet for use with a version 6 SignaturePacket, see OnePassSignaturePacket(int, int, int, byte[], byte[], boolean).

Parameters:
sigType - signature type
hashAlgorithm - hash algorithm tag
keyAlgorithm - public key algorithm tag
keyID - id of the signing key
isNested - if false, there is another OPS packet after this one, which applies to the same data. it true, the corresponding signature is calculated also over succeeding additional OPS packets.

OnePassSignaturePacket

public OnePassSignaturePacket(int sigType,
                              int hashAlgorithm,
                              int keyAlgorithm,
                              byte[] salt,
                              byte[] fingerprint,
                              boolean isNested)
Create a version 6 OnePassSignaturePacket.

Parameters:
sigType - signature type
hashAlgorithm - hash algorithm tag
keyAlgorithm - public key algorithm tag
salt - random salt. The length of this array depends on the hash algorithm in use.
fingerprint - 32 octet fingerprint of the (v6) signing key
isNested - if false, there is another OPS packet after this one, which applies to the same data. it true, the corresponding signature is calculated also over succeeding additional OPS packets.
Method Detail

getVersion

public int getVersion()
Return the packet version.

Returns:
version

getSignatureType

public int getSignatureType()
Return the signature type.

Returns:
the signature type

getKeyAlgorithm

public int getKeyAlgorithm()
Return the ID of the public key encryption algorithm.

Returns:
public key algorithm tag

getHashAlgorithm

public int getHashAlgorithm()
Return the algorithm ID of the hash algorithm.

Returns:
hash algorithm tag

getKeyID

public long getKeyID()
Return the key-id of the signing key.

Returns:
key id

getFingerprint

public byte[] getFingerprint()
Return the version 6 fingerprint of the issuer. Only for version 6 packets.

Returns:
32 bytes issuer fingerprint

getSalt

public byte[] getSalt()
Return the salt used in the signature. Only for version 6 packets.

Returns:
salt

isContaining

public boolean isContaining()
Return true, if the signature contains any signatures that follow. A bracketing OPS is followed by additional OPS packets and is calculated over all the data between itself and its corresponding signature (it is an attestation for encapsulated signatures).

Returns:
true if encapsulating, false otherwise

encode

public void encode(BCPGOutputStream out)
            throws java.io.IOException
Encode the contents of this packet into the given packet output stream.

Specified by:
encode in class ContainedPacket
Parameters:
out - OpenPGP packet output stream
Throws:
java.io.IOException

Bouncy Castle Cryptography Library 1.81