Package org.bouncycastle.openpgp

Class PGPSignatureSubpacketGenerator

  • public class PGPSignatureSubpacketGenerator
extends java.lang.Object
    Generator for signature subpackets.

    • Constructor Detail

      • PGPSignatureSubpacketGenerator

        public PGPSignatureSubpacketGenerator()
        Base constructor, creates an empty generator.

      • PGPSignatureSubpacketGenerator

        public PGPSignatureSubpacketGenerator​(PGPSignatureSubpacketVector sigSubV)
        Constructor for pre-initialising the generator from an existing one.
        Parameters:
        sigSubV - an initial set of subpackets.

    • Method Detail

      • setRevocable

        public void setRevocable​(boolean isCritical,
                         boolean isRevocable)
        Specify, whether or not the signature is revocable.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        isRevocable - true if the signature should be revocable, false otherwise.

      • setExportable

        public void setExportable​(boolean isCritical,
                          boolean isExportable)
        Specify, whether or not the signature should be marked as exportable. If this subpacket is missing, the signature is treated as being exportable.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        isExportable - true if the signature should be exportable, false otherwise.

      • setFeature

        public void setFeature​(boolean isCritical,
                       byte feature)
        Specify the set of features of the key.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        feature - features

      • setTrust

        public void setTrust​(boolean isCritical,
                     int depth,
                     int trustAmount)
        Add a TrustSignature packet to the signature. The values for depth and trust are largely installation dependent but there are some guidelines in RFC 4880 - 5.2.3.13.
        Parameters:
        isCritical - true if the packet is critical.
        depth - depth level.
        trustAmount - trust amount.

      • setKeyExpirationTime

        public void setKeyExpirationTime​(boolean isCritical,
                                 long seconds)
        Set the number of seconds a key is valid for after the time of its creation. A value of zero means the key never expires.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        seconds -

      • setSignatureExpirationTime

        public void setSignatureExpirationTime​(boolean isCritical,
                                       long seconds)
        Set the number of seconds a signature is valid for after the time of its creation. A value of zero means the signature never expires.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        seconds -

      • setSignatureCreationTime

        public void setSignatureCreationTime​(boolean isCritical,
                                     java.util.Date date)
        Set the creation time for the signature.

        Note: this overrides the generation of a creation time when the signature is generated.

      • setPreferredHashAlgorithms

        public void setPreferredHashAlgorithms​(boolean isCritical,
                                       int[] algorithms)
        Specify the preferred hash algorithms of the key. See HashAlgorithmTags.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        algorithms - array of algorithms in descending preference

      • setPreferredSymmetricAlgorithms

        public void setPreferredSymmetricAlgorithms​(boolean isCritical,
                                            int[] algorithms)
        Specify the preferred symmetric encryption algorithms of the key. See SymmetricKeyAlgorithmTags.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        algorithms - array of algorithms in descending preference

      • setPreferredCompressionAlgorithms

        public void setPreferredCompressionAlgorithms​(boolean isCritical,
                                              int[] algorithms)
        Specify the preferred compression algorithms of this key. See CompressionAlgorithmTags.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        algorithms - array of algorithms in descending preference

      • setPreferredAEADCiphersuites

        public void setPreferredAEADCiphersuites​(boolean isCritical,
                                         PreferredAEADCiphersuites.Combination[] algorithms)
        Specify the preferred OpenPGP AEAD ciphersuites of this key.
        Parameters:
        isCritical - true, if this packet should be treated as critical, false otherwise.
        algorithms - array of algorithms in descending preference
        See Also:
        RFC9580: Preferred AEAD Ciphersuites

      • setPreferredLibrePgpEncryptionModes

        public void setPreferredLibrePgpEncryptionModes​(boolean isCritical,
                                                int[] algorithms)
        Deprecated.
        the use of this subpacket is deprecated in LibrePGP
        Set the preferred encryption modes for LibrePGP keys. Note: LibrePGP is not OpenPGP. An application strictly compliant to only the OpenPGP standard will not know how to handle LibrePGP encryption modes. The LibrePGP spec states that this subpacket shall be ignored and the application shall instead assume AEADAlgorithmTags.OCB.
        Parameters:
        isCritical - whether the packet is critical
        algorithms - list of algorithms
        See Also:
        LibrePGP: Preferred Encryption Modes, for possible algorithms

      • setPreferredKeyServer

        public void setPreferredKeyServer​(boolean isCritical,
                                  java.lang.String uri)
        Specify the preferred key server for the signed user-id / key. Note, that the key server might also be a http/ftp etc. URI pointing to the key itself.
        Parameters:
        isCritical - true if the subpacket should be treated as critical
        uri - key server URI

      • addPolicyURI

        public void addPolicyURI​(boolean isCritical,
                         java.lang.String policyUri)

      • setKeyFlags

        public void setKeyFlags​(boolean isCritical,
                        int flags)
        Set this keys key flags. See PGPKeyFlags.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        flags - flags

      • setSignerUserID

        public void setSignerUserID​(boolean isCritical,
                            java.lang.String userID)
        Deprecated.
        use addSignerUserID(boolean, String) instead.
        Add a signer user-id to the signature.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        userID - signer user-id

      • addSignerUserID

        public void addSignerUserID​(boolean isCritical,
                            java.lang.String userID)
        Add a signer user-id to the signature.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        userID - signer user-id

      • setSignerUserID

        public void setSignerUserID​(boolean isCritical,
                            byte[] rawUserID)
        Deprecated.
        use addSignerUserID(boolean, byte[]) instead.
        Add a signer user-id to the signature.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        rawUserID - signer user-id

      • addSignerUserID

        public void addSignerUserID​(boolean isCritical,
                            byte[] rawUserID)
        Add a signer user-id to the signature.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        rawUserID - signer user-id

      • setEmbeddedSignature

        public void setEmbeddedSignature​(boolean isCritical,
                                 PGPSignature pgpSignature)
                          throws java.io.IOException
        Deprecated.
        use addEmbeddedSignature(boolean, PGPSignature) instead.
        Add an embedded signature packet.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        pgpSignature - embedded signature
        Throws:
        java.io.IOException - in case of an error

      • addEmbeddedSignature

        public void addEmbeddedSignature​(boolean isCritical,
                                 PGPSignature pgpSignature)
                          throws java.io.IOException
        Add an embedded signature packet.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        pgpSignature - embedded signature
        Throws:
        java.io.IOException - in case of an error

      • setPrimaryUserID

        public void setPrimaryUserID​(boolean isCritical,
                             boolean isPrimaryUserID)

      • setNotationData

        public void setNotationData​(boolean isCritical,
                            boolean isHumanReadable,
                            java.lang.String notationName,
                            java.lang.String notationValue)
        Deprecated.
        use addNotationData(boolean, boolean, String, String) instead.
        Add a notation data packet to the signature.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        isHumanReadable - true if the notation is human-readable.
        notationName - name of the notation key
        notationValue - value of the notation

      • addNotationData

        public void addNotationData​(boolean isCritical,
                            boolean isHumanReadable,
                            java.lang.String notationName,
                            java.lang.String notationValue)
        Add a notation data packet to the signature.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        isHumanReadable - true if the notation is human-readable.
        notationName - name of the notation key.
        notationValue - value of the notation.

      • setRevocationReason

        public void setRevocationReason​(boolean isCritical,
                                byte reason,
                                java.lang.String description)
        Sets revocation reason sub packet. See RevocationReasonTags.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        reason - reason code for the revocation
        description - human readable description of the revocation reason

      • setRevocationKey

        public void setRevocationKey​(boolean isCritical,
                             int keyAlgorithm,
                             byte[] fingerprint)
        Deprecated.
        the revocation key mechanism is deprecated. Applications MUST NOT generate such a packet.
        Adds a revocation key sub packet.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        keyAlgorithm - algorithm of the revocation key
        fingerprint - fingerprint of the revocation key (v4 only)

      • addRevocationKey

        public void addRevocationKey​(boolean isCritical,
                             int keyAlgorithm,
                             byte[] fingerprint)
        Deprecated.
        the revocation key mechanism is deprecated. Applications MUST NOT generate such a packet.
        Adds a revocation key sub packet.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        keyAlgorithm - algorithm of the revocation key
        fingerprint - fingerprint of the revocation key (v4 only)

      • setIssuerKeyID

        public void setIssuerKeyID​(boolean isCritical,
                           long keyID)
        Sets issuer key-id subpacket.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        keyID - id of the key that issued the signature

      • setSignatureTarget

        public void setSignatureTarget​(boolean isCritical,
                               int publicKeyAlgorithm,
                               int hashAlgorithm,
                               byte[] hashData)
        Sets the signature target sub packet.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        publicKeyAlgorithm - algorithm of the key that issued the signature that is being referred to.
        hashAlgorithm - hash algorithm that was used to calculate the hash data.
        hashData - hash of the signature that is being referred to.

      • setIssuerFingerprint

        public void setIssuerFingerprint​(boolean isCritical,
                                 PGPSecretKey secretKey)
        Sets the signature issuer fingerprint for the signing key.
        Parameters:
        isCritical - true if critical, false otherwise.
        secretKey - the secret key used to generate the associated signature.

      • setIssuerFingerprint

        public void setIssuerFingerprint​(boolean isCritical,
                                 PGPPublicKey publicKey)
        Sets the signature issuer fingerprint for the signing key.
        Parameters:
        isCritical - true if critical, false otherwise.
        publicKey - the public key needed to verify the associated signature.

      • setIntendedRecipientFingerprint

        public void setIntendedRecipientFingerprint​(boolean isCritical,
                                            PGPPublicKey publicKey)
        Deprecated.
        use addIntendedRecipientFingerprint(boolean, PGPPublicKey) instead.
        Adds a intended recipient fingerprint for an encrypted payload the signature is associated with.
        Parameters:
        isCritical - true if critical, false otherwise.
        publicKey - the public key the encrypted payload was encrypted against.

      • addIntendedRecipientFingerprint

        public void addIntendedRecipientFingerprint​(boolean isCritical,
                                            PGPPublicKey publicKey)
        Adds a intended recipient fingerprint for an encrypted payload the signature is associated with.
        Parameters:
        isCritical - true if critical, false otherwise.
        publicKey - the public key the encrypted payload was encrypted against.

      • addCustomSubpacket

        public void addCustomSubpacket​(SignatureSubpacket subpacket)
        Add a custom subpacket. Miscellaneous subpackets are subpackets that Bouncycastle does not recognize or doesn't have first class support for.
        Parameters:
        subpacket - subpacket

      • removePacket

        public boolean removePacket​(SignatureSubpacket packet)
        Remove a previously set packet from the generator.
        Parameters:
        packet - the signature subpacket to remove.

      • hasSubpacket

        public boolean hasSubpacket​(int type)
        Return true if a particular subpacket type exists.
        Parameters:
        type - type to look for.
        Returns:
        true if present, false otherwise.

      • getSubpackets

        public SignatureSubpacket[] getSubpackets​(int type)
        Return all signature subpackets of the passed in type currently in the generator.
        Parameters:
        type - subpacket type code
        Returns:
        an array of zero or more matching subpackets.

      • addRegularExpression

        public void addRegularExpression​(boolean isCritical,
                                 java.lang.String regularExpression)
        Adds a regular expression.
        Parameters:
        isCritical - true if should be treated as critical, false otherwise.
        regularExpression - the regular expression