org.bouncycastle.bcpg

Class OnePassSignaturePacket

java.lang.Object

org.bouncycastle.bcpg.Packet

org.bouncycastle.bcpg.ContainedPacket

org.bouncycastle.bcpg.OnePassSignaturePacket

All Implemented Interfaces:

PacketTags, org.bouncycastle.util.Encodable

public class OnePassSignaturePacket
extends ContainedPacket

One-Pass-Signature packet. OPS packets are used to enable verification of signed messages in one-pass by providing necessary metadata about the signed data up front, so the consumer can start processing the signed data without needing to process the signature packet at the end of the data stream first. There are two versions of this packet currently defined. Version 3 OPS packets are used with SignaturePackets of version 3 and 4. Version 6 OPS packets are used with SignaturePackets of version 6. It is not clear to me, which version of the OPS packet is intended to be used with version 5 signatures.

See Also:

Definition of version 3 OPS packets in RFC4880, Definition of version 3 and 6 OPS packets in RFC9580, Definition of version 3 and 6 OPS packets in librepgp

Field Summary

Fields

Modifier and Type	Field and Description
static int	VERSION_3
static int	VERSION_6

Fields inherited from interface org.bouncycastle.bcpg.PacketTags

AEAD_ENC_DATA, COMPRESSED_DATA, EXPERIMENTAL_1, EXPERIMENTAL_2, EXPERIMENTAL_3, EXPERIMENTAL_4, LITERAL_DATA, MARKER, MOD_DETECTION_CODE, ONE_PASS_SIGNATURE, PADDING, PUBLIC_KEY, PUBLIC_KEY_ENC_SESSION, PUBLIC_SUBKEY, RESERVED, SECRET_KEY, SECRET_SUBKEY, SIGNATURE, SYM_ENC_INTEGRITY_PRO, SYMMETRIC_KEY_ENC, SYMMETRIC_KEY_ENC_SESSION, TRUST, USER_ATTRIBUTE, USER_ID

Constructor Summary

Constructors

Constructor and Description
OnePassSignaturePacket(int sigType, int hashAlgorithm, int keyAlgorithm, byte[] salt, byte[] fingerprint, boolean isNested) Create a version 6 OnePassSignaturePacket.
OnePassSignaturePacket(int sigType, int hashAlgorithm, int keyAlgorithm, long keyID, boolean isNested) Create a version 3 OnePassSignaturePacket.

Method Summary

Modifier and Type	Method and Description
void	encode(BCPGOutputStream out) Encode the contents of this packet into the given packet output stream.
byte[]	getFingerprint() Return the version 6 fingerprint of the issuer.
int	getHashAlgorithm() Return the algorithm ID of the hash algorithm.
int	getKeyAlgorithm() Return the ID of the public key encryption algorithm.
long	getKeyID() Return the key-id of the signing key.
byte[]	getSalt() Return the salt used in the signature.
int	getSignatureType() Return the signature type.
int	getVersion() Return the packet version.
boolean	isContaining() Return true, if the signature contains any signatures that follow.

Methods inherited from class org.bouncycastle.bcpg.ContainedPacket

getEncoded, getEncoded

Methods inherited from class org.bouncycastle.bcpg.Packet

getPacketTag, hasNewPacketFormat, isCritical

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

VERSION_3

public static final int VERSION_3

See Also:

Constant Field Values

VERSION_6

public static final int VERSION_6

See Also:

Constant Field Values

Constructor Detail

OnePassSignaturePacket

public OnePassSignaturePacket(int sigType,
                              int hashAlgorithm,
                              int keyAlgorithm,
                              long keyID,
                              boolean isNested)

Create a version 3 OnePassSignaturePacket. Version 3 OPS packets are used with version 3 and version 4 SignaturePackets. To create an OPS packet for use with a version 6 SignaturePacket, see OnePassSignaturePacket(int, int, int, byte[], byte[], boolean).

Parameters:

sigType - signature type

hashAlgorithm - hash algorithm tag

keyAlgorithm - public key algorithm tag

keyID - id of the signing key

isNested - if false, there is another OPS packet after this one, which applies to the same data. it true, the corresponding signature is calculated also over succeeding additional OPS packets.

OnePassSignaturePacket

public OnePassSignaturePacket(int sigType,
                              int hashAlgorithm,
                              int keyAlgorithm,
                              byte[] salt,
                              byte[] fingerprint,
                              boolean isNested)

Create a version 6 OnePassSignaturePacket.

Parameters:

sigType - signature type

hashAlgorithm - hash algorithm tag

keyAlgorithm - public key algorithm tag

salt - random salt. The length of this array depends on the hash algorithm in use.

fingerprint - 32 octet fingerprint of the (v6) signing key

isNested - if false, there is another OPS packet after this one, which applies to the same data. it true, the corresponding signature is calculated also over succeeding additional OPS packets.

Method Detail

getVersion

public int getVersion()

Return the packet version.

Returns:

version

getSignatureType

public int getSignatureType()

Return the signature type.

Returns:

the signature type

getKeyAlgorithm

public int getKeyAlgorithm()

Return the ID of the public key encryption algorithm.

Returns:

public key algorithm tag

getHashAlgorithm

public int getHashAlgorithm()

Return the algorithm ID of the hash algorithm.

Returns:

hash algorithm tag

getKeyID

public long getKeyID()

Return the key-id of the signing key.

Returns:

key id

getFingerprint

public byte[] getFingerprint()

Return the version 6 fingerprint of the issuer. Only for version 6 packets.

Returns:

32 bytes issuer fingerprint

getSalt

public byte[] getSalt()

Return the salt used in the signature. Only for version 6 packets.

Returns:

salt

isContaining

public boolean isContaining()

Return true, if the signature contains any signatures that follow. A bracketing OPS is followed by additional OPS packets and is calculated over all the data between itself and its corresponding signature (it is an attestation for encapsulated signatures).

Returns:

true if encapsulating, false otherwise

encode

public void encode(BCPGOutputStream out)
            throws java.io.IOException

Encode the contents of this packet into the given packet output stream.

Specified by:

encode in class ContainedPacket

Parameters:

out - OpenPGP packet output stream

Throws:

java.io.IOException