Package org.bouncycastle.openpgp

Class PGPPublicKey

    • Constructor Detail

      • PGPPublicKey

        public PGPPublicKey​(PublicKeyPacket publicKeyPacket,
                    KeyFingerPrintCalculator fingerPrintCalculator)
             throws PGPException
        Create a PGP public key from a packet descriptor using the passed in fingerPrintCalculator to do calculate the fingerprint and keyID.
        Parameters:
        publicKeyPacket - packet describing the public key.
        fingerPrintCalculator - calculator providing the digest support ot create the key fingerprint.
        Throws:
        PGPException - if the packet is faulty, or the required calculations fail.

    • Method Detail

      • getVersion

        public int getVersion()
        Returns:
        the version of this key.

      • getCreationTime

        public java.util.Date getCreationTime()
        Returns:
        creation time of key.

      • getValidDays

        public int getValidDays()
        Deprecated.
        use getValidSeconds(): greater than version 3 keys may be valid for less than a day.
        Returns:
        number of valid days from creation time - zero means no expiry.

      • getTrustData

        public byte[] getTrustData()
        Return the trust data associated with the public key, if present.
        Returns:
        a byte array with trust data, null otherwise.

      • getValidSeconds

        public long getValidSeconds()
        Returns:
        number of valid seconds from creation time - zero means no expiry.

      • getKeyID

        public long getKeyID()
        Return the keyID associated with the public key.
        Returns:
        long

      • getFingerprint

        public byte[] getFingerprint()
        Return the fingerprint of the public key.
        Returns:
        key fingerprint.

      • hasFingerprint

        public boolean hasFingerprint​(byte[] fingerprint)

      • isEncryptionKey

        public boolean isEncryptionKey()
        Return true if this key has an algorithm type that makes it suitable to use for encryption.

        Note: with version 4 keys KeyFlags subpackets should also be considered when present for determining the preferred use of the key.

        Returns:
        true if the key algorithm is suitable for encryption.

      • isMasterKey

        public boolean isMasterKey()
        Return true if this could be a master key.
        Returns:
        true if a master key.

      • getAlgorithm

        public int getAlgorithm()
        Return the algorithm code associated with the public key.
        Returns:
        int

      • getBitStrength

        public int getBitStrength()
        Return the strength of the key in bits.
        Returns:
        bit strength of key.

      • getUserIDs

        public java.util.Iterator<java.lang.String> getUserIDs()
        Return any userIDs associated with the key.
        Returns:
        an iterator of Strings.

      • getRawUserIDs

        public java.util.Iterator<byte[]> getRawUserIDs()
        Return any userIDs associated with the key in raw byte form. No attempt is made to convert the IDs into Strings.
        Returns:
        an iterator of byte[].

      • getUserAttributes

        public java.util.Iterator<PGPUserAttributeSubpacketVector> getUserAttributes()
        Return any user attribute vectors associated with the key.
        Returns:
        an iterator of PGPUserAttributeSubpacketVector objects.

      • getSignaturesForID

        public java.util.Iterator<PGPSignature> getSignaturesForID​(java.lang.String id)
        Return any signatures associated with the passed in id.
        Parameters:
        id - the id to be matched.
        Returns:
        an iterator of PGPSignature objects.

      • getSignaturesForID

        public java.util.Iterator<PGPSignature> getSignaturesForID​(byte[] rawID)
        Return any signatures associated with the passed in id.
        Parameters:
        rawID - the id to be matched in raw byte form.
        Returns:
        an iterator of PGPSignature objects.

      • getSignaturesForKeyID

        public java.util.Iterator<PGPSignature> getSignaturesForKeyID​(long keyID)
        Return any signatures associated with the passed in key identifier keyID.
        Parameters:
        keyID - the key id to be matched.
        Returns:
        an iterator of PGPSignature objects issued by the key with keyID.

      • getSignaturesForUserAttribute

        public java.util.Iterator<PGPSignature> getSignaturesForUserAttribute​(PGPUserAttributeSubpacketVector userAttributes)
        Return an iterator of signatures associated with the passed in user attributes.
        Parameters:
        userAttributes - the vector of user attributes to be matched.
        Returns:
        an iterator of PGPSignature objects.

      • getSignaturesOfType

        public java.util.Iterator<PGPSignature> getSignaturesOfType​(int signatureType)
        Return signatures of the passed in type that are on this key.
        Parameters:
        signatureType - the type of the signature to be returned.
        Returns:
        an iterator (possibly empty) of signatures of the given type.

      • getSignatures

        public java.util.Iterator<PGPSignature> getSignatures()
        Return all signatures/certifications associated with this key.
        Returns:
        an iterator (possibly empty) with all signatures/certifications.

      • getKeySignatures

        public java.util.Iterator<PGPSignature> getKeySignatures()
        Return all signatures/certifications directly associated with this key (ie, not to a user id).
        Returns:
        an iterator (possibly empty) with all signatures/certifications.

      • getEncoded

        public byte[] getEncoded()
                  throws java.io.IOException
        Throws:
        java.io.IOException

      • getEncoded

        public byte[] getEncoded​(boolean forTransfer)
                  throws java.io.IOException
        Return an encoding of the key, with trust packets stripped out if forTransfer is true.
        Parameters:
        forTransfer - if the purpose of encoding is to send key to other users.
        Returns:
        a encoded byte array representing the key.
        Throws:
        java.io.IOException - in case of encoding error.

      • encode

        public void encode​(java.io.OutputStream outStream)
            throws java.io.IOException
        Throws:
        java.io.IOException

      • encode

        public void encode​(java.io.OutputStream outStream,
                   boolean forTransfer)
            throws java.io.IOException
        Encode the key to outStream, with trust packets stripped out if forTransfer is true.
        Parameters:
        outStream - stream to write the key encoding to.
        forTransfer - if the purpose of encoding is to send key to other users.
        Throws:
        java.io.IOException - in case of encoding error.

      • isRevoked

        public boolean isRevoked()
        Deprecated.
        this method is poorly named, use hasRevocation().
        Check whether this (sub)key has a revocation signature on it.
        Returns:
        boolean indicating whether this (sub)key has been revoked.

      • hasRevocation

        public boolean hasRevocation()
        Check whether this (sub)key has a revocation signature on it.
        Returns:
        boolean indicating whether this (sub)key has had a (possibly invalid) revocation attached..

      • addCertification

        public static PGPPublicKey addCertification​(PGPPublicKey key,
                                            byte[] rawID,
                                            PGPSignature certification)
        Add a certification for an id to the given public key.
        Parameters:
        key - the key the certification is to be added to.
        rawID - the raw bytes making up the user id..
        certification - the new certification.
        Returns:
        the re-certified key.

      • addCertification

        public static PGPPublicKey addCertification​(PGPPublicKey key,
                                            java.lang.String id,
                                            PGPSignature certification)
        Add a certification for an id to the given public key.
        Parameters:
        key - the key the certification is to be added to.
        id - the id the certification is associated with.
        certification - the new certification.
        Returns:
        the re-certified key.

      • addCertification

        public static PGPPublicKey addCertification​(PGPPublicKey key,
                                            PGPUserAttributeSubpacketVector userAttributes,
                                            PGPSignature certification)
        Add a certification for the given UserAttributeSubpackets to the given public key.
        Parameters:
        key - the key the certification is to be added to.
        userAttributes - the attributes the certification is associated with.
        certification - the new certification.
        Returns:
        the re-certified key.

      • removeCertification

        public static PGPPublicKey removeCertification​(PGPPublicKey key,
                                               PGPUserAttributeSubpacketVector userAttributes)
        Remove any certifications associated with a given user attribute subpacket on a key.
        Parameters:
        key - the key the certifications are to be removed from.
        userAttributes - the attributes to be removed.
        Returns:
        the re-certified key, null if the user attribute subpacket was not found on the key.

      • removeCertification

        public static PGPPublicKey removeCertification​(PGPPublicKey key,
                                               java.lang.String id)
        Remove any certifications associated with a given id on a key.
        Parameters:
        key - the key the certifications are to be removed from.
        id - the id that is to be removed.
        Returns:
        the re-certified key, null if the id was not found on the key.

      • removeCertification

        public static PGPPublicKey removeCertification​(PGPPublicKey key,
                                               byte[] rawID)
        Remove any certifications associated with a given id on a key.
        Parameters:
        key - the key the certifications are to be removed from.
        rawID - the id that is to be removed in raw byte form.
        Returns:
        the re-certified key, null if the id was not found on the key.

      • removeCertification

        public static PGPPublicKey removeCertification​(PGPPublicKey key,
                                               byte[] id,
                                               PGPSignature certification)
        Remove a certification associated with a given id on a key.
        Parameters:
        key - the key the certifications are to be removed from.
        id - the id that the certification is to be removed from (in its raw byte form)
        certification - the certification to be removed.
        Returns:
        the re-certified key, null if the certification was not found.

      • removeCertification

        public static PGPPublicKey removeCertification​(PGPPublicKey key,
                                               java.lang.String id,
                                               PGPSignature certification)
        Remove a certification associated with a given id on a key.
        Parameters:
        key - the key the certifications are to be removed from.
        id - the id that the certification is to be removed from.
        certification - the certification to be removed.
        Returns:
        the re-certified key, null if the certification was not found.

      • removeCertification

        public static PGPPublicKey removeCertification​(PGPPublicKey key,
                                               PGPUserAttributeSubpacketVector userAttributes,
                                               PGPSignature certification)
        Remove a certification associated with a given user attributes on a key.
        Parameters:
        key - the key the certifications are to be removed from.
        userAttributes - the user attributes that the certification is to be removed from.
        certification - the certification to be removed.
        Returns:
        the re-certified key, null if the certification was not found.

      • addCertification

        public static PGPPublicKey addCertification​(PGPPublicKey key,
                                            PGPSignature certification)
        Add a revocation or some other key certification to a key.
        Parameters:
        key - the key the revocation is to be added to.
        certification - the key signature to be added.
        Returns:
        the new changed public key object.

      • removeCertification

        public static PGPPublicKey removeCertification​(PGPPublicKey key,
                                               PGPSignature certification)
        Remove a certification from the key.
        Parameters:
        key - the key the certifications are to be removed from.
        certification - the certification to be removed.
        Returns:
        the modified key, null if the certification was not found.

      • join

        public static PGPPublicKey join​(PGPPublicKey key,
                                PGPPublicKey copy,
                                boolean joinTrustPackets,
                                boolean allowSubkeySigsOnNonSubkey)
                         throws PGPException
        Merge this the given local public key with another, potentially fresher copy. The resulting PGPPublicKey contains the sum of both keys user-ids and signatures.

        If joinTrustPackets is set to true and the copy carries a trust packet, the joined key will copy the trust-packet from the copy. Otherwise, it will carry the trust packet of the local key.

        Parameters:
        key - local public key
        copy - copy of the public key (e.g. from a key server)
        joinTrustPackets - if true, trust packets from the copy are copied over into the resulting key
        allowSubkeySigsOnNonSubkey - if true, subkey signatures on the copy will be present in the merged key, even if key was not a subkey before.
        Returns:
        joined key
        Throws:
        PGPException