org.bouncycastle.openpgp.api

Class OpenPGPSignature

java.lang.Object

org.bouncycastle.openpgp.api.OpenPGPSignature

Direct Known Subclasses:

OpenPGPCertificate.OpenPGPComponentSignature, OpenPGPSignature.OpenPGPDocumentSignature

public abstract class OpenPGPSignature
extends java.lang.Object

An OpenPGP signature. This is a wrapper around PGPSignature which tracks the verification state of the signature.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	OpenPGPSignature.OpenPGPDocumentSignature An OpenPGPSignature made over a binary or textual document (e.g. a message).
static class	OpenPGPSignature.OpenPGPSignatureSubpacket SignatureSubpacket and the OpenPGPSignature that contains it.

Field Summary

Fields

Modifier and Type	Field and Description
protected boolean	isCorrect
protected OpenPGPCertificate.OpenPGPComponentKey	issuer
protected boolean	isTested
protected PGPSignature	signature

Constructor Summary

Constructors

Constructor and Description
OpenPGPSignature(PGPSignature signature, OpenPGPCertificate.OpenPGPComponentKey issuer) Create an OpenPGPSignature.

Method Summary

Modifier and Type	Method and Description
java.util.Date	getCreationTime() Return the creation time of the signature.
byte[]	getEncoded() Return the binary encoding of the signature.
byte[]	getEncoded(PacketFormat packetFormat) Return the binary encoding of the signature.
java.util.Date	getExpirationTime() Return the expiration time of the signature.
OpenPGPCertificate.OpenPGPComponentKey	getIssuer() Return the OpenPGPCertificate.OpenPGPComponentKey subkey that issued this signature.
OpenPGPCertificate	getIssuerCertificate() Return the OpenPGPCertificate that contains the subkey that issued this signature.
protected java.lang.String	getIssuerDisplay()
KeyIdentifier	getKeyIdentifier() Return the most expressive KeyIdentifier from available candidates.
java.util.List<KeyIdentifier>	getKeyIdentifiers() Return a List of possible KeyIdentifier candidates.
static KeyIdentifier	getMostExpressiveIdentifier(java.util.List<KeyIdentifier> identifiers) Return the most expressive issuer KeyIdentifier.
PGPSignature	getSignature() Return the PGPSignature.
protected abstract java.lang.String	getTargetDisplay()
protected java.lang.String	getType()
boolean	isCertification() Return true, if this signature is a certification.
boolean	isEffectiveAt(java.util.Date evaluationTime) Return true, if the signature is not a hard revocation, and if the evaluation time falls into the period between signature creation time and expiration or revocation.
boolean	isHardRevocation() Return true, if this signature is a hard revocation.
boolean	isRevocation() Return true, if this signature is a revocation, false otherwise.
boolean	isTestedCorrect() Return true, if this signature has been tested and is correct.
java.lang.String	toAsciiArmoredString() Return an ASCII armored String representation of the signature.
java.lang.String	toAsciiArmoredString(PacketFormat packetFormat) Return an ASCII armored String representation of the signature.
java.lang.String	toAsciiArmoredString(PacketFormat packetFormat, ArmoredOutputStream.Builder armorBuilder) Return an ASCII armored String representation of the signature.
java.lang.String	toString()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

signature

protected final PGPSignature signature

issuer

protected final OpenPGPCertificate.OpenPGPComponentKey issuer

isTested

protected boolean isTested

isCorrect

protected boolean isCorrect

Constructor Detail

OpenPGPSignature

public OpenPGPSignature(PGPSignature signature,
                        OpenPGPCertificate.OpenPGPComponentKey issuer)

Create an OpenPGPSignature.

Parameters:

signature - signature

issuer - issuer subkey

Method Detail

getSignature

public PGPSignature getSignature()

Return the PGPSignature.

Returns:

signature

getIssuer

public OpenPGPCertificate.OpenPGPComponentKey getIssuer()

Return the OpenPGPCertificate.OpenPGPComponentKey subkey that issued this signature. This method might return null, if the issuer certificate is not available.

Returns:

issuer subkey or null

getIssuerCertificate

public OpenPGPCertificate getIssuerCertificate()

Return the OpenPGPCertificate that contains the subkey that issued this signature. This method might return null if the issuer certificate is not available

Returns:

issuer certificate or null

getKeyIdentifiers

public java.util.List<KeyIdentifier> getKeyIdentifiers()

Return a List of possible KeyIdentifier candidates.

Returns:

key identifier candidates

getKeyIdentifier

public KeyIdentifier getKeyIdentifier()

Return the most expressive KeyIdentifier from available candidates.

Returns:

most expressive key identifier

getMostExpressiveIdentifier

public static KeyIdentifier getMostExpressiveIdentifier(java.util.List<KeyIdentifier> identifiers)

Return the most expressive issuer KeyIdentifier. Due to historic reasons, signatures MAY contain more than one issuer packet, which might contain inconsistent information (issuer key-ids / issuer fingerprints). Throw wildcards (anonymous issuers) into the mix, and it becomes apparent, that there needs to be a way to select the "best" issuer identifier. If there are more than one issuer packet, this method returns the most expressive (prefer fingerprints over key-ids, prefer non-wildcard over wildcard) and returns that.

Parameters:

identifiers - list of available identifiers

Returns:

the best identifier

isTestedCorrect

public boolean isTestedCorrect()

Return true, if this signature has been tested and is correct.

Returns:

true if the signature is tested and is correct, false otherwise

getCreationTime

public java.util.Date getCreationTime()

Return the creation time of the signature.

Returns:

signature creation time

getExpirationTime

public java.util.Date getExpirationTime()

Return the expiration time of the signature. If no expiration time was included (or if the signature was explicitly marked as non-expiring), return null, otherwise return the time of expiration. The signature is no longer valid, once the expiration time is exceeded.

Returns:

expiration time

isEffectiveAt

public boolean isEffectiveAt(java.util.Date evaluationTime)

Return true, if the signature is not a hard revocation, and if the evaluation time falls into the period between signature creation time and expiration or revocation.

Parameters:

evaluationTime - time for which you want to determine effectiveness of the signature

Returns:

true if the signature is effective at the given evaluation time

isHardRevocation

public boolean isHardRevocation()

Return true, if this signature is a hard revocation. Contrary to soft revocations (the key / signature / user-id was gracefully retired), a hard revocation has a serious reason, like key compromise, or no reason at all. Hard revocations invalidate the key / signature / user-id retroactively, while soft revocations only invalidate from the time of revocation signature creation onwards.

Returns:

true if the signature is a hard revocation

isCertification

public boolean isCertification()

Return true, if this signature is a certification. Certification signatures are used to bind user-ids to a key.

Returns:

true if the signature is a certification

isRevocation

public boolean isRevocation()

Return true, if this signature is a revocation, false otherwise.

Returns:

true if signature is revocation

toString

public java.lang.String toString()

Overrides:

toString in class java.lang.Object

getIssuerDisplay

protected java.lang.String getIssuerDisplay()

getTargetDisplay

protected abstract java.lang.String getTargetDisplay()

getType

protected java.lang.String getType()

toAsciiArmoredString

public java.lang.String toAsciiArmoredString()
                                      throws java.io.IOException

Return an ASCII armored String representation of the signature. If the signature contains issuer information, the fingerprint or key-id of the issuer will be added to the ASCII armor as a comment header.

Returns:

ASCII armored signature

Throws:

java.io.IOException - if the signature cannot be encoded

toAsciiArmoredString

public java.lang.String toAsciiArmoredString(PacketFormat packetFormat)
                                      throws java.io.IOException

Return an ASCII armored String representation of the signature. If the signature contains issuer information, the fingerprint or key-id of the issuer will be added to the ASCII armor as a comment header.

Parameters:

packetFormat - decide, which packet format to use when encoding the signature

Returns:

ASCII armored signature

Throws:

java.io.IOException - if the signature cannot be encoded

toAsciiArmoredString

public java.lang.String toAsciiArmoredString(PacketFormat packetFormat,
                                             ArmoredOutputStream.Builder armorBuilder)
                                      throws java.io.IOException

Return an ASCII armored String representation of the signature. The ASCII armor can be configured using the passed ArmoredOutputStream.Builder.

Parameters:

packetFormat - decide, which packet format to use when encoding the signature

armorBuilder - builder for the ASCII armored output stream

Returns:

ASCII armored signature

Throws:

java.io.IOException - if the signature cannot be encoded

getEncoded

public byte[] getEncoded()
                  throws java.io.IOException

Return the binary encoding of the signature.

Returns:

binary encoding

Throws:

java.io.IOException - if the signature cannot be encoded

getEncoded

public byte[] getEncoded(PacketFormat packetFormat)
                  throws java.io.IOException

Return the binary encoding of the signature.

Parameters:

packetFormat - decide, which packet format to use when encoding the signature

Returns:

binary encoding

Throws:

java.io.IOException - if the signature cannot be encoded