Package org.bouncycastle.openpgp

Class PGPPublicKey

java.lang.Object
org.bouncycastle.openpgp.PGPPublicKey
All Implemented Interfaces:
PublicKeyAlgorithmTags
public class PGPPublicKey extends Object implements PublicKeyAlgorithmTags
general class to handle a PGP public key object.

  • Constructor Details

    • PGPPublicKey

      public PGPPublicKey(PublicKeyPacket publicKeyPacket, KeyFingerPrintCalculator fingerPrintCalculator) throws PGPException
      Create a PGP public key from a packet descriptor using the passed in fingerPrintCalculator to do calculate the fingerprint and keyID.
      Parameters:
      publicKeyPacket - packet describing the public key.
      fingerPrintCalculator - calculator providing the digest support ot create the key fingerprint.
      Throws:
      PGPException - if the packet is faulty, or the required calculations fail.

  • Method Details

    • getVersion

      public int getVersion()
      Returns:
      the version of this key.

    • getCreationTime

      public Date getCreationTime()
      Returns:
      creation time of key.

    • getValidDays

      public int getValidDays()
      Deprecated.
      use getValidSeconds(): greater than version 3 keys may be valid for less than a day.
      Returns:
      number of valid days from creation time - zero means no expiry.

    • getTrustData

      public byte[] getTrustData()
      Return the trust data associated with the public key, if present.
      Returns:
      a byte array with trust data, null otherwise.

    • getValidSeconds

      public long getValidSeconds()
      Returns:
      number of valid seconds from creation time - zero means no expiry.

    • getKeyID

      public long getKeyID()
      Return the keyID associated with the public key.
      Returns:
      long

    • getKeyIdentifier

      public KeyIdentifier getKeyIdentifier()
      Return a KeyIdentifier identifying this key.
      Returns:
      key identifier

    • getFingerprint

      public byte[] getFingerprint()
      Return the fingerprint of the public key.
      Returns:
      key fingerprint.

    • hasFingerprint

      public boolean hasFingerprint(byte[] fingerprint)

    • isEncryptionKey

      public boolean isEncryptionKey()
      Return true if this key has an algorithm type that makes it suitable to use for encryption.

      Note: with version 4 keys KeyFlags subpackets should also be considered when present for determining the preferred use of the key.

      Returns:
      true if the key algorithm is suitable for encryption.

    • isMasterKey

      public boolean isMasterKey()
      Return true if this could be a master key.
      Returns:
      true if a master key.

    • getAlgorithm

      public int getAlgorithm()
      Return the algorithm code associated with the public key.
      Returns:
      int

    • getBitStrength

      public int getBitStrength()
      Return the strength of the key in bits.
      Returns:
      bit strength of key.

    • getUserIDs

      public Iterator<String> getUserIDs()
      Return any userIDs associated with the key.
      Returns:
      an iterator of Strings.

    • getRawUserIDs

      public Iterator<byte[]> getRawUserIDs()
      Return any userIDs associated with the key in raw byte form. No attempt is made to convert the IDs into Strings.
      Returns:
      an iterator of byte[].

    • getUserAttributes

      public Iterator<PGPUserAttributeSubpacketVector> getUserAttributes()
      Return any user attribute vectors associated with the key.
      Returns:
      an iterator of PGPUserAttributeSubpacketVector objects.

    • getSignaturesForID

      public Iterator<PGPSignature> getSignaturesForID(String id)
      Return any signatures associated with the passed in id.
      Parameters:
      id - the id to be matched.
      Returns:
      an iterator of PGPSignature objects.

    • getSignaturesForID

      public Iterator<PGPSignature> getSignaturesForID(byte[] rawID)
      Return any signatures associated with the passed in id.
      Parameters:
      rawID - the id to be matched in raw byte form.
      Returns:
      an iterator of PGPSignature objects.

    • getSignaturesForKeyID

      public Iterator<PGPSignature> getSignaturesForKeyID(long keyID)
      Return any signatures associated with the passed in key identifier keyID.
      Parameters:
      keyID - the key id to be matched.
      Returns:
      an iterator of PGPSignature objects issued by the key with keyID.

    • getSignaturesForKey

      public Iterator<PGPSignature> getSignaturesForKey(KeyIdentifier identifier)

    • getSignaturesForUserAttribute

      public Iterator<PGPSignature> getSignaturesForUserAttribute(PGPUserAttributeSubpacketVector userAttributes)
      Return an iterator of signatures associated with the passed in user attributes.
      Parameters:
      userAttributes - the vector of user attributes to be matched.
      Returns:
      an iterator of PGPSignature objects.

    • getSignaturesOfType

      public Iterator<PGPSignature> getSignaturesOfType(int signatureType)
      Return signatures of the passed in type that are on this key.
      Parameters:
      signatureType - the type of the signature to be returned.
      Returns:
      an iterator (possibly empty) of signatures of the given type.

    • getSignatures

      public Iterator<PGPSignature> getSignatures()
      Return all signatures/certifications associated with this key.
      Returns:
      an iterator (possibly empty) with all signatures/certifications.

    • getKeySignatures

      public Iterator<PGPSignature> getKeySignatures()
      Return all signatures/certifications directly associated with this key (ie, not to a user id).
      Returns:
      an iterator (possibly empty) with all signatures/certifications.

    • getPublicKeyPacket

      public PublicKeyPacket getPublicKeyPacket()

    • getEncoded

      public byte[] getEncoded() throws IOException
      Throws:
      IOException

    • getEncoded

      public byte[] getEncoded(boolean forTransfer) throws IOException
      Return an encoding of the key, with trust packets stripped out if forTransfer is true.
      Parameters:
      forTransfer - if the purpose of encoding is to send key to other users.
      Returns:
      a encoded byte array representing the key.
      Throws:
      IOException - in case of encoding error.

    • encode

      public void encode(OutputStream outStream) throws IOException
      Throws:
      IOException

    • encode

      public void encode(OutputStream outStream, boolean forTransfer) throws IOException
      Encode the key to outStream, with trust packets stripped out if forTransfer is true.
      Parameters:
      outStream - stream to write the key encoding to.
      forTransfer - if the purpose of encoding is to send key to other users.
      Throws:
      IOException - in case of encoding error.

    • isRevoked

      public boolean isRevoked()
      Deprecated.
      this method is poorly named, use hasRevocation().
      Check whether this (sub)key has a revocation signature on it.
      Returns:
      boolean indicating whether this (sub)key has been revoked.

    • hasRevocation

      public boolean hasRevocation()
      Check whether this (sub)key has a revocation signature on it.
      Returns:
      boolean indicating whether this (sub)key has had a (possibly invalid) revocation attached..

    • addCertification

      public static PGPPublicKey addCertification(PGPPublicKey key, byte[] rawID, PGPSignature certification)
      Add a certification for an id to the given public key.
      Parameters:
      key - the key the certification is to be added to.
      rawID - the raw bytes making up the user id..
      certification - the new certification.
      Returns:
      the re-certified key.

    • addCertification

      public static PGPPublicKey addCertification(PGPPublicKey key, String id, PGPSignature certification)
      Add a certification for an id to the given public key.
      Parameters:
      key - the key the certification is to be added to.
      id - the id the certification is associated with.
      certification - the new certification.
      Returns:
      the re-certified key.

    • addCertification

      public static PGPPublicKey addCertification(PGPPublicKey key, PGPUserAttributeSubpacketVector userAttributes, PGPSignature certification)
      Add a certification for the given UserAttributeSubpackets to the given public key.
      Parameters:
      key - the key the certification is to be added to.
      userAttributes - the attributes the certification is associated with.
      certification - the new certification.
      Returns:
      the re-certified key.

    • removeCertification

      public static PGPPublicKey removeCertification(PGPPublicKey key, PGPUserAttributeSubpacketVector userAttributes)
      Remove any certifications associated with a given user attribute subpacket on a key.
      Parameters:
      key - the key the certifications are to be removed from.
      userAttributes - the attributes to be removed.
      Returns:
      the re-certified key, null if the user attribute subpacket was not found on the key.

    • removeCertification

      public static PGPPublicKey removeCertification(PGPPublicKey key, String id)
      Remove any certifications associated with a given id on a key.
      Parameters:
      key - the key the certifications are to be removed from.
      id - the id that is to be removed.
      Returns:
      the re-certified key, null if the id was not found on the key.

    • removeCertification

      public static PGPPublicKey removeCertification(PGPPublicKey key, byte[] rawID)
      Remove any certifications associated with a given id on a key.
      Parameters:
      key - the key the certifications are to be removed from.
      rawID - the id that is to be removed in raw byte form.
      Returns:
      the re-certified key, null if the id was not found on the key.

    • removeCertification

      public static PGPPublicKey removeCertification(PGPPublicKey key, byte[] id, PGPSignature certification)
      Remove a certification associated with a given id on a key.
      Parameters:
      key - the key the certifications are to be removed from.
      id - the id that the certification is to be removed from (in its raw byte form)
      certification - the certification to be removed.
      Returns:
      the re-certified key, null if the certification was not found.

    • removeCertification

      public static PGPPublicKey removeCertification(PGPPublicKey key, String id, PGPSignature certification)
      Remove a certification associated with a given id on a key.
      Parameters:
      key - the key the certifications are to be removed from.
      id - the id that the certification is to be removed from.
      certification - the certification to be removed.
      Returns:
      the re-certified key, null if the certification was not found.

    • removeCertification

      public static PGPPublicKey removeCertification(PGPPublicKey key, PGPUserAttributeSubpacketVector userAttributes, PGPSignature certification)
      Remove a certification associated with a given user attributes on a key.
      Parameters:
      key - the key the certifications are to be removed from.
      userAttributes - the user attributes that the certification is to be removed from.
      certification - the certification to be removed.
      Returns:
      the re-certified key, null if the certification was not found.

    • addCertification

      public static PGPPublicKey addCertification(PGPPublicKey key, PGPSignature certification)
      Add a revocation or some other key certification to a key.
      Parameters:
      key - the key the revocation is to be added to.
      certification - the key signature to be added.
      Returns:
      the new changed public key object.

    • removeCertification

      public static PGPPublicKey removeCertification(PGPPublicKey key, PGPSignature certification)
      Remove a certification from the key.
      Parameters:
      key - the key the certifications are to be removed from.
      certification - the certification to be removed.
      Returns:
      the modified key, null if the certification was not found.

    • join

      public static PGPPublicKey join(PGPPublicKey key, PGPPublicKey copy, boolean joinTrustPackets, boolean allowSubkeySigsOnNonSubkey) throws PGPException
      Merge this the given local public key with another, potentially fresher copy. The resulting PGPPublicKey contains the sum of both keys user-ids and signatures.

      If joinTrustPackets is set to true and the copy carries a trust packet, the joined key will copy the trust-packet from the copy. Otherwise, it will carry the trust packet of the local key.

      Parameters:
      key - local public key
      copy - copy of the public key (e.g. from a key server)
      joinTrustPackets - if true, trust packets from the copy are copied over into the resulting key
      allowSubkeySigsOnNonSubkey - if true, subkey signatures on the copy will be present in the merged key, even if key was not a subkey before.
      Returns:
      joined key
      Throws:
      PGPException