Package org.bouncycastle.openpgp

Class PGPSecretKeyRing

java.lang.Object
org.bouncycastle.openpgp.PGPKeyRing
org.bouncycastle.openpgp.PGPSecretKeyRing
All Implemented Interfaces:
Iterable<PGPSecretKey>, org.bouncycastle.util.Iterable<PGPSecretKey>
Direct Known Subclasses:
BcPGPSecretKeyRing, JcaPGPSecretKeyRing
public class PGPSecretKeyRing extends PGPKeyRing implements org.bouncycastle.util.Iterable<PGPSecretKey>
Class to hold a single master secret key and its subkeys.

Often PGP keyring files consist of multiple master keys, if you are trying to process or construct one of these you should use the PGPSecretKeyRingCollection class.

  • Constructor Details

  • Method Details

    • getPublicKey

      public PGPPublicKey getPublicKey()
      Return the public key for the master key.
      Specified by:
      getPublicKey in class PGPKeyRing
      Returns:
      PGPPublicKey

    • getPublicKey

      public PGPPublicKey getPublicKey(long keyID)
      Return the public key referred to by the passed in keyID if it is present.
      Specified by:
      getPublicKey in class PGPKeyRing
      Parameters:
      keyID - the full keyID of the key of interest.
      Returns:
      PGPPublicKey with matching keyID, null if it is not present.

    • getPublicKey

      public PGPPublicKey getPublicKey(byte[] fingerprint)
      Return the public key with the passed in fingerprint if it is present.
      Specified by:
      getPublicKey in class PGPKeyRing
      Parameters:
      fingerprint - the full fingerprint of the key of interest.
      Returns:
      PGPPublicKey with the matching fingerprint, null if it is not present.

    • getPublicKey

      public PGPPublicKey getPublicKey(KeyIdentifier identifier)
      Specified by:
      getPublicKey in class PGPKeyRing

    • getPublicKeys

      public Iterator<PGPPublicKey> getPublicKeys(KeyIdentifier identifier)
      Specified by:
      getPublicKeys in class PGPKeyRing

    • getSecretKey

      public PGPSecretKey getSecretKey(KeyIdentifier identifier)

    • getSecretKeys

      public Iterator<PGPSecretKey> getSecretKeys(KeyIdentifier identifier)

    • getKeysWithSignaturesBy

      public Iterator<PGPPublicKey> getKeysWithSignaturesBy(long keyID)
      Return any keys carrying a signature issued by the key represented by keyID.
      Specified by:
      getKeysWithSignaturesBy in class PGPKeyRing
      Parameters:
      keyID - the key id to be matched against.
      Returns:
      an iterator (possibly empty) of PGPPublicKey objects carrying signatures from keyID.

    • getKeysWithSignaturesBy

      public Iterator<PGPPublicKey> getKeysWithSignaturesBy(KeyIdentifier identifier)
      Specified by:
      getKeysWithSignaturesBy in class PGPKeyRing

    • getPublicKeys

      public Iterator<PGPPublicKey> getPublicKeys()
      Return an iterator containing all the public keys.
      Specified by:
      getPublicKeys in class PGPKeyRing
      Returns:
      Iterator

    • getSecretKey

      public PGPSecretKey getSecretKey()
      Return the master private key.
      Returns:
      PGPSecretKey

    • getSecretKeys

      public Iterator<PGPSecretKey> getSecretKeys()
      Return an iterator containing all the secret keys.
      Returns:
      Iterator

    • getSecretKey

      public PGPSecretKey getSecretKey(long keyID)
      Return the secret key referred to by the passed in keyID if it is present.
      Parameters:
      keyID - the full keyID of the key of interest.
      Returns:
      PGPSecretKey with matching keyID, null if it is not present.

    • getSecretKey

      public PGPSecretKey getSecretKey(byte[] fingerprint)
      Return the secret key associated with the passed in fingerprint if it is present.
      Parameters:
      fingerprint - the full fingerprint of the key of interest.
      Returns:
      PGPSecretKey with the matching fingerprint, null if it is not present.

    • getExtraPublicKeys

      public Iterator<PGPPublicKey> getExtraPublicKeys()
      Return an iterator of the public keys in the secret key ring that have no matching private key. At the moment only personal certificate data appears in this fashion.
      Returns:
      iterator of unattached, or extra, public keys.

    • size

      public int size()
      Return the number of keys in the key ring.
      Specified by:
      size in class PGPKeyRing
      Returns:
      number of keys (master key + subkey).

    • getEncoded

      public byte[] getEncoded() throws IOException
      Specified by:
      getEncoded in class PGPKeyRing
      Throws:
      IOException

    • getEncoded

      public byte[] getEncoded(PacketFormat format) throws IOException
      Specified by:
      getEncoded in class PGPKeyRing
      Throws:
      IOException

    • encode

      public void encode(OutputStream outStream) throws IOException
      Specified by:
      encode in class PGPKeyRing
      Throws:
      IOException

    • iterator

      public Iterator<PGPSecretKey> iterator()
      Support method for Iterable where available.
      Specified by:
      iterator in interface Iterable<PGPSecretKey>
      Specified by:
      iterator in interface org.bouncycastle.util.Iterable<PGPSecretKey>

    • replacePublicKeys

      public static PGPSecretKeyRing replacePublicKeys(PGPSecretKeyRing secretRing, PGPPublicKeyRing publicRing)
      Replace the public key set on the secret ring with the corresponding key off the public ring.
      Parameters:
      secretRing - secret ring to be changed.
      publicRing - public ring containing the new public key set.

    • insertOrReplacePublicKey

      public static PGPSecretKeyRing insertOrReplacePublicKey(PGPSecretKeyRing secretRing, PGPPublicKey publicKey)
      Either replace the public key on the corresponding secret key in the key ring if present, or insert the public key as an extra public key in case that the secret ring does not contain the corresponding secret key.
      Parameters:
      secretRing - secret key ring
      publicKey - public key to insert or replace
      Returns:
      secret key ring

    • copyWithNewPassword

      public static PGPSecretKeyRing copyWithNewPassword(PGPSecretKeyRing ring, PBESecretKeyDecryptor oldKeyDecryptor, PBESecretKeyEncryptor newKeyEncryptor) throws PGPException
      Return a copy of the passed in secret key ring, with the private keys (where present) associated with the master key and sub keys are encrypted using a new password and the passed in algorithm.
      Parameters:
      ring - the PGPSecretKeyRing to be copied.
      oldKeyDecryptor - the current decryptor based on the current password for key.
      newKeyEncryptor - a new encryptor based on a new password for encrypting the secret key material.
      Returns:
      the updated key ring.
      Throws:
      PGPException

    • insertSecretKey

      public static PGPSecretKeyRing insertSecretKey(PGPSecretKeyRing secRing, PGPSecretKey secKey)
      Returns a new key ring with the secret key passed in either added or replacing an existing one with the same key ID.
      Parameters:
      secRing - the secret key ring to be modified.
      secKey - the secret key to be added.
      Returns:
      a new secret key ring.

    • removeSecretKey

      public static PGPSecretKeyRing removeSecretKey(PGPSecretKeyRing secRing, PGPSecretKey secKey)
      Returns a new key ring with the secret key passed in removed from the key ring.
      Parameters:
      secRing - the secret key ring to be modified.
      secKey - the secret key to be removed.
      Returns:
      a new secret key ring, or null if secKey is not found.