Package org.bouncycastle.openpgp.api

Class OpenPGPCertificate.OpenPGPCertificateComponent

java.lang.Object
org.bouncycastle.openpgp.api.OpenPGPCertificate.OpenPGPCertificateComponent
Direct Known Subclasses:
OpenPGPCertificate.OpenPGPComponentKey, OpenPGPCertificate.OpenPGPIdentityComponent
Enclosing class:
OpenPGPCertificate
public abstract static class OpenPGPCertificate.OpenPGPCertificateComponent extends Object
Component on an OpenPGP certificate. Components can either be keys or identities.

  • Constructor Details

    • OpenPGPCertificateComponent

      public OpenPGPCertificateComponent(OpenPGPCertificate certificate)

  • Method Details

    • getCertificate

      public OpenPGPCertificate getCertificate()
      Return this components OpenPGPCertificate.
      Returns:
      certificate

    • toDetailString

      public abstract String toDetailString()
      Return a detailed String representation of this component.
      Returns:
      detailed String representation

    • isBound

      public boolean isBound()
      Return true, if the component is currently validly bound to the certificate.
      Returns:
      true if bound

    • isBoundAt

      public boolean isBoundAt(Date evaluationTime)
      Return true, if this component is - at evaluation time - properly bound to its certificate.
      Parameters:
      evaluationTime - evaluation time
      Returns:
      true if bound, false otherwise

    • getSignatureChains

      public OpenPGPCertificate.OpenPGPSignatureChains getSignatureChains()
      Return all OpenPGPCertificate.OpenPGPSignatureChains that bind this component.
      Returns:
      signature chains

    • getCertification

      public OpenPGPCertificate.OpenPGPComponentSignature getCertification(Date evaluationTime)
      Return the (at evaluation time) latest certification signature binding this component.
      Parameters:
      evaluationTime - reference time
      Returns:
      latest component certification signature

    • getRevocation

      public OpenPGPCertificate.OpenPGPComponentSignature getRevocation(Date evaluationTime)
      Return the (at evaluation time) latest revocation signature revoking this component.
      Parameters:
      evaluationTime - reference time
      Returns:
      latest component revocation signature

    • getLatestSelfSignature

      public OpenPGPCertificate.OpenPGPComponentSignature getLatestSelfSignature()
      Return the latest self-signature on the component. That might either be a certification signature, or a revocation.
      Returns:
      latest self signature

    • getLatestSelfSignature

      public abstract OpenPGPCertificate.OpenPGPComponentSignature getLatestSelfSignature(Date evaluationTime)
      Return the (at evaluation time) latest self-signature on the component. That might either be a certification signature, or a revocation.
      Parameters:
      evaluationTime - reference time
      Returns:
      latest self signature

    • getPublicComponent

      protected OpenPGPCertificate.OpenPGPCertificateComponent getPublicComponent()
      Return the public OpenPGPCertificate.OpenPGPCertificateComponent that belongs to this component. For public components (pubkeys, identities...), that's simply this, while secret components return their corresponding public component. This is used to properly map secret key and public key components in Maps that use components as map keys.
      Returns:
      public certificate component

    • getKeyComponent

      protected abstract OpenPGPCertificate.OpenPGPComponentKey getKeyComponent()
      Return the OpenPGPCertificate.OpenPGPComponentKey belonging to this OpenPGPCertificate.OpenPGPCertificateComponent. If this OpenPGPCertificate.OpenPGPCertificateComponent is an instance of OpenPGPCertificate.OpenPGPComponentKey, the method simply returns 
      this
      . If instead, the OpenPGPCertificate.OpenPGPCertificateComponent is an OpenPGPCertificate.OpenPGPIdentityComponent, the primary key it is bound to is returned.
      Returns:
      OpenPGPCertificate.OpenPGPComponentKey of this OpenPGPCertificate.OpenPGPCertificateComponent.

    • getKeyFlags

      public KeyFlags getKeyFlags()
      Return the KeyFlags signature subpacket that currently applies to the key.
      Returns:
      key flags subpacket

    • getKeyFlags

      public KeyFlags getKeyFlags(Date evaluationTime)
      Return the KeyFlags signature subpacket that - at evaluation time - applies to the key.
      Parameters:
      evaluationTime - evaluation time
      Returns:
      key flags subpacket

    • hasKeyFlags

      public boolean hasKeyFlags(Date evaluationTime, int... flags)
      Return 
      true
      , if the key has any of the given key flags.

      Note: To check if the key has EITHER flag A or B, call 

      hasKeyFlags(evalTime, A, B)
      . To instead check, if the key has BOTH flags A AND B, call 
      hasKeyFlags(evalTime, A & B)
      .
      Parameters:
      evaluationTime - evaluation time
      flags - key flags (see KeyFlags for possible values)
      Returns:
      true if the key has ANY of the provided flags

    • getFeatures

      public Features getFeatures()
      Return the Features signature subpacket that currently applies to the key.
      Returns:
      feature signature subpacket

    • getFeatures

      public Features getFeatures(Date evaluationTime)
      Return the Features signature subpacket that - at evaluation time - applies to the key.
      Parameters:
      evaluationTime - evaluation time
      Returns:
      features subpacket

    • getAEADCipherSuitePreferences

      public PreferredAEADCiphersuites getAEADCipherSuitePreferences()
      Return the PreferredAEADCiphersuites that apply to this (sub-)key. Note: This refers to AEAD preferences as defined in rfc9580, NOT LibrePGP AEAD algorithms.
      Returns:
      AEAD algorithm preferences

    • getAEADCipherSuitePreferences

      public PreferredAEADCiphersuites getAEADCipherSuitePreferences(Date evaluationTime)
      Return the PreferredAEADCiphersuites that - at evaluation time - apply to this (sub-)key. Note: This refers to AEAD preferences as defined in rfc9580, NOT LibrePGP AEAD algorithms.
      Parameters:
      evaluationTime - evaluation time
      Returns:
      AEAD algorithm preferences at evaluation time

    • getSymmetricCipherPreferences

      public PreferredAlgorithms getSymmetricCipherPreferences()
      Return the current symmetric encryption algorithm preferences of this (sub-)key.
      Returns:
      current preferred symmetric-key algorithm preferences

    • getSymmetricCipherPreferences

      public PreferredAlgorithms getSymmetricCipherPreferences(Date evaluationTime)
      Return the symmetric encryption algorithm preferences of this (sub-)key at evaluation time.
      Parameters:
      evaluationTime - evaluation time
      Returns:
      current preferred symmetric-key algorithm preferences

    • getHashAlgorithmPreferences

      public PreferredAlgorithms getHashAlgorithmPreferences()
      Return the current signature hash algorithm preferences of this (sub-)key.
      Returns:
      hash algorithm preferences

    • getHashAlgorithmPreferences

      public PreferredAlgorithms getHashAlgorithmPreferences(Date evaluationTime)
      Return the signature hash algorithm preferences of this (sub-)key at evaluation time.
      Parameters:
      evaluationTime - evaluation time
      Returns:
      hash algorithm preferences

    • getCompressionAlgorithmPreferences

      public PreferredAlgorithms getCompressionAlgorithmPreferences()
      Return the compression algorithm preferences of this (sub-)key.
      Returns:
      compression algorithm preferences

    • getCompressionAlgorithmPreferences

      public PreferredAlgorithms getCompressionAlgorithmPreferences(Date evaluationTime)
      Return the compression algorithm preferences of this (sub-)key at evaluation time.
      Parameters:
      evaluationTime - reference time
      Returns:
      compression algorithm preferences

    • getKeyExpirationDate

      public Date getKeyExpirationDate()
      Return the Date, at which the key expires.
      Returns:
      key expiration time

    • getKeyExpirationDateAt

      public Date getKeyExpirationDateAt(Date evaluationTime)
      Return the Date, at which the key - at evaluation time - expires.
      Parameters:
      evaluationTime - evaluation time
      Returns:
      key expiration time

    • getApplyingSubpacket

      protected OpenPGPSignature.OpenPGPSignatureSubpacket getApplyingSubpacket(Date evaluationTime, int subpacketType)
      Return the SignatureSubpacket instance of the given subpacketType, which currently applies to the key. Since subpackets from the Direct-Key signature apply to all subkeys of a certificate, this method first inspects the signature that immediately applies to this key (e.g. a subkey-binding signature), and - if the queried subpacket is found in there, returns that instance. Otherwise, indirectly applying signatures (e.g. Direct-Key signatures) are queried. That way, preferences from the direct-key signature are considered, but per-key overwrites take precedence.
      Parameters:
      evaluationTime - evaluation time
      subpacketType - subpacket type that is being searched for
      Returns:
      subpacket from directly or indirectly applying signature
      See Also:

    • getMergedDanglingExternalSignatureChainEndsFrom

      protected OpenPGPCertificate.OpenPGPSignatureChains getMergedDanglingExternalSignatureChainEndsFrom(OpenPGPCertificate thirdPartyCertificate, Date evaluationTime)
      Iterate over signatures issued over this component by the given 3rd-party certificate, merge them with the (at evaluation time) valid self-certification chain and return the results.
      Parameters:
      thirdPartyCertificate - certificate of a 3rd party
      evaluationTime - reference time
      Returns:
      all 3rd party signatures on this component, merged with their issuer chains