Package org.bouncycastle.openpgp.api
Class OpenPGPMessageGenerator
java.lang.Object
org.bouncycastle.openpgp.api.AbstractOpenPGPDocumentSignatureGenerator<OpenPGPMessageGenerator>
org.bouncycastle.openpgp.api.OpenPGPMessageGenerator
public class OpenPGPMessageGenerator
extends AbstractOpenPGPDocumentSignatureGenerator<OpenPGPMessageGenerator>
Generator for OpenPGP messages.
This class can generate armored/unarmored, encrypted and/or signed OpenPGP message artifacts.
By default, the generator will merely pack plaintext into an armored
LiteralDataPacket.
If however, the user provides one or more recipient certificates/keys
(addEncryptionCertificate(OpenPGPCertificate) /
addEncryptionCertificate(OpenPGPCertificate.OpenPGPComponentKey))
or message passphrases addEncryptionPassphrase(char[]), the message will be encrypted.
The encryption mechanism is automatically decided, based on the provided recipient certificates, aiming to maximize
interoperability.
If the user provides one or more signing keys by calling AbstractOpenPGPDocumentSignatureGenerator.addSigningKey(OpenPGPKey) or
AbstractOpenPGPDocumentSignatureGenerator.addSigningKey(OpenPGPKey.OpenPGPSecretKey, KeyPassphraseProvider, SignatureParameters.Callback),
the message will be signed.-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic interfacestatic interface -
Field Summary
FieldsFields inherited from class org.bouncycastle.openpgp.api.AbstractOpenPGPDocumentSignatureGenerator
defaultKeyPassphraseProvider, implementation, policy, signatureCallbacks, signatureGenerators, signingKeyPassphraseProviders, signingKeys, signingKeySelector -
Constructor Summary
ConstructorsConstructorDescriptionOpenPGPMessageGenerator(OpenPGPImplementation implementation) OpenPGPMessageGenerator(OpenPGPImplementation implementation, OpenPGPPolicy policy) -
Method Summary
Modifier and TypeMethodDescriptionaddEncryptionCertificate(OpenPGPCertificate recipientCertificate) Add a recipients certificate to the set of encryption keys.addEncryptionCertificate(OpenPGPCertificate.OpenPGPComponentKey encryptionKey) Add a (sub-)key to the set of recipient encryption keys.addEncryptionCertificate(OpenPGPCertificate recipientCertificate, SubkeySelector subkeySelector) Add a recipients certificate to the set of encryption keys.addEncryptionPassphrase(char[] passphrase) Add a message passphrase.open(OutputStream out) Open anOpenPGPMessageOutputStreamover the given output stream.setAllowPadding(boolean allowPadding) setArmored(boolean armored) Specify, whether the output OpenPGP message will be ASCII armored or not.Replace theOpenPGPMessageGenerator.ArmoredOutputStreamFactorywith a custom implementation.setCompressionNegotiator(OpenPGPMessageGenerator.CompressionNegotiator compressionNegotiator) Replace the defaultOpenPGPMessageGenerator.CompressionNegotiatorwith a custom implementation.setEncryptionKeySelector(SubkeySelector encryptionKeySelector) Replace the default encryption key selector with a custom implementation.setFileMetadata(File file) Set metadata (filename, modification date, binary format) from a file.setPasswordBasedEncryptionNegotiator(OpenPGPEncryptionNegotiator pbeNegotiator) Replace the defaultOpenPGPEncryptionNegotiatorthat gets to decide, whichMessageEncryptionMechanismmode to use if only password-based encryption is used.setPublicKeyBasedEncryptionNegotiator(OpenPGPEncryptionNegotiator pkbeNegotiator) Replace the defaultOpenPGPEncryptionNegotiatorthat decides, whichMessageEncryptionMechanismmode to use if public-key encryption is used.Set a callback which fires once the session key for message encryption is known.Methods inherited from class org.bouncycastle.openpgp.api.AbstractOpenPGPDocumentSignatureGenerator
addKeyPassphrase, addSigningKey, addSigningKey, addSigningKey, addSigningKey, addSigningKey, addSigningKey, addSignToGenerator, initSignatureGenerator, setMissingKeyPassphraseCallback, setSigningKeySelector
-
Field Details
-
BUFFER_SIZE
public static final int BUFFER_SIZE- See Also:
-
isAllowPadding
public boolean isAllowPadding
-
-
Constructor Details
-
OpenPGPMessageGenerator
public OpenPGPMessageGenerator() -
OpenPGPMessageGenerator
-
OpenPGPMessageGenerator
-
-
Method Details
-
addEncryptionCertificate
public OpenPGPMessageGenerator addEncryptionCertificate(OpenPGPCertificate recipientCertificate) throws InvalidEncryptionKeyException Add a recipients certificate to the set of encryption keys. Subkeys will be selected using the defaultSubkeySelector, which can be replaced by callingsetEncryptionKeySelector(SubkeySelector). The recipient will be able to decrypt the message using their corresponding secret key.- Parameters:
recipientCertificate- recipient certificate (public key)- Returns:
- this
- Throws:
InvalidEncryptionKeyException
-
addEncryptionCertificate
public OpenPGPMessageGenerator addEncryptionCertificate(OpenPGPCertificate recipientCertificate, SubkeySelector subkeySelector) throws InvalidEncryptionKeyException Add a recipients certificate to the set of encryption keys. Subkeys will be selected using the providedSubkeySelector. The recipient will be able to decrypt the message using their corresponding secret key.- Parameters:
recipientCertificate- recipient certificate (public key)subkeySelector- selector for encryption subkeys- Returns:
- this
- Throws:
InvalidEncryptionKeyException- if the certificate is not capable of encryption
-
addEncryptionCertificate
public OpenPGPMessageGenerator addEncryptionCertificate(OpenPGPCertificate.OpenPGPComponentKey encryptionKey) throws InvalidEncryptionKeyException Add a (sub-)key to the set of recipient encryption keys. The recipient will be able to decrypt the message using their corresponding secret key.- Parameters:
encryptionKey- encryption capable subkey- Returns:
- this
- Throws:
InvalidEncryptionKeyException- if the key is not capable of encryption
-
addEncryptionPassphrase
Add a message passphrase. In addition to optional public key encryption, the message will be decryptable using the given passphrase.- Parameters:
passphrase- passphrase- Returns:
- this
-
setArmored
Specify, whether the output OpenPGP message will be ASCII armored or not.- Parameters:
armored- boolean- Returns:
- this
-
setAllowPadding
-
setFileMetadata
Set metadata (filename, modification date, binary format) from a file.- Parameters:
file- file- Returns:
- this
-
setSessionKeyExtractionCallback
public OpenPGPMessageGenerator setSessionKeyExtractionCallback(PGPEncryptedDataGenerator.SessionKeyExtractionCallback callback) Set a callback which fires once the session key for message encryption is known. This callback can be used to extract the session key, e.g. to emit it to the user (in case of SOP).- Parameters:
callback- callback- Returns:
- this
-
open
Open anOpenPGPMessageOutputStreamover the given output stream.- Parameters:
out- output stream- Returns:
- OpenPGP message output stream
- Throws:
PGPException- if the output stream cannot be createdIOException
-
setPasswordBasedEncryptionNegotiator
public OpenPGPMessageGenerator setPasswordBasedEncryptionNegotiator(OpenPGPEncryptionNegotiator pbeNegotiator) Replace the defaultOpenPGPEncryptionNegotiatorthat gets to decide, whichMessageEncryptionMechanismmode to use if only password-based encryption is used.- Parameters:
pbeNegotiator- custom PBE negotiator.- Returns:
- this
-
setPublicKeyBasedEncryptionNegotiator
public OpenPGPMessageGenerator setPublicKeyBasedEncryptionNegotiator(OpenPGPEncryptionNegotiator pkbeNegotiator) Replace the defaultOpenPGPEncryptionNegotiatorthat decides, whichMessageEncryptionMechanismmode to use if public-key encryption is used.- Parameters:
pkbeNegotiator- custom encryption negotiator that gets to decide if PK-based encryption is used- Returns:
- this
-
setEncryptionKeySelector
Replace the default encryption key selector with a custom implementation. The encryption key selector is responsible for selecting one or more encryption subkeys from a recipient certificate.- Parameters:
encryptionKeySelector- selector for encryption (sub-)keys- Returns:
- this
-
setCompressionNegotiator
public OpenPGPMessageGenerator setCompressionNegotiator(OpenPGPMessageGenerator.CompressionNegotiator compressionNegotiator) Replace the defaultOpenPGPMessageGenerator.CompressionNegotiatorwith a custom implementation. TheOpenPGPMessageGenerator.CompressionNegotiatoris used to negotiate, whether and how to compress the literal data packet.- Parameters:
compressionNegotiator- negotiator- Returns:
- this
-
setArmorStreamFactory
public OpenPGPMessageGenerator setArmorStreamFactory(OpenPGPMessageGenerator.ArmoredOutputStreamFactory factory) Replace theOpenPGPMessageGenerator.ArmoredOutputStreamFactorywith a custom implementation.- Parameters:
factory- factory forArmoredOutputStreaminstances- Returns:
- this
-