org.bouncycastle.openpgp

Class PGPPublicKey

java.lang.Object

org.bouncycastle.openpgp.PGPPublicKey

All Implemented Interfaces:

PublicKeyAlgorithmTags

public class PGPPublicKey
extends java.lang.Object
implements PublicKeyAlgorithmTags

general class to handle a PGP public key object.

Field Summary

Fields inherited from interface org.bouncycastle.bcpg.PublicKeyAlgorithmTags

DIFFIE_HELLMAN, DSA, EC, ECDH, ECDSA, Ed25519, Ed448, EDDSA, EDDSA_LEGACY, ELGAMAL_ENCRYPT, ELGAMAL_GENERAL, EXPERIMENTAL_1, EXPERIMENTAL_10, EXPERIMENTAL_11, EXPERIMENTAL_2, EXPERIMENTAL_3, EXPERIMENTAL_4, EXPERIMENTAL_5, EXPERIMENTAL_6, EXPERIMENTAL_7, EXPERIMENTAL_8, EXPERIMENTAL_9, RSA_ENCRYPT, RSA_GENERAL, RSA_SIGN, X25519, X448

Constructor Summary

Constructors

Constructor and Description
PGPPublicKey(PublicKeyPacket publicKeyPacket, KeyFingerPrintCalculator fingerPrintCalculator) Create a PGP public key from a packet descriptor using the passed in fingerPrintCalculator to do calculate the fingerprint and keyID.

Method Summary

Modifier and Type	Method and Description
static PGPPublicKey	addCertification(PGPPublicKey key, byte[] rawID, PGPSignature certification) Add a certification for an id to the given public key.
static PGPPublicKey	addCertification(PGPPublicKey key, PGPSignature certification) Add a revocation or some other key certification to a key.
static PGPPublicKey	addCertification(PGPPublicKey key, PGPUserAttributeSubpacketVector userAttributes, PGPSignature certification) Add a certification for the given UserAttributeSubpackets to the given public key.
static PGPPublicKey	addCertification(PGPPublicKey key, java.lang.String id, PGPSignature certification) Add a certification for an id to the given public key.
void	encode(java.io.OutputStream outStream)
void	encode(java.io.OutputStream outStream, boolean forTransfer) Encode the key to outStream, with trust packets stripped out if forTransfer is true.
int	getAlgorithm() Return the algorithm code associated with the public key.
int	getBitStrength() Return the strength of the key in bits.
java.util.Date	getCreationTime()
byte[]	getEncoded()
byte[]	getEncoded(boolean forTransfer) Return an encoding of the key, with trust packets stripped out if forTransfer is true.
byte[]	getFingerprint() Return the fingerprint of the public key.
long	getKeyID() Return the keyID associated with the public key.
java.util.Iterator<PGPSignature>	getKeySignatures() Return all signatures/certifications directly associated with this key (ie, not to a user id).
PublicKeyPacket	getPublicKeyPacket()
java.util.Iterator<byte[]>	getRawUserIDs() Return any userIDs associated with the key in raw byte form.
java.util.Iterator<PGPSignature>	getSignatures() Return all signatures/certifications associated with this key.
java.util.Iterator<PGPSignature>	getSignaturesForID(byte[] rawID) Return any signatures associated with the passed in id.
java.util.Iterator<PGPSignature>	getSignaturesForID(java.lang.String id) Return any signatures associated with the passed in id.
java.util.Iterator<PGPSignature>	getSignaturesForKeyID(long keyID) Return any signatures associated with the passed in key identifier keyID.
java.util.Iterator<PGPSignature>	getSignaturesForUserAttribute(PGPUserAttributeSubpacketVector userAttributes) Return an iterator of signatures associated with the passed in user attributes.
java.util.Iterator<PGPSignature>	getSignaturesOfType(int signatureType) Return signatures of the passed in type that are on this key.
byte[]	getTrustData() Return the trust data associated with the public key, if present.
java.util.Iterator<PGPUserAttributeSubpacketVector>	getUserAttributes() Return any user attribute vectors associated with the key.
java.util.Iterator<java.lang.String>	getUserIDs() Return any userIDs associated with the key.
int	getValidDays() Deprecated. use getValidSeconds(): greater than version 3 keys may be valid for less than a day.
long	getValidSeconds()
int	getVersion()
boolean	hasRevocation() Check whether this (sub)key has a revocation signature on it.
boolean	isEncryptionKey() Return true if this key has an algorithm type that makes it suitable to use for encryption.
boolean	isMasterKey() Return true if this could be a master key.
boolean	isRevoked() Deprecated. this method is poorly named, use hasRevocation().
static PGPPublicKey	join(PGPPublicKey key, PGPPublicKey copy, boolean joinTrustPackets, boolean allowSubkeySigsOnNonSubkey) Merge this the given local public key with another, potentially fresher copy.
static PGPPublicKey	removeCertification(PGPPublicKey key, byte[] rawID) Remove any certifications associated with a given id on a key.
static PGPPublicKey	removeCertification(PGPPublicKey key, byte[] id, PGPSignature certification) Remove a certification associated with a given id on a key.
static PGPPublicKey	removeCertification(PGPPublicKey key, PGPSignature certification) Remove a certification from the key.
static PGPPublicKey	removeCertification(PGPPublicKey key, PGPUserAttributeSubpacketVector userAttributes) Remove any certifications associated with a given user attribute subpacket on a key.
static PGPPublicKey	removeCertification(PGPPublicKey key, PGPUserAttributeSubpacketVector userAttributes, PGPSignature certification) Remove a certification associated with a given user attributes on a key.
static PGPPublicKey	removeCertification(PGPPublicKey key, java.lang.String id) Remove any certifications associated with a given id on a key.
static PGPPublicKey	removeCertification(PGPPublicKey key, java.lang.String id, PGPSignature certification) Remove a certification associated with a given id on a key.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

PGPPublicKey

public PGPPublicKey(PublicKeyPacket publicKeyPacket,
                    KeyFingerPrintCalculator fingerPrintCalculator)
             throws PGPException

Create a PGP public key from a packet descriptor using the passed in fingerPrintCalculator to do calculate the fingerprint and keyID.

Parameters:

publicKeyPacket - packet describing the public key.

fingerPrintCalculator - calculator providing the digest support ot create the key fingerprint.

Throws:

PGPException - if the packet is faulty, or the required calculations fail.

Method Detail

getVersion

public int getVersion()

Returns:

the version of this key.

getCreationTime

public java.util.Date getCreationTime()

Returns:

creation time of key.

getValidDays

public int getValidDays()

Deprecated. use getValidSeconds(): greater than version 3 keys may be valid for less than a day.

Returns:

number of valid days from creation time - zero means no expiry.

getTrustData

public byte[] getTrustData()

Return the trust data associated with the public key, if present.

Returns:

a byte array with trust data, null otherwise.

getValidSeconds

public long getValidSeconds()

Returns:

number of valid seconds from creation time - zero means no expiry.

getKeyID

public long getKeyID()

Return the keyID associated with the public key.

Returns:

long

getFingerprint

public byte[] getFingerprint()

Return the fingerprint of the public key.

Returns:

key fingerprint.

isEncryptionKey

public boolean isEncryptionKey()

Return true if this key has an algorithm type that makes it suitable to use for encryption.

Note: with version 4 keys KeyFlags subpackets should also be considered when present for determining the preferred use of the key.

Returns:

true if the key algorithm is suitable for encryption.

isMasterKey

public boolean isMasterKey()

Return true if this could be a master key.

Returns:

true if a master key.

getAlgorithm

public int getAlgorithm()

Return the algorithm code associated with the public key.

Returns:

int

getBitStrength

public int getBitStrength()

Return the strength of the key in bits.

Returns:

bit strength of key.

getUserIDs

public java.util.Iterator<java.lang.String> getUserIDs()

Return any userIDs associated with the key.

Returns:

an iterator of Strings.

getRawUserIDs

public java.util.Iterator<byte[]> getRawUserIDs()

Return any userIDs associated with the key in raw byte form. No attempt is made to convert the IDs into Strings.

Returns:

an iterator of byte[].

getUserAttributes

public java.util.Iterator<PGPUserAttributeSubpacketVector> getUserAttributes()

Return any user attribute vectors associated with the key.

Returns:

an iterator of PGPUserAttributeSubpacketVector objects.

getSignaturesForID

public java.util.Iterator<PGPSignature> getSignaturesForID(java.lang.String id)

Return any signatures associated with the passed in id.

Parameters:

id - the id to be matched.

Returns:

an iterator of PGPSignature objects.

getSignaturesForID

public java.util.Iterator<PGPSignature> getSignaturesForID(byte[] rawID)

Return any signatures associated with the passed in id.

Parameters:

rawID - the id to be matched in raw byte form.

Returns:

an iterator of PGPSignature objects.

getSignaturesForKeyID

public java.util.Iterator<PGPSignature> getSignaturesForKeyID(long keyID)

Return any signatures associated with the passed in key identifier keyID.

Parameters:

keyID - the key id to be matched.

Returns:

an iterator of PGPSignature objects issued by the key with keyID.

getSignaturesForUserAttribute

public java.util.Iterator<PGPSignature> getSignaturesForUserAttribute(PGPUserAttributeSubpacketVector userAttributes)

Return an iterator of signatures associated with the passed in user attributes.

Parameters:

userAttributes - the vector of user attributes to be matched.

Returns:

an iterator of PGPSignature objects.

getSignaturesOfType

public java.util.Iterator<PGPSignature> getSignaturesOfType(int signatureType)

Return signatures of the passed in type that are on this key.

Parameters:

signatureType - the type of the signature to be returned.

Returns:

an iterator (possibly empty) of signatures of the given type.

getSignatures

public java.util.Iterator<PGPSignature> getSignatures()

Return all signatures/certifications associated with this key.

Returns:

an iterator (possibly empty) with all signatures/certifications.

getKeySignatures

public java.util.Iterator<PGPSignature> getKeySignatures()

Return all signatures/certifications directly associated with this key (ie, not to a user id).

Returns:

an iterator (possibly empty) with all signatures/certifications.

getPublicKeyPacket

public PublicKeyPacket getPublicKeyPacket()

getEncoded

public byte[] getEncoded()
                  throws java.io.IOException

Throws:

java.io.IOException

getEncoded

public byte[] getEncoded(boolean forTransfer)
                  throws java.io.IOException

Return an encoding of the key, with trust packets stripped out if forTransfer is true.

Parameters:

forTransfer - if the purpose of encoding is to send key to other users.

Returns:

a encoded byte array representing the key.

Throws:

java.io.IOException - in case of encoding error.

encode

public void encode(java.io.OutputStream outStream)
            throws java.io.IOException

Throws:

java.io.IOException

encode

public void encode(java.io.OutputStream outStream,
                   boolean forTransfer)
            throws java.io.IOException

Encode the key to outStream, with trust packets stripped out if forTransfer is true.

Parameters:

outStream - stream to write the key encoding to.

forTransfer - if the purpose of encoding is to send key to other users.

Throws:

java.io.IOException - in case of encoding error.

isRevoked

public boolean isRevoked()

Deprecated. this method is poorly named, use hasRevocation().

Check whether this (sub)key has a revocation signature on it.

Returns:

boolean indicating whether this (sub)key has been revoked.

hasRevocation

public boolean hasRevocation()

Check whether this (sub)key has a revocation signature on it.

Returns:

boolean indicating whether this (sub)key has had a (possibly invalid) revocation attached..

addCertification

public static PGPPublicKey addCertification(PGPPublicKey key,
                                            byte[] rawID,
                                            PGPSignature certification)

Add a certification for an id to the given public key.

Parameters:

key - the key the certification is to be added to.

rawID - the raw bytes making up the user id..

certification - the new certification.

Returns:

the re-certified key.

addCertification

public static PGPPublicKey addCertification(PGPPublicKey key,
                                            java.lang.String id,
                                            PGPSignature certification)

Add a certification for an id to the given public key.

Parameters:

key - the key the certification is to be added to.

id - the id the certification is associated with.

certification - the new certification.

Returns:

the re-certified key.

addCertification

public static PGPPublicKey addCertification(PGPPublicKey key,
                                            PGPUserAttributeSubpacketVector userAttributes,
                                            PGPSignature certification)

Add a certification for the given UserAttributeSubpackets to the given public key.

Parameters:

key - the key the certification is to be added to.

userAttributes - the attributes the certification is associated with.

certification - the new certification.

Returns:

the re-certified key.

removeCertification

public static PGPPublicKey removeCertification(PGPPublicKey key,
                                               PGPUserAttributeSubpacketVector userAttributes)

Remove any certifications associated with a given user attribute subpacket on a key.

Parameters:

key - the key the certifications are to be removed from.

userAttributes - the attributes to be removed.

Returns:

the re-certified key, null if the user attribute subpacket was not found on the key.

removeCertification

public static PGPPublicKey removeCertification(PGPPublicKey key,
                                               java.lang.String id)

Remove any certifications associated with a given id on a key.

Parameters:

key - the key the certifications are to be removed from.

id - the id that is to be removed.

Returns:

the re-certified key, null if the id was not found on the key.

removeCertification

public static PGPPublicKey removeCertification(PGPPublicKey key,
                                               byte[] rawID)

Remove any certifications associated with a given id on a key.

Parameters:

key - the key the certifications are to be removed from.

rawID - the id that is to be removed in raw byte form.

Returns:

the re-certified key, null if the id was not found on the key.

removeCertification

public static PGPPublicKey removeCertification(PGPPublicKey key,
                                               byte[] id,
                                               PGPSignature certification)

Remove a certification associated with a given id on a key.

Parameters:

key - the key the certifications are to be removed from.

id - the id that the certification is to be removed from (in its raw byte form)

certification - the certification to be removed.

Returns:

the re-certified key, null if the certification was not found.

removeCertification

public static PGPPublicKey removeCertification(PGPPublicKey key,
                                               java.lang.String id,
                                               PGPSignature certification)

Remove a certification associated with a given id on a key.

Parameters:

key - the key the certifications are to be removed from.

id - the id that the certification is to be removed from.

certification - the certification to be removed.

Returns:

the re-certified key, null if the certification was not found.

removeCertification

public static PGPPublicKey removeCertification(PGPPublicKey key,
                                               PGPUserAttributeSubpacketVector userAttributes,
                                               PGPSignature certification)

Remove a certification associated with a given user attributes on a key.

Parameters:

key - the key the certifications are to be removed from.

userAttributes - the user attributes that the certification is to be removed from.

certification - the certification to be removed.

Returns:

the re-certified key, null if the certification was not found.

addCertification

public static PGPPublicKey addCertification(PGPPublicKey key,
                                            PGPSignature certification)

Add a revocation or some other key certification to a key.

Parameters:

key - the key the revocation is to be added to.

certification - the key signature to be added.

Returns:

the new changed public key object.

removeCertification

public static PGPPublicKey removeCertification(PGPPublicKey key,
                                               PGPSignature certification)

Remove a certification from the key.

Parameters:

key - the key the certifications are to be removed from.

certification - the certification to be removed.

Returns:

the modified key, null if the certification was not found.

join

public static PGPPublicKey join(PGPPublicKey key,
                                PGPPublicKey copy,
                                boolean joinTrustPackets,
                                boolean allowSubkeySigsOnNonSubkey)
                         throws PGPException

Merge this the given local public key with another, potentially fresher copy. The resulting PGPPublicKey contains the sum of both keys user-ids and signatures.

If joinTrustPackets is set to true and the copy carries a trust packet, the joined key will copy the trust-packet from the copy. Otherwise, it will carry the trust packet of the local key.

Parameters:

key - local public key

copy - copy of the public key (e.g. from a key server)

joinTrustPackets - if true, trust packets from the copy are copied over into the resulting key

allowSubkeySigsOnNonSubkey - if true, subkey signatures on the copy will be present in the merged key, even if key was not a subkey before.

Returns:

joined key

Throws:

PGPException