Class PGPPublicKey

java.lang.Object
org.bouncycastle.openpgp.PGPPublicKey
All Implemented Interfaces:
PublicKeyAlgorithmTags

public class PGPPublicKey extends Object implements PublicKeyAlgorithmTags
general class to handle a PGP public key object.
  • Constructor Details

    • PGPPublicKey

      public PGPPublicKey(PublicKeyPacket publicKeyPacket, KeyFingerPrintCalculator fingerPrintCalculator) throws PGPException
      Create a PGP public key from a packet descriptor using the passed in fingerPrintCalculator to do calculate the fingerprint and keyID.
      Parameters:
      publicKeyPacket - packet describing the public key.
      fingerPrintCalculator - calculator providing the digest support ot create the key fingerprint.
      Throws:
      PGPException - if the packet is faulty, or the required calculations fail.
  • Method Details

    • getVersion

      public int getVersion()
      Returns:
      the version of this key.
    • getCreationTime

      public Date getCreationTime()
      Returns:
      creation time of key.
    • getValidDays

      public int getValidDays()
      Deprecated.
      use getValidSeconds(): greater than version 3 keys may be valid for less than a day.
      Returns:
      number of valid days from creation time - zero means no expiry.
    • getTrustData

      public byte[] getTrustData()
      Return the trust data associated with the public key, if present.
      Returns:
      a byte array with trust data, null otherwise.
    • getValidSeconds

      public long getValidSeconds()
      Returns:
      number of valid seconds from creation time - zero means no expiry.
    • getKeyID

      public long getKeyID()
      Return the keyID associated with the public key.
      Returns:
      long
    • getFingerprint

      public byte[] getFingerprint()
      Return the fingerprint of the key.
      Returns:
      key fingerprint.
    • isEncryptionKey

      public boolean isEncryptionKey()
      Return true if this key has an algorithm type that makes it suitable to use for encryption.

      Note: with version 4 keys KeyFlags subpackets should also be considered when present for determining the preferred use of the key.

      Returns:
      true if the key algorithm is suitable for encryption.
    • isMasterKey

      public boolean isMasterKey()
      Return true if this could be a master key.
      Returns:
      true if a master key.
    • getAlgorithm

      public int getAlgorithm()
      Return the algorithm code associated with the public key.
      Returns:
      int
    • getBitStrength

      public int getBitStrength()
      Return the strength of the key in bits.
      Returns:
      bit strength of key.
    • getUserIDs

      public Iterator<String> getUserIDs()
      Return any userIDs associated with the key.
      Returns:
      an iterator of Strings.
    • getRawUserIDs

      public Iterator<byte[]> getRawUserIDs()
      Return any userIDs associated with the key in raw byte form. No attempt is made to convert the IDs into Strings.
      Returns:
      an iterator of Strings.
    • getUserAttributes

      public Iterator<PGPUserAttributeSubpacketVector> getUserAttributes()
      Return any user attribute vectors associated with the key.
      Returns:
      an iterator of PGPUserAttributeSubpacketVector objects.
    • getSignaturesForID

      public Iterator<PGPSignature> getSignaturesForID(String id)
      Return any signatures associated with the passed in id.
      Parameters:
      id - the id to be matched.
      Returns:
      an iterator of PGPSignature objects.
    • getSignaturesForID

      public Iterator<PGPSignature> getSignaturesForID(byte[] rawID)
      Return any signatures associated with the passed in id.
      Parameters:
      rawID - the id to be matched in raw byte form.
      Returns:
      an iterator of PGPSignature objects.
    • getSignaturesForKeyID

      public Iterator<PGPSignature> getSignaturesForKeyID(long keyID)
      Return any signatures associated with the passed in key identifier keyID.
      Parameters:
      keyID - the key id to be matched.
      Returns:
      an iterator of PGPSignature objects issued by the key with keyID.
    • getSignaturesForUserAttribute

      public Iterator<PGPSignature> getSignaturesForUserAttribute(PGPUserAttributeSubpacketVector userAttributes)
      Return an iterator of signatures associated with the passed in user attributes.
      Parameters:
      userAttributes - the vector of user attributes to be matched.
      Returns:
      an iterator of PGPSignature objects.
    • getSignaturesOfType

      public Iterator<PGPSignature> getSignaturesOfType(int signatureType)
      Return signatures of the passed in type that are on this key.
      Parameters:
      signatureType - the type of the signature to be returned.
      Returns:
      an iterator (possibly empty) of signatures of the given type.
    • getSignatures

      public Iterator<PGPSignature> getSignatures()
      Return all signatures/certifications associated with this key.
      Returns:
      an iterator (possibly empty) with all signatures/certifications.
    • getKeySignatures

      public Iterator<PGPSignature> getKeySignatures()
      Return all signatures/certifications directly associated with this key (ie, not to a user id).
      Returns:
      an iterator (possibly empty) with all signatures/certifications.
    • getPublicKeyPacket

      public PublicKeyPacket getPublicKeyPacket()
    • getEncoded

      public byte[] getEncoded() throws IOException
      Throws:
      IOException
    • getEncoded

      public byte[] getEncoded(boolean forTransfer) throws IOException
      Return an encoding of the key, with trust packets stripped out if forTransfer is true.
      Parameters:
      forTransfer - if the purpose of encoding is to send key to other users.
      Returns:
      a encoded byte array representing the key.
      Throws:
      IOException - in case of encoding error.
    • encode

      public void encode(OutputStream outStream) throws IOException
      Throws:
      IOException
    • encode

      public void encode(OutputStream outStream, boolean forTransfer) throws IOException
      Encode the key to outStream, with trust packets stripped out if forTransfer is true.
      Parameters:
      outStream - stream to write the key encoding to.
      forTransfer - if the purpose of encoding is to send key to other users.
      Throws:
      IOException - in case of encoding error.
    • isRevoked

      public boolean isRevoked()
      Deprecated.
      this method is poorly named, use hasRevocation().
      Check whether this (sub)key has a revocation signature on it.
      Returns:
      boolean indicating whether this (sub)key has been revoked.
    • hasRevocation

      public boolean hasRevocation()
      Check whether this (sub)key has a revocation signature on it.
      Returns:
      boolean indicating whether this (sub)key has had a (possibly invalid) revocation attached..
    • addCertification

      public static PGPPublicKey addCertification(PGPPublicKey key, byte[] rawID, PGPSignature certification)
      Add a certification for an id to the given public key.
      Parameters:
      key - the key the certification is to be added to.
      rawID - the raw bytes making up the user id..
      certification - the new certification.
      Returns:
      the re-certified key.
    • addCertification

      public static PGPPublicKey addCertification(PGPPublicKey key, String id, PGPSignature certification)
      Add a certification for an id to the given public key.
      Parameters:
      key - the key the certification is to be added to.
      id - the id the certification is associated with.
      certification - the new certification.
      Returns:
      the re-certified key.
    • addCertification

      public static PGPPublicKey addCertification(PGPPublicKey key, PGPUserAttributeSubpacketVector userAttributes, PGPSignature certification)
      Add a certification for the given UserAttributeSubpackets to the given public key.
      Parameters:
      key - the key the certification is to be added to.
      userAttributes - the attributes the certification is associated with.
      certification - the new certification.
      Returns:
      the re-certified key.
    • removeCertification

      public static PGPPublicKey removeCertification(PGPPublicKey key, PGPUserAttributeSubpacketVector userAttributes)
      Remove any certifications associated with a given user attribute subpacket on a key.
      Parameters:
      key - the key the certifications are to be removed from.
      userAttributes - the attributes to be removed.
      Returns:
      the re-certified key, null if the user attribute subpacket was not found on the key.
    • removeCertification

      public static PGPPublicKey removeCertification(PGPPublicKey key, String id)
      Remove any certifications associated with a given id on a key.
      Parameters:
      key - the key the certifications are to be removed from.
      id - the id that is to be removed.
      Returns:
      the re-certified key, null if the id was not found on the key.
    • removeCertification

      public static PGPPublicKey removeCertification(PGPPublicKey key, byte[] rawID)
      Remove any certifications associated with a given id on a key.
      Parameters:
      key - the key the certifications are to be removed from.
      rawID - the id that is to be removed in raw byte form.
      Returns:
      the re-certified key, null if the id was not found on the key.
    • removeCertification

      public static PGPPublicKey removeCertification(PGPPublicKey key, byte[] id, PGPSignature certification)
      Remove a certification associated with a given id on a key.
      Parameters:
      key - the key the certifications are to be removed from.
      id - the id that the certification is to be removed from (in its raw byte form)
      certification - the certification to be removed.
      Returns:
      the re-certified key, null if the certification was not found.
    • removeCertification

      public static PGPPublicKey removeCertification(PGPPublicKey key, String id, PGPSignature certification)
      Remove a certification associated with a given id on a key.
      Parameters:
      key - the key the certifications are to be removed from.
      id - the id that the certification is to be removed from.
      certification - the certification to be removed.
      Returns:
      the re-certified key, null if the certification was not found.
    • removeCertification

      public static PGPPublicKey removeCertification(PGPPublicKey key, PGPUserAttributeSubpacketVector userAttributes, PGPSignature certification)
      Remove a certification associated with a given user attributes on a key.
      Parameters:
      key - the key the certifications are to be removed from.
      userAttributes - the user attributes that the certification is to be removed from.
      certification - the certification to be removed.
      Returns:
      the re-certified key, null if the certification was not found.
    • addCertification

      public static PGPPublicKey addCertification(PGPPublicKey key, PGPSignature certification)
      Add a revocation or some other key certification to a key.
      Parameters:
      key - the key the revocation is to be added to.
      certification - the key signature to be added.
      Returns:
      the new changed public key object.
    • removeCertification

      public static PGPPublicKey removeCertification(PGPPublicKey key, PGPSignature certification)
      Remove a certification from the key.
      Parameters:
      key - the key the certifications are to be removed from.
      certification - the certification to be removed.
      Returns:
      the modified key, null if the certification was not found.