Class SignatureUtils

java.lang.Object
org.pgpainless.signature.SignatureUtils

public final class SignatureUtils extends Object
Utility methods related to signatures.
  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final int
     
  • Method Summary

    Modifier and Type
    Method
    Description
    static Date
    datePlusSeconds(Date date, long seconds)
    Return a new date which represents the given date plus the given amount of seconds added.
    static long
    determineIssuerKeyId(org.bouncycastle.openpgp.PGPSignature signature)
    Determine the issuer key-id of a PGPSignature.
    static Date
    getKeyExpirationDate(Date keyCreationDate, org.bouncycastle.openpgp.PGPSignature signature)
    Extract and return the key expiration date value from the given signature.
    static org.bouncycastle.openpgp.operator.PGPContentSignerBuilder
    getPgpContentSignerBuilderForKey(org.bouncycastle.openpgp.PGPPublicKey publicKey)
    Return a content signer builder for the passed public key.
    static String
    getSignatureDigestPrefix(org.bouncycastle.openpgp.PGPSignature signature)
    Return the digest prefix of the signature as hex-encoded String.
    static Date
    getSignatureExpirationDate(org.bouncycastle.openpgp.PGPSignature signature)
    Return the expiration date of the signature.
    static org.bouncycastle.openpgp.PGPSignatureGenerator
    getSignatureGeneratorFor(org.bouncycastle.openpgp.PGPPublicKey signingPubKey)
    Return a signature generator for the provided signing key.
    static org.bouncycastle.openpgp.PGPSignatureGenerator
    getSignatureGeneratorFor(org.bouncycastle.openpgp.PGPSecretKey singingKey)
    Return a signature generator for the provided signing key.
    static List<org.bouncycastle.openpgp.PGPSignature>
    getSignaturesOverUserIdBy(org.bouncycastle.openpgp.PGPPublicKey key, String userId, long issuerKeyId)
    Extract all signatures from the given
    static boolean
    isHardRevocation(org.bouncycastle.openpgp.PGPSignature signature)
    Return true if the provided signature is a hard revocation.
    static boolean
    isSignatureExpired(org.bouncycastle.openpgp.PGPSignature signature)
    Return true, if the expiration date of the PGPSignature lays in the past.
    static boolean
    isSignatureExpired(org.bouncycastle.openpgp.PGPSignature signature, Date comparisonDate)
    Return true, if the expiration date of the given PGPSignature is past the given comparison Date.
    static List<org.bouncycastle.openpgp.PGPSignature>
    readSignatures(byte[] encodedSignatures)
    Read a single, or a list of PGPSignatures and return them as a List.
    static List<org.bouncycastle.openpgp.PGPSignature>
    Read and return PGPSignatures.
    static List<org.bouncycastle.openpgp.PGPSignature>
    readSignatures(InputStream inputStream, int maxIterations)
    Read and return PGPSignatures.
    static List<org.bouncycastle.openpgp.PGPSignature>
    readSignatures(String encodedSignatures)
    Parse an ASCII encoded list of OpenPGP signatures into a PGPSignatureList and return it as a List.
    static List<org.bouncycastle.openpgp.PGPSignature>
    toList(org.bouncycastle.openpgp.PGPSignatureList signatures)
     
    static boolean
    wasIssuedBy(byte[] fingerprint, org.bouncycastle.openpgp.PGPSignature signature)
     

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
  • Field Details

  • Method Details

    • getSignatureGeneratorFor

      public static org.bouncycastle.openpgp.PGPSignatureGenerator getSignatureGeneratorFor(org.bouncycastle.openpgp.PGPSecretKey singingKey)
      Return a signature generator for the provided signing key. The signature generator will follow the hash algorithm preferences of the signing key and pick the best algorithm.
      Parameters:
      singingKey - signing key
      Returns:
      signature generator
    • getSignatureGeneratorFor

      public static org.bouncycastle.openpgp.PGPSignatureGenerator getSignatureGeneratorFor(org.bouncycastle.openpgp.PGPPublicKey signingPubKey)
      Return a signature generator for the provided signing key. The signature generator will follow the hash algorithm preferences of the signing key and pick the best algorithm.
      Parameters:
      signingPubKey - signing key
      Returns:
      signature generator
    • getPgpContentSignerBuilderForKey

      public static org.bouncycastle.openpgp.operator.PGPContentSignerBuilder getPgpContentSignerBuilderForKey(org.bouncycastle.openpgp.PGPPublicKey publicKey)
      Return a content signer builder for the passed public key. The content signer will use a hash algorithm derived from the keys' algorithm preferences. If no preferences can be derived, the key will fall back to the default hash algorithm as set in the Policy.
      Parameters:
      publicKey - public key
      Returns:
      content signer builder
    • getKeyExpirationDate

      public static Date getKeyExpirationDate(Date keyCreationDate, org.bouncycastle.openpgp.PGPSignature signature)
      Extract and return the key expiration date value from the given signature. If the signature does not carry a KeyExpirationTime subpacket, return null.
      Parameters:
      keyCreationDate - creation date of the key
      signature - signature
      Returns:
      key expiration date as given by the signature
    • getSignatureExpirationDate

      public static Date getSignatureExpirationDate(org.bouncycastle.openpgp.PGPSignature signature)
      Return the expiration date of the signature. If the signature has no expiration date, datePlusSeconds(Date, long) will return null.
      Parameters:
      signature - signature
      Returns:
      expiration date of the signature, or null if it does not expire.
    • datePlusSeconds

      public static Date datePlusSeconds(Date date, long seconds)
      Return a new date which represents the given date plus the given amount of seconds added. Since '0' is a special date value in the OpenPGP specification (e.g. '0' means no expiration for expiration dates), this method will return 'null' if seconds is 0.
      Parameters:
      date - date
      seconds - number of seconds to be added
      Returns:
      date plus seconds or null if seconds is '0'
    • isSignatureExpired

      public static boolean isSignatureExpired(org.bouncycastle.openpgp.PGPSignature signature)
      Return true, if the expiration date of the PGPSignature lays in the past. If no expiration date is present in the signature, it is considered non-expired.
      Parameters:
      signature - signature
      Returns:
      true if expired, false otherwise
    • isSignatureExpired

      public static boolean isSignatureExpired(org.bouncycastle.openpgp.PGPSignature signature, Date comparisonDate)
      Return true, if the expiration date of the given PGPSignature is past the given comparison Date. If no expiration date is present in the signature, it is considered non-expiring.
      Parameters:
      signature - signature
      comparisonDate - reference date
      Returns:
      true if sig is expired at reference date, false otherwise
    • isHardRevocation

      public static boolean isHardRevocation(org.bouncycastle.openpgp.PGPSignature signature)
      Return true if the provided signature is a hard revocation. Hard revocations are revocation signatures which either carry a revocation reason of RevocationAttributes.Reason.KEY_COMPROMISED or RevocationAttributes.Reason.NO_REASON, or no reason at all.
      Parameters:
      signature - signature
      Returns:
      true if signature is a hard revocation
    • readSignatures

      public static List<org.bouncycastle.openpgp.PGPSignature> readSignatures(String encodedSignatures) throws IOException, org.bouncycastle.openpgp.PGPException
      Parse an ASCII encoded list of OpenPGP signatures into a PGPSignatureList and return it as a List.
      Parameters:
      encodedSignatures - ASCII armored signature list
      Returns:
      signature list
      Throws:
      IOException - if the signatures cannot be read
      org.bouncycastle.openpgp.PGPException - in case of a broken signature
    • readSignatures

      public static List<org.bouncycastle.openpgp.PGPSignature> readSignatures(byte[] encodedSignatures) throws IOException, org.bouncycastle.openpgp.PGPException
      Read a single, or a list of PGPSignatures and return them as a List.
      Parameters:
      encodedSignatures - ASCII armored or binary signatures
      Returns:
      signatures
      Throws:
      IOException - if the signatures cannot be read
      org.bouncycastle.openpgp.PGPException - in case of an OpenPGP error
    • readSignatures

      public static List<org.bouncycastle.openpgp.PGPSignature> readSignatures(InputStream inputStream) throws IOException, org.bouncycastle.openpgp.PGPException
      Read and return PGPSignatures. This method can deal with signatures that may be armored, compressed and may contain marker packets.
      Parameters:
      inputStream - input stream
      Returns:
      list of encountered signatures
      Throws:
      IOException - in case of a stream error
      org.bouncycastle.openpgp.PGPException - in case of an OpenPGP error
    • readSignatures

      public static List<org.bouncycastle.openpgp.PGPSignature> readSignatures(InputStream inputStream, int maxIterations) throws IOException, org.bouncycastle.openpgp.PGPException
      Read and return PGPSignatures. This method can deal with signatures that may be binary, armored and may contain marker packets.
      Parameters:
      inputStream - input stream
      maxIterations - number of loop iterations until reading is aborted
      Returns:
      list of encountered signatures
      Throws:
      IOException - in case of a stream error
      org.bouncycastle.openpgp.PGPException - in case of an OpenPGP error
    • determineIssuerKeyId

      public static long determineIssuerKeyId(org.bouncycastle.openpgp.PGPSignature signature)
      Determine the issuer key-id of a PGPSignature. This method first inspects the IssuerKeyID subpacket of the signature and returns the key-id if present. If not, it inspects the IssuerFingerprint packet and retrieves the key-id from the fingerprint. Otherwise, it returns 0.
      Parameters:
      signature - signature
      Returns:
      signatures issuing key id
    • getSignatureDigestPrefix

      public static String getSignatureDigestPrefix(org.bouncycastle.openpgp.PGPSignature signature)
      Return the digest prefix of the signature as hex-encoded String.
      Parameters:
      signature - signature
      Returns:
      digest prefix
    • toList

      public static List<org.bouncycastle.openpgp.PGPSignature> toList(org.bouncycastle.openpgp.PGPSignatureList signatures)
    • wasIssuedBy

      public static boolean wasIssuedBy(byte[] fingerprint, org.bouncycastle.openpgp.PGPSignature signature)
    • getSignaturesOverUserIdBy

      @Nonnull public static List<org.bouncycastle.openpgp.PGPSignature> getSignaturesOverUserIdBy(@Nonnull org.bouncycastle.openpgp.PGPPublicKey key, @Nonnull String userId, long issuerKeyId)
      Extract all signatures from the given
      key
      which were issued by
      issuerKeyId
      over
      userId
      .
      Parameters:
      key - public key
      userId - user-id
      issuerKeyId - issuer key-id
      Returns:
      (potentially empty) list of signatures