Package org.pgpainless.encryption_signing

Class SigningOptions

    • Method Detail

      • addInlineSignatures

        public SigningOptions addInlineSignatures​(SecretKeyRingProtector secrectKeyDecryptor,
                                          Iterable<org.bouncycastle.openpgp.PGPSecretKeyRing> signingKeys,
                                          DocumentSignatureType signatureType)
                                   throws KeyValidationError,
                                          org.bouncycastle.openpgp.PGPException
        Add inline signatures with all secret key rings in the provided secret key ring collection.
        Parameters:
        secrectKeyDecryptor - decryptor to unlock the signing secret keys
        signingKeys - collection of signing keys
        signatureType - type of signature (binary, canonical text)
        Returns:
        this
        Throws:
        KeyValidationError - if something is wrong with any of the keys
        org.bouncycastle.openpgp.PGPException - if any of the keys cannot be unlocked or a signing method cannot be created

      • addInlineSignature

        public SigningOptions addInlineSignature​(SecretKeyRingProtector secretKeyDecryptor,
                                         org.bouncycastle.openpgp.PGPSecretKeyRing secretKey,
                                         DocumentSignatureType signatureType)
                                  throws KeyValidationError,
                                         org.bouncycastle.openpgp.PGPException
        Add an inline-signature. Inline signatures are being embedded into the message itself and can be processed in one pass, thanks to the use of one-pass-signature packets.
        Parameters:
        secretKeyDecryptor - decryptor to unlock the signing secret key
        secretKey - signing key
        signatureType - type of signature (binary, canonical text)
        Returns:
        this
        Throws:
        KeyValidationError - if something is wrong with the key
        org.bouncycastle.openpgp.PGPException - if the key cannot be unlocked or the signing method cannot be created

      • addInlineSignature

        public SigningOptions addInlineSignature​(SecretKeyRingProtector secretKeyDecryptor,
                                         org.bouncycastle.openpgp.PGPSecretKeyRing secretKey,
                                         String userId,
                                         DocumentSignatureType signatureType)
                                  throws KeyValidationError,
                                         org.bouncycastle.openpgp.PGPException
        Add an inline-signature. Inline signatures are being embedded into the message itself and can be processed in one pass, thanks to the use of one-pass-signature packets. This method uses the passed in user-id to select user-specific hash algorithms.
        Parameters:
        secretKeyDecryptor - decryptor to unlock the signing secret key
        secretKey - signing key
        userId - user-id of the signer
        signatureType - signature type (binary, canonical text)
        Returns:
        this
        Throws:
        KeyValidationError - if the key is invalid
        org.bouncycastle.openpgp.PGPException - if the key cannot be unlocked or the signing method cannot be created

      • addInlineSignature

        public SigningOptions addInlineSignature​(SecretKeyRingProtector secretKeyDecryptor,
                                         org.bouncycastle.openpgp.PGPSecretKeyRing secretKey,
                                         String userId,
                                         DocumentSignatureType signatureType,
                                         @Nullable
                                         BaseSignatureSubpackets.Callback subpacketsCallback)
                                  throws KeyValidationError,
                                         org.bouncycastle.openpgp.PGPException
        Add an inline-signature. Inline signatures are being embedded into the message itself and can be processed in one pass, thanks to the use of one-pass-signature packets. This method uses the passed in user-id to select user-specific hash algorithms.
        Parameters:
        secretKeyDecryptor - decryptor to unlock the signing secret key
        secretKey - signing key
        userId - user-id of the signer
        signatureType - signature type (binary, canonical text)
        subpacketsCallback - callback to modify the hashed and unhashed subpackets of the signature
        Returns:
        this
        Throws:
        KeyValidationError - if the key is invalid
        org.bouncycastle.openpgp.PGPException - if the key cannot be unlocked or the signing method cannot be created

      • addDetachedSignatures

        public SigningOptions addDetachedSignatures​(SecretKeyRingProtector secretKeyDecryptor,
                                            Iterable<org.bouncycastle.openpgp.PGPSecretKeyRing> signingKeys,
                                            DocumentSignatureType signatureType)
                                     throws org.bouncycastle.openpgp.PGPException
        Add detached signatures with all key rings from the provided secret key ring collection.
        Parameters:
        secretKeyDecryptor - decryptor to unlock the secret signing keys
        signingKeys - collection of signing key rings
        signatureType - type of the signature (binary, canonical text)
        Returns:
        this
        Throws:
        org.bouncycastle.openpgp.PGPException - if any of the keys cannot be validated or unlocked, or if any signing method cannot be created

      • addDetachedSignature

        public SigningOptions addDetachedSignature​(SecretKeyRingProtector secretKeyDecryptor,
                                           org.bouncycastle.openpgp.PGPSecretKeyRing secretKey,
                                           DocumentSignatureType signatureType)
                                    throws org.bouncycastle.openpgp.PGPException
        Create a detached signature. Detached signatures are not being added into the PGP message itself. Instead, they can be distributed separately to the message. Detached signatures are useful if the data that is being signed shall not be modified (e.g. when signing a file).
        Parameters:
        secretKeyDecryptor - decryptor to unlock the secret signing key
        secretKey - signing key
        signatureType - type of data that is signed (binary, canonical text)
        Returns:
        this
        Throws:
        org.bouncycastle.openpgp.PGPException - if the key cannot be validated or unlocked, or if no signature method can be created

      • addDetachedSignature

        public SigningOptions addDetachedSignature​(SecretKeyRingProtector secretKeyDecryptor,
                                           org.bouncycastle.openpgp.PGPSecretKeyRing secretKey,
                                           String userId,
                                           DocumentSignatureType signatureType)
                                    throws org.bouncycastle.openpgp.PGPException
        Create a detached signature. Detached signatures are not being added into the PGP message itself. Instead, they can be distributed separately to the message. Detached signatures are useful if the data that is being signed shall not be modified (e.g. when signing a file). This method uses the passed in user-id to select user-specific hash algorithms.
        Parameters:
        secretKeyDecryptor - decryptor to unlock the secret signing key
        secretKey - signing key
        userId - user-id
        signatureType - type of data that is signed (binary, canonical text)
        Returns:
        this
        Throws:
        org.bouncycastle.openpgp.PGPException - if the key cannot be validated or unlocked, or if no signature method can be created

      • addDetachedSignature

        public SigningOptions addDetachedSignature​(SecretKeyRingProtector secretKeyDecryptor,
                                           org.bouncycastle.openpgp.PGPSecretKeyRing secretKey,
                                           String userId,
                                           DocumentSignatureType signatureType,
                                           @Nullable
                                           BaseSignatureSubpackets.Callback subpacketCallback)
                                    throws org.bouncycastle.openpgp.PGPException
        Create a detached signature. Detached signatures are not being added into the PGP message itself. Instead, they can be distributed separately to the message. Detached signatures are useful if the data that is being signed shall not be modified (e.g. when signing a file). This method uses the passed in user-id to select user-specific hash algorithms.
        Parameters:
        secretKeyDecryptor - decryptor to unlock the secret signing key
        secretKey - signing key
        userId - user-id
        signatureType - type of data that is signed (binary, canonical text)
        subpacketCallback - callback to modify hashed and unhashed subpackets of the signature
        Returns:
        this
        Throws:
        org.bouncycastle.openpgp.PGPException - if the key cannot be validated or unlocked, or if no signature method can be created