Class SecretKeyRingEditor
- java.lang.Object
-
- org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditor
-
- All Implemented Interfaces:
SecretKeyRingEditorInterface
public class SecretKeyRingEditor extends Object implements SecretKeyRingEditorInterface
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
SecretKeyRingEditorInterface.WithKeyRingEncryptionSettings, SecretKeyRingEditorInterface.WithPassphrase
-
-
Constructor Summary
Constructors Constructor Description SecretKeyRingEditor(org.bouncycastle.openpgp.PGPSecretKeyRing secretKeyRing)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description SecretKeyRingEditorInterfaceaddPrimaryUserId(CharSequence userId, SecretKeyRingProtector protector)Add a user-id to the key ring and mark it as primary.SecretKeyRingEditorInterfaceaddSubKey(org.bouncycastle.openpgp.PGPKeyPair subkey, SelfSignatureSubpackets.Callback bindingSignatureCallback, SecretKeyRingProtector subkeyProtector, SecretKeyRingProtector primaryKeyProtector, KeyFlag keyFlag, KeyFlag... additionalKeyFlags)Add a subkey to the key ring.SecretKeyRingEditorInterfaceaddSubKey(KeySpec keySpec, Passphrase subKeyPassphrase, SecretKeyRingProtector secretKeyRingProtector)Add a subkey to the key ring.SecretKeyRingEditorInterfaceaddSubKey(KeySpec keySpec, Passphrase subkeyPassphrase, SelfSignatureSubpackets.Callback subpacketsCallback, SecretKeyRingProtector secretKeyRingProtector)Add a subkey to the key ring.SecretKeyRingEditorInterfaceaddUserId(CharSequence userId, SecretKeyRingProtector secretKeyRingProtector)Add a user-id to the key ring.SecretKeyRingEditorInterfaceaddUserId(CharSequence userId, SelfSignatureSubpackets.Callback signatureSubpacketCallback, SecretKeyRingProtector protector)Add a user-id to the key ring.SecretKeyRingEditorInterface.WithKeyRingEncryptionSettingschangePassphraseFromOldPassphrase(Passphrase oldPassphrase, KeyRingProtectionSettings oldProtectionSettings)Change the passphrase of the whole key ring.SecretKeyRingEditorInterface.WithKeyRingEncryptionSettingschangeSubKeyPassphraseFromOldPassphrase(Long keyId, Passphrase oldPassphrase, KeyRingProtectionSettings oldProtectionSettings)org.bouncycastle.openpgp.PGPSignaturecreateRevocationCertificate(long subkeyId, SecretKeyRingProtector secretKeyRingProtector, RevocationAttributes revocationAttributes)Create a detached revocation certificate, which can be used to revoke the specified subkey.org.bouncycastle.openpgp.PGPSignaturecreateRevocationCertificate(long subkeyId, SecretKeyRingProtector secretKeyRingProtector, RevocationSignatureSubpackets.Callback certificateSubpacketsCallback)Create a detached revocation certificate, which can be used to revoke the specified subkey.org.bouncycastle.openpgp.PGPSignaturecreateRevocationCertificate(SecretKeyRingProtector secretKeyRingProtector, RevocationAttributes revocationAttributes)Create a detached revocation certificate, which can be used to revoke the whole key.org.bouncycastle.openpgp.PGPSecretKeyRingdone()Return thePGPSecretKeyRing.SecretKeyRingEditorInterfaceremoveUserId(CharSequence userId, SecretKeyRingProtector protector)Convenience method to revoke a single user-id using a soft revocation signature.SecretKeyRingEditorInterfaceremoveUserId(SelectUserId userIdSelector, SecretKeyRingProtector protector)Convenience method to revoke selected user-ids using soft revocation signatures.SecretKeyRingEditorInterfacerevoke(SecretKeyRingProtector secretKeyRingProtector, RevocationAttributes revocationAttributes)Revoke the key ring using the provided revocation attributes.SecretKeyRingEditorInterfacerevoke(SecretKeyRingProtector secretKeyRingProtector, RevocationSignatureSubpackets.Callback subpacketsCallback)Revoke the key ring.SecretKeyRingEditorInterfacerevokeSubKey(long subKeyId, SecretKeyRingProtector protector, RevocationAttributes revocationAttributes)Revoke the subkey binding signature of a subkey.SecretKeyRingEditorInterfacerevokeSubKey(long keyID, SecretKeyRingProtector secretKeyRingProtector, RevocationSignatureSubpackets.Callback subpacketsCallback)Revoke the subkey binding signature of a subkey.SecretKeyRingEditorInterfacerevokeUserId(CharSequence userId, SecretKeyRingProtector secretKeyRingProtector, RevocationAttributes revocationAttributes)Revoke the given userID using the provided revocation attributes.SecretKeyRingEditorInterfacerevokeUserId(CharSequence userId, SecretKeyRingProtector secretKeyRingProtector, RevocationSignatureSubpackets.Callback subpacketCallback)Revoke the provided user-id.SecretKeyRingEditorInterfacerevokeUserIds(SelectUserId userIdSelector, SecretKeyRingProtector secretKeyRingProtector, RevocationAttributes revocationAttributes)Revoke all user-ids that match the providedSelectUserIdfilter.SecretKeyRingEditorInterfacerevokeUserIds(SelectUserId userIdSelector, SecretKeyRingProtector secretKeyRingProtector, RevocationSignatureSubpackets.Callback subpacketsCallback)Revoke all user-ids that match the providedSelectUserIdfilter.SecretKeyRingEditorInterfacesetExpirationDate(Date expiration, SecretKeyRingProtector secretKeyRingProtector)Set the expiration date for the primary key of the key ring.-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface org.pgpainless.key.modification.secretkeyring.SecretKeyRingEditorInterface
changePassphraseFromOldPassphrase, changeSubKeyPassphraseFromOldPassphrase, createRevocationCertificate, revoke, revokeSubKey, revokeSubKey, revokeSubKey, revokeUserId
-
-
-
-
Constructor Detail
-
SecretKeyRingEditor
public SecretKeyRingEditor(org.bouncycastle.openpgp.PGPSecretKeyRing secretKeyRing)
-
-
Method Detail
-
addUserId
public SecretKeyRingEditorInterface addUserId(@Nonnull CharSequence userId, @Nonnull SecretKeyRingProtector secretKeyRingProtector) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceAdd a user-id to the key ring.- Specified by:
addUserIdin interfaceSecretKeyRingEditorInterface- Parameters:
userId- user-idsecretKeyRingProtector- protector to unlock the secret key- Returns:
- the builder
- Throws:
org.bouncycastle.openpgp.PGPException
-
addUserId
public SecretKeyRingEditorInterface addUserId(@Nonnull CharSequence userId, @Nullable SelfSignatureSubpackets.Callback signatureSubpacketCallback, @Nonnull SecretKeyRingProtector protector) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceAdd a user-id to the key ring.- Specified by:
addUserIdin interfaceSecretKeyRingEditorInterface- Parameters:
userId- user-idsignatureSubpacketCallback- callback that can be used to modify signature subpackets of the certification signature.protector- protector to unlock the primary secret key- Returns:
- the builder
- Throws:
org.bouncycastle.openpgp.PGPException
-
addPrimaryUserId
public SecretKeyRingEditorInterface addPrimaryUserId(@Nonnull CharSequence userId, @Nonnull SecretKeyRingProtector protector) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceAdd a user-id to the key ring and mark it as primary. If the user-id is already present, a new certification signature will be created.- Specified by:
addPrimaryUserIdin interfaceSecretKeyRingEditorInterface- Parameters:
userId- user idprotector- protector to unlock the secret key- Returns:
- the builder
- Throws:
org.bouncycastle.openpgp.PGPException
-
removeUserId
public SecretKeyRingEditorInterface removeUserId(SelectUserId userIdSelector, SecretKeyRingProtector protector) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceConvenience method to revoke selected user-ids using soft revocation signatures. The revocation will useRevocationAttributes.Reason.USER_ID_NO_LONGER_VALID, so that the user-id can be re-certified at a later point.- Specified by:
removeUserIdin interfaceSecretKeyRingEditorInterface- Parameters:
userIdSelector- selector to select user-idsprotector- protector to unlock the primary key- Returns:
- the builder
- Throws:
org.bouncycastle.openpgp.PGPException
-
removeUserId
public SecretKeyRingEditorInterface removeUserId(CharSequence userId, SecretKeyRingProtector protector) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceConvenience method to revoke a single user-id using a soft revocation signature. The revocation will useRevocationAttributes.Reason.USER_ID_NO_LONGER_VALID. so that the user-id can be re-certified at a later point.- Specified by:
removeUserIdin interfaceSecretKeyRingEditorInterface- Parameters:
userId- user-id to revokeprotector- protector to unlock the primary key- Returns:
- the builder
- Throws:
org.bouncycastle.openpgp.PGPException
-
addSubKey
public SecretKeyRingEditorInterface addSubKey(@Nonnull KeySpec keySpec, @Nonnull Passphrase subKeyPassphrase, @Nonnull SecretKeyRingProtector secretKeyRingProtector) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, org.bouncycastle.openpgp.PGPException, IOException
Description copied from interface:SecretKeyRingEditorInterfaceAdd a subkey to the key ring. The subkey will be generated from the providedKeySpec.- Specified by:
addSubKeyin interfaceSecretKeyRingEditorInterface- Parameters:
keySpec- key specificationsubKeyPassphrase- passphrase to encrypt the sub keysecretKeyRingProtector- protector to unlock the secret key of the key ring- Returns:
- the builder
- Throws:
InvalidAlgorithmParameterExceptionNoSuchAlgorithmExceptionorg.bouncycastle.openpgp.PGPExceptionIOException
-
addSubKey
public SecretKeyRingEditorInterface addSubKey(@Nonnull KeySpec keySpec, @Nullable Passphrase subkeyPassphrase, @Nullable SelfSignatureSubpackets.Callback subpacketsCallback, @Nonnull SecretKeyRingProtector secretKeyRingProtector) throws org.bouncycastle.openpgp.PGPException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException
Description copied from interface:SecretKeyRingEditorInterfaceAdd a subkey to the key ring. The subkey will be generated from the providedKeySpec.- Specified by:
addSubKeyin interfaceSecretKeyRingEditorInterface- Parameters:
keySpec- key spec of the subkeysubkeyPassphrase- passphrase to encrypt the subkeysubpacketsCallback- callback to modify the subpackets of the subkey binding signaturesecretKeyRingProtector- protector to unlock the primary key- Returns:
- builder
- Throws:
org.bouncycastle.openpgp.PGPExceptionInvalidAlgorithmParameterExceptionNoSuchAlgorithmExceptionIOException
-
addSubKey
public SecretKeyRingEditorInterface addSubKey(@Nonnull org.bouncycastle.openpgp.PGPKeyPair subkey, @Nullable SelfSignatureSubpackets.Callback bindingSignatureCallback, @Nonnull SecretKeyRingProtector subkeyProtector, @Nonnull SecretKeyRingProtector primaryKeyProtector, @Nonnull KeyFlag keyFlag, KeyFlag... additionalKeyFlags) throws org.bouncycastle.openpgp.PGPException, IOException, NoSuchAlgorithmException
Description copied from interface:SecretKeyRingEditorInterfaceAdd a subkey to the key ring.- Specified by:
addSubKeyin interfaceSecretKeyRingEditorInterface- Parameters:
subkey- subkey key pairbindingSignatureCallback- callback to modify the subpackets of the subkey binding signaturesubkeyProtector- protector to unlock and encrypt the subkeyprimaryKeyProtector- protector to unlock the primary keykeyFlag- first key flag for the subkeyadditionalKeyFlags- optional additional key flags- Returns:
- builder
- Throws:
org.bouncycastle.openpgp.PGPExceptionIOExceptionNoSuchAlgorithmException
-
revoke
public SecretKeyRingEditorInterface revoke(@Nonnull SecretKeyRingProtector secretKeyRingProtector, @Nullable RevocationAttributes revocationAttributes) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceRevoke the key ring using the provided revocation attributes. The attributes define, whether the revocation was a hard revocation or not.- Specified by:
revokein interfaceSecretKeyRingEditorInterface- Parameters:
secretKeyRingProtector- protector of the primary keyrevocationAttributes- reason for the revocation- Returns:
- the builder
- Throws:
org.bouncycastle.openpgp.PGPException
-
revoke
public SecretKeyRingEditorInterface revoke(@Nonnull SecretKeyRingProtector secretKeyRingProtector, @Nullable RevocationSignatureSubpackets.Callback subpacketsCallback) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceRevoke the key ring. You can use theRevocationSignatureSubpackets.Callbackto modify the revocation signatures subpackets, e.g. in order to define whether this is a hard or soft revocation.- Specified by:
revokein interfaceSecretKeyRingEditorInterface- Parameters:
secretKeyRingProtector- protector to unlock the primary secret keysubpacketsCallback- callback to modify the revocations subpackets- Returns:
- builder
- Throws:
org.bouncycastle.openpgp.PGPException
-
revokeSubKey
public SecretKeyRingEditorInterface revokeSubKey(long subKeyId, SecretKeyRingProtector protector, RevocationAttributes revocationAttributes) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceRevoke the subkey binding signature of a subkey. The subkey with the provided key-id will be revoked. If no suitable subkey is found, aNoSuchElementExceptionwill be thrown.- Specified by:
revokeSubKeyin interfaceSecretKeyRingEditorInterface- Parameters:
subKeyId- id of the subkeyprotector- protector to unlock the primary keyrevocationAttributes- reason for the revocation- Returns:
- the builder
- Throws:
org.bouncycastle.openpgp.PGPException
-
revokeSubKey
public SecretKeyRingEditorInterface revokeSubKey(long keyID, @Nonnull SecretKeyRingProtector secretKeyRingProtector, @Nullable RevocationSignatureSubpackets.Callback subpacketsCallback) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceRevoke the subkey binding signature of a subkey. The subkey with the provided key-id will be revoked. If no suitable subkey is found, qNoSuchElementExceptionwill be thrown. The provided subpackets callback is used to modify the revocation signatures subpackets.- Specified by:
revokeSubKeyin interfaceSecretKeyRingEditorInterface- Parameters:
keyID- id of the subkeysecretKeyRingProtector- protector to unlock the secret key ringsubpacketsCallback- callback which can be used to modify the subpackets of the revocation signature- Returns:
- the builder
- Throws:
org.bouncycastle.openpgp.PGPException
-
createRevocationCertificate
public org.bouncycastle.openpgp.PGPSignature createRevocationCertificate(@Nonnull SecretKeyRingProtector secretKeyRingProtector, @Nullable RevocationAttributes revocationAttributes) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceCreate a detached revocation certificate, which can be used to revoke the whole key.- Specified by:
createRevocationCertificatein interfaceSecretKeyRingEditorInterface- Parameters:
secretKeyRingProtector- protector to unlock the primary key.revocationAttributes- reason for the revocation- Returns:
- revocation certificate
- Throws:
org.bouncycastle.openpgp.PGPException
-
createRevocationCertificate
public org.bouncycastle.openpgp.PGPSignature createRevocationCertificate(long subkeyId, @Nonnull SecretKeyRingProtector secretKeyRingProtector, @Nullable RevocationAttributes revocationAttributes) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceCreate a detached revocation certificate, which can be used to revoke the specified subkey.- Specified by:
createRevocationCertificatein interfaceSecretKeyRingEditorInterface- Parameters:
subkeyId- id of the subkey to be revokedsecretKeyRingProtector- protector to unlock the primary key.revocationAttributes- reason for the revocation- Returns:
- revocation certificate
- Throws:
org.bouncycastle.openpgp.PGPException
-
createRevocationCertificate
public org.bouncycastle.openpgp.PGPSignature createRevocationCertificate(long subkeyId, @Nonnull SecretKeyRingProtector secretKeyRingProtector, @Nullable RevocationSignatureSubpackets.Callback certificateSubpacketsCallback) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceCreate a detached revocation certificate, which can be used to revoke the specified subkey.- Specified by:
createRevocationCertificatein interfaceSecretKeyRingEditorInterface- Parameters:
subkeyId- id of the subkey to be revokedsecretKeyRingProtector- protector to unlock the primary key.certificateSubpacketsCallback- callback to modify the subpackets of the revocation certificate.- Returns:
- revocation certificate
- Throws:
org.bouncycastle.openpgp.PGPException
-
revokeUserId
public SecretKeyRingEditorInterface revokeUserId(@Nonnull CharSequence userId, @Nonnull SecretKeyRingProtector secretKeyRingProtector, @Nullable RevocationAttributes revocationAttributes) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceRevoke the given userID using the provided revocation attributes.- Specified by:
revokeUserIdin interfaceSecretKeyRingEditorInterface- Parameters:
userId- userId to revokesecretKeyRingProtector- protector to unlock the primary keyrevocationAttributes- reason for the revocation- Returns:
- the builder
- Throws:
org.bouncycastle.openpgp.PGPException
-
revokeUserId
public SecretKeyRingEditorInterface revokeUserId(@Nonnull CharSequence userId, @Nonnull SecretKeyRingProtector secretKeyRingProtector, @Nullable RevocationSignatureSubpackets.Callback subpacketCallback) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceRevoke the provided user-id. Note: If you don't provide aRevocationSignatureSubpackets.Callbackwhich sets a revocation reason (RevocationAttributes), the revocation might be considered hard. So if you intend to re-certify the user-id at a later point to make it valid again, make sure to set a soft revocation reason in the signatures hashed area using the subpacket callback.- Specified by:
revokeUserIdin interfaceSecretKeyRingEditorInterface- Parameters:
userId- userid to be revokedsecretKeyRingProtector- protector to unlock the primary secret keysubpacketCallback- callback to modify the revocations subpackets- Returns:
- builder
- Throws:
org.bouncycastle.openpgp.PGPException
-
revokeUserIds
public SecretKeyRingEditorInterface revokeUserIds(@Nonnull SelectUserId userIdSelector, @Nonnull SecretKeyRingProtector secretKeyRingProtector, @Nullable RevocationAttributes revocationAttributes) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceRevoke all user-ids that match the providedSelectUserIdfilter. The providedRevocationAttributeswill be set as reason for revocation in each revocation signature. Note: If you intend to re-certify these user-ids at a later point, make sure to choose a soft revocation reason. SeeRevocationAttributes.Reasonfor more information.- Specified by:
revokeUserIdsin interfaceSecretKeyRingEditorInterface- Parameters:
userIdSelector- user-id selectorsecretKeyRingProtector- protector to unlock the primary secret keyrevocationAttributes- revocation attributes- Returns:
- builder
- Throws:
org.bouncycastle.openpgp.PGPException
-
revokeUserIds
public SecretKeyRingEditorInterface revokeUserIds(@Nonnull SelectUserId userIdSelector, @Nonnull SecretKeyRingProtector secretKeyRingProtector, @Nullable RevocationSignatureSubpackets.Callback subpacketsCallback) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceRevoke all user-ids that match the providedSelectUserIdfilter. The providedRevocationSignatureSubpackets.Callbackwill be used to modify the revocation signatures subpackets. Note: If you intend to re-certify these user-ids at a later point, make sure to set a soft revocation reason in the revocation signatures hashed subpacket area using the callback. SeeRevocationAttributes.Reasonfor more information.- Specified by:
revokeUserIdsin interfaceSecretKeyRingEditorInterface- Parameters:
userIdSelector- user-id selectorsecretKeyRingProtector- protector to unlock the primary secret keysubpacketsCallback- callback to modify the revocations subpackets- Returns:
- builder
- Throws:
org.bouncycastle.openpgp.PGPException
-
setExpirationDate
public SecretKeyRingEditorInterface setExpirationDate(@Nullable Date expiration, @Nonnull SecretKeyRingProtector secretKeyRingProtector) throws org.bouncycastle.openpgp.PGPException
Description copied from interface:SecretKeyRingEditorInterfaceSet the expiration date for the primary key of the key ring. If the key is supposed to never expire, then an expiration date of null is expected.- Specified by:
setExpirationDatein interfaceSecretKeyRingEditorInterface- Parameters:
expiration- new expiration date or nullsecretKeyRingProtector- to unlock the secret key- Returns:
- the builder
- Throws:
org.bouncycastle.openpgp.PGPException
-
changePassphraseFromOldPassphrase
public SecretKeyRingEditorInterface.WithKeyRingEncryptionSettings changePassphraseFromOldPassphrase(@Nullable Passphrase oldPassphrase, @Nonnull KeyRingProtectionSettings oldProtectionSettings)
Description copied from interface:SecretKeyRingEditorInterfaceChange the passphrase of the whole key ring.- Specified by:
changePassphraseFromOldPassphrasein interfaceSecretKeyRingEditorInterface- Parameters:
oldPassphrase- old passphrase or null, if the key was unprotectedoldProtectionSettings- custom settings for the old passphrase- Returns:
- next builder step
-
changeSubKeyPassphraseFromOldPassphrase
public SecretKeyRingEditorInterface.WithKeyRingEncryptionSettings changeSubKeyPassphraseFromOldPassphrase(@Nonnull Long keyId, @Nullable Passphrase oldPassphrase, @Nonnull KeyRingProtectionSettings oldProtectionSettings)
- Specified by:
changeSubKeyPassphraseFromOldPassphrasein interfaceSecretKeyRingEditorInterface
-
done
public org.bouncycastle.openpgp.PGPSecretKeyRing done()
Description copied from interface:SecretKeyRingEditorInterfaceReturn thePGPSecretKeyRing.- Specified by:
donein interfaceSecretKeyRingEditorInterface- Returns:
- the key
-
-