Package org.pgpainless.signature.subpackets

Class SignatureSubpacketsUtil

  • public final class SignatureSubpacketsUtil
extends Object
    Utility class to access signature subpackets from signatures. Since rfc4880 is not always clear about where a signature subpacket can be located (hashed/unhashed area), this class makes some educated guesses as to where the subpacket may be found when necessary.

    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static void assureKeyCanCarryFlags​(PublicKeyAlgorithm algorithm, KeyFlag... flags)  
      static void assureKeyCanCarryFlags​(KeyType type, KeyFlag... flags)
      Make sure that the given key type can carry the given key flags.
      static org.bouncycastle.openpgp.PGPSignatureList getEmbeddedSignature​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the embedded signature subpacket from the signatures hashed area.
      static org.bouncycastle.bcpg.sig.Exportable getExportableCertification​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the signatures exportable certification subpacket from the hashed area.
      static org.bouncycastle.bcpg.sig.Features getFeatures​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the features subpacket from the signatures hashed area.
      static List<org.bouncycastle.bcpg.sig.NotationData> getHashedNotationData​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the notation data subpackets from the signatures hashed area.
      static List<org.bouncycastle.bcpg.sig.NotationData> getHashedNotationData​(org.bouncycastle.openpgp.PGPSignature signature, String notationName)
      Return a list of all NotationData objects from the hashed area of the signature that have a notation name equal to the given notationName argument.
      static List<org.bouncycastle.bcpg.sig.IntendedRecipientFingerprint> getIntendedRecipientFingerprints​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the intended recipients fingerprint subpackets from the hashed area of this signature.
      static org.bouncycastle.bcpg.sig.IssuerFingerprint getIssuerFingerprint​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the issuer-fingerprint subpacket of the signature.
      static OpenPgpFingerprint getIssuerFingerprintAsOpenPgpFingerprint​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the IssuerFingerprint subpacket of the signature into a OpenPgpFingerprint.
      static org.bouncycastle.bcpg.sig.IssuerKeyID getIssuerKeyId​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the issuer key-id subpacket of the signature.
      static Long getIssuerKeyIdAsLong​(org.bouncycastle.openpgp.PGPSignature signature)
      Inspect the given signature's IssuerKeyID packet to determine the issuer key-id.
      static org.bouncycastle.bcpg.sig.KeyExpirationTime getKeyExpirationTime​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the key expiration time subpacket of this signature.
      static Date getKeyExpirationTimeAsDate​(org.bouncycastle.openpgp.PGPSignature signature, org.bouncycastle.openpgp.PGPPublicKey signingKey)
      Return the signatures key-expiration time as a date.
      static org.bouncycastle.bcpg.sig.KeyFlags getKeyFlags​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the key flags subpacket from the signatures hashed area.
      static long getKeyLifetimeInSeconds​(Date expirationDate, Date creationDate)
      Calculate the duration in seconds until the key expires after creation.
      static org.bouncycastle.bcpg.sig.PreferredAlgorithms getPreferredCompressionAlgorithms​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the compression algorithm preferences from the signatures hashed area.
      static org.bouncycastle.bcpg.sig.PreferredAlgorithms getPreferredHashAlgorithms​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the hash algorithm preferences from the signatures hashed area.
      static org.bouncycastle.bcpg.sig.PreferredAlgorithms getPreferredSymmetricAlgorithms​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the symmetric algorithm preferences from the signatures hashed area.
      static org.bouncycastle.bcpg.sig.PrimaryUserID getPrimaryUserId​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the primary user-id subpacket from the signatures hashed area.
      static org.bouncycastle.bcpg.sig.Revocable getRevocable​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the revocable subpacket of this signature.
      static org.bouncycastle.bcpg.sig.RevocationKey getRevocationKey​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the revocation key subpacket from the signatures hashed area.
      static org.bouncycastle.bcpg.sig.RevocationReason getRevocationReason​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the revocation reason subpacket of the signature.
      static org.bouncycastle.bcpg.sig.SignatureCreationTime getSignatureCreationTime​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the signature creation time subpacket.
      static org.bouncycastle.bcpg.sig.SignatureExpirationTime getSignatureExpirationTime​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the signature expiration time subpacket of the signature.
      static Date getSignatureExpirationTimeAsDate​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the signatures' expiration time as a date.
      static <P extends org.bouncycastle.bcpg.SignatureSubpacket>
      P      		 getSignatureSubpacket​(org.bouncycastle.openpgp.PGPSignatureSubpacketVector vector, SignatureSubpacket type)
      Return the last occurence of a subpacket type in the given signature subpacket vector.
      static org.bouncycastle.bcpg.sig.SignatureTarget getSignatureTarget​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the signature target subpacket from the signature.
      static org.bouncycastle.bcpg.sig.SignerUserID getSignerUserID​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the signers user-id from the hashed area of the signature.
      static org.bouncycastle.bcpg.sig.TrustSignature getTrustSignature​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the trust signature packet from the signatures hashed area.
      static List<org.bouncycastle.bcpg.sig.NotationData> getUnhashedNotationData​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the notation data subpackets from the signatures unhashed area.
      static List<org.bouncycastle.bcpg.sig.NotationData> getUnhashedNotationData​(org.bouncycastle.openpgp.PGPSignature signature, String notationName)
      Return a list of all NotationData objects from the unhashed area of the signature that have a notation name equal to the given notationName argument.
      static Set<Feature> parseFeatures​(org.bouncycastle.openpgp.PGPSignature signature)
      Parse out the features subpacket of a signature.
      static List<KeyFlag> parseKeyFlags​(org.bouncycastle.openpgp.PGPSignature signature)
      Return a list of key flags carried by the signature.
      static Set<CompressionAlgorithm> parsePreferredCompressionAlgorithms​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the preferred CompressionAlgorithms as present in the signature.
      static Set<HashAlgorithm> parsePreferredHashAlgorithms​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the preferred HashAlgorithms as present in the signature.
      static Set<SymmetricKeyAlgorithm> parsePreferredSymmetricKeyAlgorithms​(org.bouncycastle.openpgp.PGPSignature signature)
      Return the preferred SymmetricKeyAlgorithms as present in the signature.

    • Method Detail

      • getIssuerFingerprint

        public static org.bouncycastle.bcpg.sig.IssuerFingerprint getIssuerFingerprint​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the issuer-fingerprint subpacket of the signature. Since this packet is self-authenticating, we expect it to be in the unhashed area, however as it cannot hurt we search for it in the hashed area first.
        Parameters:
        signature - signature
        Returns:
        issuer fingerprint or null

      • getIssuerFingerprintAsOpenPgpFingerprint

        public static OpenPgpFingerprint getIssuerFingerprintAsOpenPgpFingerprint​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the IssuerFingerprint subpacket of the signature into a OpenPgpFingerprint. If no v4 issuer fingerprint is present in the signature, return null.
        Parameters:
        signature - signature
        Returns:
        v4 fingerprint of the issuer, or null

      • getIssuerKeyId

        public static org.bouncycastle.bcpg.sig.IssuerKeyID getIssuerKeyId​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the issuer key-id subpacket of the signature. Since this packet is self-authenticating, we expect it to be in the unhashed area, however as it cannot hurt we search for it in the hashed area first.
        Parameters:
        signature - signature
        Returns:
        issuer key-id or null

      • getIssuerKeyIdAsLong

        public static Long getIssuerKeyIdAsLong​(org.bouncycastle.openpgp.PGPSignature signature)
        Inspect the given signature's IssuerKeyID packet to determine the issuer key-id. If no such packet is present, return null.
        Parameters:
        signature - signature
        Returns:
        issuer key-id as Long

      • getRevocationReason

        public static org.bouncycastle.bcpg.sig.RevocationReason getRevocationReason​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the revocation reason subpacket of the signature. Since this packet is rather important for revocations, we only search for it in the hashed area of the signature.
        Parameters:
        signature - signature
        Returns:
        revocation reason

      • getSignatureCreationTime

        public static org.bouncycastle.bcpg.sig.SignatureCreationTime getSignatureCreationTime​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the signature creation time subpacket. Since this packet is rather important, we only search for it in the hashed area of the signature.
        Parameters:
        signature - signature
        Returns:
        signature creation time subpacket

      • getSignatureExpirationTime

        public static org.bouncycastle.bcpg.sig.SignatureExpirationTime getSignatureExpirationTime​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the signature expiration time subpacket of the signature. Since this packet is rather important, we only search for it in the hashed area of the signature.
        Parameters:
        signature - signature
        Returns:
        signature expiration time

      • getSignatureExpirationTimeAsDate

        public static Date getSignatureExpirationTimeAsDate​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the signatures' expiration time as a date. The expiration date is computed by adding the expiration time to the signature creation date. If the signature has no expiration time subpacket, or the expiration time is set to '0', this message returns null.
        Parameters:
        signature - signature
        Returns:
        expiration time as date

      • getKeyExpirationTime

        public static org.bouncycastle.bcpg.sig.KeyExpirationTime getKeyExpirationTime​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the key expiration time subpacket of this signature. We only look for it in the hashed area of the signature.
        Parameters:
        signature - signature
        Returns:
        key expiration time

      • getKeyExpirationTimeAsDate

        public static Date getKeyExpirationTimeAsDate​(org.bouncycastle.openpgp.PGPSignature signature,
                                              org.bouncycastle.openpgp.PGPPublicKey signingKey)
        Return the signatures key-expiration time as a date. The expiration date is computed by adding the signatures' key-expiration time to the signing keys creation date. If the signature does not have a key-expiration time subpacket, or its value is '0', this method returns null.
        Parameters:
        signature - self-signature carrying the key-expiration time subpacket
        signingKey - signature creation key
        Returns:
        key expiration time as date

      • getKeyLifetimeInSeconds

        public static long getKeyLifetimeInSeconds​(@Nullable
                                           Date expirationDate,
                                           @Nonnull
                                           Date creationDate)
        Calculate the duration in seconds until the key expires after creation.
        Parameters:
        expirationDate - new expiration date
        creationDate - key creation time
        Returns:
        lifetime of the key in seconds

      • getRevocable

        public static org.bouncycastle.bcpg.sig.Revocable getRevocable​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the revocable subpacket of this signature. We only look for it in the hashed area of the signature.
        Parameters:
        signature - signature
        Returns:
        revocable subpacket

      • getPreferredSymmetricAlgorithms

        public static org.bouncycastle.bcpg.sig.PreferredAlgorithms getPreferredSymmetricAlgorithms​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the symmetric algorithm preferences from the signatures hashed area.
        Parameters:
        signature - signature
        Returns:
        symm. algo. prefs

      • parsePreferredSymmetricKeyAlgorithms

        public static Set<SymmetricKeyAlgorithmparsePreferredSymmetricKeyAlgorithms​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the preferred SymmetricKeyAlgorithms as present in the signature. If no preference is given with regard to symmetric encryption algorithms, return an empty set. In any case, the resulting set is ordered by occurrence (LinkedHashSet).
        Parameters:
        signature - signature
        Returns:
        ordered set of symmetric key algorithm preferences

      • getPreferredHashAlgorithms

        public static org.bouncycastle.bcpg.sig.PreferredAlgorithms getPreferredHashAlgorithms​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the hash algorithm preferences from the signatures hashed area.
        Parameters:
        signature - signature
        Returns:
        hash algo prefs

      • parsePreferredHashAlgorithms

        public static Set<HashAlgorithmparsePreferredHashAlgorithms​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the preferred HashAlgorithms as present in the signature. If no preference is given with regard to hash algorithms, return an empty set. In any case, the resulting set is ordered by occurrence (LinkedHashSet).
        Parameters:
        signature - signature
        Returns:
        ordered set of hash algorithm preferences

      • getPreferredCompressionAlgorithms

        public static org.bouncycastle.bcpg.sig.PreferredAlgorithms getPreferredCompressionAlgorithms​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the compression algorithm preferences from the signatures hashed area.
        Parameters:
        signature - signature
        Returns:
        compression algo prefs

      • parsePreferredCompressionAlgorithms

        public static Set<CompressionAlgorithmparsePreferredCompressionAlgorithms​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the preferred CompressionAlgorithms as present in the signature. If no preference is given with regard to compression algorithms, return an empty set. In any case, the resulting set is ordered by occurrence (LinkedHashSet).
        Parameters:
        signature - signature
        Returns:
        ordered set of compression algorithm preferences

      • getPrimaryUserId

        public static org.bouncycastle.bcpg.sig.PrimaryUserID getPrimaryUserId​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the primary user-id subpacket from the signatures hashed area.
        Parameters:
        signature - signature
        Returns:
        primary user id

      • getKeyFlags

        public static org.bouncycastle.bcpg.sig.KeyFlags getKeyFlags​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the key flags subpacket from the signatures hashed area.
        Parameters:
        signature - signature
        Returns:
        key flags

      • parseKeyFlags

        public static List<KeyFlagparseKeyFlags​(@Nullable
                                          org.bouncycastle.openpgp.PGPSignature signature)
        Return a list of key flags carried by the signature. If the signature is null, or has no KeyFlags subpacket, return null.
        Parameters:
        signature - signature
        Returns:
        list of key flags

      • getFeatures

        public static org.bouncycastle.bcpg.sig.Features getFeatures​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the features subpacket from the signatures hashed area.
        Parameters:
        signature - signature
        Returns:
        features subpacket

      • parseFeatures

        @Nullable
public static Set<FeatureparseFeatures​(org.bouncycastle.openpgp.PGPSignature signature)
        Parse out the features subpacket of a signature. If the signature has no features subpacket, return null. Otherwise, return the features as a feature set.
        Parameters:
        signature - signature
        Returns:
        features as set

      • getSignatureTarget

        public static org.bouncycastle.bcpg.sig.SignatureTarget getSignatureTarget​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the signature target subpacket from the signature. We search for this subpacket in the hashed and unhashed area (in this order).
        Parameters:
        signature - signature
        Returns:
        signature target

      • getHashedNotationData

        public static List<org.bouncycastle.bcpg.sig.NotationData> getHashedNotationData​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the notation data subpackets from the signatures hashed area.
        Parameters:
        signature - signature
        Returns:
        hashed notations

      • getHashedNotationData

        public static List<org.bouncycastle.bcpg.sig.NotationData> getHashedNotationData​(org.bouncycastle.openpgp.PGPSignature signature,
                                                                                 String notationName)
        Return a list of all NotationData objects from the hashed area of the signature that have a notation name equal to the given notationName argument.
        Parameters:
        signature - signature
        notationName - notation name
        Returns:
        list of matching notation data objects

      • getUnhashedNotationData

        public static List<org.bouncycastle.bcpg.sig.NotationData> getUnhashedNotationData​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the notation data subpackets from the signatures unhashed area.
        Parameters:
        signature - signture
        Returns:
        unhashed notations

      • getUnhashedNotationData

        public static List<org.bouncycastle.bcpg.sig.NotationData> getUnhashedNotationData​(org.bouncycastle.openpgp.PGPSignature signature,
                                                                                   String notationName)
        Return a list of all NotationData objects from the unhashed area of the signature that have a notation name equal to the given notationName argument.
        Parameters:
        signature - signature
        notationName - notation name
        Returns:
        list of matching notation data objects

      • getRevocationKey

        public static org.bouncycastle.bcpg.sig.RevocationKey getRevocationKey​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the revocation key subpacket from the signatures hashed area.
        Parameters:
        signature - signature
        Returns:
        revocation key

      • getSignerUserID

        public static org.bouncycastle.bcpg.sig.SignerUserID getSignerUserID​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the signers user-id from the hashed area of the signature. TODO: Can this subpacket also be found in the unhashed area?
        Parameters:
        signature - signature
        Returns:
        signers user-id

      • getIntendedRecipientFingerprints

        public static List<org.bouncycastle.bcpg.sig.IntendedRecipientFingerprint> getIntendedRecipientFingerprints​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the intended recipients fingerprint subpackets from the hashed area of this signature.
        Parameters:
        signature - signature
        Returns:
        intended recipient fingerprint subpackets

      • getEmbeddedSignature

        public static org.bouncycastle.openpgp.PGPSignatureList getEmbeddedSignature​(org.bouncycastle.openpgp.PGPSignature signature)
                                                                      throws org.bouncycastle.openpgp.PGPException
        Return the embedded signature subpacket from the signatures hashed area.
        Parameters:
        signature - signature
        Returns:
        embedded signature
        Throws:
        org.bouncycastle.openpgp.PGPException

      • getExportableCertification

        public static org.bouncycastle.bcpg.sig.Exportable getExportableCertification​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the signatures exportable certification subpacket from the hashed area.
        Parameters:
        signature - signature
        Returns:
        exportable certification subpacket

      • getTrustSignature

        public static org.bouncycastle.bcpg.sig.TrustSignature getTrustSignature​(org.bouncycastle.openpgp.PGPSignature signature)
        Return the trust signature packet from the signatures hashed area.
        Parameters:
        signature - signature
        Returns:
        trust signature subpacket

      • getSignatureSubpacket

        public static <P extends org.bouncycastle.bcpg.SignatureSubpacket> P getSignatureSubpacket​(org.bouncycastle.openpgp.PGPSignatureSubpacketVector vector,
                                                                                           SignatureSubpacket type)
        Return the last occurence of a subpacket type in the given signature subpacket vector.
        Type Parameters:
        P - generic return type of the subpacket
        Parameters:
        vector - subpacket vector (hashed/unhashed)
        type - subpacket type
        Returns:
        last occurrence of the subpacket in the vector

      • assureKeyCanCarryFlags

        public static void assureKeyCanCarryFlags​(KeyType type,
                                          KeyFlag... flags)
        Make sure that the given key type can carry the given key flags.
        Parameters:
        type - key type
        flags - key flags