Class ConsumerOptions
- java.lang.Object
-
- org.pgpainless.decryption_verification.ConsumerOptions
-
public class ConsumerOptions extends java.lang.ObjectOptions for decryption and signature verification.
-
-
Constructor Summary
Constructors Constructor Description ConsumerOptions()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description ConsumerOptionsaddDecryptionKey(org.bouncycastle.openpgp.PGPSecretKeyRing key)Add a key for message decryption.ConsumerOptionsaddDecryptionKey(org.bouncycastle.openpgp.PGPSecretKeyRing key, SecretKeyRingProtector keyRingProtector)Add a key for message decryption.ConsumerOptionsaddDecryptionKeys(org.bouncycastle.openpgp.PGPSecretKeyRingCollection keys, SecretKeyRingProtector keyRingProtector)Add the keys in the provided key collection for message decryption.ConsumerOptionsaddDecryptionPassphrase(Passphrase passphrase)Add a passphrase for message decryption.ConsumerOptionsaddVerificationCert(org.bouncycastle.openpgp.PGPPublicKeyRing verificationCert)Add a certificate (public key ring) for signature verification.ConsumerOptionsaddVerificationCerts(org.bouncycastle.openpgp.PGPPublicKeyRingCollection verificationCerts)Add a set of certificates (public key rings) for signature verification.ConsumerOptionsaddVerificationOfDetachedSignature(org.bouncycastle.openpgp.PGPSignature detachedSignature)Add a detached signature for the signature verification process.ConsumerOptionsaddVerificationOfDetachedSignatures(java.io.InputStream signatureInputStream)ConsumerOptionsaddVerificationOfDetachedSignatures(java.util.List<org.bouncycastle.openpgp.PGPSignature> detachedSignatures)java.util.Set<org.bouncycastle.openpgp.PGPPublicKeyRing>getCertificates()java.util.Set<org.bouncycastle.openpgp.PGPSecretKeyRing>getDecryptionKeys()java.util.Set<Passphrase>getDecryptionPassphrases()java.util.Set<org.bouncycastle.openpgp.PGPSignature>getDetachedSignatures()MissingPublicKeyCallbackgetMissingCertificateCallback()SecretKeyRingProtectorgetSecretKeyProtector(org.bouncycastle.openpgp.PGPSecretKeyRing decryptionKeyRing)byte[]getSessionKey()Return the session key.java.util.DategetVerifyNotAfter()Return the latest possible creation date on which signatures made on the message are considered valid.java.util.DategetVerifyNotBefore()Return the earliest creation date on which signatures on the message are considered valid.ConsumerOptionssetMissingCertificateCallback(MissingPublicKeyCallback callback)Set a callback that's used when a certificate (public key) is missing for signature verification.ConsumerOptionssetSessionKey(byte[] sessionKey)Attempt decryption using a session key.ConsumerOptionsverifyNotAfter(java.util.Date timestamp)Consider signatures on the message made after the given timestamp invalid.ConsumerOptionsverifyNotBefore(java.util.Date timestamp)Consider signatures on the message made before the given timestamp invalid.
-
-
-
Method Detail
-
verifyNotBefore
public ConsumerOptions verifyNotBefore(java.util.Date timestamp)
Consider signatures on the message made before the given timestamp invalid. Null means no limitation.- Parameters:
timestamp- timestamp- Returns:
- options
-
getVerifyNotBefore
@Nullable public java.util.Date getVerifyNotBefore()
Return the earliest creation date on which signatures on the message are considered valid. Signatures made earlier than this date are considered invalid.- Returns:
- earliest allowed signature creation date or null
-
verifyNotAfter
public ConsumerOptions verifyNotAfter(java.util.Date timestamp)
Consider signatures on the message made after the given timestamp invalid. Null means no limitation.- Parameters:
timestamp- timestamp- Returns:
- options
-
getVerifyNotAfter
public java.util.Date getVerifyNotAfter()
Return the latest possible creation date on which signatures made on the message are considered valid. Signatures made later than this date are considered invalid.- Returns:
- Latest possible creation date or null.
-
addVerificationCert
public ConsumerOptions addVerificationCert(org.bouncycastle.openpgp.PGPPublicKeyRing verificationCert)
Add a certificate (public key ring) for signature verification.- Parameters:
verificationCert- certificate for signature verification- Returns:
- options
-
addVerificationCerts
public ConsumerOptions addVerificationCerts(org.bouncycastle.openpgp.PGPPublicKeyRingCollection verificationCerts)
Add a set of certificates (public key rings) for signature verification.- Parameters:
verificationCerts- certificates for signature verification- Returns:
- options
-
addVerificationOfDetachedSignatures
public ConsumerOptions addVerificationOfDetachedSignatures(java.io.InputStream signatureInputStream) throws java.io.IOException, org.bouncycastle.openpgp.PGPException
- Throws:
java.io.IOExceptionorg.bouncycastle.openpgp.PGPException
-
addVerificationOfDetachedSignatures
public ConsumerOptions addVerificationOfDetachedSignatures(java.util.List<org.bouncycastle.openpgp.PGPSignature> detachedSignatures)
-
addVerificationOfDetachedSignature
public ConsumerOptions addVerificationOfDetachedSignature(org.bouncycastle.openpgp.PGPSignature detachedSignature)
Add a detached signature for the signature verification process.- Parameters:
detachedSignature- detached signature- Returns:
- options
-
setMissingCertificateCallback
public ConsumerOptions setMissingCertificateCallback(MissingPublicKeyCallback callback)
Set a callback that's used when a certificate (public key) is missing for signature verification.- Parameters:
callback- callback- Returns:
- options
-
setSessionKey
public ConsumerOptions setSessionKey(@Nonnull byte[] sessionKey)
Attempt decryption using a session key. Note: PGPainless does not yet support decryption with session keys. TODO: Add support for decryption using session key.- Parameters:
sessionKey- session key- Returns:
- options
- See Also:
- RFC4880 on Session Keys
-
getSessionKey
@Nullable public byte[] getSessionKey()
Return the session key.- Returns:
- session key or null
-
addDecryptionKey
public ConsumerOptions addDecryptionKey(@Nonnull org.bouncycastle.openpgp.PGPSecretKeyRing key)
Add a key for message decryption. The key is expected to be unencrypted.- Parameters:
key- unencrypted key- Returns:
- options
-
addDecryptionKey
public ConsumerOptions addDecryptionKey(@Nonnull org.bouncycastle.openpgp.PGPSecretKeyRing key, @Nonnull SecretKeyRingProtector keyRingProtector)
Add a key for message decryption. If the key is encrypted, theSecretKeyRingProtectoris used to decrypt it when needed.- Parameters:
key- keykeyRingProtector- protector for the secret key- Returns:
- options
-
addDecryptionKeys
public ConsumerOptions addDecryptionKeys(@Nonnull org.bouncycastle.openpgp.PGPSecretKeyRingCollection keys, @Nonnull SecretKeyRingProtector keyRingProtector)
Add the keys in the provided key collection for message decryption.- Parameters:
keys- key collectionkeyRingProtector- protector for encrypted secret keys- Returns:
- options
-
addDecryptionPassphrase
public ConsumerOptions addDecryptionPassphrase(@Nonnull Passphrase passphrase)
Add a passphrase for message decryption.- Parameters:
passphrase- passphrase- Returns:
- options
-
getDecryptionKeys
@Nonnull public java.util.Set<org.bouncycastle.openpgp.PGPSecretKeyRing> getDecryptionKeys()
-
getDecryptionPassphrases
@Nonnull public java.util.Set<Passphrase> getDecryptionPassphrases()
-
getCertificates
@Nonnull public java.util.Set<org.bouncycastle.openpgp.PGPPublicKeyRing> getCertificates()
-
getMissingCertificateCallback
@Nullable public MissingPublicKeyCallback getMissingCertificateCallback()
-
getSecretKeyProtector
@Nullable public SecretKeyRingProtector getSecretKeyProtector(org.bouncycastle.openpgp.PGPSecretKeyRing decryptionKeyRing)
-
getDetachedSignatures
@Nonnull public java.util.Set<org.bouncycastle.openpgp.PGPSignature> getDetachedSignatures()
-
-