Class ConsumerOptions
- java.lang.Object
-
- org.pgpainless.decryption_verification.ConsumerOptions
-
public class ConsumerOptions extends java.lang.Object
Options for decryption and signature verification.
-
-
Constructor Summary
Constructors Constructor Description ConsumerOptions()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description ConsumerOptions
addDecryptionKey(org.bouncycastle.openpgp.PGPSecretKeyRing key)
Add a key for message decryption.ConsumerOptions
addDecryptionKey(org.bouncycastle.openpgp.PGPSecretKeyRing key, SecretKeyRingProtector keyRingProtector)
Add a key for message decryption.ConsumerOptions
addDecryptionKeys(org.bouncycastle.openpgp.PGPSecretKeyRingCollection keys, SecretKeyRingProtector keyRingProtector)
Add the keys in the provided key collection for message decryption.ConsumerOptions
addDecryptionPassphrase(Passphrase passphrase)
Add a passphrase for message decryption.ConsumerOptions
addVerificationCert(org.bouncycastle.openpgp.PGPPublicKeyRing verificationCert)
Add a certificate (public key ring) for signature verification.ConsumerOptions
addVerificationCerts(org.bouncycastle.openpgp.PGPPublicKeyRingCollection verificationCerts)
Add a set of certificates (public key rings) for signature verification.ConsumerOptions
addVerificationOfDetachedSignature(org.bouncycastle.openpgp.PGPSignature detachedSignature)
Add a detached signature for the signature verification process.ConsumerOptions
addVerificationOfDetachedSignatures(java.io.InputStream signatureInputStream)
ConsumerOptions
addVerificationOfDetachedSignatures(java.util.List<org.bouncycastle.openpgp.PGPSignature> detachedSignatures)
java.util.Set<org.bouncycastle.openpgp.PGPPublicKeyRing>
getCertificates()
java.util.Set<org.bouncycastle.openpgp.PGPSecretKeyRing>
getDecryptionKeys()
java.util.Set<Passphrase>
getDecryptionPassphrases()
java.util.Set<org.bouncycastle.openpgp.PGPSignature>
getDetachedSignatures()
MissingPublicKeyCallback
getMissingCertificateCallback()
SecretKeyRingProtector
getSecretKeyProtector(org.bouncycastle.openpgp.PGPSecretKeyRing decryptionKeyRing)
byte[]
getSessionKey()
Return the session key.java.util.Date
getVerifyNotAfter()
Return the latest possible creation date on which signatures made on the message are considered valid.java.util.Date
getVerifyNotBefore()
Return the earliest creation date on which signatures on the message are considered valid.ConsumerOptions
setMissingCertificateCallback(MissingPublicKeyCallback callback)
Set a callback that's used when a certificate (public key) is missing for signature verification.ConsumerOptions
setSessionKey(byte[] sessionKey)
Attempt decryption using a session key.ConsumerOptions
verifyNotAfter(java.util.Date timestamp)
Consider signatures on the message made after the given timestamp invalid.ConsumerOptions
verifyNotBefore(java.util.Date timestamp)
Consider signatures on the message made before the given timestamp invalid.
-
-
-
Method Detail
-
verifyNotBefore
public ConsumerOptions verifyNotBefore(java.util.Date timestamp)
Consider signatures on the message made before the given timestamp invalid. Null means no limitation.- Parameters:
timestamp
- timestamp- Returns:
- options
-
getVerifyNotBefore
@Nullable public java.util.Date getVerifyNotBefore()
Return the earliest creation date on which signatures on the message are considered valid. Signatures made earlier than this date are considered invalid.- Returns:
- earliest allowed signature creation date or null
-
verifyNotAfter
public ConsumerOptions verifyNotAfter(java.util.Date timestamp)
Consider signatures on the message made after the given timestamp invalid. Null means no limitation.- Parameters:
timestamp
- timestamp- Returns:
- options
-
getVerifyNotAfter
public java.util.Date getVerifyNotAfter()
Return the latest possible creation date on which signatures made on the message are considered valid. Signatures made later than this date are considered invalid.- Returns:
- Latest possible creation date or null.
-
addVerificationCert
public ConsumerOptions addVerificationCert(org.bouncycastle.openpgp.PGPPublicKeyRing verificationCert)
Add a certificate (public key ring) for signature verification.- Parameters:
verificationCert
- certificate for signature verification- Returns:
- options
-
addVerificationCerts
public ConsumerOptions addVerificationCerts(org.bouncycastle.openpgp.PGPPublicKeyRingCollection verificationCerts)
Add a set of certificates (public key rings) for signature verification.- Parameters:
verificationCerts
- certificates for signature verification- Returns:
- options
-
addVerificationOfDetachedSignatures
public ConsumerOptions addVerificationOfDetachedSignatures(java.io.InputStream signatureInputStream) throws java.io.IOException, org.bouncycastle.openpgp.PGPException
- Throws:
java.io.IOException
org.bouncycastle.openpgp.PGPException
-
addVerificationOfDetachedSignatures
public ConsumerOptions addVerificationOfDetachedSignatures(java.util.List<org.bouncycastle.openpgp.PGPSignature> detachedSignatures)
-
addVerificationOfDetachedSignature
public ConsumerOptions addVerificationOfDetachedSignature(org.bouncycastle.openpgp.PGPSignature detachedSignature)
Add a detached signature for the signature verification process.- Parameters:
detachedSignature
- detached signature- Returns:
- options
-
setMissingCertificateCallback
public ConsumerOptions setMissingCertificateCallback(MissingPublicKeyCallback callback)
Set a callback that's used when a certificate (public key) is missing for signature verification.- Parameters:
callback
- callback- Returns:
- options
-
setSessionKey
public ConsumerOptions setSessionKey(@Nonnull byte[] sessionKey)
Attempt decryption using a session key. Note: PGPainless does not yet support decryption with session keys. TODO: Add support for decryption using session key.- Parameters:
sessionKey
- session key- Returns:
- options
- See Also:
- RFC4880 on Session Keys
-
getSessionKey
@Nullable public byte[] getSessionKey()
Return the session key.- Returns:
- session key or null
-
addDecryptionKey
public ConsumerOptions addDecryptionKey(@Nonnull org.bouncycastle.openpgp.PGPSecretKeyRing key)
Add a key for message decryption. The key is expected to be unencrypted.- Parameters:
key
- unencrypted key- Returns:
- options
-
addDecryptionKey
public ConsumerOptions addDecryptionKey(@Nonnull org.bouncycastle.openpgp.PGPSecretKeyRing key, @Nonnull SecretKeyRingProtector keyRingProtector)
Add a key for message decryption. If the key is encrypted, theSecretKeyRingProtector
is used to decrypt it when needed.- Parameters:
key
- keykeyRingProtector
- protector for the secret key- Returns:
- options
-
addDecryptionKeys
public ConsumerOptions addDecryptionKeys(@Nonnull org.bouncycastle.openpgp.PGPSecretKeyRingCollection keys, @Nonnull SecretKeyRingProtector keyRingProtector)
Add the keys in the provided key collection for message decryption.- Parameters:
keys
- key collectionkeyRingProtector
- protector for encrypted secret keys- Returns:
- options
-
addDecryptionPassphrase
public ConsumerOptions addDecryptionPassphrase(@Nonnull Passphrase passphrase)
Add a passphrase for message decryption.- Parameters:
passphrase
- passphrase- Returns:
- options
-
getDecryptionKeys
@Nonnull public java.util.Set<org.bouncycastle.openpgp.PGPSecretKeyRing> getDecryptionKeys()
-
getDecryptionPassphrases
@Nonnull public java.util.Set<Passphrase> getDecryptionPassphrases()
-
getCertificates
@Nonnull public java.util.Set<org.bouncycastle.openpgp.PGPPublicKeyRing> getCertificates()
-
getMissingCertificateCallback
@Nullable public MissingPublicKeyCallback getMissingCertificateCallback()
-
getSecretKeyProtector
@Nullable public SecretKeyRingProtector getSecretKeyProtector(org.bouncycastle.openpgp.PGPSecretKeyRing decryptionKeyRing)
-
getDetachedSignatures
@Nonnull public java.util.Set<org.bouncycastle.openpgp.PGPSignature> getDetachedSignatures()
-
-