Class SigningOptions
- java.lang.Object
-
- org.pgpainless.encryption_signing.SigningOptions
-
public final class SigningOptions extends java.lang.Object
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
SigningOptions.SigningMethod
A method of signing.
-
Constructor Summary
Constructors Constructor Description SigningOptions()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description SigningOptions
addDetachedSignature(SecretKeyRingProtector secretKeyDecryptor, org.bouncycastle.openpgp.PGPSecretKeyRing signingKey)
Create a detached signature.SigningOptions
addDetachedSignature(SecretKeyRingProtector secretKeyDecryptor, org.bouncycastle.openpgp.PGPSecretKeyRing secretKey, java.lang.String userId, DocumentSignatureType signatureType)
Create a detached signature.SigningOptions
addDetachedSignature(SecretKeyRingProtector secretKeyDecryptor, org.bouncycastle.openpgp.PGPSecretKeyRing secretKey, java.lang.String userId, DocumentSignatureType signatureType, BaseSignatureSubpackets.Callback subpacketCallback)
Create a detached signature.SigningOptions
addDetachedSignature(SecretKeyRingProtector secretKeyDecryptor, org.bouncycastle.openpgp.PGPSecretKeyRing secretKey, DocumentSignatureType signatureType)
Create a detached signature.SigningOptions
addDetachedSignatures(SecretKeyRingProtector secretKeyDecryptor, java.lang.Iterable<org.bouncycastle.openpgp.PGPSecretKeyRing> signingKeys, DocumentSignatureType signatureType)
Add detached signatures with all key rings from the provided secret key ring collection.SigningOptions
addInlineSignature(SecretKeyRingProtector secretKeyDecryptor, org.bouncycastle.openpgp.PGPSecretKeyRing secretKey, java.lang.String userId, DocumentSignatureType signatureType)
Add an inline-signature.SigningOptions
addInlineSignature(SecretKeyRingProtector secretKeyDecryptor, org.bouncycastle.openpgp.PGPSecretKeyRing secretKey, java.lang.String userId, DocumentSignatureType signatureType, BaseSignatureSubpackets.Callback subpacketsCallback)
Add an inline-signature.SigningOptions
addInlineSignature(SecretKeyRingProtector secretKeyDecryptor, org.bouncycastle.openpgp.PGPSecretKeyRing secretKey, DocumentSignatureType signatureType)
Add an inline-signature.SigningOptions
addInlineSignatures(SecretKeyRingProtector secrectKeyDecryptor, java.lang.Iterable<org.bouncycastle.openpgp.PGPSecretKeyRing> signingKeys, DocumentSignatureType signatureType)
Add inline signatures with all secret key rings in the provided secret key ring collection.SigningOptions
addSignature(SecretKeyRingProtector signingKeyProtector, org.bouncycastle.openpgp.PGPSecretKeyRing signingKey)
Sign the message using an inline signature made by the provided signing key.static SigningOptions
get()
HashAlgorithm
getHashAlgorithmOverride()
Return the hash algorithm override (or null if no override is set).SigningOptions
overrideHashAlgorithm(HashAlgorithm hashAlgorithmOverride)
Override hash algorithm negotiation by dictating which hash algorithm needs to be used.
-
-
-
Method Detail
-
get
public static SigningOptions get()
-
addSignature
public SigningOptions addSignature(SecretKeyRingProtector signingKeyProtector, org.bouncycastle.openpgp.PGPSecretKeyRing signingKey) throws org.bouncycastle.openpgp.PGPException
Sign the message using an inline signature made by the provided signing key.- Parameters:
signingKeyProtector
- protector to unlock the signing keysigningKey
- key ring containing the signing key- Returns:
- this
- Throws:
KeyException
- if something is wrong with the keyorg.bouncycastle.openpgp.PGPException
- if the key cannot be unlocked or a signing method cannot be created
-
addInlineSignatures
public SigningOptions addInlineSignatures(SecretKeyRingProtector secrectKeyDecryptor, java.lang.Iterable<org.bouncycastle.openpgp.PGPSecretKeyRing> signingKeys, DocumentSignatureType signatureType) throws KeyException, org.bouncycastle.openpgp.PGPException
Add inline signatures with all secret key rings in the provided secret key ring collection.- Parameters:
secrectKeyDecryptor
- decryptor to unlock the signing secret keyssigningKeys
- collection of signing keyssignatureType
- type of signature (binary, canonical text)- Returns:
- this
- Throws:
KeyException
- if something is wrong with any of the keysorg.bouncycastle.openpgp.PGPException
- if any of the keys cannot be unlocked or a signing method cannot be created
-
addInlineSignature
public SigningOptions addInlineSignature(SecretKeyRingProtector secretKeyDecryptor, org.bouncycastle.openpgp.PGPSecretKeyRing secretKey, DocumentSignatureType signatureType) throws KeyException, org.bouncycastle.openpgp.PGPException
Add an inline-signature. Inline signatures are being embedded into the message itself and can be processed in one pass, thanks to the use of one-pass-signature packets.- Parameters:
secretKeyDecryptor
- decryptor to unlock the signing secret keysecretKey
- signing keysignatureType
- type of signature (binary, canonical text)- Returns:
- this
- Throws:
KeyException
- if something is wrong with the keyorg.bouncycastle.openpgp.PGPException
- if the key cannot be unlocked or the signing method cannot be created
-
addInlineSignature
public SigningOptions addInlineSignature(SecretKeyRingProtector secretKeyDecryptor, org.bouncycastle.openpgp.PGPSecretKeyRing secretKey, java.lang.String userId, DocumentSignatureType signatureType) throws KeyException, org.bouncycastle.openpgp.PGPException
Add an inline-signature. Inline signatures are being embedded into the message itself and can be processed in one pass, thanks to the use of one-pass-signature packets. This method uses the passed in user-id to select user-specific hash algorithms.- Parameters:
secretKeyDecryptor
- decryptor to unlock the signing secret keysecretKey
- signing keyuserId
- user-id of the signersignatureType
- signature type (binary, canonical text)- Returns:
- this
- Throws:
KeyException
- if something is wrong with the keyorg.bouncycastle.openpgp.PGPException
- if the key cannot be unlocked or the signing method cannot be created
-
addInlineSignature
public SigningOptions addInlineSignature(SecretKeyRingProtector secretKeyDecryptor, org.bouncycastle.openpgp.PGPSecretKeyRing secretKey, java.lang.String userId, DocumentSignatureType signatureType, @Nullable BaseSignatureSubpackets.Callback subpacketsCallback) throws KeyException, org.bouncycastle.openpgp.PGPException
Add an inline-signature. Inline signatures are being embedded into the message itself and can be processed in one pass, thanks to the use of one-pass-signature packets. This method uses the passed in user-id to select user-specific hash algorithms.- Parameters:
secretKeyDecryptor
- decryptor to unlock the signing secret keysecretKey
- signing keyuserId
- user-id of the signersignatureType
- signature type (binary, canonical text)subpacketsCallback
- callback to modify the hashed and unhashed subpackets of the signature- Returns:
- this
- Throws:
KeyException
- if the key is invalidorg.bouncycastle.openpgp.PGPException
- if the key cannot be unlocked or the signing method cannot be created
-
addDetachedSignatures
public SigningOptions addDetachedSignatures(SecretKeyRingProtector secretKeyDecryptor, java.lang.Iterable<org.bouncycastle.openpgp.PGPSecretKeyRing> signingKeys, DocumentSignatureType signatureType) throws org.bouncycastle.openpgp.PGPException
Add detached signatures with all key rings from the provided secret key ring collection.- Parameters:
secretKeyDecryptor
- decryptor to unlock the secret signing keyssigningKeys
- collection of signing key ringssignatureType
- type of the signature (binary, canonical text)- Returns:
- this
- Throws:
KeyException
- if something is wrong with any of the keysorg.bouncycastle.openpgp.PGPException
- if any of the keys cannot be validated or unlocked, or if any signing method cannot be created
-
addDetachedSignature
public SigningOptions addDetachedSignature(SecretKeyRingProtector secretKeyDecryptor, org.bouncycastle.openpgp.PGPSecretKeyRing signingKey) throws org.bouncycastle.openpgp.PGPException
Create a detached signature. The signature will be of typeDocumentSignatureType.BINARY_DOCUMENT
.- Parameters:
secretKeyDecryptor
- decryptor to unlock the secret signing keysigningKey
- signing key- Returns:
- this
- Throws:
KeyException
- if something is wrong with the keyorg.bouncycastle.openpgp.PGPException
- if the key cannot be validated or unlocked, or if no signature method can be created
-
addDetachedSignature
public SigningOptions addDetachedSignature(SecretKeyRingProtector secretKeyDecryptor, org.bouncycastle.openpgp.PGPSecretKeyRing secretKey, DocumentSignatureType signatureType) throws org.bouncycastle.openpgp.PGPException
Create a detached signature. Detached signatures are not being added into the PGP message itself. Instead, they can be distributed separately to the message. Detached signatures are useful if the data that is being signed shall not be modified (e.g. when signing a file).- Parameters:
secretKeyDecryptor
- decryptor to unlock the secret signing keysecretKey
- signing keysignatureType
- type of data that is signed (binary, canonical text)- Returns:
- this
- Throws:
KeyException
- if something is wrong with the keyorg.bouncycastle.openpgp.PGPException
- if the key cannot be validated or unlocked, or if no signature method can be created
-
addDetachedSignature
public SigningOptions addDetachedSignature(SecretKeyRingProtector secretKeyDecryptor, org.bouncycastle.openpgp.PGPSecretKeyRing secretKey, java.lang.String userId, DocumentSignatureType signatureType) throws org.bouncycastle.openpgp.PGPException
Create a detached signature. Detached signatures are not being added into the PGP message itself. Instead, they can be distributed separately to the message. Detached signatures are useful if the data that is being signed shall not be modified (e.g. when signing a file). This method uses the passed in user-id to select user-specific hash algorithms.- Parameters:
secretKeyDecryptor
- decryptor to unlock the secret signing keysecretKey
- signing keyuserId
- user-idsignatureType
- type of data that is signed (binary, canonical text)- Returns:
- this
- Throws:
KeyException
- if something is wrong with the keyorg.bouncycastle.openpgp.PGPException
- if the key cannot be validated or unlocked, or if no signature method can be created
-
addDetachedSignature
public SigningOptions addDetachedSignature(SecretKeyRingProtector secretKeyDecryptor, org.bouncycastle.openpgp.PGPSecretKeyRing secretKey, java.lang.String userId, DocumentSignatureType signatureType, @Nullable BaseSignatureSubpackets.Callback subpacketCallback) throws org.bouncycastle.openpgp.PGPException
Create a detached signature. Detached signatures are not being added into the PGP message itself. Instead, they can be distributed separately to the message. Detached signatures are useful if the data that is being signed shall not be modified (e.g. when signing a file). This method uses the passed in user-id to select user-specific hash algorithms.- Parameters:
secretKeyDecryptor
- decryptor to unlock the secret signing keysecretKey
- signing keyuserId
- user-idsignatureType
- type of data that is signed (binary, canonical text)subpacketCallback
- callback to modify hashed and unhashed subpackets of the signature- Returns:
- this
- Throws:
KeyException
- if something is wrong with the keyorg.bouncycastle.openpgp.PGPException
- if the key cannot be validated or unlocked, or if no signature method can be created
-
overrideHashAlgorithm
public SigningOptions overrideHashAlgorithm(HashAlgorithm hashAlgorithmOverride)
Override hash algorithm negotiation by dictating which hash algorithm needs to be used. If no override has been set, an accetable algorithm will be negotiated instead. Note: To override the hash algorithm for signing, call this method *before* callingaddInlineSignature(SecretKeyRingProtector, PGPSecretKeyRing, DocumentSignatureType)
oraddDetachedSignature(SecretKeyRingProtector, PGPSecretKeyRing, DocumentSignatureType)
.- Parameters:
hashAlgorithmOverride
- override hash algorithm- Returns:
- this
-
getHashAlgorithmOverride
public HashAlgorithm getHashAlgorithmOverride()
Return the hash algorithm override (or null if no override is set).- Returns:
- hash algorithm override
-
-