Package org.pgpainless.encryption_signing

Class SigningOptions

  • public final class SigningOptions
extends java.lang.Object

    • Constructor Detail

      • SigningOptions

        public SigningOptions()

    • Method Detail

      • addSignature

        public SigningOptions addSignature​(SecretKeyRingProtector signingKeyProtector,
                                   org.bouncycastle.openpgp.PGPSecretKeyRing signingKey)
                            throws org.bouncycastle.openpgp.PGPException
        Sign the message using an inline signature made by the provided signing key.
        Parameters:
        signingKeyProtector - protector to unlock the signing key
        signingKey - key ring containing the signing key
        Returns:
        this
        Throws:
        KeyException - if something is wrong with the key
        org.bouncycastle.openpgp.PGPException - if the key cannot be unlocked or a signing method cannot be created

      • addInlineSignatures

        public SigningOptions addInlineSignatures​(SecretKeyRingProtector secrectKeyDecryptor,
                                          java.lang.Iterable<org.bouncycastle.openpgp.PGPSecretKeyRing> signingKeys,
                                          DocumentSignatureType signatureType)
                                   throws KeyException,
                                          org.bouncycastle.openpgp.PGPException
        Add inline signatures with all secret key rings in the provided secret key ring collection.
        Parameters:
        secrectKeyDecryptor - decryptor to unlock the signing secret keys
        signingKeys - collection of signing keys
        signatureType - type of signature (binary, canonical text)
        Returns:
        this
        Throws:
        KeyException - if something is wrong with any of the keys
        org.bouncycastle.openpgp.PGPException - if any of the keys cannot be unlocked or a signing method cannot be created

      • addInlineSignature

        public SigningOptions addInlineSignature​(SecretKeyRingProtector secretKeyDecryptor,
                                         org.bouncycastle.openpgp.PGPSecretKeyRing secretKey,
                                         DocumentSignatureType signatureType)
                                  throws KeyException,
                                         org.bouncycastle.openpgp.PGPException
        Add an inline-signature. Inline signatures are being embedded into the message itself and can be processed in one pass, thanks to the use of one-pass-signature packets.
        Parameters:
        secretKeyDecryptor - decryptor to unlock the signing secret key
        secretKey - signing key
        signatureType - type of signature (binary, canonical text)
        Returns:
        this
        Throws:
        KeyException - if something is wrong with the key
        org.bouncycastle.openpgp.PGPException - if the key cannot be unlocked or the signing method cannot be created

      • addInlineSignature

        public SigningOptions addInlineSignature​(SecretKeyRingProtector secretKeyDecryptor,
                                         org.bouncycastle.openpgp.PGPSecretKeyRing secretKey,
                                         java.lang.String userId,
                                         DocumentSignatureType signatureType)
                                  throws KeyException,
                                         org.bouncycastle.openpgp.PGPException
        Add an inline-signature. Inline signatures are being embedded into the message itself and can be processed in one pass, thanks to the use of one-pass-signature packets. This method uses the passed in user-id to select user-specific hash algorithms.
        Parameters:
        secretKeyDecryptor - decryptor to unlock the signing secret key
        secretKey - signing key
        userId - user-id of the signer
        signatureType - signature type (binary, canonical text)
        Returns:
        this
        Throws:
        KeyException - if something is wrong with the key
        org.bouncycastle.openpgp.PGPException - if the key cannot be unlocked or the signing method cannot be created

      • addInlineSignature

        public SigningOptions addInlineSignature​(SecretKeyRingProtector secretKeyDecryptor,
                                         org.bouncycastle.openpgp.PGPSecretKeyRing secretKey,
                                         java.lang.String userId,
                                         DocumentSignatureType signatureType,
                                         @Nullable
                                         BaseSignatureSubpackets.Callback subpacketsCallback)
                                  throws KeyException,
                                         org.bouncycastle.openpgp.PGPException
        Add an inline-signature. Inline signatures are being embedded into the message itself and can be processed in one pass, thanks to the use of one-pass-signature packets. This method uses the passed in user-id to select user-specific hash algorithms.
        Parameters:
        secretKeyDecryptor - decryptor to unlock the signing secret key
        secretKey - signing key
        userId - user-id of the signer
        signatureType - signature type (binary, canonical text)
        subpacketsCallback - callback to modify the hashed and unhashed subpackets of the signature
        Returns:
        this
        Throws:
        KeyException - if the key is invalid
        org.bouncycastle.openpgp.PGPException - if the key cannot be unlocked or the signing method cannot be created

      • addDetachedSignatures

        public SigningOptions addDetachedSignatures​(SecretKeyRingProtector secretKeyDecryptor,
                                            java.lang.Iterable<org.bouncycastle.openpgp.PGPSecretKeyRing> signingKeys,
                                            DocumentSignatureType signatureType)
                                     throws org.bouncycastle.openpgp.PGPException
        Add detached signatures with all key rings from the provided secret key ring collection.
        Parameters:
        secretKeyDecryptor - decryptor to unlock the secret signing keys
        signingKeys - collection of signing key rings
        signatureType - type of the signature (binary, canonical text)
        Returns:
        this
        Throws:
        KeyException - if something is wrong with any of the keys
        org.bouncycastle.openpgp.PGPException - if any of the keys cannot be validated or unlocked, or if any signing method cannot be created

      • addDetachedSignature

        public SigningOptions addDetachedSignature​(SecretKeyRingProtector secretKeyDecryptor,
                                           org.bouncycastle.openpgp.PGPSecretKeyRing signingKey)
                                    throws org.bouncycastle.openpgp.PGPException
        Create a detached signature. The signature will be of type DocumentSignatureType.BINARY_DOCUMENT.
        Parameters:
        secretKeyDecryptor - decryptor to unlock the secret signing key
        signingKey - signing key
        Returns:
        this
        Throws:
        KeyException - if something is wrong with the key
        org.bouncycastle.openpgp.PGPException - if the key cannot be validated or unlocked, or if no signature method can be created

      • addDetachedSignature

        public SigningOptions addDetachedSignature​(SecretKeyRingProtector secretKeyDecryptor,
                                           org.bouncycastle.openpgp.PGPSecretKeyRing secretKey,
                                           DocumentSignatureType signatureType)
                                    throws org.bouncycastle.openpgp.PGPException
        Create a detached signature. Detached signatures are not being added into the PGP message itself. Instead, they can be distributed separately to the message. Detached signatures are useful if the data that is being signed shall not be modified (e.g. when signing a file).
        Parameters:
        secretKeyDecryptor - decryptor to unlock the secret signing key
        secretKey - signing key
        signatureType - type of data that is signed (binary, canonical text)
        Returns:
        this
        Throws:
        KeyException - if something is wrong with the key
        org.bouncycastle.openpgp.PGPException - if the key cannot be validated or unlocked, or if no signature method can be created

      • addDetachedSignature

        public SigningOptions addDetachedSignature​(SecretKeyRingProtector secretKeyDecryptor,
                                           org.bouncycastle.openpgp.PGPSecretKeyRing secretKey,
                                           java.lang.String userId,
                                           DocumentSignatureType signatureType)
                                    throws org.bouncycastle.openpgp.PGPException
        Create a detached signature. Detached signatures are not being added into the PGP message itself. Instead, they can be distributed separately to the message. Detached signatures are useful if the data that is being signed shall not be modified (e.g. when signing a file). This method uses the passed in user-id to select user-specific hash algorithms.
        Parameters:
        secretKeyDecryptor - decryptor to unlock the secret signing key
        secretKey - signing key
        userId - user-id
        signatureType - type of data that is signed (binary, canonical text)
        Returns:
        this
        Throws:
        KeyException - if something is wrong with the key
        org.bouncycastle.openpgp.PGPException - if the key cannot be validated or unlocked, or if no signature method can be created

      • addDetachedSignature

        public SigningOptions addDetachedSignature​(SecretKeyRingProtector secretKeyDecryptor,
                                           org.bouncycastle.openpgp.PGPSecretKeyRing secretKey,
                                           java.lang.String userId,
                                           DocumentSignatureType signatureType,
                                           @Nullable
                                           BaseSignatureSubpackets.Callback subpacketCallback)
                                    throws org.bouncycastle.openpgp.PGPException
        Create a detached signature. Detached signatures are not being added into the PGP message itself. Instead, they can be distributed separately to the message. Detached signatures are useful if the data that is being signed shall not be modified (e.g. when signing a file). This method uses the passed in user-id to select user-specific hash algorithms.
        Parameters:
        secretKeyDecryptor - decryptor to unlock the secret signing key
        secretKey - signing key
        userId - user-id
        signatureType - type of data that is signed (binary, canonical text)
        subpacketCallback - callback to modify hashed and unhashed subpackets of the signature
        Returns:
        this
        Throws:
        KeyException - if something is wrong with the key
        org.bouncycastle.openpgp.PGPException - if the key cannot be validated or unlocked, or if no signature method can be created

      • getHashAlgorithmOverride

        public HashAlgorithm getHashAlgorithmOverride()
        Return the hash algorithm override (or null if no override is set).
        Returns:
        hash algorithm override