Class CachingSecretKeyRingProtector

    • Constructor Detail

      • CachingSecretKeyRingProtector

        public CachingSecretKeyRingProtector()
      • CachingSecretKeyRingProtector

        public CachingSecretKeyRingProtector​(@Nullable
                                             SecretKeyPassphraseProvider missingPassphraseCallback)
    • Method Detail

      • addPassphrase

        public void addPassphrase​(@Nonnull
                                  java.lang.Long keyId,
                                  Passphrase passphrase)
        Add a passphrase to the cache. If the cache already contains a passphrase for the given key-id, a IllegalArgumentException is thrown. The reason for this is to prevent accidental override of passphrases when dealing with multiple key rings containing a key with the same key-id but different passphrases. If you can ensure that there will be no key-id clash, and you want to replace the passphrase, you can use replacePassphrase(Long, Passphrase) to replace the passphrase.
        keyId - id of the key
        passphrase - passphrase
      • replacePassphrase

        public void replacePassphrase​(@Nonnull
                                      java.lang.Long keyId,
                                      Passphrase passphrase)
        Replace the passphrase for the given key-id in the cache.
        keyId - keyId
        passphrase - passphrase
      • addPassphrase

        public void addPassphrase​(@Nonnull
                                  org.bouncycastle.openpgp.PGPKeyRing keyRing,
                                  Passphrase passphrase)
        Remember the given passphrase for all keys in the given key ring. If for the key-id of any key on the key ring the cache already contains a passphrase, a IllegalArgumentException is thrown before any changes are committed to the cache. This is to prevent accidental passphrase override when dealing with multiple key rings containing keys with conflicting key-ids. If you can ensure that there will be no key-id clashes, and you want to replace the passphrases for the key ring, use replacePassphrase(PGPKeyRing, Passphrase) instead. If you need to unlock multiple PGPKeyRings, it is advised to use a separate CachingSecretKeyRingProtector instance for each ring.
        keyRing - key ring
        passphrase - passphrase
      • replacePassphrase

        public void replacePassphrase​(@Nonnull
                                      org.bouncycastle.openpgp.PGPKeyRing keyRing,
                                      Passphrase passphrase)
        Replace the cached passphrases for all keys in the key ring with the provided passphrase.
        keyRing - key ring
        passphrase - passphrase
      • addPassphrase

        public void addPassphrase​(@Nonnull
                                  org.bouncycastle.openpgp.PGPPublicKey key,
                                  Passphrase passphrase)
        Remember the given passphrase for the given (sub-)key.
        key - key
        passphrase - passphrase
      • forgetPassphrase

        public void forgetPassphrase​(@Nonnull
                                     java.lang.Long keyId)
        Remove a passphrase from the cache. The passphrase will be cleared and then removed.
        keyId - id of the key
      • forgetPassphrase

        public void forgetPassphrase​(@Nonnull
                                     org.bouncycastle.openpgp.PGPKeyRing keyRing)
        Forget the passphrase to all keys in the provided key ring.
        keyRing - key ring
      • forgetPassphrase

        public void forgetPassphrase​(@Nonnull
                                     org.bouncycastle.openpgp.PGPPublicKey key)
        Forget the passphrase of the given public key.
        key - key
      • getPassphraseFor

        public Passphrase getPassphraseFor​(java.lang.Long keyId)
        Description copied from interface: SecretKeyPassphraseProvider
        Return a passphrase for the given key. If no record has been found, return null. Note: In case of an unprotected secret key, this method must may not return null, but a Passphrase with a content of null.
        Specified by:
        getPassphraseFor in interface SecretKeyPassphraseProvider
        keyId - if of the secret key
        passphrase or null, if no passphrase record has been found.
      • hasPassphraseFor

        public boolean hasPassphraseFor​(java.lang.Long keyId)
        Description copied from interface: SecretKeyRingProtector
        Returns true, if the protector has a passphrase for the key with the given key-id.
        Specified by:
        hasPassphraseFor in interface SecretKeyRingProtector
        keyId - key id
        true if it has a passphrase, false otherwise
      • getDecryptor

        public org.bouncycastle.openpgp.operator.PBESecretKeyDecryptor getDecryptor​(@Nonnull
                                                                                    java.lang.Long keyId)
                                                                             throws org.bouncycastle.openpgp.PGPException
        Description copied from interface: SecretKeyRingProtector
        Return a decryptor for the key of id keyId. This method returns null if the key is unprotected.
        Specified by:
        getDecryptor in interface SecretKeyRingProtector
        keyId - id of the key
        decryptor for the key
        org.bouncycastle.openpgp.PGPException - if the decryptor cannot be created for some reason
      • getEncryptor

        public org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor getEncryptor​(@Nonnull
                                                                                    java.lang.Long keyId)
                                                                             throws org.bouncycastle.openpgp.PGPException
        Description copied from interface: SecretKeyRingProtector
        Return an encryptor for the key of id keyId. This method returns null if the key is unprotected.
        Specified by:
        getEncryptor in interface SecretKeyRingProtector
        keyId - id of the key
        encryptor for the key
        org.bouncycastle.openpgp.PGPException - if the encryptor cannot be created for some reason