Package org.pgpainless.authentication
Interface CertificateAuthority
-
public interface CertificateAuthority
Interface for a CA that can authenticate trust-worthy certificates. Such a CA might be a fixed list of trustworthy certificates, or a dynamic implementation like the Web-of-Trust.- See Also:
- PGPainless-WOT, OpenPGP Web of Trust
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description CertificateAuthenticity
authenticateBinding(OpenPgpFingerprint fingerprint, java.lang.String userId, boolean email, java.util.Date referenceTime, int targetAmount)
Determine the authenticity of the binding between the given fingerprint and the userId.java.util.List<CertificateAuthenticity>
identifyByFingerprint(OpenPgpFingerprint fingerprint, java.util.Date referenceTime, int targetAmount)
Identify trustworthy bindings for a certificate.java.util.List<CertificateAuthenticity>
lookupByUserId(java.lang.String userId, boolean email, java.util.Date referenceTime, int targetAmount)
Lookup certificates, which carry a trustworthy binding to the given userId.
-
-
-
Method Detail
-
authenticateBinding
CertificateAuthenticity authenticateBinding(@Nonnull OpenPgpFingerprint fingerprint, @Nonnull java.lang.String userId, boolean email, @Nonnull java.util.Date referenceTime, int targetAmount)
Determine the authenticity of the binding between the given fingerprint and the userId. In other words, determine, how much evidence can be gathered, that the certificate with the given fingerprint really belongs to the user with the given userId.- Parameters:
fingerprint
- fingerprint of the certificateuserId
- userIdemail
- if true, the userId will be treated as an email address and all user-IDs containing the email address will be matched.referenceTime
- reference time at which the binding shall be evaluatedtargetAmount
- target trust amount (120 = fully authenticated, 240 = doubly authenticated, 60 = partially authenticated...)- Returns:
- information about the authenticity of the binding
-
lookupByUserId
java.util.List<CertificateAuthenticity> lookupByUserId(@Nonnull java.lang.String userId, boolean email, @Nonnull java.util.Date referenceTime, int targetAmount)
Lookup certificates, which carry a trustworthy binding to the given userId.- Parameters:
userId
- userIdemail
- if true, the user-ID will be treated as an email address and all user-IDs containing the email address will be matched.referenceTime
- reference time at which the binding shall be evaluatedtargetAmount
- target trust amount (120 = fully authenticated, 240 = doubly authenticated, 60 = partially authenticated...)- Returns:
- list of identified bindings
-
identifyByFingerprint
java.util.List<CertificateAuthenticity> identifyByFingerprint(@Nonnull OpenPgpFingerprint fingerprint, @Nonnull java.util.Date referenceTime, int targetAmount)
Identify trustworthy bindings for a certificate. The result is a list of authenticatable userIds on the certificate.- Parameters:
fingerprint
- fingerprint of the certificatereferenceTime
- reference time for trust calculationstargetAmount
- target trust amount (120 = fully authenticated, 240 = doubly authenticated, 60 = partially authenticated...)- Returns:
- list of identified bindings
-
-