org.bouncycastle.openpgp.PGPSignatureSubpacketVector Java Examples

The following examples show how to use org.bouncycastle.openpgp.PGPSignatureSubpacketVector. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: Subkey.java    From jpgpj with MIT License 6 votes vote down vote up 
/**
 * Usage flags as Bouncy castle {@link PGPKeyFlags} bits.
 */
public int getUsageFlags() throws PGPException {
    if (publicKey == null) return 0;

    int flags = 0;
    // actually only need POSITIVE_CERTIFICATION (for master key)
    // and SUBKEY_BINDING (for subkeys)
    @SuppressWarnings("unchecked")
    Iterator<PGPSignature> signatures = publicKey.getSignatures();
    while (signatures.hasNext()) {
        PGPSignature signature = signatures.next();
        PGPSignatureSubpacketVector hashedSubPackets =
            signature.getHashedSubPackets();

        if (hashedSubPackets != null)
            flags |= hashedSubPackets.getKeyFlags();
    }
    return flags;
}
Example #2
Source File: Decryptor.java    From jpgpj with MIT License 5 votes vote down vote up 
/**
 * Copy of matched key with signingUid configured
 * and only public subkeys, or null.
 */
public Key getSignedBy() throws PGPException {
    if (key == null || sig == null) return null;

    // extract optional uid if available
    String uid = null;
    PGPSignatureSubpacketVector subpackets = sig.getHashedSubPackets();
    if (subpackets != null)
        uid = subpackets.getSignerUserID();

    Key by = key.toPublicKey();
    by.setSigningUid(uid != null ? uid : "");
    return by;
}
Example #3
Source File: PGPUtils.java    From desktopclient-java with GNU General Public License v3.0 5 votes vote down vote up 
private static int getKeyFlags(PGPPublicKey key) {
    @SuppressWarnings("unchecked")
    Iterator<PGPSignature> sigs = key.getSignatures();
    while (sigs.hasNext()) {
        PGPSignature sig = sigs.next();
        PGPSignatureSubpacketVector subpackets = sig.getHashedSubPackets();
        if (subpackets != null)
            return subpackets.getKeyFlags();
    }
    return 0;
}
Example #4
Source File: PGPSignatureUtils.java    From pgpverify-maven-plugin with Apache License 2.0 4 votes vote down vote up 
/**
 * Retrieve Key Id from signature ISSUER_FINGERPRINT subpackage or standard keyId.
 *
 * @param signature the PGP signature instance
 *
 * @return Returns the keyId from signature
 *
 * @throws PGPSignatureException In case of problem with signature data
 */
public static PGPKeyId retrieveKeyId(PGPSignature signature) throws PGPSignatureException {

    Optional<PGPSignatureSubpacketVector> hashedSubPackets = Optional
            .ofNullable(signature.getHashedSubPackets());

    Optional<PGPSignatureSubpacketVector> unHashedSubPackets = Optional
            .ofNullable(signature.getUnhashedSubPackets());

    // more of time issuerFingerprint is in hashedSubPackets
    Optional<IssuerFingerprint> issuerFingerprint = hashedSubPackets
            .map(PGPSignatureSubpacketVector::getIssuerFingerprint);

    if (!issuerFingerprint.isPresent()) {
        issuerFingerprint = unHashedSubPackets.map(PGPSignatureSubpacketVector::getIssuerFingerprint);
    }

    // more of time issuerKeyId is in unHashedSubPackets
    // getIssuerKeyID return 0 (zero) if subpackage not exist
    Optional<Long> issuerKeyId = unHashedSubPackets
            .map(PGPSignatureSubpacketVector::getIssuerKeyID)
            .filter(id -> id != 0L);


    if (!issuerKeyId.isPresent()) {
        issuerKeyId = hashedSubPackets
                .map(PGPSignatureSubpacketVector::getIssuerKeyID)
                .filter(id -> id != 0L);
    }

    // test issuerKeyId package and keyId form signature
    if (issuerKeyId.isPresent() && signature.getKeyID() != issuerKeyId.get()) {
        throw new PGPSignatureException(
                String.format("Signature KeyID 0x%016X is not equals to IssuerKeyID 0x%016X",
                        signature.getKeyID(), issuerKeyId.get()));
    }

    // from RFC
    // If the version of the issuing key is 4 and an Issuer subpacket is also included in the signature,
    // the key ID of the Issuer subpacket MUST match the low 64 bits of the fingerprint.
    if (issuerKeyId.isPresent() && issuerFingerprint.isPresent() && issuerFingerprint.get().getKeyVersion() == 4) {
        byte[] bKey = new byte[8];
        byte[] fingerprint = issuerFingerprint.get().getFingerprint();
        System.arraycopy(fingerprint, fingerprint.length - 8, bKey, 0, 8);
        BigInteger bigInteger = new BigInteger(bKey);
        if (bigInteger.longValue() != issuerKeyId.get()) {
            throw new PGPSignatureException(
                    String.format("Signature IssuerFingerprint 0x%s not contains IssuerKeyID 0x%016X",
                            HexUtils.fingerprintToString(fingerprint), issuerKeyId.get()));
        }
    }

    PGPKeyId pgpKeyId;
    if (issuerFingerprint.isPresent()) {
        pgpKeyId = PGPKeyId.from(issuerFingerprint.get().getFingerprint());
    } else if (issuerKeyId.isPresent()) {
        pgpKeyId = PGPKeyId.from(issuerKeyId.get());
    } else {
        pgpKeyId = PGPKeyId.from(signature.getKeyID());
    }

    return pgpKeyId;
}