pgpainless/README.md

PGPainless - Use OpenPGP Painlessly!
====================================

[![Travis (.com)](https://travis-ci.com/pgpainless/pgpainless.svg?branch=master)](https://travis-ci.com/pgpainless/pgpainless)
[![Git Tag](https://badgen.now.sh/github/tag/pgpainless/pgpainless)](https://github.com/pgpainless/pgpainless/tags)
[![Coverage Status](https://coveralls.io/repos/github/pgpainless/pgpainless/badge.svg?branch=master)](https://coveralls.io/github/pgpainless/pgpainless?branch=master)
[![JavaDoc](https://badgen.net/badge/javadoc/yes/green)](https://pgpainless.org/releases/latest/javadoc/)
[![Interoperability Test-Suite](https://badgen.net/badge/interoperable/yes/green)](https://tests.sequoia-pgp.org/)

About
-----

PGPainless aims to make using OpenPGP in Java projects as simple as possible.
It does so by introducing an intuitive Builder structure, which allows easy 
setup of encryptionOptions / decrytion operations, as well as straight forward key generation.

PGPainless is based around the Bouncycastle java library and can be used on Android down to API level 10.

### NOTE: PGPainless is in an early state of development. There may be dragons!

## Include PGPainless in your Project

PGPainless is available on maven central. In order to include it in your project, just add the 
maven central repository and add PGPainless as a dependency.

```gradle
repositories {
	mavenCentral()
}

dependencies {
	implementation 'org.pgpainless:pgpainless-core:0.1.0'
}
```

## How to use PGPainless

The entry point to the API is the `PGPainless` class. Here you can find methods for a quick start :)

### Generate Keys

The first thing you probably want to do is generate you some nice tasty Key Pairs. The most straight forward way to do so is by calling

```java
        PGPKeyRing keyRing = PGPainless.generateKeyRing()
                .simpleRsaKeyRing("Juliet <juliet@montague.lit>", RsaLength._4096);
```

but feel free to explore the API further. PGPainless allows you to create Key Pairs consisting of a master key plus several sub keys, even with different algorithms at the same time!
Take for example a look at this delicious key:

```java
        PGPSecretKeyRing keyRing = PGPainless.generateKeyRing()
                .withSubKey(
                        KeySpec.getBuilder(ECDSA.fromCurve(EllipticCurve._P256))
                        .withKeyFlags(KeyFlag.SIGN_DATA)
                        .withDetailedConfiguration()
                        .withDefaultSymmetricAlgorithms()
                        .withDefaultHashAlgorithms()
                        .withPreferredCompressionAlgorithms(CompressionAlgorithm.ZLIB)
                        .withFeature(Feature.MODIFICATION_DETECTION)
                        .done())
                .withSubKey(
                        KeySpec.getBuilder(ECDH.fromCurve(EllipticCurve._P256))
                        .withKeyFlags(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE)
                        .withDefaultAlgorithms())
                .withMasterKey(
                        KeySpec.getBuilder(RSA.withLength(RsaLength._8192))
                                .withKeyFlags(KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER)
                                .withDefaultAlgorithms())
                .withPrimaryUserId("Juliet <juliet@montague.lit>")
                .withPassphrase("romeo_oh_Romeo<3")
                .build();
```

### Encrypt / Sign Data

Encrypting and signingOptions data is pretty straight forward as well.
```java
        EncryptionStream encryptor = PGPainless.encryptAndOrSign()
                .onOutputStream(targetOuputStream)
                .toRecipients(publicKeyRings)
                .usingSecureAlgorithms()
                .signWith(secretKeyDecryptor, signingKeyRing)
                .noArmor();
```

Note: Despite the name, the `EncryptionStream` can be used to sign only as well. Simply replace the `.toRecipients()` option with `doNotEncrypt()`.

The resulting `EncryptionStream` can then be used to encrypt data like follows:

```java
        Streams.pipeAll(sourceInputStream, encryptor);
        sourceInputStream.close();
        encryptor.close();
```

The encrypted data will be written to the provided `targetOutputStream`.

Additionally you can get information about the encrypted data by calling

```java
        OpenPgpMetadata result = encryptor.getResult();
```

This object will contain information like to which keys the message is encrypted, which keys were used for signingOptions and so on.

### Decrypt / Verify Encrypted Data

To process incoming encrypted / signed data, just do the following:

```java
        DecryptionStream decryptor = PGPainless.decryptAndOrVerify()
                .onInputStream(sourceInputStream) // insert encrypted data here
                .decryptWith(secretKeyDecryptor, secretKey)
                .verifyWith(trustedKeyIds, senderKeys)
                .ignoreMissingPublicKeys()
                .build();
```

Again, the resulting `DecryptionStream` can be used like a normal stream.

```java
        Streams.pipeAll(decryptor, targetOutputStream);
        decryptor.close();
```

*After* the `DecryptionStream` was closed, you can get metadata about the processed data by retrieving the `OpenPgpMetadata`.
Again, this object will contain information about how the message was encrypted, who signed it and so on.

```java
        OpenPgpMetadata result = decryptor.getResult();
```

For further details you should check out the [javadoc](https://pgpainless.org/releases/latest/javadoc/)!

## About
PGPainless is a by-product of my [Summer of Code 2018 project](https://blog.jabberhead.tk/summer-of-code-2018/).
For that project I was in need of a simple to use OpenPGP library.

Originally I was going to use [Bouncy-GPG](https://github.com/neuhalje/bouncy-gpg) for my project,
but ultimately I decided to create my own OpenPGP library which better fits my needs.

However, PGPainless is heavily influenced by Bouncy-GPG.

To reach out to the development team, feel free to send a mail: info@pgpainless.org

## Development
PGPainless is developed in - and accepts contributions from - the following places:

* [Github](https://github.com/pgpainless/pgpainless)
* [Codeberg](https://codeberg.org/PGPainless/pgpainless)

Please follow the [code of conduct](CODE_OF_CONDUCT.md) if you want to be part of the project.
Add badges 2018-07-24 16:06:45 +02:00			`PGPainless - Use OpenPGP Painlessly!`
			`====================================`

README: Point to travis-ci.com instead of .org 2020-11-29 15:40:17 +01:00			`[![Travis (.com)](https://travis-ci.com/pgpainless/pgpainless.svg?branch=master)](https://travis-ci.com/pgpainless/pgpainless)`
Add badges 2018-07-24 16:06:45 +02:00			`[![Git Tag](https://badgen.now.sh/github/tag/pgpainless/pgpainless)](https://github.com/pgpainless/pgpainless/tags)`
Add coveralls badge 2018-07-24 16:18:05 +02:00			`[![Coverage Status](https://coveralls.io/repos/github/pgpainless/pgpainless/badge.svg?branch=master)](https://coveralls.io/github/pgpainless/pgpainless?branch=master)`
Update README 2020-08-30 23:06:40 +02:00			`[![JavaDoc](https://badgen.net/badge/javadoc/yes/green)](https://pgpainless.org/releases/latest/javadoc/)`
Add first interop-test-suite badge 2021-05-27 13:35:35 +02:00			`[![Interoperability Test-Suite](https://badgen.net/badge/interoperable/yes/green)](https://tests.sequoia-pgp.org/)`
Add badges 2018-07-24 16:06:45 +02:00
			`About`
			`-----`
Add index.md 2018-06-27 16:06:50 +02:00
			`PGPainless aims to make using OpenPGP in Java projects as simple as possible.`
			`It does so by introducing an intuitive Builder structure, which allows easy`
Reworking encryption/decryption API. 2021-05-06 00:04:03 +02:00			`setup of encryptionOptions / decrytion operations, as well as straight forward key generation.`
Add index.md 2018-06-27 16:06:50 +02:00
Fix readme by bumping Android API level 2021-02-03 16:42:06 +01:00			`PGPainless is based around the Bouncycastle java library and can be used on Android down to API level 10.`
Add index.md 2018-06-27 16:06:50 +02:00
Update README 2020-08-30 23:06:40 +02:00			`### NOTE: PGPainless is in an early state of development. There may be dragons!`
Add index.md 2018-06-27 16:06:50 +02:00
Add inclusion section to readme 2018-07-19 19:01:16 +02:00			`## Include PGPainless in your Project`

			`PGPainless is available on maven central. In order to include it in your project, just add the`
			`maven central repository and add PGPainless as a dependency.`

add codeblock syntax 2018-07-30 17:58:23 +02:00			```gradle
Add inclusion section to readme 2018-07-19 19:01:16 +02:00			`repositories {`
			`mavenCentral()`
			`}`

			`dependencies {`
README: s/compile/implementation 2020-08-30 23:24:21 +02:00			`implementation 'org.pgpainless:pgpainless-core:0.1.0'`
Add inclusion section to readme 2018-07-19 19:01:16 +02:00			`}`
			```

Add index.md 2018-06-27 16:06:50 +02:00			`## How to use PGPainless`

			The entry point to the API is the `PGPainless` class. Here you can find methods for a quick start :)

			`### Generate Keys`

			`The first thing you probably want to do is generate you some nice tasty Key Pairs. The most straight forward way to do so is by calling`

add codeblock syntax 2018-07-30 17:58:23 +02:00			```java
fixed readme? 2021-01-12 15:31:43 +01:00			`PGPKeyRing keyRing = PGPainless.generateKeyRing()`
un-escape <> 2018-06-28 15:49:32 +02:00			`.simpleRsaKeyRing("Juliet <juliet@montague.lit>", RsaLength._4096);`
Add index.md 2018-06-27 16:06:50 +02:00			```

			`but feel free to explore the API further. PGPainless allows you to create Key Pairs consisting of a master key plus several sub keys, even with different algorithms at the same time!`
			`Take for example a look at this delicious key:`

add codeblock syntax 2018-07-30 17:58:23 +02:00			```java
Add index.md 2018-06-27 16:06:50 +02:00			`PGPSecretKeyRing keyRing = PGPainless.generateKeyRing()`
			`.withSubKey(`
			`KeySpec.getBuilder(ECDSA.fromCurve(EllipticCurve._P256))`
			`.withKeyFlags(KeyFlag.SIGN_DATA)`
			`.withDetailedConfiguration()`
			`.withDefaultSymmetricAlgorithms()`
			`.withDefaultHashAlgorithms()`
			`.withPreferredCompressionAlgorithms(CompressionAlgorithm.ZLIB)`
			`.withFeature(Feature.MODIFICATION_DETECTION)`
			`.done())`
			`.withSubKey(`
			`KeySpec.getBuilder(ECDH.fromCurve(EllipticCurve._P256))`
			`.withKeyFlags(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE)`
			`.withDefaultAlgorithms())`
			`.withMasterKey(`
Remove RSA_SIGN and RSA_ENCRYPT as they are deprecated This change removes two mechanisms that are deprecated in RFC 4880. The spec explicitly mentions that "RSA Encrypt-Only (2) and RSA Sign-Only are deprecated and SHOULD NOT be generated" [0]. The remaining RSA_GENERAL key type was renamed to just RSA for ease of use for developers. [0]: https://tools.ietf.org/html/rfc4880#section-9.1 2020-10-30 11:43:21 +01:00			`KeySpec.getBuilder(RSA.withLength(RsaLength._8192))`
Add index.md 2018-06-27 16:06:50 +02:00			`.withKeyFlags(KeyFlag.SIGN_DATA, KeyFlag.CERTIFY_OTHER)`
			`.withDefaultAlgorithms())`
			`.withPrimaryUserId("Juliet <juliet@montague.lit>")`
			`.withPassphrase("romeo_oh_Romeo<3")`
			`.build();`
			```

			`### Encrypt / Sign Data`

Reworking encryption/decryption API. 2021-05-06 00:04:03 +02:00			`Encrypting and signingOptions data is pretty straight forward as well.`
add codeblock syntax 2018-07-30 17:58:23 +02:00			```java
replace create{Encryptor,Decryptor} methods with encryptAndOrSign,decryptAndOrVerify 2020-11-29 15:33:54 +01:00			`EncryptionStream encryptor = PGPainless.encryptAndOrSign()`
Add index.md 2018-06-27 16:06:50 +02:00			`.onOutputStream(targetOuputStream)`
			`.toRecipients(publicKeyRings)`
			`.usingSecureAlgorithms()`
			`.signWith(secretKeyDecryptor, signingKeyRing)`
			`.noArmor();`
			```

Update README 2020-08-30 23:06:40 +02:00			Note: Despite the name, the `EncryptionStream` can be used to sign only as well. Simply replace the `.toRecipients()` option with `doNotEncrypt()`.

Add index.md 2018-06-27 16:06:50 +02:00			The resulting `EncryptionStream` can then be used to encrypt data like follows:

add codeblock syntax 2018-07-30 17:58:23 +02:00			```java
Add index.md 2018-06-27 16:06:50 +02:00			`Streams.pipeAll(sourceInputStream, encryptor);`
			`sourceInputStream.close();`
			`encryptor.close();`
			```

			The encrypted data will be written to the provided `targetOutputStream`.

			`Additionally you can get information about the encrypted data by calling`

add codeblock syntax 2018-07-30 17:58:23 +02:00			```java
Update README 2020-08-30 23:06:40 +02:00			`OpenPgpMetadata result = encryptor.getResult();`
Add index.md 2018-06-27 16:06:50 +02:00			```

Reworking encryption/decryption API. 2021-05-06 00:04:03 +02:00			`This object will contain information like to which keys the message is encrypted, which keys were used for signingOptions and so on.`
Add index.md 2018-06-27 16:06:50 +02:00
			`### Decrypt / Verify Encrypted Data`

			`To process incoming encrypted / signed data, just do the following:`

add codeblock syntax 2018-07-30 17:58:23 +02:00			```java
replace create{Encryptor,Decryptor} methods with encryptAndOrSign,decryptAndOrVerify 2020-11-29 15:33:54 +01:00			`DecryptionStream decryptor = PGPainless.decryptAndOrVerify()`
Add index.md 2018-06-27 16:06:50 +02:00			`.onInputStream(sourceInputStream) // insert encrypted data here`
			`.decryptWith(secretKeyDecryptor, secretKey)`
			`.verifyWith(trustedKeyIds, senderKeys)`
			`.ignoreMissingPublicKeys()`
			`.build();`
			```

			Again, the resulting `DecryptionStream` can be used like a normal stream.

add codeblock syntax 2018-07-30 17:58:23 +02:00			```java
Add index.md 2018-06-27 16:06:50 +02:00			`Streams.pipeAll(decryptor, targetOutputStream);`
			`decryptor.close();`
			```

Update README 2020-08-30 23:06:40 +02:00			After the `DecryptionStream` was closed, you can get metadata about the processed data by retrieving the `OpenPgpMetadata`.
Add index.md 2018-06-27 16:06:50 +02:00			`Again, this object will contain information about how the message was encrypted, who signed it and so on.`

add codeblock syntax 2018-07-30 17:58:23 +02:00			```java
Update README 2020-08-30 23:06:40 +02:00			`OpenPgpMetadata result = decryptor.getResult();`
Add index.md 2018-06-27 16:06:50 +02:00			```

Update README 2020-08-30 23:06:40 +02:00			`For further details you should check out the [javadoc](https://pgpainless.org/releases/latest/javadoc/)!`

Add index.md 2018-06-27 16:06:50 +02:00			`## About`
README: s/teahub/codeberg and update GSOC link to blog 2020-01-10 19:39:02 +01:00			`PGPainless is a by-product of my [Summer of Code 2018 project](https://blog.jabberhead.tk/summer-of-code-2018/).`
Add index.md 2018-06-27 16:06:50 +02:00			`For that project I was in need of a simple to use OpenPGP library.`

			`Originally I was going to use [Bouncy-GPG](https://github.com/neuhalje/bouncy-gpg) for my project,`
			`but ultimately I decided to create my own OpenPGP library which better fits my needs.`

Update README 2020-08-30 23:06:40 +02:00			`However, PGPainless is heavily influenced by Bouncy-GPG.`
README: Add development section 2018-07-18 16:55:48 +02:00
			`To reach out to the development team, feel free to send a mail: info@pgpainless.org`

			`## Development`
			`PGPainless is developed in - and accepts contributions from - the following places:`

			`* [Github](https://github.com/pgpainless/pgpainless)`
README: s/teahub/codeberg and update GSOC link to blog 2020-01-10 19:39:02 +01:00			`* [Codeberg](https://codeberg.org/PGPainless/pgpainless)`
README: Add development section 2018-07-18 16:55:48 +02:00
			`Please follow the [code of conduct](CODE_OF_CONDUCT.md) if you want to be part of the project.`