2020-11-22 20:48:09 +01:00
|
|
|
/*
|
|
|
|
* Copyright 2020 Paul Schaub.
|
|
|
|
*
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
* limitations under the License.
|
|
|
|
*/
|
|
|
|
package org.pgpainless.key.info;
|
|
|
|
|
2021-01-22 16:52:09 +01:00
|
|
|
import static org.pgpainless.key.util.SignatureUtils.getLatestValidSignature;
|
|
|
|
import static org.pgpainless.key.util.SignatureUtils.sortByCreationTimeAscending;
|
|
|
|
|
2020-11-22 20:48:09 +01:00
|
|
|
import java.util.ArrayList;
|
|
|
|
import java.util.Collections;
|
|
|
|
import java.util.Date;
|
|
|
|
import java.util.Iterator;
|
|
|
|
import java.util.List;
|
|
|
|
import java.util.regex.Matcher;
|
|
|
|
import java.util.regex.Pattern;
|
|
|
|
|
2021-01-22 16:52:09 +01:00
|
|
|
import org.bouncycastle.openpgp.PGPException;
|
2020-11-22 20:48:09 +01:00
|
|
|
import org.bouncycastle.openpgp.PGPKeyRing;
|
|
|
|
import org.bouncycastle.openpgp.PGPPublicKey;
|
|
|
|
import org.bouncycastle.openpgp.PGPPublicKeyRing;
|
|
|
|
import org.bouncycastle.openpgp.PGPSecretKey;
|
|
|
|
import org.bouncycastle.openpgp.PGPSecretKeyRing;
|
|
|
|
import org.bouncycastle.openpgp.PGPSignature;
|
|
|
|
import org.pgpainless.algorithm.PublicKeyAlgorithm;
|
|
|
|
import org.pgpainless.algorithm.SignatureType;
|
|
|
|
import org.pgpainless.algorithm.SymmetricKeyAlgorithm;
|
|
|
|
import org.pgpainless.key.OpenPgpV4Fingerprint;
|
2021-01-22 16:52:09 +01:00
|
|
|
import org.pgpainless.key.util.KeyRingUtils;
|
|
|
|
import org.pgpainless.key.util.SignatureUtils;
|
2020-11-22 20:48:09 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Utility class to quickly extract certain information from a {@link PGPPublicKeyRing}/{@link PGPSecretKeyRing}.
|
|
|
|
*/
|
|
|
|
public class KeyRingInfo {
|
|
|
|
|
|
|
|
private static final Pattern PATTERN_EMAIL = Pattern.compile("[A-Z0-9a-z._%+-]+@[A-Za-z0-9.-]+\\.[A-Za-z]{2,6}");
|
|
|
|
|
|
|
|
private final PGPKeyRing keys;
|
|
|
|
|
|
|
|
public KeyRingInfo(PGPKeyRing keys) {
|
|
|
|
this.keys = keys;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return the first {@link PGPPublicKey} of this key ring.
|
|
|
|
*
|
|
|
|
* @return public key
|
|
|
|
*/
|
|
|
|
public PGPPublicKey getPublicKey() {
|
|
|
|
return keys.getPublicKey();
|
|
|
|
}
|
|
|
|
|
2021-01-22 16:52:09 +01:00
|
|
|
public PGPPublicKey getPublicKey(OpenPgpV4Fingerprint fingerprint) {
|
|
|
|
return getPublicKey(fingerprint.getKeyId());
|
|
|
|
}
|
|
|
|
|
|
|
|
public PGPPublicKey getPublicKey(long keyId) {
|
|
|
|
return keys.getPublicKey(keyId);
|
|
|
|
}
|
|
|
|
|
|
|
|
public static PGPPublicKey getPublicKey(PGPKeyRing keyRing, long keyId) {
|
|
|
|
return keyRing.getPublicKey(keyId);
|
|
|
|
}
|
|
|
|
|
2020-11-22 20:48:09 +01:00
|
|
|
/**
|
|
|
|
* Return all {@link PGPPublicKey PGPPublicKeys} of this key ring.
|
|
|
|
* The first key in the list being the primary key.
|
|
|
|
* Note that the list is unmodifiable.
|
|
|
|
*
|
|
|
|
* @return list of public keys
|
|
|
|
*/
|
|
|
|
public List<PGPPublicKey> getPublicKeys() {
|
|
|
|
List<PGPPublicKey> list = new ArrayList<>();
|
|
|
|
Iterator<PGPPublicKey> iterator = keys.getPublicKeys();
|
|
|
|
while (iterator.hasNext()) {
|
|
|
|
list.add(iterator.next());
|
|
|
|
}
|
|
|
|
return Collections.unmodifiableList(list);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return the primary {@link PGPSecretKey} of this key ring or null if the key ring is not a {@link PGPSecretKeyRing}.
|
|
|
|
*
|
|
|
|
* @return primary secret key or null if the key ring is public
|
|
|
|
*/
|
|
|
|
public PGPSecretKey getSecretKey() {
|
|
|
|
if (keys instanceof PGPSecretKeyRing) {
|
|
|
|
PGPSecretKeyRing secretKeys = (PGPSecretKeyRing) keys;
|
|
|
|
return secretKeys.getSecretKey();
|
|
|
|
}
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
2021-01-22 16:52:09 +01:00
|
|
|
public PGPSecretKey getSecretKey(OpenPgpV4Fingerprint fingerprint) {
|
|
|
|
return getSecretKey(fingerprint.getKeyId());
|
|
|
|
}
|
|
|
|
|
|
|
|
public PGPSecretKey getSecretKey(long keyId) {
|
|
|
|
if (keys instanceof PGPSecretKeyRing) {
|
|
|
|
return ((PGPSecretKeyRing) keys).getSecretKey(keyId);
|
|
|
|
}
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
2020-11-22 20:48:09 +01:00
|
|
|
/**
|
|
|
|
* Return all secret keys of the key ring.
|
|
|
|
* If the key ring is a {@link PGPPublicKeyRing}, then return an empty list.
|
|
|
|
* Note that the list is unmodifiable.
|
|
|
|
*
|
|
|
|
* @return list of secret keys
|
|
|
|
*/
|
|
|
|
public List<PGPSecretKey> getSecretKeys() {
|
|
|
|
List<PGPSecretKey> list = new ArrayList<>();
|
|
|
|
if (keys instanceof PGPSecretKeyRing) {
|
|
|
|
PGPSecretKeyRing secretKeys = (PGPSecretKeyRing) keys;
|
|
|
|
Iterator<PGPSecretKey> iterator = secretKeys.getSecretKeys();
|
|
|
|
while (iterator.hasNext()) {
|
|
|
|
list.add(iterator.next());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return Collections.unmodifiableList(list);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return the key id of the primary key of this key ring.
|
|
|
|
*
|
|
|
|
* @return key id
|
|
|
|
*/
|
|
|
|
public long getKeyId() {
|
|
|
|
return getPublicKey().getKeyID();
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return the {@link OpenPgpV4Fingerprint} of this key ring.
|
|
|
|
*
|
|
|
|
* @return fingerprint
|
|
|
|
*/
|
|
|
|
public OpenPgpV4Fingerprint getFingerprint() {
|
|
|
|
return new OpenPgpV4Fingerprint(getPublicKey());
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return a list of all user-ids of the primary key.
|
|
|
|
*
|
|
|
|
* @return list of user-ids
|
|
|
|
*/
|
|
|
|
public List<String> getUserIds() {
|
|
|
|
List<String> userIds = new ArrayList<>();
|
|
|
|
Iterator<String> iterator = getPublicKey().getUserIDs();
|
|
|
|
while (iterator.hasNext()) {
|
|
|
|
userIds.add(iterator.next());
|
|
|
|
}
|
|
|
|
return userIds;
|
|
|
|
}
|
|
|
|
|
2021-01-22 16:52:09 +01:00
|
|
|
public List<String> getValidUserIds() {
|
|
|
|
List<String> valid = new ArrayList<>();
|
|
|
|
List<String> userIds = getUserIds();
|
|
|
|
for (String userId : userIds) {
|
|
|
|
if (isUserIdValid(userId)) {
|
|
|
|
valid.add(userId);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return valid;
|
|
|
|
}
|
|
|
|
|
|
|
|
public boolean isUserIdValid(String userId) {
|
|
|
|
try {
|
|
|
|
return SignatureUtils.isUserIdValid(getPublicKey(), userId);
|
|
|
|
} catch (PGPException e) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-11-22 20:48:09 +01:00
|
|
|
/**
|
|
|
|
* Return a list of all user-ids of the primary key that appear to be email-addresses.
|
|
|
|
*
|
|
|
|
* @return email addresses
|
|
|
|
*/
|
|
|
|
public List<String> getEmailAddresses() {
|
|
|
|
List<String> userIds = getUserIds();
|
|
|
|
List<String> emails = new ArrayList<>();
|
|
|
|
for (String userId : userIds) {
|
|
|
|
Matcher matcher = PATTERN_EMAIL.matcher(userId);
|
|
|
|
if (matcher.find()) {
|
|
|
|
emails.add(matcher.group());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return emails;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return the algorithm of the primary key.
|
|
|
|
*
|
|
|
|
* @return public key algorithm
|
|
|
|
*/
|
|
|
|
public PublicKeyAlgorithm getAlgorithm() {
|
|
|
|
return PublicKeyAlgorithm.fromId(getPublicKey().getAlgorithm());
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return the creation date of the primary key.
|
|
|
|
*
|
|
|
|
* @return creation date
|
|
|
|
*/
|
|
|
|
public Date getCreationDate() {
|
|
|
|
return getPublicKey().getCreationTime();
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return the date on which the key ring was last modified.
|
|
|
|
* This date corresponds to the date of the last signature that was made on this key ring by the primary key.
|
|
|
|
*
|
|
|
|
* @return last modification date.
|
|
|
|
*/
|
|
|
|
public Date getLastModified() {
|
|
|
|
Iterator<PGPSignature> signatures = getPublicKey().getSignatures();
|
|
|
|
long last = 0L;
|
|
|
|
while (signatures.hasNext()) {
|
|
|
|
PGPSignature signature = signatures.next();
|
|
|
|
if (getKeyId() != signature.getKeyID()) {
|
|
|
|
// Throw away signatures made from others
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
last = Math.max(last, signature.getCreationTime().getTime());
|
|
|
|
}
|
|
|
|
return new Date(last);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return the date on which the primary key was revoked, or null if it has not yet been revoked.
|
|
|
|
*
|
|
|
|
* @return revocation date or null
|
|
|
|
*/
|
|
|
|
public Date getRevocationDate() {
|
|
|
|
Iterator<PGPSignature> revocations = getPublicKey().getSignaturesOfType(SignatureType.KEY_REVOCATION.getCode());
|
|
|
|
while (revocations.hasNext()) {
|
|
|
|
PGPSignature revocation = revocations.next();
|
|
|
|
if (getKeyId() != revocation.getKeyID()) {
|
|
|
|
// Throw away signatures made from others
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
return revocation.getCreationTime();
|
|
|
|
}
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2020-11-22 21:07:14 +01:00
|
|
|
* Return the date of expiration of the primary key or null if the key has no expiration date.
|
2020-11-22 20:48:09 +01:00
|
|
|
*
|
|
|
|
* @return expiration date
|
|
|
|
*/
|
|
|
|
public Date getExpirationDate() {
|
2021-01-18 17:09:34 +01:00
|
|
|
return getExpirationDate(new OpenPgpV4Fingerprint(getPublicKey()));
|
|
|
|
}
|
|
|
|
|
|
|
|
public Date getExpirationDate(OpenPgpV4Fingerprint fingerprint) {
|
|
|
|
long validSeconds = keys.getPublicKey(fingerprint.getKeyId()).getValidSeconds();
|
2020-11-22 21:07:14 +01:00
|
|
|
if (validSeconds == 0) {
|
|
|
|
return null;
|
|
|
|
}
|
2020-11-22 20:48:09 +01:00
|
|
|
return new Date(getCreationDate().getTime() + (1000 * validSeconds));
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return true if the key ring is a {@link PGPSecretKeyRing}.
|
|
|
|
* If it is a {@link PGPPublicKeyRing} return false and if it is neither, throw an {@link AssertionError}.
|
|
|
|
*
|
|
|
|
* @return true if the key ring is a secret key ring.
|
|
|
|
*/
|
|
|
|
public boolean isSecretKey() {
|
|
|
|
if (keys instanceof PGPSecretKeyRing) {
|
|
|
|
return true;
|
|
|
|
} else if (keys instanceof PGPPublicKeyRing) {
|
|
|
|
return false;
|
|
|
|
} else {
|
|
|
|
throw new AssertionError("Expected PGPKeyRing to be either PGPPublicKeyRing or PGPSecretKeyRing, but got " + keys.getClass().getName() + " instead.");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return true when every secret key on the key ring is not encrypted.
|
|
|
|
* If there is at least one encrypted secret key on the ring, return false.
|
|
|
|
* If the ring is a {@link PGPPublicKeyRing}, return true.
|
|
|
|
*
|
|
|
|
* @return true if all secret keys are unencrypted.
|
|
|
|
*/
|
|
|
|
public boolean isFullyDecrypted() {
|
|
|
|
if (isSecretKey()) {
|
|
|
|
for (PGPSecretKey secretKey : getSecretKeys()) {
|
|
|
|
if (secretKey.getKeyEncryptionAlgorithm() != SymmetricKeyAlgorithm.NULL.getAlgorithmId()) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return true;
|
|
|
|
}
|
2021-01-22 16:52:09 +01:00
|
|
|
|
|
|
|
public List<PGPSignature> getSelfSignatures() {
|
|
|
|
return getSelfSignatures(new OpenPgpV4Fingerprint(getPublicKey()));
|
|
|
|
}
|
|
|
|
|
|
|
|
public List<PGPSignature> getSelfSignatures(OpenPgpV4Fingerprint subkeyFingerprint) {
|
|
|
|
return getSelfSignatures(subkeyFingerprint.getKeyId());
|
|
|
|
}
|
|
|
|
|
|
|
|
public List<PGPSignature> getSelfSignatures(long subkeyId) {
|
|
|
|
PGPPublicKey publicKey = KeyRingUtils.requirePublicKeyFrom(keys, subkeyId);
|
|
|
|
Iterator<PGPSignature> it = publicKey.getSignaturesForKeyID(subkeyId);
|
|
|
|
List<PGPSignature> signatures = new ArrayList<>();
|
|
|
|
while (it.hasNext()) {
|
|
|
|
signatures.add(it.next());
|
|
|
|
}
|
|
|
|
sortByCreationTimeAscending(signatures);
|
|
|
|
return signatures;
|
|
|
|
}
|
|
|
|
|
|
|
|
public PGPSignature getLatestValidSelfSignature() throws PGPException {
|
|
|
|
return getLatestValidSelfSignature(new OpenPgpV4Fingerprint(getPublicKey()));
|
|
|
|
}
|
|
|
|
|
|
|
|
public PGPSignature getLatestValidSelfSignature(OpenPgpV4Fingerprint fingerprint) throws PGPException {
|
|
|
|
return getLatestValidSelfSignature(fingerprint.getKeyId());
|
|
|
|
}
|
|
|
|
|
|
|
|
public PGPSignature getLatestValidSelfSignature(long subkeyId) throws PGPException {
|
|
|
|
PGPPublicKey publicKey = KeyRingUtils.requirePublicKeyFrom(keys, subkeyId);
|
|
|
|
List<PGPSignature> signatures = getSelfSignatures(subkeyId);
|
|
|
|
return getLatestValidSignature(publicKey, signatures, keys);
|
|
|
|
}
|
|
|
|
|
|
|
|
public List<PGPSignature> getBindingSignatures(OpenPgpV4Fingerprint fingerprint) {
|
|
|
|
return getBindingSignatures(fingerprint.getKeyId());
|
|
|
|
}
|
|
|
|
|
|
|
|
public List<PGPSignature> getBindingSignatures(long subkeyId) {
|
|
|
|
if (subkeyId == getKeyId()) {
|
|
|
|
return Collections.emptyList();
|
|
|
|
}
|
|
|
|
PGPPublicKey publicKey = KeyRingUtils.requirePublicKeyFrom(keys, subkeyId);
|
|
|
|
return SignatureUtils.getBindingSignatures(publicKey, getKeyId());
|
|
|
|
}
|
|
|
|
|
|
|
|
public PGPSignature getLatestValidBindingSignature(long subKeyID) throws PGPException {
|
|
|
|
PGPPublicKey publicKey = KeyRingUtils.requirePublicKeyFrom(keys, subKeyID);
|
|
|
|
List<PGPSignature> signatures = getBindingSignatures(subKeyID);
|
|
|
|
return getLatestValidSignature(publicKey, signatures, keys);
|
|
|
|
}
|
|
|
|
|
|
|
|
public PGPSignature getLatestValidSelfOrBindingSignature() throws PGPException {
|
|
|
|
return getLatestValidSelfOrBindingSignature(new OpenPgpV4Fingerprint(getPublicKey()));
|
|
|
|
}
|
|
|
|
|
|
|
|
public PGPSignature getLatestValidSelfOrBindingSignature(OpenPgpV4Fingerprint fingerprint) throws PGPException {
|
|
|
|
return getLatestValidSelfOrBindingSignature(fingerprint.getKeyId());
|
|
|
|
}
|
|
|
|
|
|
|
|
public PGPSignature getLatestValidSelfOrBindingSignature(long subKeyId) throws PGPException {
|
|
|
|
PGPSignature self = getLatestValidSelfSignature(subKeyId);
|
|
|
|
PGPSignature binding = getLatestValidBindingSignature(subKeyId);
|
|
|
|
if (self == null) {
|
|
|
|
return binding;
|
|
|
|
}
|
|
|
|
if (binding == null) {
|
|
|
|
return self;
|
|
|
|
}
|
|
|
|
return self.getCreationTime().after(binding.getCreationTime()) ? self : binding;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2020-11-22 20:48:09 +01:00
|
|
|
}
|