mirror of
https://github.com/pgpainless/pgpainless.git
synced 2024-11-23 04:42:06 +01:00
Add documentation for KeyRingUtils.removeSecretKey()
This commit is contained in:
parent
b1eb33eb2c
commit
b5ccb23a62
GPG key ID:
62BEE9264BF17311
1 changed files with 18 additions and 0 deletions
|
|
@ -292,17 +292,34 @@ public final class KeyRingUtils {
|
||||||
return newSecretKey;
|
return newSecretKey;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Remove the secret key of the subkey identified by the given secret key id from the key ring.
|
||||||
|
* The public part stays attached to the key ring, so that it can still be used for encryption / verification of signatures.
|
||||||
|
*
|
||||||
|
* This method is intended to be used to remove secret primary keys from live keys when those are kept in offline storage.
|
||||||
|
*
|
||||||
|
* @param secretKeys secret key ring
|
||||||
|
* @param secretKeyId id of the secret key to remove
|
||||||
|
* @return secret key ring with removed secret key
|
||||||
|
*
|
||||||
|
* @throws IOException
|
||||||
|
* @throws PGPException
|
||||||
|
*/
|
||||||
public static PGPSecretKeyRing removeSecretKey(PGPSecretKeyRing secretKeys, long secretKeyId)
|
public static PGPSecretKeyRing removeSecretKey(PGPSecretKeyRing secretKeys, long secretKeyId)
|
||||||
throws IOException, PGPException {
|
throws IOException, PGPException {
|
||||||
if (secretKeys.getSecretKey(secretKeyId) == null) {
|
if (secretKeys.getSecretKey(secretKeyId) == null) {
|
||||||
throw new NoSuchElementException("PGPSecretKeyRing does not contain secret key " + Long.toHexString(secretKeyId));
|
throw new NoSuchElementException("PGPSecretKeyRing does not contain secret key " + Long.toHexString(secretKeyId));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Since BCs constructors for secret key rings are mostly private, we need to encode the key ring how we want it
|
||||||
|
// and then parse it again.
|
||||||
ByteArrayOutputStream encoded = new ByteArrayOutputStream();
|
ByteArrayOutputStream encoded = new ByteArrayOutputStream();
|
||||||
for (PGPSecretKey secretKey : secretKeys) {
|
for (PGPSecretKey secretKey : secretKeys) {
|
||||||
if (secretKey.getKeyID() == secretKeyId) {
|
if (secretKey.getKeyID() == secretKeyId) {
|
||||||
|
// only encode the public part of the target key
|
||||||
secretKey.getPublicKey().encode(encoded);
|
secretKey.getPublicKey().encode(encoded);
|
||||||
} else {
|
} else {
|
||||||
|
// otherwise, encode secret + public key
|
||||||
secretKey.encode(encoded);
|
secretKey.encode(encoded);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -310,6 +327,7 @@ public final class KeyRingUtils {
|
||||||
PGPPublicKey extra = it.next();
|
PGPPublicKey extra = it.next();
|
||||||
extra.encode(encoded);
|
extra.encode(encoded);
|
||||||
}
|
}
|
||||||
|
// Parse the key back into an object
|
||||||
return new PGPSecretKeyRing(encoded.toByteArray(), ImplementationFactory.getInstance().getKeyFingerprintCalculator());
|
return new PGPSecretKeyRing(encoded.toByteArray(), ImplementationFactory.getInstance().getKeyFingerprintCalculator());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue