/**
*
* Copyright 2017 Florian Schmaus.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.jivesoftware.smackx.ox;
import java.security.NoSuchAlgorithmException;
import java.util.Set;
import org.jivesoftware.smackx.ox.element.CryptElement;
import org.jivesoftware.smackx.ox.element.OpenPgpElement;
import org.jivesoftware.smackx.ox.element.PubkeyElement;
import org.jivesoftware.smackx.ox.element.PublicKeysListElement;
import org.jivesoftware.smackx.ox.element.SecretkeyElement;
import org.jivesoftware.smackx.ox.element.SignElement;
import org.jivesoftware.smackx.ox.element.SigncryptElement;
import org.jivesoftware.smackx.ox.exception.CorruptedOpenPgpKeyException;
import org.jxmpp.jid.BareJid;
public interface OpenPgpProvider {
/**
* Sign and encrypt a {@link SigncryptElement} element for usage within the context of instant messaging.
* The resulting {@link OpenPgpElement} contains a Base64 encoded, unarmored OpenPGP message,
* which can be decrypted by each recipient, as well as by ourselves.
* The message contains a signature made by our key.
*
* @see XEP-0373 §3
* @see XEP-0374 §2.1
* @param element {@link SigncryptElement} which contains the content of the message as plaintext.
* @param recipients {@link Set} of {@link BareJid} of recipients.
* @return encrypted {@link OpenPgpElement} which contains the encrypted, encoded message.
* @throws Exception
*/
OpenPgpElement signAndEncrypt(SigncryptElement element, Set recipients) throws Exception;
/**
* Decrypt an incoming {@link OpenPgpElement} which must contain a {@link SigncryptElement} and verify
* the signature made by the sender in the context of instant messaging.
*
* @see XEP-0374 §2.1
* @param element {@link OpenPgpElement} which contains an encrypted and signed {@link SigncryptElement}.
* @param sender {@link BareJid} of the user which sent the message. This is also the user who signed the message.
* @return decrypted {@link OpenPgpMessage} which contains the decrypted {@link SigncryptElement}.
* @throws Exception
*/
OpenPgpMessage decryptAndVerify(OpenPgpElement element, BareJid sender) throws Exception;
/**
* Sign a {@link SignElement} and pack it inside a {@link OpenPgpElement}.
* The resulting {@link OpenPgpElement} contains the {@link SignElement} signed and base64 encoded.
*
* Note: DO NOT use this method in the context of instant messaging, as XEP-0374 forbids that.
*
* @see XEP-0373 §3.1
* @see XEP-0374 §2.1
* @param element {@link SignElement} which will be signed.
* @return {@link OpenPgpElement} which contains the signed, Base64 encoded {@link SignElement}.
* @throws Exception
*/
OpenPgpElement sign(SignElement element) throws Exception;
/**
* Verify the signature on an incoming {@link OpenPgpElement} which must contain a {@link SignElement}.
*
* Note: DO NOT use this method in the context of instant messaging, as XEP-0374 forbids that.
*
* @see XEP-0373 §3.1
* @see XEP-0374 §2.1
* @param element incoming {@link OpenPgpElement} which must contain a signed {@link SignElement}.
* @param sender {@link BareJid} of the sender which also signed the message.
* @return {@link OpenPgpMessage} which contains the decoded {@link SignElement}.
* @throws Exception
*/
OpenPgpMessage verify(OpenPgpElement element, BareJid sender) throws Exception;
/**
* Encrypt a {@link CryptElement} and pack it inside a {@link OpenPgpElement}.
* The resulting {@link OpenPgpElement} contains the encrypted and Base64 encoded {@link CryptElement}
* which can be decrypted by all recipients, as well as by ourselves.
*
* Note: DO NOT use this method in the context of instant messaging, as XEP-0374 forbids that.
*
* @see XEP-0374 §2.1
* @param element plaintext {@link CryptElement} which will be encrypted.
* @param recipients {@link Set} of {@link BareJid} of recipients, which will be able to decrypt the message.
* @return {@link OpenPgpElement} which contains the encrypted, Base64 encoded {@link CryptElement}.
* @throws Exception
*/
OpenPgpElement encrypt(CryptElement element, Set recipients) throws Exception;
/**
* Decrypt an incoming {@link OpenPgpElement} which must contain a {@link CryptElement}.
* The resulting {@link OpenPgpMessage} will contain the decrypted {@link CryptElement}.
*
* Note: DO NOT use this method in the context of instant messaging, as XEP-0374 forbids that.
*
* @see XEP-0374 §2.1
* @param element {@link OpenPgpElement} which contains the encrypted {@link CryptElement}.
* @return {@link OpenPgpMessage} which contains the decrypted {@link CryptElement}.
* @throws Exception
*/
OpenPgpMessage decrypt(OpenPgpElement element) throws Exception;
/**
* Create a {@link PubkeyElement} which contains our exported OpenPGP public key.
* The element can for example be published.
*
* @return {@link PubkeyElement} containing our public key.
* @throws CorruptedOpenPgpKeyException if our public key can for some reason not be serialized.
*/
PubkeyElement createPubkeyElement() throws CorruptedOpenPgpKeyException;
/**
* Process an incoming {@link PubkeyElement} of a contact or ourselves.
* That typically includes importing/updating the key.
*
* @param element {@link PubkeyElement} which presumably contains the public key of the {@code owner}.
* @param owner owner of the OpenPGP public key contained in the {@link PubkeyElement}.
* @throws CorruptedOpenPgpKeyException if the key found in the {@link PubkeyElement}
* can not be deserialized or imported.
*/
void processPubkeyElement(PubkeyElement element, BareJid owner) throws CorruptedOpenPgpKeyException;
/**
* Process an incoming update to the OpenPGP metadata node.
* That typically includes fetching announced keys of which we don't have a local copy yet,
* as well as marking keys which are missing from the list as inactive.
*
* @param listElement {@link PublicKeysListElement} which contains a list of the keys of {@code owner}.
* @param owner {@link BareJid} of the owner of the announced public keys.
* @throws Exception
*/
void processPublicKeysListElement(PublicKeysListElement listElement, BareJid owner) throws Exception;
/**
* Return the OpenPGP v4-fingerprint of our key in hexadecimal upper case.
*
* @return fingerprint
* @throws CorruptedOpenPgpKeyException if for some reason the fingerprint cannot be derived from the key pair.
*/
String getFingerprint() throws CorruptedOpenPgpKeyException;
SecretkeyElement createSecretkeyElement(String password) throws CorruptedOpenPgpKeyException;
void restoreSecretKeyElement(SecretkeyElement secretkeyElement, String password) throws CorruptedOpenPgpKeyException;
void createAndUseKey() throws CorruptedOpenPgpKeyException, NoSuchAlgorithmException;
}