Example usage for org.bouncycastle.openpgp PGPSignatureSubpacketGenerator setKeyExpirationTime

List of usage examples for org.bouncycastle.openpgp PGPSignatureSubpacketGenerator setKeyExpirationTime

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.openpgp.*
  5. PGPSignatureSubpacketGenerator
  6. setKeyExpirationTime

Introduction

In this page you can find the example usage for org.bouncycastle.openpgp PGPSignatureSubpacketGenerator setKeyExpirationTime.

Prototype

public void setKeyExpirationTime(boolean isCritical, long seconds)

Source Link

Document

Set the number of seconds a key is valid for after the time of its creation.

Usage

From source file:SELSKeyGen.java

License:Open Source License

private static void exportKeyPair(OutputStream secretOut, OutputStream publicOut, KeyPair dsaKp, KeyPair elgKp,
        String identity, char[] passPhrase, boolean armor, int exptimesec)
        throws IOException, InvalidKeyException, NoSuchProviderException, SignatureException, PGPException {
    if ((armor) && (secretOut != null)) {
        secretOut = new ArmoredOutputStream(secretOut);
    }/*from  w w  w.j  a  v  a 2  s  . co m*/

    //Create subpacket vector for expiration time

    PGPSignatureSubpacketGenerator subpacketGenerator = new PGPSignatureSubpacketGenerator();
    int secondsToExpire = exptimesec;
    subpacketGenerator.setKeyExpirationTime(false, secondsToExpire);
    subpacketGenerator.setExportable(true, true);
    PGPSignatureSubpacketVector subpacketVector = subpacketGenerator.generate();

    PGPKeyPair dsaKeyPair = new PGPKeyPair(PGPPublicKey.DSA, dsaKp, new Date(), "BC");
    PGPKeyPair elgKeyPair = new PGPKeyPair(PGPPublicKey.ELGAMAL_ENCRYPT, elgKp, new Date(), "BC");

    PGPKeyRingGenerator keyRingGen = new PGPKeyRingGenerator(PGPSignature.POSITIVE_CERTIFICATION, dsaKeyPair,
            identity, PGPEncryptedData.AES_256, passPhrase, subpacketVector, null, new SecureRandom(), "BC");

    keyRingGen.addSubKey(elgKeyPair);

    if (secretOut != null) {
        keyRingGen.generateSecretKeyRing().encode(secretOut);
        secretOut.close();
    }

    if (armor) {
        publicOut = new ArmoredOutputStream(publicOut);
    }

    keyRingGen.generatePublicKeyRing().encode(publicOut);
    publicOut.close();
}

From source file:org.sufficientlysecure.keychain.pgp.PgpKeyOperation.java

License:Open Source License

private static PGPSignatureSubpacketGenerator generateHashedSelfSigSubpackets(Date creationTime,
        PGPPublicKey pKey, boolean primary, int flags, long expiry) {

    PGPSignatureSubpacketGenerator hashedPacketsGen = new PGPSignatureSubpacketGenerator();
    {// w  ww .j  av  a2 s.com
        /*
         * From RFC about critical subpackets:
         * If a subpacket is encountered that is
         * marked critical but is unknown to the evaluating software, the
         * evaluator SHOULD consider the signature to be in error.
         * An evaluator may "recognize" a subpacket, but not implement it.  The
         * purpose of the critical bit is to allow the signer to tell an
         * evaluator that it would prefer a new, unknown feature to generate an
         * error than be ignored.
         */
        /* non-critical subpackets: */
        hashedPacketsGen.setPreferredSymmetricAlgorithms(false,
                PgpSecurityConstants.PREFERRED_SYMMETRIC_ALGORITHMS);
        hashedPacketsGen.setPreferredHashAlgorithms(false, PgpSecurityConstants.PREFERRED_HASH_ALGORITHMS);
        hashedPacketsGen.setPreferredCompressionAlgorithms(false,
                PgpSecurityConstants.PREFERRED_COMPRESSION_ALGORITHMS);
        hashedPacketsGen.setPrimaryUserID(false, primary);

        /* critical subpackets: we consider those important for a modern pgp implementation */
        hashedPacketsGen.setSignatureCreationTime(true, creationTime);
        // Request that senders add the MDC to the message (authenticate unsigned messages)
        hashedPacketsGen.setFeature(true, Features.FEATURE_MODIFICATION_DETECTION);
        hashedPacketsGen.setKeyFlags(true, flags);
        if (expiry > 0) {
            hashedPacketsGen.setKeyExpirationTime(true, expiry - pKey.getCreationTime().getTime() / 1000);
        }
    }

    return hashedPacketsGen;
}

From source file:org.sufficientlysecure.keychain.pgp.PgpKeyOperation.java

License:Open Source License

static PGPSignature generateSubkeyBindingSignature(PGPSignatureGenerator sGen, Date creationTime,
        PGPPublicKey masterPublicKey, PGPPrivateKey masterPrivateKey, PGPSignatureGenerator subSigGen,
        PGPPrivateKey subPrivateKey, PGPPublicKey pKey, int flags, long expiry)
        throws IOException, PGPException, SignatureException {

    PGPSignatureSubpacketGenerator unhashedPacketsGen = new PGPSignatureSubpacketGenerator();

    // If this key can sign, we need a primary key binding signature
    if ((flags & KeyFlags.SIGN_DATA) > 0) {
        // cross-certify signing keys
        PGPSignatureSubpacketGenerator subHashedPacketsGen = new PGPSignatureSubpacketGenerator();
        subHashedPacketsGen.setSignatureCreationTime(false, creationTime);
        subSigGen.init(PGPSignature.PRIMARYKEY_BINDING, subPrivateKey);
        subSigGen.setHashedSubpackets(subHashedPacketsGen.generate());
        PGPSignature certification = subSigGen.generateCertification(masterPublicKey, pKey);
        unhashedPacketsGen.setEmbeddedSignature(true, certification);
    }//from   w  w w.  j a  va  2  s  .c o  m

    PGPSignatureSubpacketGenerator hashedPacketsGen;
    {
        hashedPacketsGen = new PGPSignatureSubpacketGenerator();
        hashedPacketsGen.setSignatureCreationTime(true, creationTime);
        hashedPacketsGen.setKeyFlags(true, flags);
        if (expiry > 0) {
            hashedPacketsGen.setKeyExpirationTime(true, expiry - pKey.getCreationTime().getTime() / 1000);
        }
    }

    sGen.init(PGPSignature.SUBKEY_BINDING, masterPrivateKey);
    sGen.setHashedSubpackets(hashedPacketsGen.generate());
    sGen.setUnhashedSubpackets(unhashedPacketsGen.generate());

    return sGen.generateCertification(masterPublicKey, pKey);

}