Class PGP

java.lang.Object
de.gustavblass.commons.crypto.PGP
public class PGP extends Object
A utility class to PGP-encrypt plaintext messages.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final @NonNull jakarta.mail.internet.InternetAddress
    DEVELOPER_EMAIL_ADDRESS
    The e-mail address of the developer who shall be able to decrypt the encrypted messages.
    static final @NonNull String
    DEVELOPER_PUBLIC_KEY
    The developer's public key in ASCII-armored format.
    private static final org.apache.logging.log4j.Logger
    LOG
     

  • Constructor Summary

    Constructors
    Constructor
    Description
    PGP()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    static byte[]
    encrypt(byte[] plaintext, @NonNull String primaryPublicKey, @NonNull String... otherPublicKeys)
    PGP-encrypts the given plaintext using the given primary public key of the main recipient and, optionally, simultaneously with other recipients' public keys as well.
    static @NonNull File
    encrypt(@NonNull File plaintext, boolean asciiArmor, @NonNull String primaryPublicKey, @NonNull String... otherPublicKeys)
    PGP-encrypts the given plaintext using the given primary public key of the main recipient and, optionally, simultaneously with other recipients' public keys as well.
    static @NonNull File
    encrypt(@NonNull File plaintext, @NonNull String primaryPublicKey, @NonNull String... otherPublicKeys)
    PGP-encrypts the given plaintext using the given primary public key of the main recipient and, optionally, simultaneously with other recipients' public keys as well.
    static @NonNull InputStream
    encrypt(@NonNull InputStream plaintext, boolean asciiArmor, @NonNull String primaryPublicKey, @NonNull String... otherPublicKeys)
    PGP-encrypts the given plaintext using the given primary public key of the main recipient and, optionally, simultaneously with other recipients' public keys as well.
    static @NonNull String
    encrypt(@NonNull String plaintext, @NonNull String primaryPublicKey, @NonNull String... otherPublicKeys)
    PGP-encrypts the given plaintext using the given primary public key of the main recipient and, optionally, simultaneously with other recipients' public keys as well.
    static @NonNull String
    encryptToDevelopers(@NonNull String plaintext)
    PGP-encrypts the given plaintext using the developer's public key, so that only the developer will be able to decrypt it.
    static @NonNull String
    encryptToDevelopers(@NonNull String plaintext, @NonNull String... otherPublicKeys)
    PGP-encrypts the given plaintext using the developer's public key and the given additional public keys, so that only the developer and the recipients will be able to decrypt it.
    static boolean
    validatePublicKey(@NonNull String publicKey)
    Checks whether the given OpenPGP public key can be used to encrypt messages.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

    • LOG

      private static final org.apache.logging.log4j.Logger LOG

    • DEVELOPER_EMAIL_ADDRESS

      @NonNull public static final @NonNull jakarta.mail.internet.InternetAddress DEVELOPER_EMAIL_ADDRESS
      The e-mail address of the developer who shall be able to decrypt the encrypted messages.

    • DEVELOPER_PUBLIC_KEY

      @NonNull public static final @NonNull String DEVELOPER_PUBLIC_KEY
      The developer's public key in ASCII-armored format.

  • Constructor Details

    • PGP

      public PGP()

  • Method Details

    • validatePublicKey

      public static boolean validatePublicKey(@NonNull @NonNull String publicKey) throws de.gustavblass.commons.exceptions.IllegalArgumentException
      Checks whether the given OpenPGP public key can be used to encrypt messages.
      Parameters:
      publicKey - The OpenPGP public key to validate. Must NOT be a private key.
      Returns:
      True if the given public key is valid and can be used to encrypt messages, false otherwise.
      Throws:
      de.gustavblass.commons.exceptions.IllegalArgumentException - If the given OpenPGP key is a private key.

    • encryptToDevelopers

      @NonNull public static @NonNull String encryptToDevelopers(@NonNull @NonNull String plaintext) throws de.gustavblass.commons.exceptions.IllegalArgumentException, IOException
      PGP-encrypts the given plaintext using the developer's public key, so that only the developer will be able to decrypt it.
      Parameters:
      plaintext - The secret message to encrypt for the developer.
      Returns:
      The securely encrypted ciphertext that only the developer will be able to decrypt.
      Throws:
      de.gustavblass.commons.exceptions.IllegalArgumentException - If the given plaintext is blank or if any of the given public keys could not be read or could not be used to encrypt the plaintext.
      IOException - If the ciphertext output could not be read or if an error occurs that is not specified by the underlying PGPainless SOP API (sorry).
      See Also:

    • encryptToDevelopers

      @NonNull public static @NonNull String encryptToDevelopers(@NonNull @NonNull String plaintext, @NonNull @NonNull String... otherPublicKeys) throws de.gustavblass.commons.exceptions.IllegalArgumentException, IOException
      PGP-encrypts the given plaintext using the developer's public key and the given additional public keys, so that only the developer and the recipients will be able to decrypt it.
      Parameters:
      plaintext - The secret plaintext to encrypt for the developer and the additional recipients.
      otherPublicKeys - The public PGP keys (certificates) of the additional recipients.
      Returns:
      The securely encrypted ciphertext that only the developer and the recipients will be able to decrypt.
      Throws:
      de.gustavblass.commons.exceptions.IllegalArgumentException - If the given plaintext is blank or if any of the given public keys could not be read or could not be used to encrypt the plaintext.
      IOException - If the ciphertext output could not be read or if an error occurs that is not specified by the underlying PGPainless SOP API (sorry).
      See Also:

    • encrypt

      @NonNull public static @NonNull String encrypt(@NonNull @NonNull String plaintext, @NonNull @NonNull String primaryPublicKey, @NonNull @NonNull String... otherPublicKeys) throws de.gustavblass.commons.exceptions.IllegalArgumentException, IOException
      PGP-encrypts the given plaintext using the given primary public key of the main recipient and, optionally, simultaneously with other recipients' public keys as well.
      Parameters:
      plaintext - The secret plaintext to encrypt for the main recipient and, optionally, other recipients.
      primaryPublicKey - The public PGP key (certificate) of the main recipient.
      otherPublicKeys - The public PGP keys (certificates) of the additional recipients. May be empty.
      Returns:
      The securely encrypted ciphertext that only the main recipient and the additional recipients will be able to decrypt.
      Throws:
      de.gustavblass.commons.exceptions.IllegalArgumentException - If the given plaintext is blank or if any of the given public keys could not be read or could not be used to encrypt the plaintext.
      IOException - If the ciphertext output could not be read or if an error occurs that is not specified by the underlying PGPainless SOP API (sorry).
      See Also:

    • encrypt

      public static byte[] encrypt(byte[] plaintext, @NonNull @NonNull String primaryPublicKey, @NonNull @NonNull String... otherPublicKeys) throws de.gustavblass.commons.exceptions.IllegalArgumentException, IOException
      PGP-encrypts the given plaintext using the given primary public key of the main recipient and, optionally, simultaneously with other recipients' public keys as well.
      Parameters:
      plaintext - The secret plaintext to encrypt for the main recipient and, optionally, other recipients.
      primaryPublicKey - The public PGP key (certificate) of the main recipient.
      otherPublicKeys - The public PGP keys (certificates) of the additional recipients. May be empty.
      Returns:
      The securely encrypted ciphertext that only the main recipient and the additional recipients will be able to decrypt.
      Throws:
      de.gustavblass.commons.exceptions.IllegalArgumentException - If any of the given public keys could not be read or could not be used to encrypt the plaintext
      IOException - Not specified by the underlying PGPainless SOP API (sorry).
      See Also:

    • encrypt

      @NonNull public static @NonNull File encrypt(@NonNull @NonNull File plaintext, @NonNull @NonNull String primaryPublicKey, @NonNull @NonNull String... otherPublicKeys) throws de.gustavblass.commons.exceptions.IllegalArgumentException, IOException, de.gustavblass.commons.exceptions.TemporaryDirectoryIOException
      PGP-encrypts the given plaintext using the given primary public key of the main recipient and, optionally, simultaneously with other recipients' public keys as well.
      Parameters:
      plaintext - The secret plaintext to encrypt for the main recipient and, optionally, other recipients. The file's name must be longer than 3 characters.
      primaryPublicKey - The public PGP key (certificate) of the main recipient.
      otherPublicKeys - The public PGP keys (certificates) of the additional recipients. May be empty.
      Returns:
      A temporary file containing the securely encrypted ciphertext that only the main recipient and the additional recipients will be able to decrypt. Will have the same name as the given plaintext file, but with the extension .pgp (will not use ASCII armor).
      Throws:
      de.gustavblass.commons.exceptions.IllegalArgumentException - If the file's name is shorter than 3 characters or if any of the given public keys could not be read or could not be used to encrypt the plaintext.
      IOException - If some error occurs that is not specified by the underlying PGPainless SOP API (sorry).
      de.gustavblass.commons.exceptions.TemporaryDirectoryIOException - If a temporary file for the ciphertext could not be created.
      See Also:
      Implementation Note:
      The requirement of 3+ characters for the file name is imposed by the File.createTempFile(String, String) method which is used to create the ciphertext file that will be returned.

    • encrypt

      @NonNull public static @NonNull File encrypt(@NonNull @NonNull File plaintext, boolean asciiArmor, @NonNull @NonNull String primaryPublicKey, @NonNull @NonNull String... otherPublicKeys) throws de.gustavblass.commons.exceptions.IllegalArgumentException, IOException, de.gustavblass.commons.exceptions.TemporaryDirectoryIOException
      PGP-encrypts the given plaintext using the given primary public key of the main recipient and, optionally, simultaneously with other recipients' public keys as well.
      Parameters:
      plaintext - The secret plaintext to encrypt for the main recipient and, optionally, other recipients. The file's name must be longer than 3 characters.
      asciiArmor - Whether to use ASCII armor to encode the encrypted message.
      primaryPublicKey - The public PGP key (certificate) of the main recipient.
      otherPublicKeys - The public PGP keys (certificates) of the additional recipients. May be empty.
      Returns:
      A temporary file containing the securely encrypted ciphertext that only the main recipient and the additional recipients will be able to decrypt. Will have the same name as the given plaintext file, but with the extension .asc – if asciiArmor is true – or .pgp otherwise.
      Throws:
      de.gustavblass.commons.exceptions.IllegalArgumentException - If the file's name is shorter than 3 characters or if any of the given public keys could not be read or could not be used to encrypt the plaintext.
      IOException - If some error occurs that is not specified by the underlying PGPainless SOP API (sorry).
      de.gustavblass.commons.exceptions.TemporaryDirectoryIOException - If a temporary file for the ciphertext could not be created.
      See Also:
      Implementation Note:
      The requirement of 3+ characters for the file name is imposed by the File.createTempFile(String, String) method which is used to create the ciphertext file that will be returned.

    • encrypt

      @NonNull public static @NonNull InputStream encrypt(@NonNull @NonNull InputStream plaintext, boolean asciiArmor, @NonNull @NonNull String primaryPublicKey, @NonNull @NonNull String... otherPublicKeys) throws de.gustavblass.commons.exceptions.IllegalArgumentException, IOException
      PGP-encrypts the given plaintext using the given primary public key of the main recipient and, optionally, simultaneously with other recipients' public keys as well.
      Parameters:
      plaintext - The secret plaintext to encrypt for the main recipient and, optionally, other recipients.
      asciiArmor - Whether to use ASCII armor to encode the encrypted message.
      primaryPublicKey - The public PGP key (certificate) of the main recipient.
      otherPublicKeys - The public PGP keys (certificates) of the additional recipients. May be empty.
      Returns:
      An InputStream from which the securely encrypted ciphertext that only the main recipient and the additional recipients will be able to decrypt can be read.
      Throws:
      de.gustavblass.commons.exceptions.IllegalArgumentException - If any of the given public keys could not be read or could not be used to encrypt the plaintext.
      IOException - Not specified by the underlying PGPainless SOP API (sorry).
      See Also: