Class SecretKeys

java.lang.Object
org.eclipse.jgit.gpg.bc.internal.keys.SecretKeys

public final class SecretKeys extends Object
Utilities for reading GPG secret keys from a gpg-agent key file.
  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    static interface 
    Something that can supply a passphrase to decrypt an encrypted secret key.
  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    private static final byte[]
     
    private static final byte[]
     
  • Constructor Summary

    Constructors
    Modifier
    Constructor
    Description
    private
     
  • Method Summary

    Modifier and Type
    Method
    Description
    private static byte[]
    convertSexpression(byte[] humanForm)
    Converts a human-readable serialized s-expression into a binary serialized s-expression.
    private static byte[]
    convertSexpression(byte[] humanForm, boolean[] isOCB)
    Converts a human-readable serialized s-expression into a binary serialized s-expression.
    private static byte[]
    dequote(byte[] in, int from, int to)
    GPG-style string de-quoting, which is basically C-style, with some literal CR/LF escaping.
    private static byte[]
    getAad(byte[] sExp)
    Extract the AAD for the OCB decryption from an s-expression.
    private static boolean
    isGpgSpace(int ch)
     
    private static boolean
    isHex(int ch)
     
    private static boolean
    isOctal(int ch)
     
    private static boolean
    isTokenChar(int ch)
     
    (package private) static byte[]
    Extracts the key from a GPG name-value-pair key file.
    private static boolean
    matches(byte[] src, int from, byte[] needle)
    Checks whether the needle matches src at offset from.
    private static int
    nibble(int ch)
     
    static org.bouncycastle.openpgp.PGPSecretKey
    readSecretKey(InputStream in, org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider calculatorProvider, SecretKeys.PassphraseSupplier passphraseSupplier, org.bouncycastle.openpgp.PGPPublicKey publicKey)
    Reads a GPG secret key from the given stream.
    private static int
    skip(byte[] sExp, int start)
    Skips a list including nested lists.

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
  • Field Details

    • PROTECTED_KEY

      private static final byte[] PROTECTED_KEY
    • OCB_PROTECTED

      private static final byte[] OCB_PROTECTED
  • Constructor Details

    • SecretKeys

      private SecretKeys()
  • Method Details

    • readSecretKey

      public static org.bouncycastle.openpgp.PGPSecretKey readSecretKey(InputStream in, org.bouncycastle.openpgp.operator.PGPDigestCalculatorProvider calculatorProvider, SecretKeys.PassphraseSupplier passphraseSupplier, org.bouncycastle.openpgp.PGPPublicKey publicKey) throws IOException, org.bouncycastle.openpgp.PGPException, CanceledException, UnsupportedCredentialItem, URISyntaxException
      Reads a GPG secret key from the given stream.
      Parameters:
      in - InputStream to read from, doesn't need to be buffered
      calculatorProvider - for checking digests
      passphraseSupplier - for decrypting encrypted keys
      publicKey - the secret key should be for
      Returns:
      the secret key
      Throws:
      IOException - if the stream cannot be parsed
      org.bouncycastle.openpgp.PGPException - if thrown by the underlying S-Expression parser, for instance when the passphrase is wrong
      CanceledException - if thrown by the passphraseSupplier
      UnsupportedCredentialItem - if thrown by the passphraseSupplier
      URISyntaxException - if thrown by the passphraseSupplier
    • getAad

      private static byte[] getAad(byte[] sExp)
      Extract the AAD for the OCB decryption from an s-expression.
      Parameters:
      sExp - buffer containing a valid binary s-expression
      Returns:
      the AAD
    • skip

      private static int skip(byte[] sExp, int start)
      Skips a list including nested lists.
      Parameters:
      sExp - buffer containing valid binary s-expression data
      start - index of the opening '(' of the list to skip
      Returns:
      the index after the closing ')' of the skipped list
    • matches

      private static boolean matches(byte[] src, int from, byte[] needle)
      Checks whether the needle matches src at offset from.
      Parameters:
      src - to match against needle
      from - position in src to start matching
      needle - to match against
      Returns:
      true if src contains needle at position from, false otherwise
    • convertSexpression

      private static byte[] convertSexpression(byte[] humanForm) throws IOException
      Converts a human-readable serialized s-expression into a binary serialized s-expression.
      Parameters:
      humanForm - to convert
      Returns:
      the converted s-expression
      Throws:
      IOException - if the conversion fails
    • convertSexpression

      private static byte[] convertSexpression(byte[] humanForm, boolean[] isOCB) throws IOException
      Converts a human-readable serialized s-expression into a binary serialized s-expression.
      Parameters:
      humanForm - to convert
      isOCB - returns whether the s-expression specified AES/OCB encryption
      Returns:
      the converted s-expression
      Throws:
      IOException - if the conversion fails
    • dequote

      private static byte[] dequote(byte[] in, int from, int to) throws StreamCorruptedException
      GPG-style string de-quoting, which is basically C-style, with some literal CR/LF escaping.
      Parameters:
      in - buffer containing the quoted string
      from - index after the opening quote in in
      to - index of the closing quote in in
      Returns:
      the dequoted raw string value
      Throws:
      StreamCorruptedException
    • keyFromNameValueFormat

      static byte[] keyFromNameValueFormat(InputStream in) throws IOException
      Extracts the key from a GPG name-value-pair key file.

      Package-visible for tests only.

      Parameters:
      in - InputStream to read from; should be buffered
      Returns:
      the raw key data as extracted from the file
      Throws:
      IOException - if the in stream cannot be read or does not contain a key
    • isGpgSpace

      private static boolean isGpgSpace(int ch)
    • isTokenChar

      private static boolean isTokenChar(int ch)
    • isHex

      private static boolean isHex(int ch)
    • isOctal

      private static boolean isOctal(int ch)
    • nibble

      private static int nibble(int ch)