KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > SnowMailClient > gnupg > LineProcessors > KeyIDReader


1 package SnowMailClient.gnupg.LineProcessors;
2
3 import SnowMailClient.gnupg.model.*;
4 import java.util.*;
5 import java.io.*;
6
7 public final class KeyIDReader implements LineProcessor
8 {
9   Vector<GnuPGKeyID> keyIDs = new Vector<GnuPGKeyID>();
10   GnuPGKeyID last = null;
11
12
13   /** <pre>
14             crt = X.509 certificate
15             crs = X.509 certificate and private key available
16         uat = user attribute (same as user id except for field 10).
17             sig = signature
18             rev = revocation signature
19         pkd = public key data (special field format, see below)
20             grp = reserved for gpgsm
21             rvk = revocation key
22             spk = signature subpacket
23         </pre>
24   */
25   public void processLine(String JavaDoc line) //throws Exception
26 {
27     if(line.length()<3) return; // ignores !
28 //System.out.println(">>> "+line);
29
30     String JavaDoc recordType = line.substring(0,3).toLowerCase();
31     if(recordType.equals("gpg")) // greeting
32 {
33     }
34     else if(recordType.equals("---")) // stupid separation
35 {
36     }
37     else if(recordType.equals("tru")) // trust database information
38 {
39     }
40     else if(recordType.equals("sec")) // secret key
41 {
42       last= new GnuPGKeyID(true);
43       this.keyIDs.add(last);
44
45       try
46       {
47         last.parseSEC_colon_format(line);
48       } catch(Exception JavaDoc e) {throw new RuntimeException JavaDoc(e); }
49
50     }
51     else if(recordType.equals("pub")) // public key
52 {
53       last = new GnuPGKeyID(true);
54       this.keyIDs.add(last);
55
56       try
57       {
58         last.parsePUB_colon_format(line);
59       } catch(Exception JavaDoc e) {throw new RuntimeException JavaDoc(e); }
60
61     }
62     else if(recordType.equals("fpr")) // fingerprint: (fingerprint is in field 10)
63 {
64       try
65       {
66         last.parseFPR_colon_format(line);
67       } catch(Exception JavaDoc e) {throw new RuntimeException JavaDoc(e); }
68
69     }
70     else if(recordType.equals("uid")) // uid = user id (only field 10 is used).
71 {
72       try
73       {
74         last.parseUID_colon_format(line);
75       } catch(Exception JavaDoc e) {throw new RuntimeException JavaDoc(e); }
76     }
77     else if(recordType.equals("sub")) // subkey (secondary key)
78 {
79       GnuPGKeyID sk = new GnuPGKeyID(false);
80       try
81       {
82         sk.parseSUB_colon_format(line);
83         last.addSubKey(sk);
84       } catch(Exception JavaDoc e) {throw new RuntimeException JavaDoc(e); }
85     }
86     else if(recordType.equals("ssb")) // secret subkey (secondary key)
87 {
88       GnuPGKeyID sk = new GnuPGKeyID(false);
89       try
90       {
91         sk.parseSSB_colon_format(line);
92         last.addSubKey(sk);
93       } catch(Exception JavaDoc e) {throw new RuntimeException JavaDoc(e); }
94     }
95     else if(recordType.equals("uat"))
96     {
97       // ???
98 // uat = user attribute (same as user id except for field 10).
99 }
100     else
101     {
102       System.out.println("Unknown key list record: "+recordType);
103       System.out.println(" "+line);
104     }
105   }
106
107
108
109   public Vector<GnuPGKeyID> getKeyIDs() {return keyIDs;}
110
111
112
113 } // KeyIDReader
114
115 /**
116 Format of colon listings
117 ========================
118 First an example:
119
120 $ gpg --fixed-list-mode --with-colons --list-keys \
121    --with-fingerprint --with-fingerprint wk@gnupg.org
122
123 pub:f:1024:17:6C7EE1B8621CC013:899817715:1055898235::m:::scESC:
124 fpr:::::::::ECAF7590EB3443B5C7CF3ACB6C7EE1B8621CC013:
125 uid:f::::::::Werner Koch <wk@g10code.com>:
126 uid:f::::::::Werner Koch <wk@gnupg.org>:
127 sub:f:1536:16:06AD222CADF6A6E1:919537416:1036177416:::::e:
128 fpr:::::::::CF8BCC4B18DE08FCD8A1615906AD222CADF6A6E1:
129 sub:r:1536:20:5CE086B5B5A18FF4:899817788:1025961788:::::esc:
130 fpr:::::::::AB059359A3B81F410FCFF97F5CE086B5B5A18FF4:
131
132 The double --with-fingerprint prints the fingerprint for the subkeys
133 too, --fixed-list-mode is the modern listing way printing dates in
134 seconds since Epoch and does not merge the first userID with the pub
135 record.
136
137
138  1. Field: Type of record
139         pub = public key
140             crt = X.509 certificate
141             crs = X.509 certificate and private key available
142         sub = subkey (secondary key)
143         sec = secret key
144         ssb = secret subkey (secondary key)
145         uid = user id (only field 10 is used).
146         uat = user attribute (same as user id except for field 10).
147             sig = signature
148             rev = revocation signature
149         fpr = fingerprint: (fingerprint is in field 10)
150         pkd = public key data (special field format, see below)
151             grp = reserved for gpgsm
152             rvk = revocation key
153             tru = trust database information
154             spk = signature subpacket
155
156  2. Field: A letter describing the calculated trust. This is a single
157         letter, but be prepared that additional information may follow
158         in some future versions. (not used for secret keys)
159         o = Unknown (this key is new to the system)
160                 i = The key is invalid (e.g. due to a missing self-signature)
161         d = The key has been disabled
162             (deprecated - use the 'D' in field 12 instead)
163         r = The key has been revoked
164         e = The key has expired
165         - = Unknown trust (i.e. no value assigned)
166         q = Undefined trust
167                 '-' and 'q' may safely be treated as the same
168             value for most purposes
169         n = Don't trust this key at all
170         m = There is marginal trust in this key
171         f = The key is fully trusted
172         u = The key is ultimately trusted. This often means
173             that the secret key is available, but any key may
174             be marked as ultimately trusted.
175  3. Field: length of key in bits.
176  4. Field: Algorithm: 1 = RSA
177                16 = Elgamal (encrypt only)
178                17 = DSA (sometimes called DH, sign only)
179                20 = Elgamal (sign and encrypt - don't use them!)
180         (for other id's see include/cipher.h)
181  5. Field: KeyID
182  6. Field: Creation Date (in UTC). For UID and UAT records, this is the
183             self-signature date. Note that the dae is usally printed
184             in seconds since epoch, however, we are migrating to an ISO
185             8601 format (e.g. "19660205T091500"). This is currently
186             only relevant for X.509, A simple way to detect the format
187             is be scannning for the 'T'.
188  7. Field: Key or user ID/user attribute expiration date or empty if none.
189  8. Field: Used for serial number in crt records (used to be the Local-ID).
190             For UID and UAT records, this is a hash of the user ID contents
191             used to represent that exact user ID. For trust signatures,
192             this is the trust depth seperated by the trust value by a
193             space.
194  9. Field: Ownertrust (primary public keys only)
195         This is a single letter, but be prepared that additional
196         information may follow in some future versions. For trust
197         signatures with a regular expression, this is the regular
198         expression value, quoted as in field 10.
199 10. Field: User-ID. The value is quoted like a C string to avoid
200         control characters (the colon is quoted "\x3a").
201             This is not used with --fixed-list-mode in gpg.
202             A UAT record puts the attribute subpacket count here, a
203         space, and then the total attribute subpacket size.
204             In gpgsm the issuer name comes here
205             An FPR record stores the fingerprint here.
206             The fingerprint of an revocation key is stored here.
207 11. Field: Signature class. This is a 2 digit hexnumber followed by
208             either the letter 'x' for an exportable signature or the
209             letter 'l' for a local-only signature.
210             The class byte of an revocation key is also given here,
211             'x' and 'l' ist used the same way.
212 12. Field: Key capabilities:
213                 e = encrypt
214                 s = sign
215                 c = certify
216                 a = authentication
217         A key may have any combination of them in any order. In
218         addition to these letters, the primary key has uppercase
219         versions of the letters to denote the _usable_
220         capabilities of the entire key, and a potential letter 'D'
221         to indicate a disabled key.
222 13. Field: Used in FPR records for S/MIME keys to store the fingerprint of
223             the issuer certificate. This is useful to build the
224             certificate path based on certificates stored in the local
225             keyDB; it is only filled if the issue certificate is
226             available. The advantage of using this value is that it is
227             guaranteed to have been been build by the same lookup
228             algorithm as gpgsm uses.
229             For "uid" recods this lists the preferences n the sameway the
230             -edit menu does.
231         For "sig" records, this is the fingerprint of the key that
232         issued the signature. Note that this is only filled in if
233         the signature verified correctly. Note also that for
234         various technical reasons, this fingerprint is only
235         available if --no-sig-cache is used.
236
237 14. Field Flag field used in the --edit menu output:
238
239 15. Field Used in sec/sbb to print the serial number of a token
240             (internal protect mode 1002) or a '#' if that key is a
241             simple stub (internal protect mode 1001)
242
243 All dates are displayed in the format yyyy-mm-dd unless you use the
244 option --fixed-list-mode in which case they are displayed as seconds
245 since Epoch. More fields may be added later, so parsers should be
246 prepared for this. When parsing a number the parser should stop at the
247 first non-number character so that additional information can later be
248 added.
249
250 If field 1 has the tag "pkd", a listing looks like this:
251 pkd:0:1024:B665B1435F4C2 .... FF26ABB:
252     ! ! !-- the value
253     ! !------ for information number of bits in the value
254     !--------- index (eg. DSA goes from 0 to 3: p,q,g,y)
255
256
257 The "tru" trust database records have the fields:
258
259  2: Reason for staleness of trust. If this field is empty, then the
260     trustdb is not stale. This field may have multiple flags in it:
261
262     o: Trustdb is old
263     t: Trustdb was built with a different trust model than the one we
264        are using now.
265
266  3: Trust model:
267     0: Classic trust model, as used in PGP 2.x.
268     1: PGP trust model, as used in PGP 6 and later. This is the same
269        as the classic trust model, except for the addition of trust
270        signatures.
271
272     GnuPG before version 1.4 used the classic trust model by default.
273     GnuPG 1.4 and later uses the PGP trust model by default.
274
275  4: Date trustdb was created in seconds since 1/1/1970.
276  5: Date trustdb will expire in seconds since 1/1/1970.
277
278 The "spk" signature subpacket records have the fields:
279
280  2: Subpacket number as per RFC-2440 and later.
281  3: Flags in hex. Currently the only two bits assigned are 1, to
282     indicate that the subpacket came from the hashed part of the
283     signature, and 2, to indicate the subpacket was marked critical.
284  4: Length of the subpacket. Note that this is the length of the
285     subpacket, and not the length of field 5 below. Due to the need
286     for %-encoding, the length of field 5 may be up to 3x this value.
287  5: The subpacket data. Printable ASCII is shown as ASCII, but other
288     values are rendered as %XX where XX is the hex value for the byte.
289
290 */
Popular Tags