commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Brondsema <d...@brondsema.net>
Subject Re: [PGP] API sketch
Date Mon, 30 May 2005 03:41:21 GMT
It would be useful, I think, to get a keyid from a signature, fetch and
update keys from a keyserver, and get names and email addresses from a
public key.

Just verifying the signature without showing who's key created it (which
depends on the above functionality) doesn't do a whole lot of good.
Although computing a trust value is what *really* does good.

Brett Porter wrote:
> Any more thoughts on this?
>
> Brett Porter wrote:
>
>> Thanks Stefan - feedback inline.
>>
>> Stefan Bodewig wrote:
>>
>> > /** @param keyId may be null to specify the default key */
>> > void sign(InputStream data, OutputStream signedOutput,
>> > String keyId, KeyRing keyRing, boolean asciiArmor)
>> > throws PGPException;
>> >
>> > /** @param keyId may be null to specify the default key */
>> > void detachedSign(InputStream data, OutputStream signature,
>> > String keyId, KeyRing keyRing, boolean asciiArmor)
>> > throws PGPException;
>> >
>> > SignatureStatus verifySignature(InputStream data, KeyRing keyRing)
>> > throws PGPException;
>> >
>> > SignatureStatus verifyDetachedSignature(InputStream data,
>> > InputStream signature,
>> > KeyRing keyRing)
>> > throws PGPException;
>> >}
>> >
>> >
>> These all look fine for most uses, but I would like a default
>> implementation that builds on something like this:
>>
>> interface PgpSignatureUpdater {
>>  void update( byte[] data )
>>  void update( byte[] data, int offset, int length )
>>  byte[] finish()
>> }
>>
>> This being used to create the detached signature (I'm assuming a
>> generated detached signature can be later added to the actual message,
>> and that byte[] is sufficient for both binary and ascii armored output),
>> and can be used in both signing and verifying. The implementation would
>> take configuration specifying the keyring, ascii armoring and anything
>> else.
>>
>> >class KeyRing {
>> > InputSteam getStream();
>> > /** @return null for a public key ring. */
>> > char[] getPassPhrase();
>> >}
>> >
>> >
>> >
>> Seems ok.
>>
>> >PGPException would be a wrapper for the real exception an
>> >implementation could throw (but I wouldn't want to depend on
>> >commons-lang just for NestableException).
>> >
>> >
>> +1
>>
>> >SignatureStatus an enum-like class with ValidSignature, UnknownKey and
>> >InvalidSignature. We may even include trust calculations here (if
>> >supported), ValidTrustedSignature and ValidUntrustedSignature or
>> >similar.
>> >
>> >
>> Yes, I think all of those would be useful.
>>
>> >And finally
>> >
>> >class FooFactory {
>> > static FooFactory getFactory() throws PGPException;
>> > Foo newFoo() throws PGPException;
>> >}
>> >
>> >Foo is a placeholder since (1) I can't come up with a good name right
>> >now and (2) have a long track record of inventing bad names anyway.
>> >
>> >
>> PgpSigner and PgpSignatureVerifier (I can't think of a unified name
>> without coffee).
>>
>> - Brett
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: commons-dev-help@jakarta.apache.org
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: commons-dev-help@jakarta.apache.org
>


--
Dave Brondsema : dave@brondsema.net
http://www.splike.com : programming
http://www.brondsema.net : personal
                <><

Mime
View raw message