Package org.jivesoftware.smackx.ox.util
Class SecretKeyBackupHelper
- java.lang.Object
-
- org.jivesoftware.smackx.ox.util.SecretKeyBackupHelper
-
public class SecretKeyBackupHelper extends java.lang.Object
Helper class which provides some functions needed for backup/restore of the users secret key to/from their private PubSub node.
-
-
Constructor Summary
Constructors Constructor Description SecretKeyBackupHelper()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static SecretkeyElementcreateSecretkeyElement(byte[] keys, OpenPgpSecretKeyBackupPassphrase backupCode)Create aSecretkeyElementwhich contains the secret keys which are serialized inkeysand is symmetrically encrypted using thebackupCode.static SecretkeyElementcreateSecretkeyElement(OpenPgpProvider provider, BareJid owner, java.util.Set<org.pgpainless.key.OpenPgpV4Fingerprint> fingerprints, OpenPgpSecretKeyBackupPassphrase backupCode)Create aSecretkeyElementwhich contains the secret keys listed infingerprintsand is encrypted symmetrically using thebackupCode.static OpenPgpSecretKeyBackupPassphrasegenerateBackupPassword()Generate a secure backup code.static org.bouncycastle.openpgp.PGPSecretKeyRingrestoreSecretKeyBackup(SecretkeyElement backup, OpenPgpSecretKeyBackupPassphrase backupCode)Decrypt a secret key backup and return thePGPSecretKeyRingcontained in it.
-
-
-
Constructor Detail
-
SecretKeyBackupHelper
public SecretKeyBackupHelper()
-
-
Method Detail
-
generateBackupPassword
public static OpenPgpSecretKeyBackupPassphrase generateBackupPassword()
Generate a secure backup code. This code can be used to encrypt a secret key backup and follows the form described in XEP-0373 §5.3.- Returns:
- backup code
- See Also:
- XEP-0373 §5.4 Encrypting the Secret Key Backup
-
createSecretkeyElement
public static SecretkeyElement createSecretkeyElement(OpenPgpProvider provider, BareJid owner, java.util.Set<org.pgpainless.key.OpenPgpV4Fingerprint> fingerprints, OpenPgpSecretKeyBackupPassphrase backupCode) throws org.bouncycastle.openpgp.PGPException, java.io.IOException, MissingOpenPgpKeyException
Create aSecretkeyElementwhich contains the secret keys listed infingerprintsand is encrypted symmetrically using thebackupCode.- Parameters:
provider-OpenPgpProviderfor symmetric encryption.owner- owner of the secret keys (usually our jid).fingerprints- set ofOpenPgpV4Fingerprints of the keys which are going to be backed up.backupCode- passphrase for symmetric encryption.- Returns:
SecretkeyElement- Throws:
org.bouncycastle.openpgp.PGPException- PGP is brittlejava.io.IOException- IO is dangerousMissingOpenPgpKeyException- in case one of the keys whose fingerprint is infingerprintsis not accessible.
-
createSecretkeyElement
public static SecretkeyElement createSecretkeyElement(byte[] keys, OpenPgpSecretKeyBackupPassphrase backupCode) throws org.bouncycastle.openpgp.PGPException, java.io.IOException
Create aSecretkeyElementwhich contains the secret keys which are serialized inkeysand is symmetrically encrypted using thebackupCode.- Parameters:
keys- serialized OpenPGP secret keys in transferable key formatbackupCode- passphrase for symmetric encryption- Returns:
SecretkeyElement- Throws:
org.bouncycastle.openpgp.PGPException- PGP is brittlejava.io.IOException- IO is dangerous- See Also:
- XEP-0373 §5.4 Encrypting the Secret Key Backup
-
restoreSecretKeyBackup
public static org.bouncycastle.openpgp.PGPSecretKeyRing restoreSecretKeyBackup(SecretkeyElement backup, OpenPgpSecretKeyBackupPassphrase backupCode) throws InvalidBackupCodeException, java.io.IOException, org.bouncycastle.openpgp.PGPException
Decrypt a secret key backup and return thePGPSecretKeyRingcontained in it. TODO: Return a PGPSecretKeyRingCollection instead?- Parameters:
backup- encryptedSecretkeyElementcontaining the backupbackupCode- passphrase for decrypting theSecretkeyElement.- Returns:
- the TODO javadoc me please
- Throws:
InvalidBackupCodeException- in case the provided backup code is invalid.java.io.IOException- IO is dangerous.org.bouncycastle.openpgp.PGPException- PGP is brittle.
-
-