/** * Creates a signature over the byte array representation of the packet * @param identity An email identity that matches the destination field * @param keyUpdateHandler * @throws PasswordException * @throws GeneralSecurityException */ private void sign(EmailIdentity identity, KeyUpdateHandler keyUpdateHandler) throws GeneralSecurityException, PasswordException { byte[] data = getDataToSign(); CryptoImplementation cryptoImpl = identity.getCryptoImpl(); PrivateKey privateSigningKey = identity.getPrivateSigningKey(); signature = cryptoImpl.sign(data, privateSigningKey, keyUpdateHandler); }
EmailIdentity identity = iterator.next(); PublicKey publicKey = identity.getPublicSigningKey(); PrivateKey privateKey = identity.getPrivateSigningKey(); Identities newIdentities = new Identities(identitiesFile, passwordHolder); PublicKey newPublicKey = newIdentities.get(identity).getPublicSigningKey(); PrivateKey newPrivateKey = newIdentities.get(identity).getPrivateSigningKey(); publicKeyChanged = !Arrays.equals(encodedPublicKey, newPublicKey.getEncoded()); privateKeyChanged = !Arrays.equals(encodedPrivateKey, newPrivateKey.getEncoded());
/** * Creates a digital signature of the email and stores it in the * <code>SIGNATURE_HEADER</code> header field. It also removes the * <code>SIGNATURE_VALID_HEADER</code> header. If there is a signature * already, it is replaced.<br/> * The signature is computed over the stream representation of the * email, minus the signature header if it is present.<br/> * The signature includes the ID number of the {@link CryptoImplementation} * used (signature lengths can be different for the same algorithm). * @param senderIdentity * @param keyUpdateHandler Needed for updating the signature key after signing (see {@link CryptoImplementation#sign(byte[], PrivateKey, KeyUpdateHandler)}) * @throws MessagingException * @throws GeneralSecurityException * @throws PasswordException */ public void sign(EmailIdentity senderIdentity, KeyUpdateHandler keyUpdateHandler) throws MessagingException, GeneralSecurityException, PasswordException { removeHeader(SIGNATURE_HEADER); // make sure there is no existing signature which would make the new signature invalid removeHeader(SIGNATURE_VALID_HEADER); // remove the signature validity flag before signing CryptoImplementation cryptoImpl = senderIdentity.getCryptoImpl(); PrivateKey privateSigningKey = senderIdentity.getPrivateSigningKey(); byte[] signature = cryptoImpl.sign(toByteArray(), privateSigningKey, keyUpdateHandler); String foldedSignature = foldSignature(cryptoImpl.getId() + "_" + Base64.encode(signature)); setHeader(SIGNATURE_HEADER, foldedSignature); }