Exchanging keys with OpenPGP HKP servers in Java

The first OpenPGP key server was developed by Marc Horowitz and uses an HTTP based protocol known as HKP (Http Keyserver Protocol).

This chapter describes the functionality exposed by DidiSoft OpenPGP Library for Java for exchanging keys with HKP key servers.

The communication is encapsulated in the class HKPClient located in the package com.didisoft.pgp.net.

1 Submitting a key
2 Retrieving a key
3 Exception handling

Submitting a key

The key upload consists of instantiating the HKPClient class and invoking its submitKey method. In the usual scenario only public keys are submitted.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

import java.io.*;
 
import com.didisoft.pgp.net.HKPClient;
import com.didisoft.pgp.KeyStore;
 
public class DemoHKP {
 public static void demo() throws Exception {
   // connect to HKP key server
   int httpPort = 80;
   HKPClient hkp = new HKPClient("pgp.mit.edu", httpPort);
 
   // read the key into a byte array
   File file = new File("c:\\Test\\public_key.asc");
   FileInputStream fIn = new FileInputStream(file);
   byte[] keyBytes = new byte[(int)file.length()];       
   fIn.read(keyBytes, 0, keyBytes.length);
 
   boolean ok = hkp.submitKey(bOut.toByteArray());
 }
}

Retrieving a key

A key can be retrieved by addressing it by part or the whole of its User Id or by the hexadecimal Key Id. The example below demonstrates retrieving by part of the User Id.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

import java.io.ByteArrayInputStream;
 
import com.didisoft.pgp.net.HKPClient;
import com.didisoft.pgp.KeyStore;
 
public class DemoHKP {
 public static void demo() throws Exception {
   // connect to HKP key server
   int httpPort = 80;
   boolean secureConnection = false; // true if HTTPS SSL/TLS
   HKPClient hkp = new HKPClient("pgp.mit.edu", httpPort, secureConnection);
 
   // search by part or the whole User Id
   ldap.setPartialMatchUserIds(true);
   byte[] keyBytes = hkp.getKeyByUserId("DidiSoft");
   String keyInAscii = new String(keyBytes, "ASCII");
 
    if (keyBytes != null && keyBytes.length > 0) {
    	KeyStore ks = new KeyStore();
    	ks.importKeyRing(new ByteArrayInputStream(keyBytes));
    } else {
		System.out.println("no key found")
	}
 }
}

Exception handling

All methods of the HKPClient class throw java.io.IOException in case of a network failure.

Summary

This chapter illustrated how to exchange keys with HKP HTTP servers.

You may also check the chapter for exchanging keys with LDAP OpenPGP key servers.

List of methods used:

HKPClient.setPartialMatchUserids sets should keys be searched by whole or part of the User Id
HKPClient.submitKey uploads a key to a HKP server
HKPClient.getKeyByUserId downloads a key searching by User Id