Most of the properties of a .pgp key can be edited. Exception to this of course are the asymmetric algorithm parameters which form the backbone of the key. In this chapter we are going to illustrate how to modify some of the key attributes.
DidiSoft OpenPGP Library for Java offers key modification routines for keys already imported in a KeyStore. After modification the updated keys can be exported.
Changing the password of a pgp key in Java
We should specify the target private key either with it’s User Id or Key Id; this example uses the method that accepts User Id. An overloaded method with the same name exists that accepts Key Id as parameter.
import com.didisoft.pgp.KeyStore; public class ChangePrivateKeyPassword { public static void main(String[] args) throws Exception{ // initialize the KeyStore instance KeyStore ks = new KeyStore("pgp.keystore", "changeit"); // change secret key password String keyUserId = "test@gmail.com"; String oldPassword = "changeit"; String newPassaword = "new_private_key_password"; ks.changePrivateKeyPassword(keyUserId, oldPassword, newPassword); } } |
Eventually we can export the private key lately if we prefer to keep it in a standalone file.
Adding a sub key
Modern OpenPGP keys are formed by a master key pair (public and private key) used for signing purposes and an encryption sub key pair, which is signed by the master key pair. Eventually we may decide to add additional sub key pair for specific purpose, for example signing .pgp data. A prerequisite for this operation is that the private key is also available and we know its password, in order to be able to sign the newly generated sub key so it becomes a valid member of the composite OpenPGP key.
We can add a sub key to a .pgp key located in a KeyStore, through the addSubKey method. The first two arguments of the method identify the target composite OpenPGP key and the password for the private key. The third argument specifies will the sub key be used for encryption. The rest of the arguments specify the asymmetric algorithm for the sub key:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | import com.didisoft.pgp.EcCurve; import com.didisoft.pgp.KeyPairInformation; import com.didisoft.pgp.KeyStore; public class AddSubKey { public static void main(String[] args) throws Exception{ // create an instance of an in-memory the KeyStore KeyStore keyStore = new KeyStore(); KeyPairInformation key = keyStore.generateRsaKeyPair(512, "my userId", "my key password", 365); // appends a new sub key boolean isEncryptionSubKey = true; long newSubKeyId = keyStore.addSubKey(key.getKeyID(), "my key password", isEncryptionSubKey, EcCurve.Enum.NIST_P_521); } } |
Deleting a sub key
We can delete a sub key from an OpenPGP key pair through the KeyStore.deleteSubKey method:
1 2 3 4 5 6 7 8 9 10 11 12 13 | import com.didisoft.pgp.EcCurve; import com.didisoft.pgp.KeyPairInformation; import com.didisoft.pgp.KeyStore; public class AddSubKey { public static void main(String[] args) throws Exception{ // create an instance of an in-memory the KeyStore KeyStore keyStore = new KeyStore("my.keystore", "my password"); // removes the sub key with the specified Id keyStore.deleteSubKey("0742A31"); } } |
Summary
This chapter discussed how to modify properties of .pgp keys imported in a com.didisoft.pgp.KeyStore class.
