#1747 Document Signature Subpacket classes

Author: gefeili

pg/src/main/java/org/bouncycastle/bcpg/UserAttributeSubpacketTags.java

@@ -2,8 +2,16 @@
 
 /**
  * Basic PGP user attribute sub-packet tag types.
+ *
+ * @see <a href="https://datatracker.ietf.org/doc/html/rfc4880#section-5.12">
+ *     RFC4880 - User Attribute Packet</a>
+ * @see <a href="https://www.rfc-editor.org/rfc/rfc9580.html#name-user-attribute-packet-type-">
+ *     RFC9580 - User Attribute Packet</a>
  */
 public interface UserAttributeSubpacketTags 
 {
+    /**
+     * Tag for an {@link org.bouncycastle.bcpg.attr.ImageAttribute}.
+     */
     int IMAGE_ATTRIBUTE = 1;
 }

pg/src/main/java/org/bouncycastle/bcpg/UserDataPacket.java

@@ -1,5 +1,9 @@
 package org.bouncycastle.bcpg;
 
+/**
+ * Superclass for user identities ({@link UserIDPacket}, {@link UserAttributePacket}).
+ * The superclass is used to hold different user identity objects in the same collection.
+ */
 public interface UserDataPacket
 {
 

pg/src/main/java/org/bouncycastle/bcpg/attr/ImageAttribute.java

@@ -7,7 +7,12 @@
 import org.bouncycastle.bcpg.UserAttributeSubpacketTags;
 
 /**
- * Basic type for a image attribute packet.
+ * User-Attribute Subpacket used to encode an image, e.g. the user's avatar.
+ *
+ * @see <a href="https://datatracker.ietf.org/doc/html/rfc4880#section-5.12.1">
+ *     RFC4880 - Image Attribute Subpacket</a>
+ * @see <a href="https://www.rfc-editor.org/rfc/rfc9580.html#name-the-image-attribute-subpack">
+ *     RFC9580 - Image Attribute Subpacket</a>
  */
 public class ImageAttribute 
     extends UserAttributeSubpacket

pg/src/main/java/org/bouncycastle/bcpg/sig/EmbeddedSignature.java

@@ -4,7 +4,15 @@
 import org.bouncycastle.bcpg.SignatureSubpacketTags;
 
 /**
- * Packet embedded signature
+ * Signature Subpacket for embedding one Signature into another.
+ * This packet is used e.g. for embedding a primary-key binding signature
+ * ({@link org.bouncycastle.openpgp.PGPSignature#PRIMARYKEY_BINDING}) into a subkey-binding signature
+ * ({@link org.bouncycastle.openpgp.PGPSignature#SUBKEY_BINDING}) for a signing-capable subkey.
+ *
+ * @see <a href="https://datatracker.ietf.org/doc/html/rfc4880#section-5.2.3.26">
+ *     RFC4880 - Embedded Signature</a>
+ * @see <a href="https://www.rfc-editor.org/rfc/rfc9580.html#name-embedded-signature">
+ *     RFC9580 - Embedded Signature</a>
  */
 public class EmbeddedSignature
     extends SignatureSubpacket

pg/src/main/java/org/bouncycastle/bcpg/sig/Exportable.java

@@ -4,7 +4,13 @@
 import org.bouncycastle.bcpg.SignatureSubpacketTags;
 
 /**
- * packet giving signature creation time.
+ * Signature Subpacket for marking a signature as exportable or non-exportable.
+ * Non-exportable signatures are not intended to be published.
+ *
+ * @see <a href="https://datatracker.ietf.org/doc/html/rfc4880#section-5.2.3.11">
+ *     RFC4880 - Exportable Certification</a>
+ * @see <a href="https://www.rfc-editor.org/rfc/rfc9580.html#name-exportable-certification">
+ *     RFC9580 - Exportable Certification</a>
  */
 public class Exportable 
     extends SignatureSubpacket

pg/src/main/java/org/bouncycastle/bcpg/sig/Features.java

@@ -3,6 +3,14 @@
 import org.bouncycastle.bcpg.SignatureSubpacket;
 import org.bouncycastle.bcpg.SignatureSubpacketTags;
 
+/**
+ * Signature Subpacket encoding, which features are supported by the key-holders implementation.
+ *
+ * @see <a href="https://datatracker.ietf.org/doc/html/rfc4880#section-5.2.3.24">
+ *     RFC4880 - Features</a>
+ * @see <a href="https://www.rfc-editor.org/rfc/rfc9580.html#name-features">
+ *     RFC9580 - Features</a>
+ */
 public class Features
     extends SignatureSubpacket
 {

pg/src/main/java/org/bouncycastle/bcpg/sig/IntendedRecipientFingerprint.java

@@ -5,7 +5,11 @@
 import org.bouncycastle.util.Arrays;
 
 /**
- * packet giving the intended recipient fingerprint.
+ * Signature Subpacket containing the fingerprint of the intended recipients primary key.
+ * This packet can be used to prevent malicious forwarding/replay attacks.
+ *
+ * @see <a href="https://www.rfc-editor.org/rfc/rfc9580.html#name-intended-recipient-fingerpr">
+ *     RFC9580 - Intended Recipient Fingerprint</a>
  */
 public class IntendedRecipientFingerprint
     extends SignatureSubpacket

pg/src/main/java/org/bouncycastle/bcpg/sig/IssuerFingerprint.java

@@ -7,7 +7,11 @@
 import org.bouncycastle.util.Arrays;
 
 /**
- * packet giving the issuer key fingerprint.
+ * Signature Subpacket containing the fingerprint of the issuers signing (sub-) key.
+ * This packet supersedes the {@link IssuerKeyID} subpacket.
+ *
+ * @see <a href="https://www.rfc-editor.org/rfc/rfc9580.html#name-issuer-fingerprint">
+ *     RFC9580 - Issuer Fingerprint</a>
  */
 public class IssuerFingerprint
     extends SignatureSubpacket

pg/src/main/java/org/bouncycastle/bcpg/sig/IssuerKeyID.java

@@ -5,7 +5,14 @@
 import org.bouncycastle.bcpg.SignatureSubpacketTags;
 
 /**
- * packet giving the issuer key ID.
+ * Signature Subpacket containing the key-id of the issuers signing (sub-) key.
+ * If the version of that key is greater than 4, this subpacket MUST NOT be included in the signature.
+ * For these keys, consider the {@link IssuerFingerprint} subpacket instead.
+ *
+ * @see <a href="https://datatracker.ietf.org/doc/html/rfc4880#section-5.2.3.5">
+ *     RFC4880 - Issuer</a>
+ * @see <a href="https://www.rfc-editor.org/rfc/rfc9580.html#name-issuer-key-id">
+ *     RFC9580 - Issuer Key ID</a>
  */
 public class IssuerKeyID 
     extends SignatureSubpacket

pg/src/main/java/org/bouncycastle/bcpg/sig/KeyExpirationTime.java

@@ -4,7 +4,13 @@
 import org.bouncycastle.bcpg.SignatureSubpacketTags;
 
 /**
- * packet giving time after creation at which the key expires.
+ * Signature Subpacket containing the number of seconds after the key's creation date, after which the key expires.
+ * The special value of {@code 0} means that the key never expires.
+ *
+ * @see <a href="https://datatracker.ietf.org/doc/html/rfc4880#section-5.2.3.6">
+ *     RFC4880 - Key Expiration Time</a>
+ * @see <a href="https://www.rfc-editor.org/rfc/rfc9580.html#name-key-expiration-time">
+ *     RFC9580 - Key Expiration Time</a>
  */
 public class KeyExpirationTime 
     extends SignatureSubpacket