Package org.bouncycastle.openpgp.api

Class OpenPGPV6KeyGenerator

java.lang.Object

org.bouncycastle.openpgp.api.OpenPGPV6KeyGenerator

Direct Known Subclasses:

BcOpenPGPV6KeyGenerator, JcaOpenPGPV6KeyGenerator

public class OpenPGPV6KeyGenerator
extends java.lang.Object

High-level generator class for OpenPGP v6 keys.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	OpenPGPV6KeyGenerator.WithPrimaryKey	Intermediate builder class.

Field Summary

Fields

Modifier and Type	Field	Description
static SignatureSubpacketsFunction	DEFAULT_AEAD_ALGORITHM_PREFERENCES	Standard AEAD encryption preferences (SEIPDv2).
static SignatureSubpacketsFunction	DEFAULT_COMPRESSION_ALGORITHM_PREFERENCES	Standard compression algorithm preferences.
static SignatureSubpacketsFunction	DEFAULT_FEATURES	Standard features to announce.
static SignatureSubpacketsFunction	DEFAULT_HASH_ALGORITHM_PREFERENCES	Standard signature hash algorithm preferences.
static int	DEFAULT_SIGNATURE_HASH_ALGORITHM	Hash algorithm for key signatures if no other one is provided during construction.
static SignatureSubpacketsFunction	DEFAULT_SYMMETRIC_KEY_PREFERENCES	Standard symmetric-key encryption preferences (SEIPDv1).
static SignatureSubpacketsFunction	DIRECT_KEY_SIGNATURE_SUBPACKETS	Standard signature subpackets for the direct-key signature.
static SignatureSubpacketsFunction	ENCRYPTION_SUBKEY_SUBPACKETS	Standard signature subpackets for encryption subkey's binding signatures.
static SignatureSubpacketsFunction	SIGNING_SUBKEY_SUBPACKETS	Standard signature subpackets for signing subkey's binding signatures.

Constructor Summary

Constructors

Constructor	Description
OpenPGPV6KeyGenerator(PGPKeyPairGeneratorProvider kpGenProvider, PGPContentSignerBuilderProvider contentSignerBuilderProvider, PGPDigestCalculatorProvider digestCalculatorProvider, PBESecretKeyEncryptorFactory keyEncryptionBuilderProvider, KeyFingerPrintCalculator keyFingerPrintCalculator, java.util.Date creationTime)	Generate a new OpenPGP key generator for v6 keys.

Method Summary

Modifier and Type	Method	Description
PGPSecretKeyRing	classicKey(java.lang.String userId, char[] passphrase)	Generate an OpenPGP key consisting of a certify-only primary key, a dedicated signing-subkey and dedicated encryption-subkey.
PGPSecretKeyRing	ed25519x25519Key(java.lang.String userId, char[] passphrase)	Generate an OpenPGP key consisting of an Ed25519 certify-only primary key, a dedicated Ed25519 sign-only subkey and dedicated X25519 encryption-only subkey.
PGPSecretKeyRing	ed448x448Key(java.lang.String userId, char[] passphrase)	Generate an OpenPGP key consisting of an Ed448 certify-only primary key, a dedicated Ed448 sign-only subkey and dedicated X448 encryption-only subkey.
PGPSecretKeyRing	signOnlyKey(char[] passphrase)	Generate a sign-only OpenPGP key.
PGPSecretKeyRing	signOnlyKey(char[] passphrase, SignatureSubpacketsFunction userSubpackets)	Generate a sign-only OpenPGP key.
PGPSecretKeyRing	signOnlyKey(PGPKeyPair primaryKeyPair, PBESecretKeyEncryptor keyEncryptor, SignatureSubpacketsFunction userSubpackets)	Generate a sign-only OpenPGP key.
OpenPGPV6KeyGenerator.WithPrimaryKey	withPrimaryKey()	Generate an OpenPGP key with a certification-capable primary key.
OpenPGPV6KeyGenerator.WithPrimaryKey	withPrimaryKey(KeyPairGeneratorCallback keyGenCallback)
OpenPGPV6KeyGenerator.WithPrimaryKey	withPrimaryKey(KeyPairGeneratorCallback keyGenCallback, SignatureSubpacketsFunction directKeySubpackets)	Generate an OpenPGP key with a certification-capable primary key.
OpenPGPV6KeyGenerator.WithPrimaryKey	withPrimaryKey(KeyPairGeneratorCallback keyGenCallback, SignatureSubpacketsFunction directKeySubpackets, char[] passphrase)	Generate an OpenPGP key with a certification-capable primary key.
OpenPGPV6KeyGenerator.WithPrimaryKey	withPrimaryKey(SignatureSubpacketsFunction directKeySubpackets)	Generate an OpenPGP key with a certification-capable primary key.
OpenPGPV6KeyGenerator.WithPrimaryKey	withPrimaryKey(PGPKeyPair primaryKeyPair, SignatureSubpacketsFunction directKeySubpackets)	Generate an OpenPGP key with a certification-capable primary key.
OpenPGPV6KeyGenerator.WithPrimaryKey	withPrimaryKey(PGPKeyPair primaryKeyPair, SignatureSubpacketsFunction directKeySubpackets, PBESecretKeyEncryptor keyEncryptor)	Generate an OpenPGP key with a certification-capable primary key.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULT_SIGNATURE_HASH_ALGORITHM

public static final int DEFAULT_SIGNATURE_HASH_ALGORITHM

Hash algorithm for key signatures if no other one is provided during construction.

See Also:

Constant Field Values

DEFAULT_AEAD_ALGORITHM_PREFERENCES

public static SignatureSubpacketsFunction DEFAULT_AEAD_ALGORITHM_PREFERENCES

Standard AEAD encryption preferences (SEIPDv2). By default, only announce support for OCB + AES.

DEFAULT_SYMMETRIC_KEY_PREFERENCES

public static SignatureSubpacketsFunction DEFAULT_SYMMETRIC_KEY_PREFERENCES

Standard symmetric-key encryption preferences (SEIPDv1). By default, announce support for AES.

DEFAULT_HASH_ALGORITHM_PREFERENCES

public static SignatureSubpacketsFunction DEFAULT_HASH_ALGORITHM_PREFERENCES

Standard signature hash algorithm preferences. By default, only announce SHA3 and SHA2 algorithms.

DEFAULT_COMPRESSION_ALGORITHM_PREFERENCES

public static SignatureSubpacketsFunction DEFAULT_COMPRESSION_ALGORITHM_PREFERENCES

Standard compression algorithm preferences. By default, announce support for all known algorithms.

DEFAULT_FEATURES

public static SignatureSubpacketsFunction DEFAULT_FEATURES

Standard features to announce. By default, announce SEIPDv1 (modification detection) and SEIPDv2.

SIGNING_SUBKEY_SUBPACKETS

public static SignatureSubpacketsFunction SIGNING_SUBKEY_SUBPACKETS

Standard signature subpackets for signing subkey's binding signatures. Sets the keyflag subpacket to SIGN_DATA.

ENCRYPTION_SUBKEY_SUBPACKETS

public static SignatureSubpacketsFunction ENCRYPTION_SUBKEY_SUBPACKETS

Standard signature subpackets for encryption subkey's binding signatures. Sets the keyflag subpacket to ENCRYPT_STORAGE|ENCRYPT_COMMS.

DIRECT_KEY_SIGNATURE_SUBPACKETS

public static SignatureSubpacketsFunction DIRECT_KEY_SIGNATURE_SUBPACKETS

Standard signature subpackets for the direct-key signature. Sets default features, hash-, compression-, symmetric-key-, and AEAD algorithm preferences.

Constructor Detail

OpenPGPV6KeyGenerator

public OpenPGPV6KeyGenerator(PGPKeyPairGeneratorProvider kpGenProvider,
                             PGPContentSignerBuilderProvider contentSignerBuilderProvider,
                             PGPDigestCalculatorProvider digestCalculatorProvider,
                             PBESecretKeyEncryptorFactory keyEncryptionBuilderProvider,
                             KeyFingerPrintCalculator keyFingerPrintCalculator,
                             java.util.Date creationTime)

Generate a new OpenPGP key generator for v6 keys.

Parameters:

kpGenProvider - key pair generator provider

contentSignerBuilderProvider - content signer builder provider

digestCalculatorProvider - digest calculator provider

keyEncryptionBuilderProvider - secret key encryption builder provider (AEAD)

keyFingerPrintCalculator - calculator for key fingerprints

creationTime - key creation time

Method Detail

classicKey

public PGPSecretKeyRing classicKey(java.lang.String userId,
                                   char[] passphrase)
                            throws PGPException

Generate an OpenPGP key consisting of a certify-only primary key, a dedicated signing-subkey and dedicated encryption-subkey. The key will carry the provided user-id and be protected using the provided passphrase. See PGPKeyPairGenerator.generatePrimaryKey() for the primary key type, PGPKeyPairGenerator.generateSigningSubkey() for the signing-subkey type and PGPKeyPairGenerator.generateEncryptionSubkey() for the encryption-subkey key type.

Parameters:

userId - user id

passphrase - nullable passphrase.

Returns:

OpenPGP key

Throws:

PGPException - if the key cannot be generated

ed25519x25519Key

public PGPSecretKeyRing ed25519x25519Key(java.lang.String userId,
                                         char[] passphrase)
                                  throws PGPException

Generate an OpenPGP key consisting of an Ed25519 certify-only primary key, a dedicated Ed25519 sign-only subkey and dedicated X25519 encryption-only subkey. The key will carry the provided user-id and be protected using the provided passphrase.

Parameters:

userId - user id

passphrase - nullable passphrase

Returns:

OpenPGP key

Throws:

PGPException - if the key cannot be generated

ed448x448Key

public PGPSecretKeyRing ed448x448Key(java.lang.String userId,
                                     char[] passphrase)
                              throws PGPException

Generate an OpenPGP key consisting of an Ed448 certify-only primary key, a dedicated Ed448 sign-only subkey and dedicated X448 encryption-only subkey. The key will carry the provided user-id and be protected using the provided passphrase.

Parameters:

userId - user id

passphrase - nullable passphrase

Returns:

OpenPGP key

Throws:

PGPException - if the key cannot be generated

signOnlyKey

public PGPSecretKeyRing signOnlyKey(char[] passphrase)
                             throws PGPException

Generate a sign-only OpenPGP key. The key consists of a single, user-id-less primary key, which is capable of signing and certifying. See PGPKeyPairGenerator.generatePrimaryKey() for the key type.

Parameters:

passphrase - nullable passphrase to protect the key with

Returns:

sign-only (+certify) OpenPGP key

Throws:

PGPException - if the key cannot be generated

signOnlyKey

public PGPSecretKeyRing signOnlyKey(char[] passphrase,
                                    SignatureSubpacketsFunction userSubpackets)
                             throws PGPException

Generate a sign-only OpenPGP key. The key consists of a single, user-id-less primary key, which is capable of signing and certifying. It carries a single direct-key signature with signing-related preferences whose subpackets can be modified by providing a SignatureSubpacketsFunction.

Parameters:

passphrase - nullable passphrase to protect the key with

userSubpackets - callback to modify the direct-key signature subpackets with

Returns:

sign-only (+certify) OpenPGP key

Throws:

PGPException - if the key cannot be generated

signOnlyKey

public PGPSecretKeyRing signOnlyKey(PGPKeyPair primaryKeyPair,
                                    PBESecretKeyEncryptor keyEncryptor,
                                    SignatureSubpacketsFunction userSubpackets)
                             throws PGPException

Generate a sign-only OpenPGP key. The key consists of a single, user-id-less primary key, which is capable of signing and certifying. It carries a single direct-key signature with signing-related preferences whose subpackets can be modified by providing a SignatureSubpacketsFunction.

Parameters:

primaryKeyPair - signing-capable primary key

keyEncryptor - nullable encryptor to protect the primary key with

userSubpackets - callback to modify the direct-key signature subpackets with

Returns:

sign-only (+certify) OpenPGP key

Throws:

PGPException - if the key cannot be generated

withPrimaryKey

public OpenPGPV6KeyGenerator.WithPrimaryKey withPrimaryKey()
                                                    throws PGPException

Generate an OpenPGP key with a certification-capable primary key. See PGPKeyPairGenerator.generatePrimaryKey() for the primary key type

Returns:

builder

Throws:

PGPException - if the key cannot be generated

withPrimaryKey

public OpenPGPV6KeyGenerator.WithPrimaryKey withPrimaryKey(KeyPairGeneratorCallback keyGenCallback)
                                                    throws PGPException

Throws:

PGPException

withPrimaryKey

public OpenPGPV6KeyGenerator.WithPrimaryKey withPrimaryKey(SignatureSubpacketsFunction directKeySubpackets)
                                                    throws PGPException

Generate an OpenPGP key with a certification-capable primary key. See PGPKeyPairGenerator.generatePrimaryKey() for the primary key type The key will carry a direct-key signature, whose subpackets can be modified by overriding the given SignatureSubpacketsFunction.

Parameters:

directKeySubpackets - nullable callback to modify the direct-key signatures subpackets

Returns:

builder

Throws:

PGPException - if the key cannot be generated

withPrimaryKey

public OpenPGPV6KeyGenerator.WithPrimaryKey withPrimaryKey(KeyPairGeneratorCallback keyGenCallback,
                                                           SignatureSubpacketsFunction directKeySubpackets)
                                                    throws PGPException

Generate an OpenPGP key with a certification-capable primary key. The KeyPairGeneratorCallback can be used to specify the primary key type. The key will carry a direct-key signature, whose subpackets can be modified by overriding the given SignatureSubpacketsFunction.

Parameters:

keyGenCallback - callback to specify the primary key type

directKeySubpackets - nullable callback to modify the direct-key signatures subpackets

Returns:

builder

Throws:

PGPException - if the key cannot be generated

withPrimaryKey

public OpenPGPV6KeyGenerator.WithPrimaryKey withPrimaryKey(PGPKeyPair primaryKeyPair,
                                                           SignatureSubpacketsFunction directKeySubpackets)
                                                    throws PGPException

Generate an OpenPGP key with a certification-capable primary key. The key will carry a direct-key signature, whose subpackets can be modified by overriding the given SignatureSubpacketsFunction.

Parameters:

primaryKeyPair - primary key

directKeySubpackets - nullable callback to modify the direct-key signatures subpackets

Returns:

builder

Throws:

PGPException - if the key cannot be generated

withPrimaryKey

public OpenPGPV6KeyGenerator.WithPrimaryKey withPrimaryKey(KeyPairGeneratorCallback keyGenCallback,
                                                           SignatureSubpacketsFunction directKeySubpackets,
                                                           char[] passphrase)
                                                    throws PGPException

Generate an OpenPGP key with a certification-capable primary key. The KeyPairGeneratorCallback can be used to specify the primary key type. The key will carry a direct-key signature, whose subpackets can be modified by overriding the given SignatureSubpacketsFunction. IMPORTANT: The custom primary key passphrase will only be used, if in the final step the key is retrieved using OpenPGPV6KeyGenerator.WithPrimaryKey.build(). If instead OpenPGPV6KeyGenerator.WithPrimaryKey.build(char[]) is used, the key-specific passphrase is overwritten with the argument passed into OpenPGPV6KeyGenerator.WithPrimaryKey.build(char[]).

Parameters:

keyGenCallback - callback to specify the primary key type

directKeySubpackets - nullable callback to modify the direct-key signatures subpackets

passphrase - nullable passphrase to protect the primary key with

Returns:

builder

Throws:

PGPException - if the key cannot be generated

withPrimaryKey

public OpenPGPV6KeyGenerator.WithPrimaryKey withPrimaryKey(PGPKeyPair primaryKeyPair,
                                                           SignatureSubpacketsFunction directKeySubpackets,
                                                           PBESecretKeyEncryptor keyEncryptor)
                                                    throws PGPException

Generate an OpenPGP key with a certification-capable primary key. The KeyPairGeneratorCallback can be used to specify the primary key type. The key will carry a direct-key signature, whose subpackets can be modified by overriding the given SignatureSubpacketsFunction. IMPORTANT: The custom keyEncryptor will only be used, if in the final step the key is retrieved using OpenPGPV6KeyGenerator.WithPrimaryKey.build(). If instead OpenPGPV6KeyGenerator.WithPrimaryKey.build(char[]) is used, the key-specific encryptor is overwritten with an encryptor built from the argument passed into OpenPGPV6KeyGenerator.WithPrimaryKey.build(char[]).

Parameters:

primaryKeyPair - primary key

directKeySubpackets - nullable callback to modify the direct-key signatures subpackets

keyEncryptor - nullable encryptor to protect the primary key with

Returns:

builder

Throws:

PGPException - if the key cannot be generated