java.lang.Object
- org.bouncycastle.openpgp.operator.PBESecretKeyEncryptor

public abstract class PBESecretKeyEncryptor
extends java.lang.Object

Class responsible for encrypting secret key material or data packets using a passphrase.

RFC9580 recommends the following S2K specifiers + usages:

S2K Specifier	S2K Usage	Note
`S2K.ARGON_2`	`SecretKeyPacket.USAGE_AEAD`	RECOMMENDED; Argon2 MUST be used with AEAD
`S2K.SALTED_AND_ITERATED`	`SecretKeyPacket.USAGE_SHA1`	MAY be used if Argon2 is not available; Take care to use high octet count + strong passphrase
none	`SecretKeyPacket.USAGE_NONE`	Unprotected

Additionally, implementations MAY use the following combinations with caution:

S2K Specifier	S2K Usage	Note
`S2K.SALTED_AND_ITERATED`	`SecretKeyPacket.USAGE_AEAD`	Does not provide memory hardness
`S2K.SIMPLE`	`SecretKeyPacket.USAGE_SHA1`	Only for reading secret keys in backwards compatibility mode

Field Summary

Fields
Modifier and Type	Field	Description
`protected int`	`aeadAlgorithm`
`protected int`	`encAlgorithm`
`protected char[]`	`passPhrase`
`protected java.security.SecureRandom`	`random`
`protected S2K`	`s2k`
`protected int`	`s2kCount`
`protected PGPDigestCalculator`	`s2kDigestCalculator`

Constructor Summary

Constructors
Modifier	Constructor	Description
`protected`	`PBESecretKeyEncryptor(int encAlgorithm, int aeadAlgorithm, S2K.Argon2Params argon2Params, java.security.SecureRandom random, char[] passPhrase)`
`protected`	`PBESecretKeyEncryptor(int encAlgorithm, PGPDigestCalculator s2kDigestCalculator, int s2kCount, java.security.SecureRandom random, char[] passPhrase)`
`protected`	`PBESecretKeyEncryptor(int encAlgorithm, PGPDigestCalculator s2kDigestCalculator, java.security.SecureRandom random, char[] passPhrase)`

Method Summary

All Methods Instance Methods Abstract Methods Concrete Methods
Modifier and Type	Method	Description
`byte[]`	`encryptKeyData(byte[] key, byte[] iv, byte[] keyData, int keyOff, int keyLen)`	Encrypt the passed in keyData using the key and the iv provided.
`abstract byte[]`	`encryptKeyData(byte[] key, byte[] keyData, int keyOff, int keyLen)`
`byte[]`	`encryptKeyData(byte[] keyData, int keyOff, int keyLen)`	Key encryption method invoked for V4 keys and greater.
`int`	`getAeadAlgorithm()`
`int`	`getAlgorithm()`
`abstract byte[]`	`getCipherIV()`
`int`	`getHashAlgorithm()`
`byte[]`	`getKey()`
`S2K`	`getS2K()`

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

encAlgorithm
```
protected int encAlgorithm
```

aeadAlgorithm
```
protected int aeadAlgorithm
```

passPhrase
```
protected char[] passPhrase
```

s2kDigestCalculator

protected PGPDigestCalculator s2kDigestCalculator

s2kCount
```
protected int s2kCount
```

s2k
```
protected S2K s2k
```

random

protected java.security.SecureRandom random

Constructor Detail

PBESecretKeyEncryptor

protected PBESecretKeyEncryptor(int encAlgorithm,
                                int aeadAlgorithm,
                                S2K.Argon2Params argon2Params,
                                java.security.SecureRandom random,
                                char[] passPhrase)

PBESecretKeyEncryptor

protected PBESecretKeyEncryptor(int encAlgorithm,
                                PGPDigestCalculator s2kDigestCalculator,
                                java.security.SecureRandom random,
                                char[] passPhrase)

PBESecretKeyEncryptor

protected PBESecretKeyEncryptor(int encAlgorithm,
                                PGPDigestCalculator s2kDigestCalculator,
                                int s2kCount,
                                java.security.SecureRandom random,
                                char[] passPhrase)

Method Detail

getAlgorithm
```
public int getAlgorithm()
```

getAeadAlgorithm
```
public int getAeadAlgorithm()
```

getHashAlgorithm
```
public int getHashAlgorithm()
```

getKey

public byte[] getKey()
              throws PGPException

Throws:: PGPException

getS2K
```
public S2K getS2K()
```

encryptKeyData
```
public byte[] encryptKeyData(byte[] keyData,
                             int keyOff,
                             int keyLen)
                      throws PGPException
```
Key encryption method invoked for V4 keys and greater.

Parameters:

keyData - raw key data

keyOff - offset into raw key data

keyLen - length of key data to use.

Returns:

an encryption of the passed in keyData.

Throws:

PGPException - on error in the underlying encryption process.

encryptKeyData

public abstract byte[] encryptKeyData(byte[] key,
                                      byte[] keyData,
                                      int keyOff,
                                      int keyLen)
                               throws PGPException

Throws:: PGPException

encryptKeyData

public byte[] encryptKeyData(byte[] key,
                             byte[] iv,
                             byte[] keyData,
                             int keyOff,
                             int keyLen)
                      throws PGPException

Encrypt the passed in keyData using the key and the iv provided.

This method is only used for processing version 3 keys.

Throws:: PGPException

getCipherIV
```
public abstract byte[] getCipherIV()
```

Class PBESecretKeyEncryptor

Field Summary

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

encAlgorithm

aeadAlgorithm

passPhrase

s2kDigestCalculator

s2kCount

s2k

random

Constructor Detail

PBESecretKeyEncryptor

PBESecretKeyEncryptor

PBESecretKeyEncryptor

Method Detail

getAlgorithm

getAeadAlgorithm

getHashAlgorithm

getKey

getS2K

encryptKeyData

encryptKeyData

encryptKeyData

getCipherIV