Package org.bouncycastle.openpgp.operator

Class PGPKeyPairGenerator

java.lang.Object

org.bouncycastle.openpgp.operator.PGPKeyPairGenerator

public abstract class PGPKeyPairGenerator
extends java.lang.Object

Field Summary

Fields

Modifier and Type	Field	Description
protected java.util.Date	creationTime
protected KeyFingerPrintCalculator	fingerPrintCalculator
protected java.security.SecureRandom	random
protected int	version

Constructor Summary

Constructors

Constructor	Description
PGPKeyPairGenerator(int version, java.util.Date creationTime, java.security.SecureRandom random, KeyFingerPrintCalculator fingerPrintCalculator)	Create an instance of the key pair generator.

Method Summary

Modifier and Type	Method	Description
abstract PGPKeyPair	generateEd25519KeyPair()	Generate an elliptic curve signing key over the twisted Edwards curve25519.
abstract PGPKeyPair	generateEd448KeyPair()	Generate an elliptic curve signing key over the twisted Edwards curve448.
PGPKeyPair	generateEncryptionSubkey()	Generate an encryption subkey.
abstract PGPKeyPair	generateLegacyEd25519KeyPair()	Generate a legacy elliptic curve signing key pair over the twisted Edwards curve25519.
abstract PGPKeyPair	generateLegacyX25519KeyPair()	Generate a legacy elliptic curve Diffie-Hellman encryption key pair over curve25519.
PGPKeyPair	generatePrimaryKey()	Generate a primary key.
PGPKeyPair	generateRsaKeyPair(int bitStrength)	Generate a RSA key pair with the given bit-strength.
abstract PGPKeyPair	generateRsaKeyPair(java.math.BigInteger exponent, int bitStrength)	Generate a RSA key pair with the given bit-strength over a custom exponent.
PGPKeyPair	generateSigningSubkey()	Generate a signing subkey.
abstract PGPKeyPair	generateX25519KeyPair()	Generate an elliptic curve Diffie-Hellman encryption key over curve25519.
abstract PGPKeyPair	generateX448KeyPair()	Generate an elliptic curve Diffie-Hellman encryption key over curve448.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

creationTime

protected final java.util.Date creationTime

version

protected final int version

random

protected java.security.SecureRandom random

fingerPrintCalculator

protected final KeyFingerPrintCalculator fingerPrintCalculator

Constructor Detail

PGPKeyPairGenerator

public PGPKeyPairGenerator(int version,
                           java.util.Date creationTime,
                           java.security.SecureRandom random,
                           KeyFingerPrintCalculator fingerPrintCalculator)

Create an instance of the key pair generator.

Parameters:

version - public key version (PublicKeyPacket.VERSION_4 or PublicKeyPacket.VERSION_6).

creationTime - key creation time

random - secure random number generator

Method Detail

generatePrimaryKey

public PGPKeyPair generatePrimaryKey()
                              throws PGPException

Generate a primary key. A primary key MUST use a signing-capable public key algorithm.

Returns:

primary key pair

Throws:

PGPException - if the key pair cannot be generated

generateEncryptionSubkey

public PGPKeyPair generateEncryptionSubkey()
                                    throws PGPException

Generate an encryption subkey. An encryption subkey MUST use an encryption-capable public key algorithm.

Returns:

encryption subkey pair

Throws:

PGPException - if the key pair cannot be generated

generateSigningSubkey

public PGPKeyPair generateSigningSubkey()
                                 throws PGPException

Generate a signing subkey. A signing subkey MUST use a signing-capable public key algorithm.

Returns:

signing subkey pair

Throws:

PGPException - if the key pair cannot be generated

generateRsaKeyPair

public PGPKeyPair generateRsaKeyPair(int bitStrength)
                              throws PGPException

Generate a RSA key pair with the given bit-strength. It is recommended to use at least 2048 bits or more. The key will be generated over the default exponent

65537

. RSA keys are deprecated for OpenPGP v6.

Parameters:

bitStrength - strength of the key pair in bits

Returns:

rsa key pair

Throws:

PGPException - if the key pair cannot be generated

generateRsaKeyPair

public abstract PGPKeyPair generateRsaKeyPair(java.math.BigInteger exponent,
                                              int bitStrength)
                                       throws PGPException

Generate a RSA key pair with the given bit-strength over a custom exponent. It is recommended to use at least 2048 bits or more. RSA keys are deprecated for OpenPGP v6.

Parameters:

exponent - RSA exponent

e

bitStrength - strength of the key pair in bits

Returns:

rsa key pair

Throws:

PGPException - if the key pair cannot be generated

generateEd25519KeyPair

public abstract PGPKeyPair generateEd25519KeyPair()
                                           throws PGPException

Generate an elliptic curve signing key over the twisted Edwards curve25519. The key will use PublicKeyAlgorithmTags.Ed25519 which was introduced with RFC9580. For legacy Ed25519 keys use generateLegacyEd25519KeyPair().

Returns:

Ed25519 key pair

Throws:

PGPException - if the key pair cannot be generated

See Also:

RFC9580 - Public Key Algorithms

generateEd448KeyPair

public abstract PGPKeyPair generateEd448KeyPair()
                                         throws PGPException

Generate an elliptic curve signing key over the twisted Edwards curve448. The key will use PublicKeyAlgorithmTags.Ed448 which was introduced with RFC9580.

Returns:

Ed448 signing key pair

Throws:

PGPException - if the key pair cannot be generated

See Also:

RFC9580 - Public Key Algorithms

generateX25519KeyPair

public abstract PGPKeyPair generateX25519KeyPair()
                                          throws PGPException

Generate an elliptic curve Diffie-Hellman encryption key over curve25519. THe key will use PublicKeyAlgorithmTags.X25519 which was introduced with RFC9580. For legacy X25519 keys use generateLegacyX25519KeyPair() instead.

Returns:

X25519 encryption key pair

Throws:

PGPException - if the key pair cannot be generated

See Also:

RFC9580 - Public Key Algorithms

generateX448KeyPair

public abstract PGPKeyPair generateX448KeyPair()
                                        throws PGPException

Generate an elliptic curve Diffie-Hellman encryption key over curve448. THe key will use PublicKeyAlgorithmTags.X448 which was introduced with RFC9580.

Returns:

X448 encryption key pair

Throws:

PGPException - if the key pair cannot be generated

See Also:

RFC9580 - Public Key Algorithms

generateLegacyEd25519KeyPair

public abstract PGPKeyPair generateLegacyEd25519KeyPair()
                                                 throws PGPException

Generate a legacy elliptic curve signing key pair over the twisted Edwards curve25519. Legacy keys have good application support, but MUST NOT be used as OpenPGP v6 keys. The key will use PublicKeyAlgorithmTags.EDDSA_LEGACY as algorithm ID. For OpenPGP v6 (RFC9580) use generateEd25519KeyPair() instead.

Returns:

legacy Ed25519 key pair

Throws:

PGPException - if the key pair cannot be generated

See Also:

Legacy Draft: EdDSA for OpenPGP

generateLegacyX25519KeyPair

public abstract PGPKeyPair generateLegacyX25519KeyPair()
                                                throws PGPException

Generate a legacy elliptic curve Diffie-Hellman encryption key pair over curve25519. Legacy keys have good application support, but MUST NOT be used as OpenPGP v6 keys. The key will use PublicKeyAlgorithmTags.ECDH as algorithm ID. For OpenPGP v6 (RFC9580) use generateX25519KeyPair() instead.

Returns:

legacy X25519 key pair

Throws:

PGPException - if the key pair cannot be generated