Class PublicKeyKeyEncryptionMethodGenerator
- java.lang.Object
-
- org.bouncycastle.openpgp.operator.PublicKeyKeyEncryptionMethodGenerator
-
- All Implemented Interfaces:
PGPKeyEncryptionMethodGenerator
- Direct Known Subclasses:
BcPublicKeyKeyEncryptionMethodGenerator,JcePublicKeyKeyEncryptionMethodGenerator
public abstract class PublicKeyKeyEncryptionMethodGenerator extends java.lang.Object implements PGPKeyEncryptionMethodGenerator
Abstract generator class for encryption methods that produce PKESK (public-key encrypted session key) packets. PKESKs are used when encrypting a message for a recipients public key. The purpose of this class is to allow subclasses to decide, which implementation to use.
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringSESSION_KEY_OBFUSCATION_PROPERTYprotected booleansessionKeyObfuscationprotected booleanuseWildcardRecipientstatic longWILDCARDDeprecated.use WILDCARD_KEYIDstatic byte[]WILDCARD_FINGERPRINTstatic longWILDCARD_KEYID
-
Constructor Summary
Constructors Modifier Constructor Description protectedPublicKeyKeyEncryptionMethodGenerator(PGPPublicKey pubKey)
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Concrete Methods Deprecated Methods Modifier and Type Method Description protected byte[]createSessionInfo(byte algorithm, byte[] keyBytes)byte[][]encodeEncryptedSessionInfo(byte[] encryptedSessionInfo)protected abstract byte[]encryptSessionInfo(PGPPublicKey pubKey, byte[] sessionKey, byte symAlgId, boolean isV3)Encrypt a session key using the recipients public key.ContainedPacketgenerate(PGPDataEncryptorBuilder dataEncryptorBuilder, byte[] sessionKey)Generate a Public-Key Encrypted Session-Key (PKESK) packet of version 3.protected static byte[]getSessionInfo(byte[] ephPubEncoding, byte optSymKeyAlgorithm, byte[] wrappedSessionKey)PublicKeyKeyEncryptionMethodGeneratorsetSessionKeyObfuscation(boolean enabled)Controls whether to obfuscate the size of ECDH session keys using extra padding where necessary.PublicKeyKeyEncryptionMethodGeneratorsetUseWildcardKeyID(boolean enabled)Deprecated.usesetUseWildcardRecipient(boolean)instead TODO: Remove in a future releasePublicKeyKeyEncryptionMethodGeneratorsetUseWildcardRecipient(boolean enabled)Controls whether the recipient key ID/fingerprint is hidden (replaced by a wildcard value).
-
-
-
Field Detail
-
SESSION_KEY_OBFUSCATION_PROPERTY
public static final java.lang.String SESSION_KEY_OBFUSCATION_PROPERTY
- See Also:
- Constant Field Values
-
WILDCARD_KEYID
public static final long WILDCARD_KEYID
- See Also:
- Constant Field Values
-
WILDCARD
public static final long WILDCARD
Deprecated.use WILDCARD_KEYID- See Also:
- Constant Field Values
-
WILDCARD_FINGERPRINT
public static final byte[] WILDCARD_FINGERPRINT
-
sessionKeyObfuscation
protected boolean sessionKeyObfuscation
-
useWildcardRecipient
protected boolean useWildcardRecipient
-
-
Constructor Detail
-
PublicKeyKeyEncryptionMethodGenerator
protected PublicKeyKeyEncryptionMethodGenerator(PGPPublicKey pubKey)
-
-
Method Detail
-
setSessionKeyObfuscation
public PublicKeyKeyEncryptionMethodGenerator setSessionKeyObfuscation(boolean enabled)
Controls whether to obfuscate the size of ECDH session keys using extra padding where necessary.The default behaviour can be configured using the system property "org.bouncycastle.openpgp.session_key_obfuscation", or else it will default to enabled.
- Returns:
- the current generator.
-
setUseWildcardKeyID
@Deprecated public PublicKeyKeyEncryptionMethodGenerator setUseWildcardKeyID(boolean enabled)
Deprecated.usesetUseWildcardRecipient(boolean)instead TODO: Remove in a future releaseControls whether the recipient key ID/fingerprint is hidden (replaced by a wildcard value).- Parameters:
enabled- boolean- Returns:
- this
-
setUseWildcardRecipient
public PublicKeyKeyEncryptionMethodGenerator setUseWildcardRecipient(boolean enabled)
Controls whether the recipient key ID/fingerprint is hidden (replaced by a wildcard value).- Parameters:
enabled- boolean- Returns:
- this
-
encodeEncryptedSessionInfo
public byte[][] encodeEncryptedSessionInfo(byte[] encryptedSessionInfo) throws PGPException- Throws:
PGPException
-
generate
public ContainedPacket generate(PGPDataEncryptorBuilder dataEncryptorBuilder, byte[] sessionKey) throws PGPException
Generate a Public-Key Encrypted Session-Key (PKESK) packet of version 3. PKESKv3 packets are used with Symmetrically-Encrypted-Integrity-Protected Data (SEIPD) packets of version 1 or with Symmetrically-Encrypted Data (SED) packets and MUST NOT be used with SEIPDv2 packets. PKESKv3 packets are used with keys that do not supportFeatures.FEATURE_SEIPD_V2or as a fallback. Generate a Public-Key Encrypted Session-Key (PKESK) packet of version 6. PKESKv6 packets are used with Symmetrically-Encrypted Integrity-Protected Data (SEIPD) packets of version 2 only. PKESKv6 packets are used with keys that supportFeatures.FEATURE_SEIPD_V2.- Specified by:
generatein interfacePGPKeyEncryptionMethodGenerator- Parameters:
sessionKey- session-key algorithm id + session-key + checksum- Returns:
- PKESKv6 or v3 packet
- Throws:
PGPException- if the PKESK packet cannot be generated- See Also:
- RFC9580 - Version 6 Public Key Encrypted Session Key Packet, RFC9580 - Version 3 Public Key Encrypted Session Key Packet
-
createSessionInfo
protected byte[] createSessionInfo(byte algorithm, byte[] keyBytes)
-
encryptSessionInfo
protected abstract byte[] encryptSessionInfo(PGPPublicKey pubKey, byte[] sessionKey, byte symAlgId, boolean isV3) throws PGPException
Encrypt a session key using the recipients public key.- Parameters:
pubKey- recipients public keysessionKey- session-keysymAlgId- for v3: session key algorithm ID; for v6: 0- Returns:
- encrypted session info
- Throws:
PGPException
-
getSessionInfo
protected static byte[] getSessionInfo(byte[] ephPubEncoding, byte optSymKeyAlgorithm, byte[] wrappedSessionKey)
-
-