Package org.bouncycastle.openpgp.api
Class OpenPGPV6KeyGenerator
java.lang.Object
org.bouncycastle.openpgp.api.OpenPGPV6KeyGenerator
- Direct Known Subclasses:
BcOpenPGPV6KeyGenerator
,JcaOpenPGPV6KeyGenerator
High-level generator class for OpenPGP v6 keys.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic class
Intermediate builder class. -
Field Summary
FieldsModifier and TypeFieldDescriptionstatic SignatureSubpacketsFunction
Standard AEAD encryption preferences (SEIPDv2).static SignatureSubpacketsFunction
Standard compression algorithm preferences.static SignatureSubpacketsFunction
Standard features to announce.static SignatureSubpacketsFunction
Standard signature hash algorithm preferences.static final int
Hash algorithm for key signatures if no other one is provided during construction.static SignatureSubpacketsFunction
Standard symmetric-key encryption preferences (SEIPDv1).static SignatureSubpacketsFunction
Standard signature subpackets for the direct-key signature.static SignatureSubpacketsFunction
Standard signature subpackets for encryption subkey's binding signatures.static SignatureSubpacketsFunction
Standard signature subpackets for signing subkey's binding signatures. -
Constructor Summary
ConstructorsConstructorDescriptionOpenPGPV6KeyGenerator
(PGPKeyPairGeneratorProvider kpGenProvider, PGPContentSignerBuilderProvider contentSignerBuilderProvider, PGPDigestCalculatorProvider digestCalculatorProvider, PBESecretKeyEncryptorFactory keyEncryptionBuilderProvider, KeyFingerPrintCalculator keyFingerPrintCalculator, Date creationTime) Generate a new OpenPGP key generator for v6 keys. -
Method Summary
Modifier and TypeMethodDescriptionclassicKey
(String userId, char[] passphrase) Generate an OpenPGP key consisting of a certify-only primary key, a dedicated signing-subkey and dedicated encryption-subkey.ed25519x25519Key
(String userId, char[] passphrase) Generate an OpenPGP key consisting of an Ed25519 certify-only primary key, a dedicated Ed25519 sign-only subkey and dedicated X25519 encryption-only subkey.ed448x448Key
(String userId, char[] passphrase) Generate an OpenPGP key consisting of an Ed448 certify-only primary key, a dedicated Ed448 sign-only subkey and dedicated X448 encryption-only subkey.signOnlyKey
(char[] passphrase) Generate a sign-only OpenPGP key.signOnlyKey
(char[] passphrase, SignatureSubpacketsFunction userSubpackets) Generate a sign-only OpenPGP key.signOnlyKey
(PGPKeyPair primaryKeyPair, PBESecretKeyEncryptor keyEncryptor, SignatureSubpacketsFunction userSubpackets) Generate a sign-only OpenPGP key.Generate an OpenPGP key with a certification-capable primary key.withPrimaryKey
(KeyPairGeneratorCallback keyGenCallback) withPrimaryKey
(KeyPairGeneratorCallback keyGenCallback, SignatureSubpacketsFunction directKeySubpackets) Generate an OpenPGP key with a certification-capable primary key.withPrimaryKey
(KeyPairGeneratorCallback keyGenCallback, SignatureSubpacketsFunction directKeySubpackets, char[] passphrase) Generate an OpenPGP key with a certification-capable primary key.withPrimaryKey
(SignatureSubpacketsFunction directKeySubpackets) Generate an OpenPGP key with a certification-capable primary key.withPrimaryKey
(PGPKeyPair primaryKeyPair, SignatureSubpacketsFunction directKeySubpackets) Generate an OpenPGP key with a certification-capable primary key.withPrimaryKey
(PGPKeyPair primaryKeyPair, SignatureSubpacketsFunction directKeySubpackets, PBESecretKeyEncryptor keyEncryptor) Generate an OpenPGP key with a certification-capable primary key.
-
Field Details
-
DEFAULT_SIGNATURE_HASH_ALGORITHM
public static final int DEFAULT_SIGNATURE_HASH_ALGORITHMHash algorithm for key signatures if no other one is provided during construction.- See Also:
-
DEFAULT_AEAD_ALGORITHM_PREFERENCES
Standard AEAD encryption preferences (SEIPDv2). By default, only announce support for OCB + AES. -
DEFAULT_SYMMETRIC_KEY_PREFERENCES
Standard symmetric-key encryption preferences (SEIPDv1). By default, announce support for AES. -
DEFAULT_HASH_ALGORITHM_PREFERENCES
Standard signature hash algorithm preferences. By default, only announce SHA3 and SHA2 algorithms. -
DEFAULT_COMPRESSION_ALGORITHM_PREFERENCES
Standard compression algorithm preferences. By default, announce support for all known algorithms. -
DEFAULT_FEATURES
Standard features to announce. By default, announce SEIPDv1 (modification detection) and SEIPDv2. -
SIGNING_SUBKEY_SUBPACKETS
Standard signature subpackets for signing subkey's binding signatures. Sets the keyflag subpacket to SIGN_DATA. -
ENCRYPTION_SUBKEY_SUBPACKETS
Standard signature subpackets for encryption subkey's binding signatures. Sets the keyflag subpacket to ENCRYPT_STORAGE|ENCRYPT_COMMS. -
DIRECT_KEY_SIGNATURE_SUBPACKETS
Standard signature subpackets for the direct-key signature. Sets default features, hash-, compression-, symmetric-key-, and AEAD algorithm preferences.
-
-
Constructor Details
-
OpenPGPV6KeyGenerator
public OpenPGPV6KeyGenerator(PGPKeyPairGeneratorProvider kpGenProvider, PGPContentSignerBuilderProvider contentSignerBuilderProvider, PGPDigestCalculatorProvider digestCalculatorProvider, PBESecretKeyEncryptorFactory keyEncryptionBuilderProvider, KeyFingerPrintCalculator keyFingerPrintCalculator, Date creationTime) Generate a new OpenPGP key generator for v6 keys.- Parameters:
kpGenProvider
- key pair generator providercontentSignerBuilderProvider
- content signer builder providerdigestCalculatorProvider
- digest calculator providerkeyEncryptionBuilderProvider
- secret key encryption builder provider (AEAD)keyFingerPrintCalculator
- calculator for key fingerprintscreationTime
- key creation time
-
-
Method Details
-
classicKey
Generate an OpenPGP key consisting of a certify-only primary key, a dedicated signing-subkey and dedicated encryption-subkey. The key will carry the provided user-id and be protected using the provided passphrase. SeePGPKeyPairGenerator.generatePrimaryKey()
for the primary key type,PGPKeyPairGenerator.generateSigningSubkey()
for the signing-subkey type andPGPKeyPairGenerator.generateEncryptionSubkey()
for the encryption-subkey key type.- Parameters:
userId
- user idpassphrase
- nullable passphrase.- Returns:
- OpenPGP key
- Throws:
PGPException
- if the key cannot be generated
-
ed25519x25519Key
Generate an OpenPGP key consisting of an Ed25519 certify-only primary key, a dedicated Ed25519 sign-only subkey and dedicated X25519 encryption-only subkey. The key will carry the provided user-id and be protected using the provided passphrase.- Parameters:
userId
- user idpassphrase
- nullable passphrase- Returns:
- OpenPGP key
- Throws:
PGPException
- if the key cannot be generated
-
ed448x448Key
Generate an OpenPGP key consisting of an Ed448 certify-only primary key, a dedicated Ed448 sign-only subkey and dedicated X448 encryption-only subkey. The key will carry the provided user-id and be protected using the provided passphrase.- Parameters:
userId
- user idpassphrase
- nullable passphrase- Returns:
- OpenPGP key
- Throws:
PGPException
- if the key cannot be generated
-
signOnlyKey
Generate a sign-only OpenPGP key. The key consists of a single, user-id-less primary key, which is capable of signing and certifying. SeePGPKeyPairGenerator.generatePrimaryKey()
for the key type.- Parameters:
passphrase
- nullable passphrase to protect the key with- Returns:
- sign-only (+certify) OpenPGP key
- Throws:
PGPException
- if the key cannot be generated
-
signOnlyKey
public PGPSecretKeyRing signOnlyKey(char[] passphrase, SignatureSubpacketsFunction userSubpackets) throws PGPException Generate a sign-only OpenPGP key. The key consists of a single, user-id-less primary key, which is capable of signing and certifying. It carries a single direct-key signature with signing-related preferences whose subpackets can be modified by providing aSignatureSubpacketsFunction
.- Parameters:
passphrase
- nullable passphrase to protect the key withuserSubpackets
- callback to modify the direct-key signature subpackets with- Returns:
- sign-only (+certify) OpenPGP key
- Throws:
PGPException
- if the key cannot be generated
-
signOnlyKey
public PGPSecretKeyRing signOnlyKey(PGPKeyPair primaryKeyPair, PBESecretKeyEncryptor keyEncryptor, SignatureSubpacketsFunction userSubpackets) throws PGPException Generate a sign-only OpenPGP key. The key consists of a single, user-id-less primary key, which is capable of signing and certifying. It carries a single direct-key signature with signing-related preferences whose subpackets can be modified by providing aSignatureSubpacketsFunction
.- Parameters:
primaryKeyPair
- signing-capable primary keykeyEncryptor
- nullable encryptor to protect the primary key withuserSubpackets
- callback to modify the direct-key signature subpackets with- Returns:
- sign-only (+certify) OpenPGP key
- Throws:
PGPException
- if the key cannot be generated
-
withPrimaryKey
Generate an OpenPGP key with a certification-capable primary key. SeePGPKeyPairGenerator.generatePrimaryKey()
for the primary key type- Returns:
- builder
- Throws:
PGPException
- if the key cannot be generated
-
withPrimaryKey
public OpenPGPV6KeyGenerator.WithPrimaryKey withPrimaryKey(KeyPairGeneratorCallback keyGenCallback) throws PGPException - Throws:
PGPException
-
withPrimaryKey
public OpenPGPV6KeyGenerator.WithPrimaryKey withPrimaryKey(SignatureSubpacketsFunction directKeySubpackets) throws PGPException Generate an OpenPGP key with a certification-capable primary key. SeePGPKeyPairGenerator.generatePrimaryKey()
for the primary key type The key will carry a direct-key signature, whose subpackets can be modified by overriding the givenSignatureSubpacketsFunction
.- Parameters:
directKeySubpackets
- nullable callback to modify the direct-key signatures subpackets- Returns:
- builder
- Throws:
PGPException
- if the key cannot be generated
-
withPrimaryKey
public OpenPGPV6KeyGenerator.WithPrimaryKey withPrimaryKey(KeyPairGeneratorCallback keyGenCallback, SignatureSubpacketsFunction directKeySubpackets) throws PGPException Generate an OpenPGP key with a certification-capable primary key. TheKeyPairGeneratorCallback
can be used to specify the primary key type. The key will carry a direct-key signature, whose subpackets can be modified by overriding the givenSignatureSubpacketsFunction
.- Parameters:
keyGenCallback
- callback to specify the primary key typedirectKeySubpackets
- nullable callback to modify the direct-key signatures subpackets- Returns:
- builder
- Throws:
PGPException
- if the key cannot be generated
-
withPrimaryKey
public OpenPGPV6KeyGenerator.WithPrimaryKey withPrimaryKey(PGPKeyPair primaryKeyPair, SignatureSubpacketsFunction directKeySubpackets) throws PGPException Generate an OpenPGP key with a certification-capable primary key. The key will carry a direct-key signature, whose subpackets can be modified by overriding the givenSignatureSubpacketsFunction
.- Parameters:
primaryKeyPair
- primary keydirectKeySubpackets
- nullable callback to modify the direct-key signatures subpackets- Returns:
- builder
- Throws:
PGPException
- if the key cannot be generated
-
withPrimaryKey
public OpenPGPV6KeyGenerator.WithPrimaryKey withPrimaryKey(KeyPairGeneratorCallback keyGenCallback, SignatureSubpacketsFunction directKeySubpackets, char[] passphrase) throws PGPException Generate an OpenPGP key with a certification-capable primary key. TheKeyPairGeneratorCallback
can be used to specify the primary key type. The key will carry a direct-key signature, whose subpackets can be modified by overriding the givenSignatureSubpacketsFunction
. IMPORTANT: The custom primary key passphrase will only be used, if in the final step the key is retrieved usingOpenPGPV6KeyGenerator.WithPrimaryKey.build()
. If insteadOpenPGPV6KeyGenerator.WithPrimaryKey.build(char[])
is used, the key-specific passphrase is overwritten with the argument passed intoOpenPGPV6KeyGenerator.WithPrimaryKey.build(char[])
.- Parameters:
keyGenCallback
- callback to specify the primary key typedirectKeySubpackets
- nullable callback to modify the direct-key signatures subpacketspassphrase
- nullable passphrase to protect the primary key with- Returns:
- builder
- Throws:
PGPException
- if the key cannot be generated
-
withPrimaryKey
public OpenPGPV6KeyGenerator.WithPrimaryKey withPrimaryKey(PGPKeyPair primaryKeyPair, SignatureSubpacketsFunction directKeySubpackets, PBESecretKeyEncryptor keyEncryptor) throws PGPException Generate an OpenPGP key with a certification-capable primary key. TheKeyPairGeneratorCallback
can be used to specify the primary key type. The key will carry a direct-key signature, whose subpackets can be modified by overriding the givenSignatureSubpacketsFunction
. IMPORTANT: The custom keyEncryptor will only be used, if in the final step the key is retrieved usingOpenPGPV6KeyGenerator.WithPrimaryKey.build()
. If insteadOpenPGPV6KeyGenerator.WithPrimaryKey.build(char[])
is used, the key-specific encryptor is overwritten with an encryptor built from the argument passed intoOpenPGPV6KeyGenerator.WithPrimaryKey.build(char[])
.- Parameters:
primaryKeyPair
- primary keydirectKeySubpackets
- nullable callback to modify the direct-key signatures subpacketskeyEncryptor
- nullable encryptor to protect the primary key with- Returns:
- builder
- Throws:
PGPException
- if the key cannot be generated
-