Class PGPKeyPairGenerator

java.lang.Object
org.bouncycastle.openpgp.operator.PGPKeyPairGenerator

public abstract class PGPKeyPairGenerator extends Object
  • Field Details

    • creationTime

      protected final Date creationTime
    • version

      protected final int version
    • random

      protected SecureRandom random
    • fingerPrintCalculator

      protected final KeyFingerPrintCalculator fingerPrintCalculator
  • Constructor Details

  • Method Details

    • generatePrimaryKey

      public PGPKeyPair generatePrimaryKey() throws PGPException
      Generate a primary key. A primary key MUST use a signing-capable public key algorithm.
      Returns:
      primary key pair
      Throws:
      PGPException - if the key pair cannot be generated
    • generateEncryptionSubkey

      public PGPKeyPair generateEncryptionSubkey() throws PGPException
      Generate an encryption subkey. An encryption subkey MUST use an encryption-capable public key algorithm.
      Returns:
      encryption subkey pair
      Throws:
      PGPException - if the key pair cannot be generated
    • generateSigningSubkey

      public PGPKeyPair generateSigningSubkey() throws PGPException
      Generate a signing subkey. A signing subkey MUST use a signing-capable public key algorithm.
      Returns:
      signing subkey pair
      Throws:
      PGPException - if the key pair cannot be generated
    • generateRsaKeyPair

      public PGPKeyPair generateRsaKeyPair(int bitStrength) throws PGPException
      Generate a RSA key pair with the given bit-strength. It is recommended to use at least 2048 bits or more. The key will be generated over the default exponent
      65537
      . RSA keys are deprecated for OpenPGP v6.
      Parameters:
      bitStrength - strength of the key pair in bits
      Returns:
      rsa key pair
      Throws:
      PGPException - if the key pair cannot be generated
    • generateRsaKeyPair

      public abstract PGPKeyPair generateRsaKeyPair(BigInteger exponent, int bitStrength) throws PGPException
      Generate a RSA key pair with the given bit-strength over a custom exponent. It is recommended to use at least 2048 bits or more. RSA keys are deprecated for OpenPGP v6.
      Parameters:
      exponent - RSA exponent
      e
      bitStrength - strength of the key pair in bits
      Returns:
      rsa key pair
      Throws:
      PGPException - if the key pair cannot be generated
    • generateEd25519KeyPair

      public abstract PGPKeyPair generateEd25519KeyPair() throws PGPException
      Generate an elliptic curve signing key over the twisted Edwards curve25519. The key will use PublicKeyAlgorithmTags.Ed25519 which was introduced with RFC9580. For legacy Ed25519 keys use generateLegacyEd25519KeyPair().
      Returns:
      Ed25519 key pair
      Throws:
      PGPException - if the key pair cannot be generated
      See Also:
    • generateEd448KeyPair

      public abstract PGPKeyPair generateEd448KeyPair() throws PGPException
      Generate an elliptic curve signing key over the twisted Edwards curve448. The key will use PublicKeyAlgorithmTags.Ed448 which was introduced with RFC9580.
      Returns:
      Ed448 signing key pair
      Throws:
      PGPException - if the key pair cannot be generated
      See Also:
    • generateX25519KeyPair

      public abstract PGPKeyPair generateX25519KeyPair() throws PGPException
      Generate an elliptic curve Diffie-Hellman encryption key over curve25519. THe key will use PublicKeyAlgorithmTags.X25519 which was introduced with RFC9580. For legacy X25519 keys use generateLegacyX25519KeyPair() instead.
      Returns:
      X25519 encryption key pair
      Throws:
      PGPException - if the key pair cannot be generated
      See Also:
    • generateX448KeyPair

      public abstract PGPKeyPair generateX448KeyPair() throws PGPException
      Generate an elliptic curve Diffie-Hellman encryption key over curve448. THe key will use PublicKeyAlgorithmTags.X448 which was introduced with RFC9580.
      Returns:
      X448 encryption key pair
      Throws:
      PGPException - if the key pair cannot be generated
      See Also:
    • generateLegacyEd25519KeyPair

      public abstract PGPKeyPair generateLegacyEd25519KeyPair() throws PGPException
      Generate a legacy elliptic curve signing key pair over the twisted Edwards curve25519. Legacy keys have good application support, but MUST NOT be used as OpenPGP v6 keys. The key will use PublicKeyAlgorithmTags.EDDSA_LEGACY as algorithm ID. For OpenPGP v6 (RFC9580) use generateEd25519KeyPair() instead.
      Returns:
      legacy Ed25519 key pair
      Throws:
      PGPException - if the key pair cannot be generated
      See Also:
    • generateLegacyX25519KeyPair

      public abstract PGPKeyPair generateLegacyX25519KeyPair() throws PGPException
      Generate a legacy elliptic curve Diffie-Hellman encryption key pair over curve25519. Legacy keys have good application support, but MUST NOT be used as OpenPGP v6 keys. The key will use PublicKeyAlgorithmTags.ECDH as algorithm ID. For OpenPGP v6 (RFC9580) use generateX25519KeyPair() instead.
      Returns:
      legacy X25519 key pair
      Throws:
      PGPException - if the key pair cannot be generated