Class S2K

  • All Implemented Interfaces:
    org.bouncycastle.util.Encodable

    public class S2K
    extends BCPGObject
    Parameter specifier for the PGP string-to-key password based key derivation function. There are different S2K modes: In SIMPLE mode, a single iteration of the hash algorithm is performed to derived a key from the given passphrase. This mode is deprecated and MUST NOT be generated.
  • The SALTED mode is like SIMPLE, but uses an additional salt value. This mode is deprecated and MUST NOT be generated. In SALTED_AND_ITERATED mode, S2K takes a single byte iteration count specifier, which is converted to an actual iteration count using a formula that grows the iteration count exponentially as the byte value increases. e.g. 0x01 == 1088 iterations, and 0xFF == 65,011,712 iterations. The SALTED_AND_ITERATED mode uses both iteration and a salt value. This mode is recommended for applications that want to stay backwards compatible. The new ARGON_2 mode does key derivation using salted Argon2, which is a memory-hard hash algorithm. This mode is generally recommended over SALTED_AND_ITERATED.
See Also:
RFC4880 - String-to-Key (S2K) Specifiers, RFC9580 - String-to-Key (S2K) Specifier, LibrePGP - String-to-Key (S2K) Specifiers
Returns:
IV